mirror of
https://github.com/serghey-rodin/vesta.git
synced 2025-08-20 21:34:11 -07:00
Compare commits
No commits in common. "master" and "0.9.8-24" have entirely different histories.
1289 changed files with 10299 additions and 64734 deletions
3
.gitignore
vendored
3
.gitignore
vendored
|
|
@ -4,6 +4,3 @@
|
|||
*.gz
|
||||
.vscode
|
||||
.DS_Store
|
||||
src/react/node_modules
|
||||
src/react/build
|
||||
/.idea
|
||||
|
|
@ -1,8 +1,6 @@
|
|||
[Vesta Control Panel](http://vestacp.com/)
|
||||
==================================================
|
||||
|
||||
Vesta is back under active development as of 25 February 2024. We are commited to open source, and will engage with the community to identify the new roadmap for Vesta. Stay tuned!
|
||||
|
||||
[](https://gitter.im/vesta-cp/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
||||
|
||||
* Vesta is an open source hosting control panel.
|
||||
|
|
@ -18,7 +16,7 @@ ssh root@your.server
|
|||
|
||||
Download the installation script, and run it:
|
||||
```bash
|
||||
curl https://vestacp.com/pub/vst-install.sh | bash
|
||||
curl http://vestacp.com/pub/vst-install.sh | bash
|
||||
```
|
||||
|
||||
How to install (3 step)
|
||||
|
|
@ -31,7 +29,7 @@ ssh root@your.server
|
|||
|
||||
Download the installation script:
|
||||
```bash
|
||||
curl -O https://vestacp.com/pub/vst-install.sh
|
||||
curl -O http://vestacp.com/pub/vst-install.sh
|
||||
```
|
||||
Then run it:
|
||||
```bash
|
||||
|
|
@ -40,5 +38,5 @@ bash vst-install.sh
|
|||
|
||||
License
|
||||
----------------------------
|
||||
Vesta is licensed under [GPL v3 ](https://github.com/outroll/vesta/blob/master/LICENSE) license
|
||||
Vesta is licensed under [GPL v3 ](https://github.com/serghey-rodin/vesta/blob/master/LICENSE) license
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
# Security Policy
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
Please report security issues to dev@vestacp.com
|
||||
|
|
@ -27,7 +27,7 @@ source $VESTA/conf/vesta.conf
|
|||
|
||||
# Checking arg number
|
||||
check_args '2' "$#" 'MODULE LICENSE'
|
||||
is_user_format_valid "$license" "license"
|
||||
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Action #
|
||||
|
|
@ -35,7 +35,7 @@ is_user_format_valid "$license" "license"
|
|||
|
||||
# Activating license
|
||||
v_host='https://vestacp.com/checkout'
|
||||
answer=$(curl -s "$v_host/activate.php?licence_key=$license&module=$module")
|
||||
answer=$(curl -s $v_host/activate.php?licence_key=$license&module=$module)
|
||||
check_result $? "cant' connect to vestacp.com " $E_CONNECT
|
||||
|
||||
# Checking server answer
|
||||
|
|
|
|||
|
|
@ -38,7 +38,8 @@ EOF
|
|||
sftpc() {
|
||||
expect -f "-" <<EOF "$@"
|
||||
set count 0
|
||||
spawn /usr/bin/sftp -o StrictHostKeyChecking=no -o Port=$port $user@$host
|
||||
spawn "/usr/bin/sftp -o StrictHostKeyChecking=no -o \
|
||||
Port=$port '$user@$host'"
|
||||
expect {
|
||||
"password:" {
|
||||
send "$password\r"
|
||||
|
|
|
|||
|
|
@ -55,7 +55,7 @@ if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
|
|||
fi
|
||||
|
||||
# Adding top-level domain and then its sub
|
||||
$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
|
||||
$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' $restart >> /dev/null
|
||||
|
||||
# Checking top-level domain
|
||||
if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then
|
||||
|
|
|
|||
|
|
@ -45,12 +45,10 @@ if [[ $rtype =~ NS|CNAME|MX|PTR|SRV ]]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
if [ $rtype != "CAA" ]; then
|
||||
dvalue=${dvalue//\"/}
|
||||
dvalue=${dvalue//\"/}
|
||||
|
||||
if [[ "$dvalue" =~ [\;[:space:]] ]]; then
|
||||
dvalue='"'"$dvalue"'"'
|
||||
fi
|
||||
if [[ "$dvalue" =~ [\;[:space:]] ]]; then
|
||||
dvalue='"'"$dvalue"'"'
|
||||
fi
|
||||
|
||||
# Additional argument formatting
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
|
|||
iptables="/sbin/iptables"
|
||||
|
||||
# Get vesta port by reading nginx.conf
|
||||
vestaport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
|
||||
vestaport=$(grep 'listen' /usr/local/vesta/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
|
||||
if [ -z "$vestaport" ]; then
|
||||
vestaport=8083
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -22,14 +22,6 @@ source $VESTA/func/main.sh
|
|||
source $VESTA/func/domain.sh
|
||||
source $VESTA/conf/vesta.conf
|
||||
|
||||
# Additional argument formatting
|
||||
format_identifier_idn() {
|
||||
identifier_idn=$identifier
|
||||
if [[ "$identifier_idn" = *[![:ascii:]]* ]]; then
|
||||
identifier_idn=$(idn -t --quiet -a $identifier_idn)
|
||||
fi
|
||||
}
|
||||
|
||||
# encode base64
|
||||
encode_base64() {
|
||||
cat |base64 |tr '+/' '-_' |tr -d '\r\n='
|
||||
|
|
@ -53,10 +45,7 @@ query_le_v2() {
|
|||
post_data=$post_data'"payload":"'"$payload_"'",'
|
||||
post_data=$post_data'"signature":"'"$signature_"'"}'
|
||||
|
||||
# Save http response to file passed as "$4" arg or print to stdout if not provided
|
||||
# http response headers are always sent to stdout
|
||||
local save_to_file=${4:-"/dev/stdout"}
|
||||
curl --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
|
||||
curl -s -i -d "$post_data" "$1" -H "$content"
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -73,34 +62,24 @@ is_object_unsuspended 'user' 'USER' "$user"
|
|||
is_object_valid 'web' 'DOMAIN' "$domain"
|
||||
is_object_unsuspended 'web' 'DOMAIN' "$domain"
|
||||
get_domain_values 'web'
|
||||
for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
|
||||
check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
|
||||
if [ -z "$check_alias" ]; then
|
||||
check_result $E_NOTEXIST "domain alias $alias doesn't exist"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "-----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt.log
|
||||
echo "[$(date)] : v-add-letsencrypt-domain $domain [$aliases]" >> /usr/local/vesta/log/letsencrypt.log
|
||||
|
||||
# check if alias is the letsencrypt wildcard domain, if not, make the normal checks
|
||||
if [[ "$aliases" != "*.$domain" ]]; then
|
||||
for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
|
||||
check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
|
||||
if [ -z "$check_alias" ]; then
|
||||
echo "[$(date)] : EXIT=domain alias $alias doesn't exist" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_NOTEXIST "domain alias $alias doesn't exist"
|
||||
fi
|
||||
done
|
||||
fi;
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Action #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
# Registering LetsEncrypt user account
|
||||
echo "[$(date)] : v-add-letsencrypt-user $user" >> /usr/local/vesta/log/letsencrypt.log
|
||||
$BIN/v-add-letsencrypt-user $user
|
||||
echo "[$(date)] : result: $?" >> /usr/local/vesta/log/letsencrypt.log
|
||||
if [ "$?" -ne 0 ]; then
|
||||
touch $VESTA/data/queue/letsencrypt.pipe
|
||||
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
|
||||
send_notice "LETSENCRYPT" "Account registration failed"
|
||||
echo "[$(date)] : EXIT=LE account registration" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_CONNECT "LE account registration" >/dev/null
|
||||
fi
|
||||
|
||||
|
|
@ -109,11 +88,9 @@ source $USER_DATA/ssl/le.conf
|
|||
|
||||
# Checking wildcard alias
|
||||
if [ "$aliases" = "*.$domain" ]; then
|
||||
echo "[$(date)] : Checking wildcard alias" >> /usr/local/vesta/log/letsencrypt.log
|
||||
wildcard='yes'
|
||||
proto="dns-01"
|
||||
if [ ! -e "$VESTA/data/users/$user/dns/$domain.conf" ]; then
|
||||
echo "[$(date)] : EXIT=DNS domain $domain doesn't exist" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_NOTEXIST "DNS domain $domain doesn't exist"
|
||||
fi
|
||||
else
|
||||
|
|
@ -121,139 +98,83 @@ else
|
|||
fi
|
||||
|
||||
# Requesting nonce / STEP 1
|
||||
echo "[$(date)] : --- Requesting nonce / STEP 1 ---" >> /usr/local/vesta/log/letsencrypt.log
|
||||
echo "[$(date)] : curl -s -I \"$API/directory\"" >> /usr/local/vesta/log/letsencrypt.log
|
||||
answer=$(curl -s -I "$API/directory")
|
||||
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
|
||||
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
|
||||
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
|
||||
if [[ "$status" -ne 200 ]]; then
|
||||
echo "[$(date)] : EXIT=Let's Encrypt nonce request status $status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_CONNECT "Let's Encrypt nonce request status $status"
|
||||
fi
|
||||
|
||||
# Placing new order / STEP 2
|
||||
echo "[$(date)] : --- Placing new order / STEP 2 ---" >> /usr/local/vesta/log/letsencrypt.log
|
||||
url="$API/acme/new-order"
|
||||
payload='{"identifiers":['
|
||||
for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
|
||||
format_identifier_idn
|
||||
payload=$payload'{"type":"dns","value":"'$identifier_idn'"},'
|
||||
payload=$payload'{"type":"dns","value":"'$identifier'"},'
|
||||
done
|
||||
payload=$(echo "$payload"|sed "s/,$//")
|
||||
payload=$payload']}'
|
||||
echo "[$(date)] : payload=$payload" >> /usr/local/vesta/log/letsencrypt.log
|
||||
echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
|
||||
answer=$(query_le_v2 "$url" "$payload" "$nonce")
|
||||
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
|
||||
echo "[$(date)] : authz=$authz" >> /usr/local/vesta/log/letsencrypt.log
|
||||
finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
|
||||
echo "[$(date)] : finalize=$finalize" >> /usr/local/vesta/log/letsencrypt.log
|
||||
status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
|
||||
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
|
||||
if [[ "$status" -ne 201 ]]; then
|
||||
echo "[$(date)] : EXIT=Let's Encrypt new auth status $status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_CONNECT "Let's Encrypt new auth status $status"
|
||||
fi
|
||||
|
||||
# Requesting authorization token / STEP 3
|
||||
echo "[$(date)] : --- Requesting authorization token / STEP 3 ---" >> /usr/local/vesta/log/letsencrypt.log
|
||||
for auth in $authz; do
|
||||
payload=''
|
||||
echo "[$(date)] : for auth=$auth" >> /usr/local/vesta/log/letsencrypt.log
|
||||
echo "[$(date)] : query_le_v2 \"$auth\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
|
||||
answer=$(query_le_v2 "$auth" "$payload" "$nonce")
|
||||
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
|
||||
url=$(echo "$answer" |grep -A3 $proto |grep '"url"' |cut -f 4 -d \")
|
||||
echo "[$(date)] : url=$url" >> /usr/local/vesta/log/letsencrypt.log
|
||||
url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \")
|
||||
token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \")
|
||||
echo "[$(date)] : token=$token" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
|
||||
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
|
||||
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
|
||||
if [[ "$status" -ne 200 ]]; then
|
||||
echo "[$(date)] : EXIT=Let's Encrypt acme/authz bad status $status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status"
|
||||
fi
|
||||
|
||||
# Configuring challenge / STEP 4
|
||||
echo "[$(date)] : --- Configuring challenge / STEP 4 ---" >> /usr/local/vesta/log/letsencrypt.log
|
||||
echo "[$(date)] : wildcard=$wildcard" >> /usr/local/vesta/log/letsencrypt.log
|
||||
# Accepting challenge / STEP 4
|
||||
if [ "$wildcard" = 'yes' ]; then
|
||||
record=$(printf "%s" "$token.$THUMB" |\
|
||||
openssl dgst -sha256 -binary |encode_base64)
|
||||
old_records=$($BIN/v-list-dns-records $user $domain plain|grep 'TXT')
|
||||
old_records=$(echo "$old_records" |grep _acme-challenge |cut -f 1)
|
||||
for old_record in $old_records; do
|
||||
$BIN/v-delete-dns-record "$user" "$domain" "$old_record"
|
||||
$BIN/v-delete-dns-record $user $domain $old_record
|
||||
done
|
||||
$BIN/v-add-dns-record "$user" "$domain" "_acme-challenge" "TXT" "$record"
|
||||
exitstatus=$?
|
||||
echo "[$(date)] : v-add-dns-record \"$user\" \"$domain\" \"_acme-challenge\" \"TXT\" \"$record\"" >> /usr/local/vesta/log/letsencrypt.log
|
||||
if [ "$exitstatus" -ne 0 ]; then
|
||||
echo "[$(date)] : EXIT=DNS _acme-challenge record wasn't created" >> /usr/local/vesta/log/letsencrypt.log
|
||||
fi
|
||||
check_result $exitstatus "DNS _acme-challenge record wasn't created"
|
||||
$BIN/v-add-dns-record $user $domain "_acme-challenge" "TXT" $record
|
||||
check_result $? "DNS _acme-challenge record wasn't created"
|
||||
else
|
||||
if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
|
||||
if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then
|
||||
# if vesta is behind main nginx
|
||||
well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
|
||||
acme_challenge="$well_known/acme-challenge"
|
||||
mkdir -p $acme_challenge
|
||||
echo "$token.$THUMB" > $acme_challenge/$token
|
||||
echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log
|
||||
chown -R $user:$user $well_known
|
||||
else
|
||||
# default nginx method
|
||||
conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
|
||||
sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
|
||||
# if [ ! -e "$conf" ]; then
|
||||
echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
|
||||
> $conf
|
||||
echo ' default_type text/plain;' >> $conf
|
||||
echo ' return 200 "$1.'$THUMB'";' >> $conf
|
||||
echo '}' >> $conf
|
||||
# fi
|
||||
echo "[$(date)] : in $conf we put: $THUMB" >> /usr/local/vesta/log/letsencrypt.log
|
||||
if [ ! -e "$sconf" ]; then
|
||||
ln -s "$conf" "$sconf"
|
||||
fi
|
||||
echo "[$(date)] : v-restart-proxy" >> /usr/local/vesta/log/letsencrypt.log
|
||||
$BIN/v-restart-proxy
|
||||
if [ -z "$PROXY_SYSTEM" ]; then
|
||||
# apache-less variant
|
||||
echo "[$(date)] : v-restart-web" >> /usr/local/vesta/log/letsencrypt.log
|
||||
$BIN/v-restart-web
|
||||
fi
|
||||
exitstatus=$?
|
||||
if [ "$exitstatus" -ne 0 ]; then
|
||||
echo "[$(date)] : EXIT=Proxy restart failed = $exitstatus" >> /usr/local/vesta/log/letsencrypt.log
|
||||
fi
|
||||
check_result $exitstatus "Proxy restart failed" >/dev/null
|
||||
conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
|
||||
sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
|
||||
if [ ! -e "$conf" ]; then
|
||||
echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
|
||||
> $conf
|
||||
echo ' default_type text/plain;' >> $conf
|
||||
echo ' return 200 "$1.'$THUMB'";' >> $conf
|
||||
echo '}' >> $conf
|
||||
fi
|
||||
if [ ! -e "$sconf" ]; then
|
||||
ln -s "$conf" "$sconf"
|
||||
fi
|
||||
$BIN/v-restart-proxy
|
||||
check_result $? "Proxy restart failed" >/dev/null
|
||||
|
||||
else
|
||||
well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
|
||||
acme_challenge="$well_known/acme-challenge"
|
||||
mkdir -p $acme_challenge
|
||||
echo "$token.$THUMB" > $acme_challenge/$token
|
||||
chown -R $user:$user $well_known
|
||||
echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log
|
||||
# $BIN/v-restart-web
|
||||
# check_result $? "Web restart failed" >/dev/null
|
||||
fi
|
||||
$BIN/v-restart-web
|
||||
check_result $? "Web restart failed" >/dev/null
|
||||
fi
|
||||
|
||||
# Requesting ACME validation / STEP 5
|
||||
echo "[$(date)] : --- Requesting ACME validation / STEP 5 ---" >> /usr/local/vesta/log/letsencrypt.log
|
||||
validation_check=$(echo "$answer" |grep '"valid"')
|
||||
echo "[$(date)] : validation_check=$validation_check" >> /usr/local/vesta/log/letsencrypt.log
|
||||
if [[ ! -z "$validation_check" ]]; then
|
||||
validation='valid'
|
||||
else
|
||||
|
|
@ -263,33 +184,22 @@ for auth in $authz; do
|
|||
# Doing pol check on status
|
||||
i=1
|
||||
while [ "$validation" = 'pending' ]; do
|
||||
echo "[$(date)] : - Doing pol check on status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
payload='{}'
|
||||
echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
|
||||
answer=$(query_le_v2 "$url" "$payload" "$nonce")
|
||||
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
|
||||
validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \")
|
||||
echo "[$(date)] : validation=$validation" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
|
||||
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
|
||||
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
|
||||
if [[ "$status" -ne 200 ]]; then
|
||||
echo "[$(date)] : EXIT=Let's Encrypt validation status $status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_CONNECT "Let's Encrypt validation status $status"
|
||||
fi
|
||||
|
||||
i=$((i + 1))
|
||||
if [ "$i" -gt 10 ]; then
|
||||
echo "[$(date)] : EXIT=Let's Encrypt domain validation timeout" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_CONNECT "Let's Encrypt domain validation timeout"
|
||||
fi
|
||||
sleeping=$((i*2))
|
||||
echo "[$(date)] : sleep $sleeping (i=$i)" >> /usr/local/vesta/log/letsencrypt.log
|
||||
sleep $sleeping
|
||||
sleep 1
|
||||
done
|
||||
if [ "$validation" = 'invalid' ]; then
|
||||
echo "[$(date)] : EXIT=Let's Encrypt domain verification failed" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_CONNECT "Let's Encrypt domain verification failed"
|
||||
fi
|
||||
done
|
||||
|
|
@ -299,70 +209,38 @@ done
|
|||
ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\
|
||||
"San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}')
|
||||
|
||||
# Sending CSR to finalize order / STEP 6
|
||||
echo "[$(date)] : --- Sending CSR to finalize order / STEP 6 ---" >> /usr/local/vesta/log/letsencrypt.log
|
||||
|
||||
# Sedning CSR to finalize order / STEP 6
|
||||
csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64)
|
||||
payload='{"csr":"'$csr'"}'
|
||||
echo "[$(date)] : query_le_v2 \"$finalize\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
|
||||
answer=$(query_le_v2 "$finalize" "$payload" "$nonce")
|
||||
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
|
||||
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
|
||||
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
|
||||
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
|
||||
certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"')
|
||||
echo "[$(date)] : certificate=$certificate" >> /usr/local/vesta/log/letsencrypt.log
|
||||
if [[ "$status" -ne 200 ]]; then
|
||||
echo "[$(date)] : EXIT=Let's Encrypt finalize bad status $status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
|
||||
fi
|
||||
|
||||
# Downloading signed certificate / STEP 7
|
||||
echo "[$(date)] : --- Downloading signed certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log
|
||||
echo "[$(date)] : query_le_v2 \"$certificate\" \"\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
|
||||
answer=$(query_le_v2 "$certificate" "" "$nonce" "$ssl_dir/$domain.pem")
|
||||
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
|
||||
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
|
||||
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
if [[ "$status" -ne 200 ]]; then
|
||||
[ -d "$ssl_dir" ] && rm -rf "$ssl_dir"
|
||||
echo "[$(date)] : EXIT=Let's Encrypt downloading signed cert failed status: $status" >> /usr/local/vesta/log/letsencrypt.log
|
||||
check_result $E_NOTEXIST "Let's Encrypt downloading signed cert failed status: $status"
|
||||
fi
|
||||
curl -s "$certificate" -o $ssl_dir/$domain.pem
|
||||
|
||||
# Splitting up downloaded pem
|
||||
# echo "[$(date)] : - Splitting up downloaded pem" >> /usr/local/vesta/log/letsencrypt.log
|
||||
crt_end=$(grep -n 'END CERTIFICATE' $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:)
|
||||
# echo "[$(date)] : crt_end=$crt_end" >> /usr/local/vesta/log/letsencrypt.log
|
||||
crt_end=$(grep -n END $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:)
|
||||
head -n $crt_end $ssl_dir/$domain.pem > $ssl_dir/$domain.crt
|
||||
|
||||
pem_lines=$(wc -l $ssl_dir/$domain.pem |cut -f 1 -d ' ')
|
||||
# echo "[$(date)] : pem_lines=$pem_lines" >> /usr/local/vesta/log/letsencrypt.log
|
||||
ca_end=$(grep -n 'BEGIN CERTIFICATE' $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
|
||||
# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log
|
||||
ca_end=$(grep -n "BEGIN" $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
|
||||
ca_end=$(( pem_lines - crt_end + 1 ))
|
||||
# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log
|
||||
tail -n $ca_end $ssl_dir/$domain.pem > $ssl_dir/$domain.ca
|
||||
|
||||
# Temporary fix for double "END CERTIFICATE"
|
||||
if [[ $(head -n 1 $ssl_dir/$domain.ca) = "-----END CERTIFICATE-----" ]]; then
|
||||
sed -i '1,2d' $ssl_dir/$domain.ca
|
||||
fi
|
||||
|
||||
# Adding SSL
|
||||
ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME')
|
||||
$BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1
|
||||
echo "[$(date)] : v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home" >> /usr/local/vesta/log/letsencrypt.log
|
||||
$BIN/v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home
|
||||
exitstatus=$?
|
||||
echo "[$(date)] : v-add-web-domain-ssl status: $exitstatus" >> /usr/local/vesta/log/letsencrypt.log
|
||||
if [ "$exitstatus" -ne '0' ]; then
|
||||
if [ "$?" -ne '0' ]; then
|
||||
touch $VESTA/data/queue/letsencrypt.pipe
|
||||
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
|
||||
echo "[$(date)] : EXIT=$domain certificate installation failed" >> /usr/local/vesta/log/letsencrypt.log
|
||||
send_notice 'LETSENCRYPT' "$domain certificate installation failed"
|
||||
check_result $exitstatus "SSL install" >/dev/null
|
||||
check_result $? "SSL install" >/dev/null
|
||||
fi
|
||||
|
||||
# Adding LE autorenew cronjob
|
||||
|
|
@ -379,7 +257,6 @@ if [ -z "$LETSENCRYPT" ]; then
|
|||
fi
|
||||
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
|
||||
|
||||
reset_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT'
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Vesta #
|
||||
|
|
@ -391,7 +268,7 @@ sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
|
|||
|
||||
# Notifying user
|
||||
send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully"
|
||||
echo "[$(date)] : EXIT=***** $domain SSL has been installed successfully *****" >> /usr/local/vesta/log/letsencrypt.log
|
||||
|
||||
|
||||
# Logging
|
||||
log_event "$OK" "$ARGUMENTS"
|
||||
|
|
|
|||
|
|
@ -103,16 +103,16 @@ fi
|
|||
|
||||
|
||||
# Requesting ACME nonce
|
||||
nonce=$(curl -s -I "$API/directory" |grep -i nonce |cut -f2 -d\ |tr -d '\r\n')
|
||||
nonce=$(curl -s -I "$API/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n')
|
||||
|
||||
# Creating ACME account
|
||||
url="$API/acme/new-acct"
|
||||
payload='{"termsOfServiceAgreed": true}'
|
||||
answer=$(query_le_v2 "$url" "$payload" "$nonce")
|
||||
kid=$(echo "$answer" |grep -i location: |cut -f2 -d ' '|tr -d '\r')
|
||||
kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r')
|
||||
|
||||
# Checking answer status
|
||||
status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
|
||||
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
|
||||
if [[ "${status:0:2}" -ne "20" ]]; then
|
||||
check_result $E_CONNECT "Let's Encrypt acc registration failed $status"
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -48,8 +48,6 @@ is_object_unsuspended 'user' 'USER' "$user"
|
|||
is_package_full 'WEB_DOMAINS' 'WEB_ALIASES'
|
||||
is_domain_new 'web' "$domain,$aliases"
|
||||
is_dir_symlink $HOMEDIR/$user/web
|
||||
if_dir_exists $HOMEDIR/$user/web/$domain
|
||||
is_dir_symlink $HOMEDIR/$user/web/$domain
|
||||
if [ ! -z "$ip" ]; then
|
||||
is_ip_valid "$ip" "$user"
|
||||
else
|
||||
|
|
@ -65,7 +63,7 @@ fi
|
|||
source $USER_DATA/user.conf
|
||||
|
||||
# Creating domain directories
|
||||
sudo -u $user mkdir -p $HOMEDIR/$user/web/$domain \
|
||||
mkdir -p $HOMEDIR/$user/web/$domain \
|
||||
$HOMEDIR/$user/web/$domain/public_html \
|
||||
$HOMEDIR/$user/web/$domain/public_shtml \
|
||||
$HOMEDIR/$user/web/$domain/document_errors \
|
||||
|
|
@ -82,7 +80,7 @@ ln -f -s /var/log/$WEB_SYSTEM/domains/$domain.*log \
|
|||
$HOMEDIR/$user/web/$domain/logs/
|
||||
|
||||
# Adding domain skeleton
|
||||
sudo -u $user cp -r $WEBTPL/skel/* $HOMEDIR/$user/web/$domain/ >/dev/null 2>&1
|
||||
cp -r $WEBTPL/skel/* $HOMEDIR/$user/web/$domain/ >/dev/null 2>&1
|
||||
for file in $(find "$HOMEDIR/$user/web/$domain/" -type f); do
|
||||
sed -i "s/%domain%/$domain/g" $file
|
||||
done
|
||||
|
|
@ -91,9 +89,9 @@ done
|
|||
chown -R $user:$user $HOMEDIR/$user/web/$domain
|
||||
chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* $conf
|
||||
chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
|
||||
sudo -u $user chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/*
|
||||
sudo -u $user chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs
|
||||
sudo -u $user chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.*
|
||||
chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/*
|
||||
chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs
|
||||
chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*
|
||||
|
||||
# Addding PHP-FPM backend
|
||||
if [ ! -z "$WEB_BACKEND" ]; then
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ fi
|
|||
|
||||
# Allocating backend port
|
||||
backend_port=9000
|
||||
ports=$(grep listen $pool/* 2>/dev/null |grep -o :[0-9].*)
|
||||
ports=$(grep -v '^;' $pool/* 2>/dev/null |grep listen |grep -o :[0-9].*)
|
||||
ports=$(echo "$ports" |sed "s/://" |sort -n)
|
||||
for port in $ports; do
|
||||
if [ "$backend_port" -eq "$port" ]; then
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@ fi
|
|||
/usr/sbin/useradd $ftp_user \
|
||||
-s $shell \
|
||||
-o -u $(id -u $user) \
|
||||
-g $(id -g $user) \
|
||||
-g $(id -u $user) \
|
||||
-M -d "$ftp_path_a" > /dev/null 2>&1
|
||||
|
||||
# Set ftp user password
|
||||
|
|
|
|||
|
|
@ -143,8 +143,6 @@ if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
UPDATE_SSL_SCRIPT=''
|
||||
source $VESTA/conf/vesta.conf
|
||||
if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then
|
||||
eval "$UPDATE_SSL_SCRIPT $user $domain"
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -223,7 +223,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
|
|||
exlusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain:")
|
||||
set -f
|
||||
fargs=()
|
||||
fargs+=(--exclude='./logs/*')
|
||||
fargs+=(--exclude='logs/*')
|
||||
if [ ! -z "$exlusion" ]; then
|
||||
xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)"
|
||||
for xpath in $xdirs; do
|
||||
|
|
@ -241,7 +241,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
|
|||
set +f
|
||||
|
||||
# Backup files
|
||||
tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
|
||||
tar -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
|
||||
done
|
||||
|
||||
# Print total
|
||||
|
|
@ -460,15 +460,11 @@ if [ "$USER" != '*' ]; then
|
|||
fi
|
||||
fargs=()
|
||||
for xpath in $(echo "$USER" |tr ',' '\n'); do
|
||||
if [ -d "$xpath" ]; then
|
||||
fargs+=(--exclude=$xpath/*)
|
||||
echo "$(date "+%F %T") excluding directory $xpath" |\
|
||||
fargs+=(-not)
|
||||
fargs+=(-path)
|
||||
fargs+=("./$xpath*")
|
||||
echo "$(date "+%F %T") excluding directory $xpath" |\
|
||||
tee -a $BACKUP/$user.log
|
||||
else
|
||||
echo "$(date "+%F %T") excluding file $xpath" |\
|
||||
tee -a $BACKUP/$user.log
|
||||
fargs+=(--exclude=$xpath)
|
||||
fi
|
||||
done
|
||||
|
||||
IFS=$'\n'
|
||||
|
|
@ -479,12 +475,11 @@ if [ "$USER" != '*' ]; then
|
|||
exclusion=$(echo "$USER" |tr ',' '\n' |grep "^$udir$")
|
||||
if [ -z "$exclusion" ]; then
|
||||
((i ++))
|
||||
udir_str=$(echo "$udir" |sed -e "s|'|\\\'|g")
|
||||
udir_list="$udir_list $udir_str"
|
||||
udir_list="$udir_list $udir"
|
||||
echo -e "$(date "+%F %T") adding $udir" |tee -a $BACKUP/$user.log
|
||||
|
||||
# Backup files and dirs
|
||||
tar --anchored -cpf- ${fargs[@]} $udir |gzip -$BACKUP_GZIP - > $tmpdir/user_dir/$udir.tar.gz
|
||||
tar -cpf- $udir |gzip -$BACKUP_GZIP - > $tmpdir/user_dir/$udir.tar.gz
|
||||
fi
|
||||
done
|
||||
set +f
|
||||
|
|
@ -595,7 +590,7 @@ ftp_backup() {
|
|||
fi
|
||||
|
||||
# Debug info
|
||||
echo -e "$(date "+%F %T") Remote: ftp://$HOST/$BPATH/$user.$backup_new_date.tar"
|
||||
echo -e "$(date "+%F %T") Remote: ftp://$HOST$BPATH/$user.$backup_new_date.tar"
|
||||
|
||||
# Checking ftp connection
|
||||
fconn=$(ftpc)
|
||||
|
|
|
|||
|
|
@ -52,11 +52,8 @@ salt=$(generate_password "$PW_MATRIX" "8")
|
|||
md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
|
||||
|
||||
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
|
||||
quota=$(grep $account $VESTA/data/users/${user}/mail/${domain}.conf)
|
||||
quota=$(echo $quota | awk '{ print $7 }' | sed -e "s/'//g" )
|
||||
quota=$(echo $quota | cut -d "=" -f 2 | sed -e "s/unlimited/0/g")
|
||||
sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
|
||||
str="$account:$md5:$user:mail::$HOMEDIR/$user:${quota}M"
|
||||
str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
|
||||
echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -28,7 +28,6 @@ PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin"
|
|||
check_args '2' "$#" 'KEY VALUE'
|
||||
is_format_valid 'key'
|
||||
|
||||
format_no_quotes "$value" 'value'
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Action #
|
||||
|
|
|
|||
|
|
@ -63,7 +63,6 @@ case $service in
|
|||
spamd) dst=$($BIN/v-list-sys-spamd-config plain);;
|
||||
spamassassin) dst=$($BIN/v-list-sys-spamd-config plain);;
|
||||
clamd) dst=$($BIN/v-list-sys-clamd-config plain);;
|
||||
clamd.scan) dst=$($BIN/v-list-sys-clamd-config plain);;
|
||||
cron) dst='/etc/crontab';;
|
||||
crond) dst='/etc/crontab';;
|
||||
fail2ban) dst='/etc/fail2ban/jail.local';;
|
||||
|
|
@ -96,21 +95,13 @@ if [ "$update" = 'yes' ] && [ "$restart" != 'no' ]; then
|
|||
|
||||
if [ "$service" = 'php' ]; then
|
||||
if [ "$WEB_SYSTEM" = "nginx" ]; then
|
||||
if [ $(ps --no-headers -o comm 1) == systemd ]; then
|
||||
service=$(systemctl | grep -o -E "php.*fpm.*\.service")
|
||||
service=${service//.service/}
|
||||
else
|
||||
service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d /)
|
||||
fi
|
||||
service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d / |sed -n 1p)
|
||||
else
|
||||
service=$WEB_SYSTEM
|
||||
fi
|
||||
fi
|
||||
|
||||
for single_service in $service; do
|
||||
service $single_service restart >/dev/null 2>&1
|
||||
done <<< "$service"
|
||||
|
||||
service $service restart >/dev/null 2>&1
|
||||
if [ $? -ne 0 ]; then
|
||||
for config in $dst; do
|
||||
cat $config.vst.back > $config
|
||||
|
|
|
|||
|
|
@ -16,12 +16,16 @@ force=$3
|
|||
|
||||
# Includes
|
||||
source $VESTA/func/main.sh
|
||||
source $VESTA/func/domain.sh
|
||||
source $VESTA/conf/vesta.conf
|
||||
|
||||
is_package_avalable() {
|
||||
|
||||
source $USER_DATA/user.conf
|
||||
usr_data=$(cat $USER_DATA/user.conf)
|
||||
IFS=$'\n'
|
||||
for key in $usr_data; do
|
||||
eval ${key%%=*}=${key#*=}
|
||||
done
|
||||
|
||||
WEB_DOMAINS='0'
|
||||
DATABASES='0'
|
||||
MAIL_DOMAINS='0'
|
||||
|
|
@ -29,13 +33,9 @@ is_package_avalable() {
|
|||
DISK_QUOTA='0'
|
||||
BANDWIDTH='0'
|
||||
|
||||
pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE")
|
||||
IFS=$'\n'
|
||||
for str in $pkg_data; do
|
||||
key=$(echo $str |cut -f 1 -d =)
|
||||
value=$(echo $str |cut -f 2 -d \')
|
||||
eval $key="$value"
|
||||
done
|
||||
pkg_data=$(cat $VESTA/data/packages/$package.pkg |grep -v TIME |\
|
||||
grep -v DATE)
|
||||
eval $pkg_data
|
||||
|
||||
# Checking usage agains package limits
|
||||
if [ "$WEB_DOMAINS" != 'unlimited' ]; then
|
||||
|
|
@ -73,22 +73,11 @@ is_package_avalable() {
|
|||
check_result $E_LIMIT "Package doesn't cover BANDWIDTH usage"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Checking templates
|
||||
is_web_template_valid $WEB_TEMPLATE
|
||||
is_dns_template_valid $DNS_TEMPLATE
|
||||
is_proxy_template_valid $PROXY_TEMPLATE
|
||||
}
|
||||
|
||||
change_user_package() {
|
||||
source $USER_DATA/user.conf
|
||||
pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE")
|
||||
IFS=$'\n'
|
||||
for str in $pkg_data; do
|
||||
key=$(echo $str |cut -f 1 -d =)
|
||||
value=$(echo $str |cut -f 2 -d \')
|
||||
eval $key="$value"
|
||||
done
|
||||
eval $(cat $USER_DATA/user.conf)
|
||||
eval $(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE")
|
||||
echo "FNAME='$FNAME'
|
||||
LNAME='$LNAME'
|
||||
PACKAGE='$package'
|
||||
|
|
@ -167,7 +156,7 @@ fi
|
|||
change_user_package
|
||||
|
||||
# Update user shell
|
||||
shell_conf=$(echo "$pkg_data" |grep 'SHELL' |cut -f 2 -d \')
|
||||
shell_conf=$(echo "$pkg_data" | grep 'SHELL' | cut -f 2 -d \')
|
||||
shell=$(grep -w "$shell_conf" /etc/shells |head -n1)
|
||||
/usr/bin/chsh -s "$shell" "$user" &>/dev/null
|
||||
|
||||
|
|
|
|||
|
|
@ -13,10 +13,6 @@
|
|||
user=$1
|
||||
password=$2; HIDE=2
|
||||
|
||||
# Importing system enviroment as we run this script
|
||||
# mostly by cron wich not read it by itself
|
||||
source /etc/profile
|
||||
|
||||
# Includes
|
||||
source $VESTA/func/main.sh
|
||||
source $VESTA/conf/vesta.conf
|
||||
|
|
@ -26,9 +22,6 @@ source $VESTA/conf/vesta.conf
|
|||
# Verifications #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
if [ "$user" = "root" ]; then
|
||||
check_result $E_FORBIDEN "Changing root password is forbiden"
|
||||
fi
|
||||
check_args '2' "$#" 'USER PASSWORD'
|
||||
is_format_valid 'user'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
|
|
|
|||
|
|
@ -1,60 +0,0 @@
|
|||
#!/bin/bash
|
||||
# info: change vesta port
|
||||
# options: port
|
||||
#
|
||||
# Function will change vesta port
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Variable&Function #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
# Argument definition
|
||||
port=$1
|
||||
|
||||
if [ -z "$VESTA" ]; then
|
||||
VESTA="/usr/local/vesta"
|
||||
fi
|
||||
|
||||
# Get current vesta port by reading nginx.conf
|
||||
oldport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
|
||||
if [ -z "$oldport" ]; then
|
||||
oldport=8083
|
||||
fi
|
||||
|
||||
# Includes
|
||||
source $VESTA/func/main.sh
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Verifications #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
# Checking permissions
|
||||
if [ "$(id -u)" != '0' ]; then
|
||||
check_result $E_FORBIDEN "You must be root to execute this script"
|
||||
fi
|
||||
|
||||
check_args '1' "$#" 'PORT'
|
||||
is_int_format_valid "$port" 'port number'
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Action #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
sed -i "s|$oldport;|$port;|g" $VESTA/nginx/conf/nginx.conf
|
||||
if [ -f "/etc/roundcube/plugins/password/config.inc.php" ]; then
|
||||
sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php
|
||||
fi
|
||||
sed -i "s|'$oldport'|'$port'|g" $VESTA/data/firewall/rules.conf
|
||||
$VESTA/bin/v-update-firewall
|
||||
systemctl restart fail2ban.service
|
||||
sed -i "s| $oldport | $port |g" /etc/iptables.rules
|
||||
systemctl restart vesta
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Vesta #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
# Logging
|
||||
log_event "$OK" "$ARGUMENTS"
|
||||
|
||||
exit 0;
|
||||
|
|
@ -52,7 +52,7 @@ rm -f $pool/$backend_type.conf
|
|||
|
||||
# Allocating backend port
|
||||
backend_port=9000
|
||||
ports=$(grep listen $pool/* 2>/dev/null |grep -o :[0-9].*)
|
||||
ports=$(grep -v '^;' $pool/* 2>/dev/null |grep listen |grep -o :[0-9].*)
|
||||
ports=$(echo "$ports" |sed "s/://" |sort -n)
|
||||
for port in $ports; do
|
||||
if [ "$backend_port" -eq "$port" ]; then
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ check_args '2' "$#" 'MODULE LICENSE'
|
|||
|
||||
# Activating license
|
||||
v_host='https://vestacp.com/checkout'
|
||||
answer=$(curl -s "$v_host/cancel.php?licence_key=$license&module=$module")
|
||||
answer=$(curl -s $v_host/cancel.php?licence_key=$license)
|
||||
check_result $? "cant' connect to vestacp.com " $E_CONNECT
|
||||
|
||||
# Checking server answer
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ fi
|
|||
# Deleting dkim dns record
|
||||
if [ "$DKIM" = 'yes' ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then
|
||||
records=$($BIN/v-list-dns-records $user $domain plain)
|
||||
dkim_records=$(echo "$records" |grep -w '_domainkey' |cut -f 1)
|
||||
dkim_records=$(echo "$records" |grep -w '_domainkey' | cut -f 1 -d ' ')
|
||||
for id in $dkim_records; do
|
||||
$BIN/v-delete-dns-record $user $domain $id
|
||||
done
|
||||
|
|
|
|||
|
|
@ -32,8 +32,6 @@ case $system in
|
|||
DNS_REC) is_format_valid 'id' ;;
|
||||
*) is_format_valid 'object'
|
||||
esac
|
||||
|
||||
is_format_valid 'user'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
is_object_unsuspended 'user' 'USER' "$user"
|
||||
|
||||
|
|
|
|||
|
|
@ -57,13 +57,7 @@ fi
|
|||
|
||||
# Deleting old certificate
|
||||
tmpdir=$(mktemp -p $HOMEDIR/$user/web/$domain/private -d)
|
||||
|
||||
# remove certificate files - do not use wildcard, as this might remove other domains
|
||||
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.ca
|
||||
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.crt
|
||||
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.key
|
||||
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.pem
|
||||
|
||||
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.*
|
||||
mv $USER_DATA/ssl/$domain.* $tmpdir
|
||||
chown -R $user:$user $tmpdir
|
||||
|
||||
|
|
|
|||
|
|
@ -82,7 +82,7 @@ fi
|
|||
# Extracting ziped archive
|
||||
if [ ! -z "$(echo $src_file |grep -i '.zip')" ]; then
|
||||
sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1
|
||||
sudo -u $user unzip -o "$src_file" -d "$dst_dir" >/dev/null 2>&1
|
||||
sudo -u $user unzip "$src_file" -d "$dst_dir" >/dev/null 2>&1
|
||||
rc=$?
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ fi
|
|||
|
||||
args_usage='DOMAIN EMAIL COUNTRY STATE CITY ORG UNIT [ALIASES] [FORMAT]'
|
||||
check_args '7' "$#" "$args_usage"
|
||||
is_format_valid 'domain' 'alias' 'format'
|
||||
is_format_valid 'domain_alias' 'format'
|
||||
|
||||
|
||||
#----------------------------------------------------------#
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ if [ "$flush" = 'records' ]; then
|
|||
fi
|
||||
|
||||
# Flush domain
|
||||
if [ "$flush" != 'no' ]; then
|
||||
if [ "$flush" ! = 'no' ]; then
|
||||
sed -i "/DOMAIN='$DOMAIN'/d" $USER_DATA/dns.conf 2> /dev/null
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -71,7 +71,6 @@ csv_list() {
|
|||
#----------------------------------------------------------#
|
||||
|
||||
check_args '2' "$#" 'USER DOMAIN [FORMAT]'
|
||||
is_format_valid 'user' 'domain'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
is_object_valid 'dns' 'DOMAIN' "$domain"
|
||||
|
||||
|
|
|
|||
|
|
@ -56,7 +56,6 @@ csv_list() {
|
|||
#----------------------------------------------------------#
|
||||
|
||||
check_args '1' "$#" 'USER [FORMAT]'
|
||||
is_format_valid 'user'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
|
||||
check_result $E_NOTEXIST "LetsEncrypt user account doesn't exist"
|
||||
|
|
|
|||
|
|
@ -57,7 +57,6 @@ csv_list() {
|
|||
#----------------------------------------------------------#
|
||||
|
||||
check_args '2' "$#" 'USER DOMAIN [FORMAT]'
|
||||
is_format_valid 'user' 'domain'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
is_object_valid 'mail' 'DOMAIN' "$domain"
|
||||
|
||||
|
|
@ -68,7 +67,7 @@ is_object_valid 'mail' 'DOMAIN' "$domain"
|
|||
|
||||
# Parsing domain keys
|
||||
if [ -e "$USER_DATA/mail/$domain.pub" ]; then
|
||||
pub=$(cat $USER_DATA/mail/$domain.pub |grep -v "KEY-----" |tr -d "\n\r")
|
||||
pub=$(cat $USER_DATA/mail/$domain.pub |grep -v "KEY-----")
|
||||
pub=$(echo "$pub" |sed ':a;N;$!ba;s/\n/\\n/g')
|
||||
else
|
||||
pub="DKIM-SUPPORT-IS-NOT-ACTIVATED"
|
||||
|
|
|
|||
|
|
@ -154,7 +154,6 @@ csv_list() {
|
|||
#----------------------------------------------------------#
|
||||
|
||||
check_args '1' "$#" 'USER [FORMAT]'
|
||||
is_format_valid 'user'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -75,7 +75,6 @@ csv_list() {
|
|||
#----------------------------------------------------------#
|
||||
|
||||
check_args '2' "$#" 'USER BACKUP [FORMAT]'
|
||||
is_format_valid 'user'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
is_object_valid 'backup' 'BACKUP' "$backup"
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ json_list() {
|
|||
i=1
|
||||
objects=$(grep BACKUP $USER_DATA/backup.conf |wc -l)
|
||||
echo "{"
|
||||
while read -r str; do
|
||||
while read str; do
|
||||
eval $str
|
||||
echo -n ' "'$BACKUP'": {
|
||||
"TYPE": "'$TYPE'",
|
||||
|
|
|
|||
|
|
@ -22,7 +22,6 @@ json_list() {
|
|||
echo '{'
|
||||
echo ' "'$PACKAGE'": {
|
||||
"WEB_TEMPLATE": "'$WEB_TEMPLATE'",
|
||||
"BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'",
|
||||
"PROXY_TEMPLATE": "'$PROXY_TEMPLATE'",
|
||||
"DNS_TEMPLATE": "'$DNS_TEMPLATE'",
|
||||
"WEB_DOMAINS": "'$WEB_DOMAINS'",
|
||||
|
|
@ -48,7 +47,6 @@ json_list() {
|
|||
shell_list() {
|
||||
echo "PACKAGE: $PACKAGE"
|
||||
echo "WEB TEMPLATE: $WEB_TEMPLATE"
|
||||
echo "BACKEND_TEMPLATE: $BACKEND_TEMPLATE"
|
||||
echo "PROXY TEMPLATE: $PROXY_TEMPLATE"
|
||||
echo "DNS TEMPLATE: $DNS_TEMPLATE"
|
||||
echo "WEB DOMAINS: $WEB_DOMAINS"
|
||||
|
|
@ -70,7 +68,7 @@ shell_list() {
|
|||
|
||||
# PLAIN list function
|
||||
plain_list() {
|
||||
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
|
||||
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
|
||||
echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t"
|
||||
echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t"
|
||||
echo -e "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$SHELL\t$BACKUPS\t$TIME\t$DATE"
|
||||
|
|
@ -78,11 +76,11 @@ plain_list() {
|
|||
|
||||
# CSV list function
|
||||
csv_list() {
|
||||
echo -n "PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
|
||||
echo -n "PACKAGE,WEB_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
|
||||
echo -n "WEB_DOMAINS,WEB_ALIASES,DNS_DOMAINS,DNS_RECORDS,"
|
||||
echo -n "MAIL_DOMAINS,MAIL_ACCOUNTS,DATABASES,CRON_JOBS,"
|
||||
echo "DISK_QUOTA,BANDWIDTH,NS,SHELL,BACKUPS,TIME,DATE"
|
||||
echo -n "$PACKAGE,$WEB_TEMPLATE,$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
|
||||
echo -n "$PACKAGE,$WEB_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
|
||||
echo -n "$WEB_DOMAINS,$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS,"
|
||||
echo -n "$MAIL_DOMAINS,$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS,"
|
||||
echo "$DISK_QUOTA,$BANDWIDTH,\"$NS\",$SHELL,$BACKUPS,$TIME,$DATE"
|
||||
|
|
|
|||
|
|
@ -27,7 +27,6 @@ json_list() {
|
|||
source $VESTA/data/packages/$package
|
||||
echo -n ' "'$PACKAGE'": {
|
||||
"WEB_TEMPLATE": "'$WEB_TEMPLATE'",
|
||||
"BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'",
|
||||
"PROXY_TEMPLATE": "'$PROXY_TEMPLATE'",
|
||||
"DNS_TEMPLATE": "'$DNS_TEMPLATE'",
|
||||
"WEB_DOMAINS": "'$WEB_DOMAINS'",
|
||||
|
|
@ -66,7 +65,7 @@ shell_list() {
|
|||
package_data=$(cat $VESTA/data/packages/$package)
|
||||
package_data=$(echo "$package_data" |sed -e 's/unlimited/unlim/g')
|
||||
eval $package_data
|
||||
echo -n "$PACKAGE $WEB_TEMPLATE $BACKEND_TEMPLATE $WEB_DOMAINS $DNS_DOMAINS "
|
||||
echo -n "$PACKAGE $WEB_TEMPLATE $WEB_DOMAINS $DNS_DOMAINS "
|
||||
echo "$MAIL_DOMAINS $DATABASES $SHELL $DISK_QUOTA $BANDWIDTH"
|
||||
done
|
||||
}
|
||||
|
|
@ -76,7 +75,7 @@ plain_list() {
|
|||
for package in $packages; do
|
||||
source $VESTA/data/packages/$package
|
||||
PACKAGE=${package/.pkg/}
|
||||
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
|
||||
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
|
||||
echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t"
|
||||
echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t"
|
||||
echo -e "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$SHELL\t$BACKUPS\t$TIME\t$DATE"
|
||||
|
|
@ -85,13 +84,13 @@ plain_list() {
|
|||
|
||||
# CSV list function
|
||||
csv_list() {
|
||||
echo -n "PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
|
||||
echo -n "PACKAGE,WEB_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
|
||||
echo -n "WEB_DOMAINS,WEB_ALIASES,DNS_DOMAINS,DNS_RECORDS,"
|
||||
echo -n "MAIL_DOMAINS,MAIL_ACCOUNTS,DATABASES,CRON_JOBS,"
|
||||
echo "DISK_QUOTA,BANDWIDTH,NS,SHELL,BACKUPS,TIME,DATE"
|
||||
for package in $packages; do
|
||||
PACKAGE=${package/.pkg/}
|
||||
echo -n "$PACKAGE,$WEB_TEMPLATE,$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
|
||||
echo -n "$PACKAGE,$WEB_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
|
||||
echo -n "$WEB_DOMAINS,$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS,"
|
||||
echo -n "$MAIL_DOMAINS,$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS,"
|
||||
echo "$DISK_QUOTA,$BANDWIDTH,\"$NS\",$SHELL,$BACKUPS,$TIME,$DATE"
|
||||
|
|
|
|||
|
|
@ -115,7 +115,6 @@ csv_list() {
|
|||
#----------------------------------------------------------#
|
||||
|
||||
check_args '1' "$#" 'USER [FORMAT]'
|
||||
is_format_valid 'user'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -110,7 +110,6 @@ csv_list() {
|
|||
#----------------------------------------------------------#
|
||||
|
||||
check_args '2' "$#" 'USER DOMAIN [FORMAT]'
|
||||
is_format_valid 'user' 'domain'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
is_object_valid 'web' 'DOMAIN' "$domain"
|
||||
|
||||
|
|
|
|||
|
|
@ -98,7 +98,6 @@ csv_list() {
|
|||
#----------------------------------------------------------#
|
||||
|
||||
check_args '2' "$#" 'USER DOMAIN [FORMAT]'
|
||||
is_format_valid 'user' 'domain'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
is_object_valid 'web' 'DOMAIN' "$domain"
|
||||
|
||||
|
|
@ -112,7 +111,7 @@ if [ -e "$USER_DATA/ssl/$domain.crt" ]; then
|
|||
crt=$(cat $USER_DATA/ssl/$domain.crt |sed ':a;N;$!ba;s/\n/\\n/g')
|
||||
|
||||
info=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
|
||||
subj=$(echo "$info" |grep Subject: |cut -f 2 -d =|cut -f 2 -d \")
|
||||
subj=$(echo "$info" |grep Subject: |cut -f 2 -d =)
|
||||
before=$(echo "$info" |grep Before: |sed -e "s/.*Before: //")
|
||||
after=$(echo "$info" |grep "After :" |sed -e "s/.*After : //")
|
||||
signature=$(echo "$info" |grep "Algorithm:" |head -n1 )
|
||||
|
|
|
|||
|
|
@ -100,7 +100,6 @@ csv_list() {
|
|||
#----------------------------------------------------------#
|
||||
|
||||
check_args '1' "$#" 'USER [FORMAT]'
|
||||
is_format_valid 'user'
|
||||
is_object_valid 'user' 'USER' "$user"
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -50,13 +50,7 @@ if [ -z "$PROXY_SYSTEM" ] || [ "$PROXY_SYSTEM" = 'remote' ]; then
|
|||
fi
|
||||
|
||||
# Restart system
|
||||
if [ ! -f "/etc/debian_version" ]; then
|
||||
service $PROXY_SYSTEM restart >/dev/null 2>&1
|
||||
else
|
||||
systemctl reset-failed $PROXY_SYSTEM
|
||||
systemctl restart $PROXY_SYSTEM > /dev/null 2>&1
|
||||
fi
|
||||
|
||||
service $PROXY_SYSTEM restart >/dev/null 2>&1
|
||||
if [ $? -ne 0 ]; then
|
||||
send_email_report
|
||||
check_result $E_RESTART "$PROXY_SYSTEM restart failed"
|
||||
|
|
|
|||
|
|
@ -56,7 +56,6 @@ ftpc() {
|
|||
quote USER $USERNAME
|
||||
quote PASS $PASSWORD
|
||||
binary
|
||||
lcd $BACKUP
|
||||
$1
|
||||
$2
|
||||
$3
|
||||
|
|
@ -290,7 +289,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
|
|||
if [ -z "$web" ] || [ "$web" = '*' ]; then
|
||||
domains="$backup_domains"
|
||||
else
|
||||
echo "$web" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
|
||||
echo "$web" |tr ',' '\n' > $tmpdir/selected.txt
|
||||
domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
|
||||
fi
|
||||
|
||||
|
|
@ -407,21 +406,15 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
|
|||
fi
|
||||
|
||||
# Restoring web domain data
|
||||
chown $user $tmpdir
|
||||
chmod u+w $HOMEDIR/$user/web/$domain
|
||||
sudo -u $user tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \
|
||||
-C $HOMEDIR/$user/web/$domain/ --exclude=./logs/* \
|
||||
2> $HOMEDIR/$user/web/$domain/restore_errors.log
|
||||
if [ -e "$HOMEDIR/$user/web/$domain/restore_errors.log" ]; then
|
||||
chown $user:$user $HOMEDIR/$user/web/$domain/restore_errors.log
|
||||
tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \
|
||||
-C $HOMEDIR/$user/web/$domain/
|
||||
if [ "$?" -ne 0 ]; then
|
||||
rm -rf $tmpdir
|
||||
error="can't unpack $domain data tarball"
|
||||
echo "$error" |$SENDMAIL -s "$subj" $email $notify
|
||||
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
|
||||
check_result "$E_PARSING" "$error"
|
||||
fi
|
||||
#if [ "$?" -ne 0 ]; then
|
||||
# rm -rf $tmpdir
|
||||
# error="can't unpack $domain data tarball"
|
||||
# echo "$error" |$SENDMAIL -s "$subj" $email $notify
|
||||
# sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
|
||||
# check_result "$E_PARSING" "$error"
|
||||
#fi
|
||||
|
||||
# Applying Fix for tar < 1.24
|
||||
find $HOMEDIR/$user/web/$domain -type d \
|
||||
|
|
@ -459,7 +452,7 @@ if [ "$dns" != 'no' ] && [ ! -z "$DNS_SYSTEM" ]; then
|
|||
if [ -z "$dns" ] || [ "$dns" = '*' ]; then
|
||||
domains="$backup_domains"
|
||||
else
|
||||
echo "$dns" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
|
||||
echo "$dns" |tr ',' '\n' > $tmpdir/selected.txt
|
||||
domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
|
||||
fi
|
||||
|
||||
|
|
@ -539,7 +532,7 @@ if [ "$mail" != 'no' ] && [ ! -z "$MAIL_SYSTEM" ]; then
|
|||
if [ -z "$mail" ] || [ "$mail" = '*' ]; then
|
||||
domains="$backup_domains"
|
||||
else
|
||||
echo "$mail" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
|
||||
echo "$mail" |tr ',' '\n' > $tmpdir/selected.txt
|
||||
domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
|
||||
fi
|
||||
|
||||
|
|
@ -599,9 +592,7 @@ if [ "$mail" != 'no' ] && [ ! -z "$MAIL_SYSTEM" ]; then
|
|||
|
||||
# Restoring emails
|
||||
if [ -e "$tmpdir/mail/$domain/accounts.tar.gz" ]; then
|
||||
chown $user $tmpdir
|
||||
chmod u+w $HOMEDIR/$user/mail/$domain_idn
|
||||
sudo -u $user tar -xzpf $tmpdir/mail/$domain/accounts.tar.gz \
|
||||
tar -xzpf $tmpdir/mail/$domain/accounts.tar.gz \
|
||||
-C $HOMEDIR/$user/mail/$domain_idn/
|
||||
if [ "$?" -ne 0 ]; then
|
||||
rm -rf $tmpdir
|
||||
|
|
@ -636,7 +627,7 @@ if [ "$db" != 'no' ] && [ ! -z "$DB_SYSTEM" ]; then
|
|||
if [ -z "$db" ] || [ "$db" = '*' ]; then
|
||||
databases="$backup_databases"
|
||||
else
|
||||
echo "$db" |tr ',' '\n' | sed -e "s/$/$/" > $tmpdir/selected.txt
|
||||
echo "$db" |tr ',' '\n' > $tmpdir/selected.txt
|
||||
databases=$(echo "$backup_databases" |egrep -f $tmpdir/selected.txt)
|
||||
fi
|
||||
|
||||
|
|
|
|||
|
|
@ -23,19 +23,6 @@ udir=$8
|
|||
source $VESTA/func/main.sh
|
||||
source $VESTA/conf/vesta.conf
|
||||
|
||||
# Check backup ownership function
|
||||
is_backup_available() {
|
||||
passed=false
|
||||
if [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then
|
||||
passed=true
|
||||
elif [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then
|
||||
passed=true
|
||||
fi
|
||||
|
||||
if [ $passed = false ]; then
|
||||
check_result $E_FORBIDEN "permission denied"
|
||||
fi
|
||||
}
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Verifications #
|
||||
|
|
@ -47,7 +34,6 @@ is_system_enabled "$BACKUP_SYSTEM" 'BACKUP_SYSTEM'
|
|||
is_object_valid 'user' 'USER' "$user"
|
||||
is_backup_enabled
|
||||
is_backup_scheduled 'restore'
|
||||
is_backup_available "$user" "$backup"
|
||||
|
||||
|
||||
#----------------------------------------------------------#
|
||||
|
|
|
|||
|
|
@ -84,22 +84,6 @@ OLD_IFS=$IFS
|
|||
IFS=$'\n'
|
||||
|
||||
# User loop
|
||||
search_user=$(ls -1 $VESTA/data/users |grep $object)
|
||||
for user in $search_user; do
|
||||
if [ -e "$VESTA/data/users/$user/user.conf" ]; then
|
||||
source $VESTA/data/users/$user/user.conf
|
||||
((i ++))
|
||||
type=$(echo $type|cut -f1 -d \.)
|
||||
str="ID='$i' USER='$user' TYPE='user' KEY='$user'"
|
||||
str="$str RESULT='$user' ALIAS=''"
|
||||
str="$str LINK='$user' PARENT=''"
|
||||
str="$str SUSPENDED='$SUSPENDED' TIME='$TIME'"
|
||||
str="$str DATE='$DATE'"
|
||||
echo $str >> $conf
|
||||
fi
|
||||
done
|
||||
|
||||
# User data loop
|
||||
for user in $(ls $VESTA/data/users/); do
|
||||
# Search query
|
||||
search=$(grep "$object" \
|
||||
|
|
@ -170,13 +154,12 @@ for user in $(ls $VESTA/data/users/); do
|
|||
|
||||
# DNS Records
|
||||
if [ "$type" = 'dns' ]; then
|
||||
if [ -n "$(echo $RECORD $VALUE |grep $object)" ]; then
|
||||
dom="$(echo $row|cut -f 1 -d :|cut -f 9 -d /|sed 's/.conf//')"
|
||||
if [ -n "$(echo $RECORD |grep $object)" ]; then
|
||||
key="RECORD"
|
||||
result="$RECORD.$dom"
|
||||
result="$RECORD.$DOMAIN"
|
||||
suspended=$SUSPENDED
|
||||
object_link=$ID
|
||||
object_parent=$dom
|
||||
object_parent=$DOMAIN
|
||||
object_time=$TIME
|
||||
object_date=$DATE
|
||||
((i ++))
|
||||
|
|
|
|||
|
|
@ -48,9 +48,6 @@ is_object_suspended "mail/$domain" 'ACCOUNT' "$account"
|
|||
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
|
||||
md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5')
|
||||
quota=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA')
|
||||
if [ "$quota" = 'unlimited' ]; then
|
||||
quota=0
|
||||
fi
|
||||
sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
|
||||
str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
|
||||
echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
|
||||
|
|
|
|||
|
|
@ -51,6 +51,11 @@ if [ $? -ne 0 ]; then
|
|||
conntrack_ftp='no'
|
||||
fi
|
||||
|
||||
# Checking custom OpenSSH port
|
||||
sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2)
|
||||
if [[ "$sshport" =~ ^[0-9]+$ ]] && [ "$sshport" -ne "22" ]; then
|
||||
sed -i "s/PORT='22'/PORT=\'$sshport\'/" $rules
|
||||
fi
|
||||
|
||||
# Creating temporary file
|
||||
tmp=$(mktemp)
|
||||
|
|
|
|||
|
|
@ -23,34 +23,12 @@ source $VESTA/conf/vesta.conf
|
|||
#----------------------------------------------------------#
|
||||
|
||||
lecounter=0
|
||||
hostname=$(hostname)
|
||||
|
||||
echo "[$(date)] : -----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt_cron.log
|
||||
|
||||
# Checking user certificates
|
||||
for user in $($BIN/v-list-users plain |cut -f 1); do
|
||||
USER_DATA=$VESTA/data/users/$user
|
||||
|
||||
for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
|
||||
|
||||
limit_check=1
|
||||
fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
|
||||
|
||||
if [[ "$hostname" = "$domain" ]]; then
|
||||
if [[ "$fail_counter" -eq 7 ]]; then
|
||||
limit_check=0
|
||||
fi
|
||||
if [[ "$fail_counter" -eq 8 ]]; then
|
||||
fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
|
||||
send_email_to_admin "LetsEncrypt renewing hostname $hostname" "Warning: hostname $domain failed for LetsEncrypt renewing"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ "$fail_counter" -ge 7 ]] && [[ "$limit_check" -eq 1 ]]; then
|
||||
# echo "$domain failed $fail_counter times for LetsEncrypt renewing, skipping"
|
||||
echo "[$(date)] : $domain failed $fail_counter times for LetsEncrypt renewing, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log
|
||||
continue;
|
||||
fi
|
||||
crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
|
||||
not_after=$(echo "$crt_data" |grep "Not After" |cut -f 2,3,4 -d :)
|
||||
expiration=$(date -d "$not_after" +%s)
|
||||
|
|
@ -59,25 +37,17 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
|
|||
days_valid=$((seconds_valid / 86400))
|
||||
if [[ "$days_valid" -lt 31 ]]; then
|
||||
if [ $lecounter -gt 0 ]; then
|
||||
sleep 120
|
||||
sleep 10
|
||||
fi
|
||||
((lecounter++))
|
||||
aliases=$(echo "$crt_data" |grep DNS:)
|
||||
aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//g")
|
||||
aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//")
|
||||
aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
|
||||
aliases=$(echo "$aliases" |egrep -v "^$domain,?$")
|
||||
aliases=$(echo "$aliases" |grep -v "^$domain$")
|
||||
aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
|
||||
msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
|
||||
if [ $? -ne 0 ]; then
|
||||
if [[ $msg == *"is suspended" ]]; then
|
||||
echo "[$(date)] : SUSPENDED: $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log
|
||||
else
|
||||
echo "[$(date)] : $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log
|
||||
echo "$domain $msg"
|
||||
fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
|
||||
echo "[$(date)] : fail_counter = $fail_counter" >> /usr/local/vesta/log/letsencrypt_cron.log
|
||||
echo "fail_counter = $fail_counter"
|
||||
fi
|
||||
echo "$domain $msg"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ if [[ "$ip_num" -eq '1' ]] && [[ "$v_ip_num" -eq 1 ]]; then
|
|||
fi
|
||||
|
||||
# Updating configs
|
||||
if [ ! -z "$old" ]; then
|
||||
if [ ! -z "$new" ]; then
|
||||
mv $VESTA/data/ips/$old $VESTA/data/ips/$new
|
||||
|
||||
# Updating PROXY
|
||||
|
|
|
|||
|
|
@ -61,13 +61,13 @@ fi
|
|||
# Parsing data
|
||||
if [ "$period" = 'daily' ]; then
|
||||
mem=$(free -m)
|
||||
used=$(echo "$mem" |awk '(NR == 2)' |awk '{print $3}')
|
||||
used=$(echo "$mem" |grep Mem |awk '{print $3}')
|
||||
if [ -z "$(echo "$mem" | grep available)" ]; then
|
||||
free=$(echo "$mem" |grep buff/cache |awk '{print $4}')
|
||||
free=$(echo "$mem" |grep buffers/cache |awk '{print $4}')
|
||||
else
|
||||
free=$(echo "$mem" |awk '(NR == 2)' |awk '{print $7}')
|
||||
free=$(echo "$mem" |grep Mem |awk '{print $7}')
|
||||
fi
|
||||
swap=$(echo "$mem" |awk '(NR == 3)' |awk '{print $3}')
|
||||
swap=$(echo "$mem" |grep Swap |awk '{print $3}')
|
||||
|
||||
# Updating rrd
|
||||
rrdtool update $RRD/mem/mem.rrd N:$used:$swap:$free
|
||||
|
|
|
|||
|
|
@ -85,7 +85,7 @@ for host in $hosts; do
|
|||
# Parsing data
|
||||
q='SELECT SUM(xact_commit + xact_rollback), SUM(numbackends)
|
||||
FROM pg_stat_database;'
|
||||
status=$($sql psql -d postgres -c "$q" 2>/dev/null); code="$?"
|
||||
status=$($sql plsql -d postgres -c "$q" 2>/dev/null); code="$?"
|
||||
if [ '0' -ne "$code" ]; then
|
||||
active=0
|
||||
slow=0
|
||||
|
|
|
|||
|
|
@ -28,32 +28,12 @@ source $VESTA/conf/vesta.conf
|
|||
# Checking arg number
|
||||
check_args '1' "$#" 'PACKAGE'
|
||||
|
||||
valid=0
|
||||
if [ "$package" = "vesta" ]; then
|
||||
valid=1
|
||||
fi
|
||||
if [ "$package" = "vesta-nginx" ]; then
|
||||
valid=1
|
||||
fi
|
||||
if [ "$package" = "vesta-php" ]; then
|
||||
valid=1
|
||||
fi
|
||||
if [ "$package" = "vesta-ioncube" ]; then
|
||||
valid=1
|
||||
fi
|
||||
if [ "$package" = "vesta-softaculous" ]; then
|
||||
valid=1
|
||||
fi
|
||||
if [ $valid -eq 0 ]; then
|
||||
echo "Package $package is not valid"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Action #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
if [ -n "$(command -v yum)" ]; then
|
||||
if [ -d "/etc/sysconfig" ]; then
|
||||
# Clean yum chache
|
||||
yum -q clean all
|
||||
|
||||
|
|
|
|||
|
|
@ -55,14 +55,14 @@ mysql_query() {
|
|||
|
||||
mysql_dump() {
|
||||
err="/tmp/e.mysql"
|
||||
mysqldump --defaults-file=$mycnf --single-transaction --max_allowed_packet=100M -r $1 $2 2> $err
|
||||
mysqldump --defaults-file=$mycnf --single-transaction -r $1 $2 2> $err
|
||||
if [ '0' -ne "$?" ]; then
|
||||
rm -rf $tmpdir
|
||||
if [ "$notify" != 'no' ]; then
|
||||
echo -e "Can't dump database $database\n$(cat $err)" |\
|
||||
$SENDMAIL -s "$subj" $email
|
||||
fi
|
||||
echo "Error: dump $database failed\n$(cat $err)"
|
||||
echo "Error: dump $database failed"
|
||||
log_event "$E_DB" "$ARGUMENTS"
|
||||
exit $E_DB
|
||||
fi
|
||||
|
|
@ -322,7 +322,7 @@ delete_pgsql_database() {
|
|||
psql_connect $HOST
|
||||
|
||||
query="REVOKE ALL PRIVILEGES ON DATABASE $database FROM $DBUSER"
|
||||
psql_query "$query" > /dev/null
|
||||
psql_qyery "$query" > /dev/null
|
||||
|
||||
query="DROP DATABASE $database"
|
||||
psql_query "$query" > /dev/null
|
||||
|
|
|
|||
|
|
@ -215,11 +215,7 @@ add_web_config() {
|
|||
fi
|
||||
fi
|
||||
|
||||
trigger="${2/%.tpl/.sh}"
|
||||
if [[ "$2" =~ stpl$ ]]; then
|
||||
trigger="${2/%.stpl/.sh}"
|
||||
fi
|
||||
|
||||
trigger="${2/.*pl/.sh}"
|
||||
if [ -x "$WEBTPL/$1/$WEB_BACKEND/$trigger" ]; then
|
||||
$WEBTPL/$1/$WEB_BACKEND/$trigger \
|
||||
$user $domain $local_ip $HOMEDIR \
|
||||
|
|
@ -343,7 +339,7 @@ is_web_domain_cert_valid() {
|
|||
check_result $E_FORBIDEN "SSL Key is protected (remove pass_phrase)"
|
||||
fi
|
||||
|
||||
openssl s_server -port 654321 -quiet -cert $ssl_dir/$domain.crt \
|
||||
openssl s_server -quiet -cert $ssl_dir/$domain.crt \
|
||||
-key $ssl_dir/$domain.key >> /dev/null 2>&1 &
|
||||
pid=$!
|
||||
sleep 0.5
|
||||
|
|
@ -412,24 +408,6 @@ update_domain_zone() {
|
|||
VALUE=$(idn --quiet -a -t "$VALUE")
|
||||
fi
|
||||
|
||||
# Split long TXT entries into 255 chunks
|
||||
if [ "$TYPE" = 'TXT' ]; then
|
||||
txtlength=${#VALUE}
|
||||
if [ $txtlength -gt 255 ]; then
|
||||
already_chunked=0
|
||||
if [[ $VALUE == *"\" \""* ]] || [[ $VALUE == *"\"\""* ]]; then
|
||||
already_chunked=1
|
||||
fi
|
||||
if [ $already_chunked -eq 0 ]; then
|
||||
if [[ ${VALUE:0:1} = '"' ]]; then
|
||||
txtlength=$(( $txtlength - 2 ))
|
||||
VALUE=${VALUE:1:txtlength}
|
||||
fi
|
||||
VALUE=$(echo $VALUE | fold -w 255 | xargs -I '$' echo -n '"$"')
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$SUSPENDED" != 'yes' ]; then
|
||||
eval echo -e "\"$fields\""|sed "s/%quote%/'/g" >> $zn_conf
|
||||
fi
|
||||
|
|
|
|||
117
func/main.sh
117
func/main.sh
|
|
@ -35,7 +35,6 @@ E_DB=17
|
|||
E_RRD=18
|
||||
E_UPDATE=19
|
||||
E_RESTART=20
|
||||
E_TEAPOT=418
|
||||
|
||||
# Event string for logger
|
||||
for ((I=1; I <= $# ; I++)); do
|
||||
|
|
@ -213,8 +212,7 @@ is_object_new() {
|
|||
# Check if object is valid
|
||||
is_object_valid() {
|
||||
if [ $2 = 'USER' ]; then
|
||||
user_vst_dir=$(basename $3)
|
||||
if [ ! -d "$VESTA/data/users/$user_vst_dir" ]; then
|
||||
if [ ! -d "$VESTA/data/users/$3" ]; then
|
||||
check_result $E_NOTEXIST "$1 $3 doesn't exist"
|
||||
fi
|
||||
else
|
||||
|
|
@ -296,20 +294,6 @@ is_dir_symlink() {
|
|||
fi
|
||||
}
|
||||
|
||||
# Check if file exists
|
||||
if_file_exists() {
|
||||
if [[ -f "$1" ]]; then
|
||||
check_result $E_FORBIDEN "$1 file exists"
|
||||
fi
|
||||
}
|
||||
|
||||
# Check if directory exists
|
||||
if_dir_exists() {
|
||||
if [[ -d "$1" ]]; then
|
||||
check_result $E_FORBIDEN "$1 directory exists"
|
||||
fi
|
||||
}
|
||||
|
||||
# Get object value
|
||||
get_object_value() {
|
||||
object=$(grep "$2='$3'" $USER_DATA/$1.conf)
|
||||
|
|
@ -675,7 +659,7 @@ is_dbuser_format_valid() {
|
|||
|
||||
# DNS record type validator
|
||||
is_dns_type_format_valid() {
|
||||
known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF,TLSA,CAA'
|
||||
known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF,TLSA'
|
||||
if [ -z "$(echo $known_dnstype |grep -w $1)" ]; then
|
||||
check_result $E_INVALID "invalid dns record type format :: $1"
|
||||
fi
|
||||
|
|
@ -831,23 +815,6 @@ is_format_valid_shell() {
|
|||
exit $E_INVALID
|
||||
fi
|
||||
}
|
||||
|
||||
format_no_quotes() {
|
||||
exclude="['|\"]"
|
||||
if [[ "$1" =~ $exclude ]]; then
|
||||
check_result "$E_INVALID" "Invalid $2 contains qoutes (\" or ') :: $1"
|
||||
fi
|
||||
is_no_new_line_format "$1"
|
||||
}
|
||||
|
||||
is_no_new_line_format() {
|
||||
test=$(echo "$1" | head -n1 );
|
||||
if [[ "$test" != "$1" ]]; then
|
||||
check_result "$E_INVALID" "invalid value :: $1"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
# Format validation controller
|
||||
is_format_valid() {
|
||||
for arg_name in $*; do
|
||||
|
|
@ -856,7 +823,6 @@ is_format_valid() {
|
|||
case $arg_name in
|
||||
account) is_user_format_valid "$arg" "$arg_name";;
|
||||
action) is_fw_action_format_valid "$arg";;
|
||||
alias) is_alias_format_valid "$arg" ;;
|
||||
aliases) is_alias_format_valid "$arg" ;;
|
||||
antispam) is_boolean_format_valid "$arg" 'antispam' ;;
|
||||
antivirus) is_boolean_format_valid "$arg" 'antivirus' ;;
|
||||
|
|
@ -882,7 +848,6 @@ is_format_valid() {
|
|||
host) is_object_format_valid "$arg" "$arg_name" ;;
|
||||
hour) is_cron_format_valid "$arg" $arg_name ;;
|
||||
id) is_int_format_valid "$arg" 'id' ;;
|
||||
interface) is_interface_format_valid "$arg" ;;
|
||||
ip) is_ip_format_valid "$arg" ;;
|
||||
ip_name) is_domain_format_valid "$arg" 'IP name';;
|
||||
ip_status) is_ip_status_format_valid "$arg" ;;
|
||||
|
|
@ -972,81 +937,3 @@ format_aliases() {
|
|||
aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//")
|
||||
fi
|
||||
}
|
||||
|
||||
alter_web_counter() {
|
||||
user=$1
|
||||
domain=$2
|
||||
USER_DATA=$VESTA/data/users/$user
|
||||
|
||||
varc=$3
|
||||
vard="\$${varc}"
|
||||
counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard")
|
||||
|
||||
if [ -z "$counter" ]; then
|
||||
add_object_key "web" 'DOMAIN' "$domain" "$varc" "TIME"
|
||||
counter=0
|
||||
fi
|
||||
|
||||
((counter++))
|
||||
backup_counter=$counter
|
||||
|
||||
update_object_value 'web' 'DOMAIN' "$domain" "$vard" "$counter"
|
||||
counter=$backup_counter
|
||||
|
||||
echo $counter
|
||||
}
|
||||
|
||||
reset_web_counter() {
|
||||
user=$1
|
||||
domain=$2
|
||||
USER_DATA=$VESTA/data/users/$user
|
||||
|
||||
varc=$3
|
||||
vard="\$${varc}"
|
||||
|
||||
update_object_value 'web' 'DOMAIN' "$domain" "$vard" "0"
|
||||
}
|
||||
|
||||
get_web_counter() {
|
||||
user=$1
|
||||
domain=$2
|
||||
USER_DATA=$VESTA/data/users/$user
|
||||
|
||||
varc=$3
|
||||
vard="\$${varc}"
|
||||
counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard")
|
||||
|
||||
if [ -z "$counter" ]; then
|
||||
counter=0
|
||||
fi
|
||||
|
||||
echo $counter
|
||||
}
|
||||
|
||||
# Simple chmod wrapper that skips symlink files after glob expand
|
||||
# Taken from HestiaCP
|
||||
no_symlink_chmod() {
|
||||
local filemode=$1; shift;
|
||||
|
||||
for i in "$@"; do
|
||||
[[ -L ${i} ]] && continue
|
||||
|
||||
chmod "${filemode}" "${i}"
|
||||
done
|
||||
}
|
||||
|
||||
# $1 = subject
|
||||
# $2 = body
|
||||
send_email_to_admin() {
|
||||
email=$(grep CONTACT /usr/local/vesta/data/users/admin/user.conf)
|
||||
email=$(echo "$email" | cut -f 2 -d "'")
|
||||
if [ -z "$email" ]; then
|
||||
if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
|
||||
email=$NOTIFY_ADMIN_FULL_BACKUP
|
||||
fi
|
||||
fi
|
||||
if [ -z "$email" ]; then
|
||||
return;
|
||||
fi
|
||||
echo "$2" | $SENDMAIL -s "$1" "$email" 'yes'
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ rebuild_user_conf() {
|
|||
mkdir -p $HOMEDIR/$user/conf
|
||||
chmod a+x $HOMEDIR/$user
|
||||
chmod a+x $HOMEDIR/$user/conf
|
||||
chown --no-dereference $user:$user $HOMEDIR/$user
|
||||
chown $user:$user $HOMEDIR/$user
|
||||
chown root:root $HOMEDIR/$user/conf
|
||||
|
||||
# Update disk pipe
|
||||
|
|
@ -80,7 +80,7 @@ rebuild_user_conf() {
|
|||
chmod 751 $HOMEDIR/$user/conf/web
|
||||
chmod 751 $HOMEDIR/$user/web
|
||||
chmod 771 $HOMEDIR/$user/tmp
|
||||
chown --no-dereference $user:$user $HOMEDIR/$user/web
|
||||
chown $user:$user $HOMEDIR/$user/web
|
||||
if [ -z "$create_user" ]; then
|
||||
$BIN/v-rebuild-web-domains $user $restart
|
||||
fi
|
||||
|
|
@ -152,7 +152,7 @@ rebuild_web_domain_conf() {
|
|||
prepare_web_domain_values
|
||||
|
||||
# Rebuilding domain directories
|
||||
sudo -u $user mkdir -p $HOMEDIR/$user/web/$domain \
|
||||
mkdir -p $HOMEDIR/$user/web/$domain \
|
||||
$HOMEDIR/$user/web/$domain/public_html \
|
||||
$HOMEDIR/$user/web/$domain/public_shtml \
|
||||
$HOMEDIR/$user/web/$domain/document_errors \
|
||||
|
|
@ -178,15 +178,14 @@ rebuild_web_domain_conf() {
|
|||
|
||||
# Propagating html skeleton
|
||||
if [ ! -e "$WEBTPL/skel/document_errors/" ]; then
|
||||
sudo -u $user cp -r $WEBTPL/skel/document_errors/ \
|
||||
$HOMEDIR/$user/web/$domain/
|
||||
cp -r $WEBTPL/skel/document_errors/ $HOMEDIR/$user/web/$domain/
|
||||
fi
|
||||
|
||||
# Set folder permissions
|
||||
no_symlink_chmod 551 $HOMEDIR/$user/web/$domain \
|
||||
chmod 551 $HOMEDIR/$user/web/$domain \
|
||||
$HOMEDIR/$user/web/$domain/stats \
|
||||
$HOMEDIR/$user/web/$domain/logs
|
||||
no_symlink_chmod 751 $HOMEDIR/$user/web/$domain/private \
|
||||
chmod 751 $HOMEDIR/$user/web/$domain/private \
|
||||
$HOMEDIR/$user/web/$domain/cgi-bin \
|
||||
$HOMEDIR/$user/web/$domain/public_html \
|
||||
$HOMEDIR/$user/web/$domain/public_shtml \
|
||||
|
|
@ -194,7 +193,7 @@ rebuild_web_domain_conf() {
|
|||
chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
|
||||
|
||||
# Set ownership
|
||||
chown --no-dereference $user:$user $HOMEDIR/$user/web/$domain \
|
||||
chown $user:$user $HOMEDIR/$user/web/$domain \
|
||||
$HOMEDIR/$user/web/$domain/private \
|
||||
$HOMEDIR/$user/web/$domain/cgi-bin \
|
||||
$HOMEDIR/$user/web/$domain/public_html \
|
||||
|
|
@ -601,7 +600,7 @@ rebuild_pgsql_database() {
|
|||
exit $E_CONNECT
|
||||
fi
|
||||
|
||||
query="CREATE ROLE $DBUSER WITH LOGIN"
|
||||
query="CREATE ROLE $DBUSER"
|
||||
psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1
|
||||
|
||||
query="UPDATE pg_authid SET rolpassword='$MD5' WHERE rolname='$DBUSER'"
|
||||
|
|
@ -618,7 +617,7 @@ rebuild_pgsql_database() {
|
|||
query="GRANT ALL PRIVILEGES ON DATABASE $DB TO $DBUSER"
|
||||
psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1
|
||||
|
||||
query="GRANT CONNECT ON DATABASE template1 to $DBUSER"
|
||||
query="GRANT CONNECT ON DATABASE template1 to $dbuser"
|
||||
psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
location /phpmyadmin {
|
||||
alias /usr/share/phpmyadmin;
|
||||
alias /usr/share/phpmyadmin/;
|
||||
|
||||
location ~ /(libraries|setup) {
|
||||
return 404;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
location /phppgadmin {
|
||||
alias /usr/share/phppgadmin;
|
||||
alias /usr/share/phppgadmin/;
|
||||
|
||||
location ~ ^/phppgadmin/(.*\.php)$ {
|
||||
alias /usr/share/phppgadmin/$1;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
location /webmail {
|
||||
alias /var/lib/roundcube;
|
||||
alias /var/lib/roundcube/;
|
||||
|
||||
location ~ /(config|temp|logs) {
|
||||
return 404;
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ Alias /phpmyadmin /usr/share/phpmyadmin
|
|||
php_admin_flag allow_url_fopen Off
|
||||
php_value include_path .
|
||||
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
|
||||
php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp
|
||||
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
|
||||
</IfModule>
|
||||
|
||||
|
|
|
|||
|
|
@ -137,13 +137,6 @@ if (!empty($dbname)) {
|
|||
$cfg['UploadDir'] = '';
|
||||
$cfg['SaveDir'] = '';
|
||||
|
||||
/*
|
||||
* Temp dir for faster beahivour
|
||||
*
|
||||
*/
|
||||
$cfg['TempDir'] = '/tmp';
|
||||
|
||||
|
||||
/* Support additional configurations */
|
||||
foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -15,9 +15,8 @@
|
|||
AllowOverride All
|
||||
SSLRequireSSL
|
||||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
|
||||
</Directory>
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
|
||||
</Directory>
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
</Directory>
|
||||
<Directory %home%/%user%/web/%domain%/stats>
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
</Directory>
|
||||
<Directory %home%/%user%/web/%domain%/stats>
|
||||
|
|
|
|||
|
|
@ -22,9 +22,8 @@
|
|||
php_admin_flag mysql.allow_persistent off
|
||||
php_admin_flag safe_mode off
|
||||
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
</Directory>
|
||||
<Directory %home%/%user%/web/%domain%/stats>
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@
|
|||
<Directory %docroot%>
|
||||
AllowOverride All
|
||||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value upload_max_filesize 10M
|
||||
php_admin_value max_execution_time 20
|
||||
php_admin_value post_max_size 8M
|
||||
|
|
@ -23,7 +24,6 @@
|
|||
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
</Directory>
|
||||
<Directory %home%/%user%/web/%domain%/stats>
|
||||
|
|
|
|||
|
|
@ -15,9 +15,8 @@
|
|||
SSLRequireSSL
|
||||
AllowOverride All
|
||||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
Action phpcgi-script /cgi-bin/php
|
||||
<Files *.php>
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
Action phpcgi-script /cgi-bin/php
|
||||
<Files *.php>
|
||||
|
|
|
|||
|
|
@ -15,9 +15,8 @@
|
|||
SSLRequireSSL
|
||||
AllowOverride All
|
||||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
<Files *.php>
|
||||
SetHandler fcgid-script
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
<Files *.php>
|
||||
SetHandler fcgid-script
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ server {
|
|||
location ~ /\.hg/ {return 404;}
|
||||
location ~ /\.bzr/ {return 404;}
|
||||
|
||||
disable_symlinks if_not_owner from=%sdocroot%;
|
||||
disable_symlinks if_not_owner from=%docroot%;
|
||||
|
||||
include %home%/%user%/conf/web/snginx.%domain%.conf*;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,14 +3,14 @@ server {
|
|||
server_name %domain_idn% %alias_idn%;
|
||||
ssl_certificate %ssl_pem%;
|
||||
ssl_certificate_key %ssl_key%;
|
||||
error_log /var/log/%web_system%/domains/%domain%.error.log error;
|
||||
error_log /var/log/httpd/domains/%domain%.error.log error;
|
||||
|
||||
location / {
|
||||
proxy_pass https://%ip%:%web_ssl_port%;
|
||||
location ~* ^.+\.(%proxy_extentions%)$ {
|
||||
root %sdocroot%;
|
||||
access_log /var/log/%web_system%/domains/%domain%.log combined;
|
||||
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
|
||||
access_log /var/log/httpd/domains/%domain%.log combined;
|
||||
access_log /var/log/httpd/domains/%domain%.bytes bytes;
|
||||
expires max;
|
||||
try_files $uri @fallback;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,14 +1,14 @@
|
|||
server {
|
||||
listen %ip%:%proxy_port%;
|
||||
server_name %domain_idn% %alias_idn%;
|
||||
error_log /var/log/%web_system%/domains/%domain%.error.log error;
|
||||
error_log /var/log/httpd/domains/%domain%.error.log error;
|
||||
|
||||
location / {
|
||||
proxy_pass http://%ip%:%web_port%;
|
||||
location ~* ^.+\.(%proxy_extentions%)$ {
|
||||
root %docroot%;
|
||||
access_log /var/log/%web_system%/domains/%domain%.log combined;
|
||||
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
|
||||
access_log /var/log/httpd/domains/%domain%.log combined;
|
||||
access_log /var/log/httpd/domains/%domain%.bytes bytes;
|
||||
expires max;
|
||||
try_files $uri @fallback;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ server {
|
|||
server_name %domain_idn% %alias_idn%;
|
||||
ssl_certificate %ssl_pem%;
|
||||
ssl_certificate_key %ssl_key%;
|
||||
root %sdocroot%;
|
||||
root %docroot%;
|
||||
index index.php index.html index.htm;
|
||||
access_log /var/log/nginx/domains/%domain%.log combined;
|
||||
access_log /var/log/nginx/domains/%domain%.bytes bytes;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
server {
|
||||
listen %ip%:%web_ssl_port%;
|
||||
server_name %domain_idn% %alias_idn%;
|
||||
root %sdocroot%;
|
||||
root %docroot%;
|
||||
index index.php index.html index.htm;
|
||||
access_log /var/log/nginx/domains/%domain%.log combined;
|
||||
access_log /var/log/nginx/domains/%domain%.bytes bytes;
|
||||
|
|
|
|||
|
|
@ -11,7 +11,6 @@ pm.max_requests = 4000
|
|||
pm.process_idle_timeout = 10s
|
||||
pm.status_path = /status
|
||||
|
||||
php_admin_value[sys_temp_dir] = /home/%user%/tmp
|
||||
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
|
||||
php_admin_value[session.save_path] = /home/%user%/tmp
|
||||
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ pm.max_requests = 4000
|
|||
pm.process_idle_timeout = 10s
|
||||
pm.status_path = /status
|
||||
|
||||
php_admin_value[sys_temp_dir] = /home/%user%/tmp
|
||||
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
|
||||
php_admin_value[session.save_path] = /home/%user%/tmp
|
||||
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@
|
|||
<body>
|
||||
<h1>%domain%</h1>
|
||||
<div>
|
||||
<a href="https://vestacp.com/">Server control panel by VESTA</a>
|
||||
<a href="http://vestacp.com/">Powered by VESTA</a>
|
||||
</div>
|
||||
</body>
|
||||
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@
|
|||
<body>
|
||||
<h1>%domain%</h1>
|
||||
<div>
|
||||
<a href="https://vestacp.com/">Server control panel by VESTA</a>
|
||||
<a href="http://vestacp.com/">Powered by VESTA</a>
|
||||
</div>
|
||||
</body>
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
location /phpmyadmin {
|
||||
alias /usr/share/phpmyadmin;
|
||||
alias /usr/share/phpmyadmin/;
|
||||
|
||||
location ~ /(libraries|setup) {
|
||||
return 404;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
location /phppgadmin {
|
||||
alias /usr/share/phppgadmin;
|
||||
alias /usr/share/phppgadmin/;
|
||||
|
||||
location ~ ^/phppgadmin/(.*\.php)$ {
|
||||
alias /usr/share/phppgadmin/$1;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
location /webmail {
|
||||
alias /var/lib/roundcube;
|
||||
alias /var/lib/roundcube/;
|
||||
|
||||
location ~ /(config|temp|logs) {
|
||||
return 404;
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ Alias /phpmyadmin /usr/share/phpmyadmin
|
|||
php_admin_flag allow_url_fopen Off
|
||||
php_value include_path .
|
||||
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
|
||||
php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp
|
||||
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
|
||||
</IfModule>
|
||||
|
||||
|
|
|
|||
|
|
@ -137,13 +137,6 @@ if (!empty($dbname)) {
|
|||
$cfg['UploadDir'] = '';
|
||||
$cfg['SaveDir'] = '';
|
||||
|
||||
/*
|
||||
* Temp dir for faster beahivour
|
||||
*
|
||||
*/
|
||||
$cfg['TempDir'] = '/tmp';
|
||||
|
||||
|
||||
/* Support additional configurations */
|
||||
foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -15,9 +15,8 @@
|
|||
AllowOverride All
|
||||
SSLRequireSSL
|
||||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
|
||||
</Directory>
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
|
||||
</Directory>
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
</Directory>
|
||||
<Directory %home%/%user%/web/%domain%/stats>
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
</Directory>
|
||||
<Directory %home%/%user%/web/%domain%/stats>
|
||||
|
|
|
|||
|
|
@ -22,9 +22,8 @@
|
|||
php_admin_flag mysql.allow_persistent off
|
||||
php_admin_flag safe_mode off
|
||||
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
</Directory>
|
||||
<Directory %home%/%user%/web/%domain%/stats>
|
||||
|
|
|
|||
|
|
@ -23,7 +23,6 @@
|
|||
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
</Directory>
|
||||
<Directory %home%/%user%/web/%domain%/stats>
|
||||
|
|
|
|||
|
|
@ -15,9 +15,8 @@
|
|||
SSLRequireSSL
|
||||
AllowOverride All
|
||||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
Action phpcgi-script /cgi-bin/php
|
||||
<Files *.php>
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
Action phpcgi-script /cgi-bin/php
|
||||
<Files *.php>
|
||||
|
|
|
|||
|
|
@ -15,9 +15,8 @@
|
|||
SSLRequireSSL
|
||||
AllowOverride All
|
||||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
<Files *.php>
|
||||
SetHandler fcgid-script
|
||||
|
|
|
|||
|
|
@ -16,7 +16,6 @@
|
|||
Options +Includes -Indexes +ExecCGI
|
||||
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
|
||||
php_admin_value upload_tmp_dir %home%/%user%/tmp
|
||||
php_admin_value sys_temp_dir %home%/%user%/tmp
|
||||
php_admin_value session.save_path %home%/%user%/tmp
|
||||
<Files *.php>
|
||||
SetHandler fcgid-script
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ server {
|
|||
location ~ /\.hg/ {return 404;}
|
||||
location ~ /\.bzr/ {return 404;}
|
||||
|
||||
disable_symlinks if_not_owner from=%sdocroot%;
|
||||
disable_symlinks if_not_owner from=%docroot%;
|
||||
|
||||
include %home%/%user%/conf/web/snginx.%domain%.conf*;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,14 +3,14 @@ server {
|
|||
server_name %domain_idn% %alias_idn%;
|
||||
ssl_certificate %ssl_pem%;
|
||||
ssl_certificate_key %ssl_key%;
|
||||
error_log /var/log/%web_system%/domains/%domain%.error.log error;
|
||||
error_log /var/log/httpd/domains/%domain%.error.log error;
|
||||
|
||||
location / {
|
||||
proxy_pass https://%ip%:%web_ssl_port%;
|
||||
location ~* ^.+\.(%proxy_extentions%)$ {
|
||||
root %sdocroot%;
|
||||
access_log /var/log/%web_system%/domains/%domain%.log combined;
|
||||
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
|
||||
access_log /var/log/httpd/domains/%domain%.log combined;
|
||||
access_log /var/log/httpd/domains/%domain%.bytes bytes;
|
||||
expires max;
|
||||
try_files $uri @fallback;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,14 +1,14 @@
|
|||
server {
|
||||
listen %ip%:%proxy_port%;
|
||||
server_name %domain_idn% %alias_idn%;
|
||||
error_log /var/log/%web_system%/domains/%domain%.error.log error;
|
||||
error_log /var/log/httpd/domains/%domain%.error.log error;
|
||||
|
||||
location / {
|
||||
proxy_pass http://%ip%:%web_port%;
|
||||
location ~* ^.+\.(%proxy_extentions%)$ {
|
||||
root %docroot%;
|
||||
access_log /var/log/%web_system%/domains/%domain%.log combined;
|
||||
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
|
||||
access_log /var/log/httpd/domains/%domain%.log combined;
|
||||
access_log /var/log/httpd/domains/%domain%.bytes bytes;
|
||||
expires max;
|
||||
try_files $uri @fallback;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ server {
|
|||
server_name %domain_idn% %alias_idn%;
|
||||
ssl_certificate %ssl_pem%;
|
||||
ssl_certificate_key %ssl_key%;
|
||||
root %sdocroot%;
|
||||
root %docroot%;
|
||||
index index.php index.html index.htm;
|
||||
access_log /var/log/nginx/domains/%domain%.log combined;
|
||||
access_log /var/log/nginx/domains/%domain%.bytes bytes;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
server {
|
||||
listen %ip%:%web_ssl_port%;
|
||||
server_name %domain_idn% %alias_idn%;
|
||||
root %sdocroot%;
|
||||
root %docroot%;
|
||||
index index.php index.html index.htm;
|
||||
access_log /var/log/nginx/domains/%domain%.log combined;
|
||||
access_log /var/log/nginx/domains/%domain%.bytes bytes;
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Add table
Add a link
Reference in a new issue