github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-21 05:44:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: github:master
Branches Tags
github:master
github:vesta-2.0
github:feature/r-1.0.0.7
github:fix/edit-server
github:feature/reset-mail
github:release/1.0.0-6-api
github:release/1.0.0-6-ui
github:feature/responsive-design
github:feature/disk-percentage-values
github:feature/static-media
github:feature/api-enhancements
github:feature/improved-panel-and-fm
github:Skamasle-patch-10
github:feature/improved-le-and-csr
github:feature/restart-system
github:feature/improved-web-and-server
github:feature/improved-react-ui
github:feature/updated-api-responses
github:feature/react-ui-and-api
github:feature/new-api-interface
github:feature/new-react-ui
github:release/react-integration
github:react-integration
github:Skamasle-patch-9
github:Skamasle-patch-8
github:react-fm
github:dpeca-patch-2
github:Skamasle-patch-7
github:Skamasle-patch-6
github:Skamasle-patch-5
github:Skamasle-patch-4
github:Skamasle-patch-3
github:madeITBelgium-patch-5
github:madeITBelgium-patch-4
github:Skamasle-patch-2
github:dpeca-patch-exim-3
github:dpeca-patch-exim-2
github:dpeca-patch-exim-1
github:Skamasle-patch-1
github:madeITBelgium-patch-1462
github:dpeca-patch-1
github:revert-1323-permissions
github:madeITBelgium-patch-3
github:madeITBelgium-patch-1
github:madeITBelgium-patch-2
github:revert-1065-patch-12
github:madeITBelgium-patch-fix-xxd
github:SysVoid-patch-1
github:revert-516-fix-sec-osci
github:js-stuff
github:0.9.8-9
github:0.9.7
github:0.9.6
github:0.9.5
github:0.9.4
github:1.0.0-5
github:1.0.0-4
github:1.0.0-3
github:0.9.8-27
github:0.9.8-25
github:0.9.8-24
github:0.9.8-23
github:0.9.8-21
github:0.9.8-20
github:0.9.8-19
github:0.9.8-18
github:0.9.8-17
github:0.9.8-16
github:0.9.8-15
github:0.9.8-13
github:0.9.8-12
github:0.9.8-11
github:0.9.8-10
..
compare: github:0.9.8-25
Branches Tags
github:master
github:vesta-2.0
github:feature/r-1.0.0.7
github:fix/edit-server
github:feature/reset-mail
github:release/1.0.0-6-api
github:release/1.0.0-6-ui
github:feature/responsive-design
github:feature/disk-percentage-values
github:feature/static-media
github:feature/api-enhancements
github:feature/improved-panel-and-fm
github:Skamasle-patch-10
github:feature/improved-le-and-csr
github:feature/restart-system
github:feature/improved-web-and-server
github:feature/improved-react-ui
github:feature/updated-api-responses
github:feature/react-ui-and-api
github:feature/new-api-interface
github:feature/new-react-ui
github:release/react-integration
github:react-integration
github:Skamasle-patch-9
github:Skamasle-patch-8
github:react-fm
github:dpeca-patch-2
github:Skamasle-patch-7
github:Skamasle-patch-6
github:Skamasle-patch-5
github:Skamasle-patch-4
github:Skamasle-patch-3
github:madeITBelgium-patch-5
github:madeITBelgium-patch-4
github:Skamasle-patch-2
github:dpeca-patch-exim-3
github:dpeca-patch-exim-2
github:dpeca-patch-exim-1
github:Skamasle-patch-1
github:madeITBelgium-patch-1462
github:dpeca-patch-1
github:revert-1323-permissions
github:madeITBelgium-patch-3
github:madeITBelgium-patch-1
github:madeITBelgium-patch-2
github:revert-1065-patch-12
github:madeITBelgium-patch-fix-xxd
github:SysVoid-patch-1
github:revert-516-fix-sec-osci
github:js-stuff
github:0.9.8-9
github:0.9.7
github:0.9.6
github:0.9.5
github:0.9.4
github:1.0.0-5
github:1.0.0-4
github:1.0.0-3
github:0.9.8-27
github:0.9.8-25
github:0.9.8-24
github:0.9.8-23
github:0.9.8-21
github:0.9.8-20
github:0.9.8-19
github:0.9.8-18
github:0.9.8-17
github:0.9.8-16
github:0.9.8-15
github:0.9.8-13
github:0.9.8-12
github:0.9.8-11
github:0.9.8-10

No commits in common. "master" and "0.9.8-25" have entirely different histories.
master ... 0.9.8-25

1182 changed files with 10138 additions and 63658 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -4,6 +4,3 @@
*.gz
.vscode
.DS_Store
src/react/node_modules
src/react/build
/.idea

8
README.md
View file

@ -1,8 +1,6 @@
[Vesta Control Panel](http://vestacp.com/)
==================================================
Vesta is back under active development as of 25 February 2024. We are commited to open source, and will engage with the community to identify the new roadmap for Vesta. Stay tuned!
[![Join the chat at https://gitter.im/vesta-cp/Lobby](https://badges.gitter.im/vesta-cp/Lobby.svg)](https://gitter.im/vesta-cp/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
* Vesta is an open source hosting control panel.
@ -18,7 +16,7 @@ ssh root@your.server
Download the installation script, and run it:
```bash
curl https://vestacp.com/pub/vst-install.sh | bash
curl http://vestacp.com/pub/vst-install.sh | bash
```
How to install (3 step)
@ -31,7 +29,7 @@ ssh root@your.server
Download the installation script:
```bash
curl -O https://vestacp.com/pub/vst-install.sh
curl -O http://vestacp.com/pub/vst-install.sh
```
Then run it:
```bash
@ -40,5 +38,5 @@ bash vst-install.sh
License
----------------------------
Vesta is licensed under [GPL v3 ](https://github.com/outroll/vesta/blob/master/LICENSE) license
Vesta is licensed under [GPL v3 ](https://github.com/serghey-rodin/vesta/blob/master/LICENSE) license

5
SECURITY.md
View file

@ -1,5 +0,0 @@
# Security Policy
## Reporting a Vulnerability
Please report security issues to dev@vestacp.com

4
bin/v-activate-vesta-license
View file

@ -27,7 +27,7 @@ source $VESTA/conf/vesta.conf
# Checking arg number
check_args '2' "$#" 'MODULE LICENSE'
is_user_format_valid "$license" "license"
#----------------------------------------------------------#
# Action #
@ -35,7 +35,7 @@ is_user_format_valid "$license" "license"
# Activating license
v_host='https://vestacp.com/checkout'
answer=$(curl -s "$v_host/activate.php?licence_key=$license&module=$module")
answer=$(curl -s $v_host/activate.php?licence_key=$license&module=$module)
check_result $? "cant' connect to vestacp.com " $E_CONNECT
# Checking server answer

2
bin/v-add-dns-on-web-alias
View file

@ -55,7 +55,7 @@ if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
fi
# Adding top-level domain and then its sub
$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' $restart >> /dev/null
# Checking top-level domain
if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then

2
bin/v-add-firewall-chain
View file

@ -22,7 +22,7 @@ protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
iptables="/sbin/iptables"
# Get vesta port by reading nginx.conf
vestaport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
vestaport=$(grep 'listen' /usr/local/vesta/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
if [ -z "$vestaport" ]; then
vestaport=8083
fi

190
bin/v-add-letsencrypt-domain
View file

@ -53,10 +53,7 @@ query_le_v2() {
post_data=$post_data'"payload":"'"$payload_"'",'
post_data=$post_data'"signature":"'"$signature_"'"}'
# Save http response to file passed as "$4" arg or print to stdout if not provided
# http response headers are always sent to stdout
local save_to_file=${4:-"/dev/stdout"}
curl --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
curl -s -i -d "$post_data" "$1" -H "$content"
}
@ -73,16 +70,11 @@ is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
get_domain_values 'web'
echo "-----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : v-add-letsencrypt-domain $domain [$aliases]" >> /usr/local/vesta/log/letsencrypt.log
# check if alias is the letsencrypt wildcard domain, if not, make the normal checks
if [[ "$aliases" != "*.$domain" ]]; then
for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
if [ -z "$check_alias" ]; then
echo "[$(date)] : EXIT=domain alias $alias doesn't exist" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_NOTEXIST "domain alias $alias doesn't exist"
fi
done
@ -93,14 +85,11 @@ fi;
#----------------------------------------------------------#
# Registering LetsEncrypt user account
echo "[$(date)] : v-add-letsencrypt-user $user" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-add-letsencrypt-user $user
echo "[$(date)] : result: $?" >> /usr/local/vesta/log/letsencrypt.log
if [ "$?" -ne 0 ]; then
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
send_notice "LETSENCRYPT" "Account registration failed"
echo "[$(date)] : EXIT=LE account registration" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "LE account registration" >/dev/null
fi
@ -109,11 +98,9 @@ source $USER_DATA/ssl/le.conf
# Checking wildcard alias
if [ "$aliases" = "*.$domain" ]; then
echo "[$(date)] : Checking wildcard alias" >> /usr/local/vesta/log/letsencrypt.log
wildcard='yes'
proto="dns-01"
if [ ! -e "$VESTA/data/users/$user/dns/$domain.conf" ]; then
echo "[$(date)] : EXIT=DNS domain $domain doesn't exist" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_NOTEXIST "DNS domain $domain doesn't exist"
fi
else
@ -121,21 +108,14 @@ else
fi
# Requesting nonce / STEP 1
echo "[$(date)] : --- Requesting nonce / STEP 1 ---" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : curl -s -I \"$API/directory\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(curl -s -I "$API/directory")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt nonce request status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt nonce request status $status"
fi
# Placing new order / STEP 2
echo "[$(date)] : --- Placing new order / STEP 2 ---" >> /usr/local/vesta/log/letsencrypt.log
url="$API/acme/new-order"
payload='{"identifiers":['
for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
@ -144,116 +124,68 @@ for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
done
payload=$(echo "$payload"|sed "s/,$//")
payload=$payload']}'
echo "[$(date)] : payload=$payload" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$url" "$payload" "$nonce")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
echo "[$(date)] : authz=$authz" >> /usr/local/vesta/log/letsencrypt.log
finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
echo "[$(date)] : finalize=$finalize" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
if [[ "$status" -ne 201 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt new auth status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt new auth status $status"
fi
# Requesting authorization token / STEP 3
echo "[$(date)] : --- Requesting authorization token / STEP 3 ---" >> /usr/local/vesta/log/letsencrypt.log
for auth in $authz; do
payload=''
echo "[$(date)] : for auth=$auth" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : query_le_v2 \"$auth\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$auth" "$payload" "$nonce")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
url=$(echo "$answer" |grep -A3 $proto |grep '"url"' |cut -f 4 -d \")
echo "[$(date)] : url=$url" >> /usr/local/vesta/log/letsencrypt.log
url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \")
token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \")
echo "[$(date)] : token=$token" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt acme/authz bad status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status"
fi
# Configuring challenge / STEP 4
echo "[$(date)] : --- Configuring challenge / STEP 4 ---" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : wildcard=$wildcard" >> /usr/local/vesta/log/letsencrypt.log
# Accepting challenge / STEP 4
if [ "$wildcard" = 'yes' ]; then
record=$(printf "%s" "$token.$THUMB" |\
openssl dgst -sha256 -binary |encode_base64)
old_records=$($BIN/v-list-dns-records $user $domain plain|grep 'TXT')
old_records=$(echo "$old_records" |grep _acme-challenge |cut -f 1)
for old_record in $old_records; do
$BIN/v-delete-dns-record "$user" "$domain" "$old_record"
$BIN/v-delete-dns-record $user $domain $old_record
done
$BIN/v-add-dns-record "$user" "$domain" "_acme-challenge" "TXT" "$record"
exitstatus=$?
echo "[$(date)] : v-add-dns-record \"$user\" \"$domain\" \"_acme-challenge\" \"TXT\" \"$record\"" >> /usr/local/vesta/log/letsencrypt.log
if [ "$exitstatus" -ne 0 ]; then
echo "[$(date)] : EXIT=DNS _acme-challenge record wasn't created" >> /usr/local/vesta/log/letsencrypt.log
fi
check_result $exitstatus "DNS _acme-challenge record wasn't created"
$BIN/v-add-dns-record $user $domain "_acme-challenge" "TXT" $record
check_result $? "DNS _acme-challenge record wasn't created"
else
if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then
# if vesta is behind main nginx
well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
acme_challenge="$well_known/acme-challenge"
mkdir -p $acme_challenge
echo "$token.$THUMB" > $acme_challenge/$token
echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log
chown -R $user:$user $well_known
else
# default nginx method
conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
# if [ ! -e "$conf" ]; then
echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
> $conf
echo ' default_type text/plain;' >> $conf
echo ' return 200 "$1.'$THUMB'";' >> $conf
echo '}' >> $conf
# fi
echo "[$(date)] : in $conf we put: $THUMB" >> /usr/local/vesta/log/letsencrypt.log
if [ ! -e "$sconf" ]; then
ln -s "$conf" "$sconf"
fi
echo "[$(date)] : v-restart-proxy" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-restart-proxy
if [ -z "$PROXY_SYSTEM" ]; then
# apache-less variant
echo "[$(date)] : v-restart-web" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-restart-web
fi
exitstatus=$?
if [ "$exitstatus" -ne 0 ]; then
echo "[$(date)] : EXIT=Proxy restart failed = $exitstatus" >> /usr/local/vesta/log/letsencrypt.log
fi
check_result $exitstatus "Proxy restart failed" >/dev/null
conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
if [ ! -e "$conf" ]; then
echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
> $conf
echo ' default_type text/plain;' >> $conf
echo ' return 200 "$1.'$THUMB'";' >> $conf
echo '}' >> $conf
fi
if [ ! -e "$sconf" ]; then
ln -s "$conf" "$sconf"
fi
$BIN/v-restart-proxy
check_result $? "Proxy restart failed" >/dev/null
else
well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
acme_challenge="$well_known/acme-challenge"
mkdir -p $acme_challenge
echo "$token.$THUMB" > $acme_challenge/$token
chown -R $user:$user $well_known
echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log
# $BIN/v-restart-web
# check_result $? "Web restart failed" >/dev/null
fi
$BIN/v-restart-web
check_result $? "Web restart failed" >/dev/null
fi
# Requesting ACME validation / STEP 5
echo "[$(date)] : --- Requesting ACME validation / STEP 5 ---" >> /usr/local/vesta/log/letsencrypt.log
validation_check=$(echo "$answer" |grep '"valid"')
echo "[$(date)] : validation_check=$validation_check" >> /usr/local/vesta/log/letsencrypt.log
if [[ ! -z "$validation_check" ]]; then
validation='valid'
else
@ -263,33 +195,22 @@ for auth in $authz; do
# Doing pol check on status
i=1
while [ "$validation" = 'pending' ]; do
echo "[$(date)] : - Doing pol check on status" >> /usr/local/vesta/log/letsencrypt.log
payload='{}'
echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$url" "$payload" "$nonce")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \")
echo "[$(date)] : validation=$validation" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt validation status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt validation status $status"
fi
i=$((i + 1))
if [ "$i" -gt 10 ]; then
echo "[$(date)] : EXIT=Let's Encrypt domain validation timeout" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt domain validation timeout"
fi
sleeping=$((i*2))
echo "[$(date)] : sleep $sleeping (i=$i)" >> /usr/local/vesta/log/letsencrypt.log
sleep $sleeping
sleep 1
done
if [ "$validation" = 'invalid' ]; then
echo "[$(date)] : EXIT=Let's Encrypt domain verification failed" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt domain verification failed"
fi
done
@ -300,69 +221,37 @@ ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\
"San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}')
# Sending CSR to finalize order / STEP 6
echo "[$(date)] : --- Sending CSR to finalize order / STEP 6 ---" >> /usr/local/vesta/log/letsencrypt.log
csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64)
payload='{"csr":"'$csr'"}'
echo "[$(date)] : query_le_v2 \"$finalize\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$finalize" "$payload" "$nonce")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"')
echo "[$(date)] : certificate=$certificate" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt finalize bad status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
fi
# Downloading signed certificate / STEP 7
echo "[$(date)] : --- Downloading signed certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : query_le_v2 \"$certificate\" \"\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$certificate" "" "$nonce" "$ssl_dir/$domain.pem")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
[ -d "$ssl_dir" ] && rm -rf "$ssl_dir"
echo "[$(date)] : EXIT=Let's Encrypt downloading signed cert failed status: $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_NOTEXIST "Let's Encrypt downloading signed cert failed status: $status"
fi
curl -s "$certificate" -o $ssl_dir/$domain.pem
# Splitting up downloaded pem
# echo "[$(date)] : - Splitting up downloaded pem" >> /usr/local/vesta/log/letsencrypt.log
crt_end=$(grep -n 'END CERTIFICATE' $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:)
# echo "[$(date)] : crt_end=$crt_end" >> /usr/local/vesta/log/letsencrypt.log
crt_end=$(grep -n END $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:)
head -n $crt_end $ssl_dir/$domain.pem > $ssl_dir/$domain.crt
pem_lines=$(wc -l $ssl_dir/$domain.pem |cut -f 1 -d ' ')
# echo "[$(date)] : pem_lines=$pem_lines" >> /usr/local/vesta/log/letsencrypt.log
ca_end=$(grep -n 'BEGIN CERTIFICATE' $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log
ca_end=$(grep -n "BEGIN" $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
ca_end=$(( pem_lines - crt_end + 1 ))
# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log
tail -n $ca_end $ssl_dir/$domain.pem > $ssl_dir/$domain.ca
# Temporary fix for double "END CERTIFICATE"
if [[ $(head -n 1 $ssl_dir/$domain.ca) = "-----END CERTIFICATE-----" ]]; then
sed -i '1,2d' $ssl_dir/$domain.ca
fi
# Adding SSL
ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME')
$BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1
echo "[$(date)] : v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home
exitstatus=$?
echo "[$(date)] : v-add-web-domain-ssl status: $exitstatus" >> /usr/local/vesta/log/letsencrypt.log
if [ "$exitstatus" -ne '0' ]; then
if [ "$?" -ne '0' ]; then
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
echo "[$(date)] : EXIT=$domain certificate installation failed" >> /usr/local/vesta/log/letsencrypt.log
send_notice 'LETSENCRYPT' "$domain certificate installation failed"
check_result $exitstatus "SSL install" >/dev/null
check_result $? "SSL install" >/dev/null
fi
# Adding LE autorenew cronjob
@ -379,7 +268,6 @@ if [ -z "$LETSENCRYPT" ]; then
fi
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
reset_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT'
#----------------------------------------------------------#
# Vesta #
@ -391,7 +279,7 @@ sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
# Notifying user
send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully"
echo "[$(date)] : EXIT=***** $domain SSL has been installed successfully *****" >> /usr/local/vesta/log/letsencrypt.log
# Logging
log_event "$OK" "$ARGUMENTS"

6
bin/v-add-letsencrypt-user
View file

@ -103,16 +103,16 @@ fi
# Requesting ACME nonce
nonce=$(curl -s -I "$API/directory" |grep -i nonce |cut -f2 -d\ |tr -d '\r\n')
nonce=$(curl -s -I "$API/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n')
# Creating ACME account
url="$API/acme/new-acct"
payload='{"termsOfServiceAgreed": true}'
answer=$(query_le_v2 "$url" "$payload" "$nonce")
kid=$(echo "$answer" |grep -i location: |cut -f2 -d ' '|tr -d '\r')
kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r')
# Checking answer status
status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
if [[ "${status:0:2}" -ne "20" ]]; then
check_result $E_CONNECT "Let's Encrypt acc registration failed $status"
fi

8
bin/v-add-web-domain
View file

@ -48,8 +48,6 @@ is_object_unsuspended 'user' 'USER' "$user"
is_package_full 'WEB_DOMAINS' 'WEB_ALIASES'
is_domain_new 'web' "$domain,$aliases"
is_dir_symlink $HOMEDIR/$user/web
if_dir_exists $HOMEDIR/$user/web/$domain
is_dir_symlink $HOMEDIR/$user/web/$domain
if [ ! -z "$ip" ]; then
is_ip_valid "$ip" "$user"
else
@ -91,9 +89,9 @@ done
chown -R $user:$user $HOMEDIR/$user/web/$domain
chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* $conf
chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
sudo -u $user chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/*
sudo -u $user chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs
sudo -u $user chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.*
chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/*
chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs
chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.*
# Addding PHP-FPM backend
if [ ! -z "$WEB_BACKEND" ]; then

2
bin/v-add-web-domain-backend
View file

@ -46,7 +46,7 @@ fi
# Allocating backend port
backend_port=9000
ports=$(grep listen $pool/* 2>/dev/null |grep -o :[0-9].*)
ports=$(grep -v '^;' $pool/* 2>/dev/null |grep listen |grep -o :[0-9].*)
ports=$(echo "$ports" |sed "s/://" |sort -n)
for port in $ports; do
if [ "$backend_port" -eq "$port" ]; then

2
bin/v-add-web-domain-ftp
View file

@ -84,7 +84,7 @@ fi
/usr/sbin/useradd $ftp_user \
-s $shell \
-o -u $(id -u $user) \
-g $(id -g $user) \
-g $(id -u $user) \
-M -d "$ftp_path_a" > /dev/null 2>&1
# Set ftp user password

2
bin/v-add-web-domain-ssl
View file

@ -143,8 +143,6 @@ if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
fi
fi
UPDATE_SSL_SCRIPT=''
source $VESTA/conf/vesta.conf
if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then
eval "$UPDATE_SSL_SCRIPT $user $domain"
fi

5
bin/v-backup-user
View file

@ -479,8 +479,7 @@ if [ "$USER" != '*' ]; then
exclusion=$(echo "$USER" |tr ',' '\n' |grep "^$udir$")
if [ -z "$exclusion" ]; then
((i ++))
udir_str=$(echo "$udir" |sed -e "s|'|\\\'|g")
udir_list="$udir_list $udir_str"
udir_list="$udir_list $udir"
echo -e "$(date "+%F %T") adding $udir" |tee -a $BACKUP/$user.log
# Backup files and dirs
@ -595,7 +594,7 @@ ftp_backup() {
fi
# Debug info
echo -e "$(date "+%F %T") Remote: ftp://$HOST/$BPATH/$user.$backup_new_date.tar"
echo -e "$(date "+%F %T") Remote: ftp://$HOST$BPATH/$user.$backup_new_date.tar"
# Checking ftp connection
fconn=$(ftpc)

5
bin/v-change-mail-account-password
View file

@ -52,11 +52,8 @@ salt=$(generate_password "$PW_MATRIX" "8")
md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
quota=$(grep $account $VESTA/data/users/${user}/mail/${domain}.conf)
quota=$(echo $quota | awk '{ print $7 }' | sed -e "s/'//g" )
quota=$(echo $quota | cut -d "=" -f 2 | sed -e "s/unlimited/0/g")
sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
str="$account:$md5:$user:mail::$HOMEDIR/$user:${quota}M"
str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
fi

1
bin/v-change-sys-config-value
View file

@ -28,7 +28,6 @@ PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin"
check_args '2' "$#" 'KEY VALUE'
is_format_valid 'key'
format_no_quotes "$value" 'value'
#----------------------------------------------------------#
# Action #

1
bin/v-change-sys-service-config
View file

@ -63,7 +63,6 @@ case $service in
spamd) dst=$($BIN/v-list-sys-spamd-config plain);;
spamassassin) dst=$($BIN/v-list-sys-spamd-config plain);;
clamd) dst=$($BIN/v-list-sys-clamd-config plain);;
clamd.scan) dst=$($BIN/v-list-sys-clamd-config plain);;
cron) dst='/etc/crontab';;
crond) dst='/etc/crontab';;
fail2ban) dst='/etc/fail2ban/jail.local';;

35
bin/v-change-user-package
View file

@ -16,12 +16,16 @@ force=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
is_package_avalable() {
source $USER_DATA/user.conf
usr_data=$(cat $USER_DATA/user.conf)
IFS=$'\n'
for key in $usr_data; do
eval ${key%%=*}=${key#*=}
done
WEB_DOMAINS='0'
DATABASES='0'
MAIL_DOMAINS='0'
@ -29,13 +33,9 @@ is_package_avalable() {
DISK_QUOTA='0'
BANDWIDTH='0'
pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE")
IFS=$'\n'
for str in $pkg_data; do
key=$(echo $str |cut -f 1 -d =)
value=$(echo $str |cut -f 2 -d \')
eval $key="$value"
done
pkg_data=$(cat $VESTA/data/packages/$package.pkg |grep -v TIME |\
grep -v DATE)
eval $pkg_data
# Checking usage agains package limits
if [ "$WEB_DOMAINS" != 'unlimited' ]; then
@ -73,22 +73,11 @@ is_package_avalable() {
check_result $E_LIMIT "Package doesn't cover BANDWIDTH usage"
fi
fi
# Checking templates
is_web_template_valid $WEB_TEMPLATE
is_dns_template_valid $DNS_TEMPLATE
is_proxy_template_valid $PROXY_TEMPLATE
}
change_user_package() {
source $USER_DATA/user.conf
pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE")
IFS=$'\n'
for str in $pkg_data; do
key=$(echo $str |cut -f 1 -d =)
value=$(echo $str |cut -f 2 -d \')
eval $key="$value"
done
eval $(cat $USER_DATA/user.conf)
eval $(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE")
echo "FNAME='$FNAME'
LNAME='$LNAME'
PACKAGE='$package'
@ -167,7 +156,7 @@ fi
change_user_package
# Update user shell
shell_conf=$(echo "$pkg_data" |grep 'SHELL' |cut -f 2 -d \')
shell_conf=$(echo "$pkg_data" | grep 'SHELL' | cut -f 2 -d \')
shell=$(grep -w "$shell_conf" /etc/shells |head -n1)
/usr/bin/chsh -s "$shell" "$user" &>/dev/null

7
bin/v-change-user-password
View file

@ -13,10 +13,6 @@
user=$1
password=$2; HIDE=2
# Importing system enviroment as we run this script
# mostly by cron wich not read it by itself
source /etc/profile
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
@ -26,9 +22,6 @@ source $VESTA/conf/vesta.conf
# Verifications #
#----------------------------------------------------------#
if [ "$user" = "root" ]; then
check_result $E_FORBIDEN "Changing root password is forbiden"
fi
check_args '2' "$#" 'USER PASSWORD'
is_format_valid 'user'
is_object_valid 'user' 'USER' "$user"

60
bin/v-change-vesta-port
View file

@ -1,60 +0,0 @@
#!/bin/bash
# info: change vesta port
# options: port
#
# Function will change vesta port
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
port=$1
if [ -z "$VESTA" ]; then
VESTA="/usr/local/vesta"
fi
# Get current vesta port by reading nginx.conf
oldport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
if [ -z "$oldport" ]; then
oldport=8083
fi
# Includes
source $VESTA/func/main.sh
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
# Checking permissions
if [ "$(id -u)" != '0' ]; then
check_result $E_FORBIDEN "You must be root to execute this script"
fi
check_args '1' "$#" 'PORT'
is_int_format_valid "$port" 'port number'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
sed -i "s|$oldport;|$port;|g" $VESTA/nginx/conf/nginx.conf
if [ -f "/etc/roundcube/plugins/password/config.inc.php" ]; then
sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php
fi
sed -i "s|'$oldport'|'$port'|g" $VESTA/data/firewall/rules.conf
$VESTA/bin/v-update-firewall
systemctl restart fail2ban.service
sed -i "s| $oldport | $port |g" /etc/iptables.rules
systemctl restart vesta
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit 0;

2
bin/v-change-web-domain-backend-tpl
View file

@ -52,7 +52,7 @@ rm -f $pool/$backend_type.conf
# Allocating backend port
backend_port=9000
ports=$(grep listen $pool/* 2>/dev/null |grep -o :[0-9].*)
ports=$(grep -v '^;' $pool/* 2>/dev/null |grep listen |grep -o :[0-9].*)
ports=$(echo "$ports" |sed "s/://" |sort -n)
for port in $ports; do
if [ "$backend_port" -eq "$port" ]; then

2
bin/v-deactivate-vesta-license
View file

@ -35,7 +35,7 @@ check_args '2' "$#" 'MODULE LICENSE'
# Activating license
v_host='https://vestacp.com/checkout'
answer=$(curl -s "$v_host/cancel.php?licence_key=$license&module=$module")
answer=$(curl -s $v_host/cancel.php?licence_key=$license)
check_result $? "cant' connect to vestacp.com " $E_CONNECT
# Checking server answer

8
bin/v-delete-web-domain-ssl
View file

@ -57,13 +57,7 @@ fi
# Deleting old certificate
tmpdir=$(mktemp -p $HOMEDIR/$user/web/$domain/private -d)
# remove certificate files - do not use wildcard, as this might remove other domains
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.ca
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.crt
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.key
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.pem
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.*
mv $USER_DATA/ssl/$domain.* $tmpdir
chown -R $user:$user $tmpdir

2
bin/v-extract-fs-archive
View file

@ -82,7 +82,7 @@ fi
# Extracting ziped archive
if [ ! -z "$(echo $src_file |grep -i '.zip')" ]; then
sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1
sudo -u $user unzip -o "$src_file" -d "$dst_dir" >/dev/null 2>&1
sudo -u $user unzip "$src_file" -d "$dst_dir" >/dev/null 2>&1
rc=$?
fi

2
bin/v-generate-ssl-cert
View file

@ -67,7 +67,7 @@ fi
args_usage='DOMAIN EMAIL COUNTRY STATE CITY ORG UNIT [ALIASES] [FORMAT]'
check_args '7' "$#" "$args_usage"
is_format_valid 'domain' 'alias' 'format'
is_format_valid 'domain_alias' 'format'
#----------------------------------------------------------#

2
bin/v-insert-dns-domain
View file

@ -50,7 +50,7 @@ if [ "$flush" = 'records' ]; then
fi
# Flush domain
if [ "$flush" != 'no' ]; then
if [ "$flush" ! = 'no' ]; then
sed -i "/DOMAIN='$DOMAIN'/d" $USER_DATA/dns.conf 2> /dev/null
fi

2
bin/v-list-user-backups
View file

@ -22,7 +22,7 @@ json_list() {
i=1
objects=$(grep BACKUP $USER_DATA/backup.conf |wc -l)
echo "{"
while read -r str; do
while read str; do
eval $str
echo -n ' "'$BACKUP'": {
"TYPE": "'$TYPE'",

8
bin/v-list-user-package
View file

@ -22,7 +22,6 @@ json_list() {
echo '{'
echo ' "'$PACKAGE'": {
"WEB_TEMPLATE": "'$WEB_TEMPLATE'",
"BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'",
"PROXY_TEMPLATE": "'$PROXY_TEMPLATE'",
"DNS_TEMPLATE": "'$DNS_TEMPLATE'",
"WEB_DOMAINS": "'$WEB_DOMAINS'",
@ -48,7 +47,6 @@ json_list() {
shell_list() {
echo "PACKAGE: $PACKAGE"
echo "WEB TEMPLATE: $WEB_TEMPLATE"
echo "BACKEND_TEMPLATE: $BACKEND_TEMPLATE"
echo "PROXY TEMPLATE: $PROXY_TEMPLATE"
echo "DNS TEMPLATE: $DNS_TEMPLATE"
echo "WEB DOMAINS: $WEB_DOMAINS"
@ -70,7 +68,7 @@ shell_list() {
# PLAIN list function
plain_list() {
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t"
echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t"
echo -e "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$SHELL\t$BACKUPS\t$TIME\t$DATE"
@ -78,11 +76,11 @@ plain_list() {
# CSV list function
csv_list() {
echo -n "PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
echo -n "PACKAGE,WEB_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
echo -n "WEB_DOMAINS,WEB_ALIASES,DNS_DOMAINS,DNS_RECORDS,"
echo -n "MAIL_DOMAINS,MAIL_ACCOUNTS,DATABASES,CRON_JOBS,"
echo "DISK_QUOTA,BANDWIDTH,NS,SHELL,BACKUPS,TIME,DATE"
echo -n "$PACKAGE,$WEB_TEMPLATE,$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
echo -n "$PACKAGE,$WEB_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
echo -n "$WEB_DOMAINS,$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS,"
echo -n "$MAIL_DOMAINS,$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS,"
echo "$DISK_QUOTA,$BANDWIDTH,\"$NS\",$SHELL,$BACKUPS,$TIME,$DATE"

9
bin/v-list-user-packages
View file

@ -27,7 +27,6 @@ json_list() {
source $VESTA/data/packages/$package
echo -n ' "'$PACKAGE'": {
"WEB_TEMPLATE": "'$WEB_TEMPLATE'",
"BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'",
"PROXY_TEMPLATE": "'$PROXY_TEMPLATE'",
"DNS_TEMPLATE": "'$DNS_TEMPLATE'",
"WEB_DOMAINS": "'$WEB_DOMAINS'",
@ -66,7 +65,7 @@ shell_list() {
package_data=$(cat $VESTA/data/packages/$package)
package_data=$(echo "$package_data" |sed -e 's/unlimited/unlim/g')
eval $package_data
echo -n "$PACKAGE $WEB_TEMPLATE $BACKEND_TEMPLATE $WEB_DOMAINS $DNS_DOMAINS "
echo -n "$PACKAGE $WEB_TEMPLATE $WEB_DOMAINS $DNS_DOMAINS "
echo "$MAIL_DOMAINS $DATABASES $SHELL $DISK_QUOTA $BANDWIDTH"
done
}
@ -76,7 +75,7 @@ plain_list() {
for package in $packages; do
source $VESTA/data/packages/$package
PACKAGE=${package/.pkg/}
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t"
echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t"
echo -e "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$SHELL\t$BACKUPS\t$TIME\t$DATE"
@ -85,13 +84,13 @@ plain_list() {
# CSV list function
csv_list() {
echo -n "PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
echo -n "PACKAGE,WEB_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
echo -n "WEB_DOMAINS,WEB_ALIASES,DNS_DOMAINS,DNS_RECORDS,"
echo -n "MAIL_DOMAINS,MAIL_ACCOUNTS,DATABASES,CRON_JOBS,"
echo "DISK_QUOTA,BANDWIDTH,NS,SHELL,BACKUPS,TIME,DATE"
for package in $packages; do
PACKAGE=${package/.pkg/}
echo -n "$PACKAGE,$WEB_TEMPLATE,$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
echo -n "$PACKAGE,$WEB_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
echo -n "$WEB_DOMAINS,$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS,"
echo -n "$MAIL_DOMAINS,$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS,"
echo "$DISK_QUOTA,$BANDWIDTH,\"$NS\",$SHELL,$BACKUPS,$TIME,$DATE"

2
bin/v-list-web-domain-ssl
View file

@ -112,7 +112,7 @@ if [ -e "$USER_DATA/ssl/$domain.crt" ]; then
crt=$(cat $USER_DATA/ssl/$domain.crt |sed ':a;N;$!ba;s/\n/\\n/g')
info=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
subj=$(echo "$info" |grep Subject: |cut -f 2 -d =|cut -f 2 -d \")
subj=$(echo "$info" |grep Subject: |cut -f 2 -d =)
before=$(echo "$info" |grep Before: |sed -e "s/.*Before: //")
after=$(echo "$info" |grep "After :" |sed -e "s/.*After : //")
signature=$(echo "$info" |grep "Algorithm:" |head -n1 )

8
bin/v-restart-proxy
View file

@ -50,13 +50,7 @@ if [ -z "$PROXY_SYSTEM" ] || [ "$PROXY_SYSTEM" = 'remote' ]; then
fi
# Restart system
if [ ! -f "/etc/debian_version" ]; then
service $PROXY_SYSTEM restart >/dev/null 2>&1
else
systemctl reset-failed $PROXY_SYSTEM
systemctl restart $PROXY_SYSTEM > /dev/null 2>&1
fi
service $PROXY_SYSTEM restart >/dev/null 2>&1
if [ $? -ne 0 ]; then
send_email_report
check_result $E_RESTART "$PROXY_SYSTEM restart failed"

11
bin/v-restore-user
View file

@ -56,7 +56,6 @@ ftpc() {
quote USER $USERNAME
quote PASS $PASSWORD
binary
lcd $BACKUP
$1
$2
$3
@ -290,7 +289,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
if [ -z "$web" ] || [ "$web" = '*' ]; then
domains="$backup_domains"
else
echo "$web" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
echo "$web" |tr ',' '\n' > $tmpdir/selected.txt
domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
fi
@ -410,7 +409,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
chown $user $tmpdir
chmod u+w $HOMEDIR/$user/web/$domain
sudo -u $user tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \
-C $HOMEDIR/$user/web/$domain/ --exclude=./logs/* \
-C $HOMEDIR/$user/web/$domain/ --exclude=logs/* \
2> $HOMEDIR/$user/web/$domain/restore_errors.log
if [ -e "$HOMEDIR/$user/web/$domain/restore_errors.log" ]; then
chown $user:$user $HOMEDIR/$user/web/$domain/restore_errors.log
@ -459,7 +458,7 @@ if [ "$dns" != 'no' ] && [ ! -z "$DNS_SYSTEM" ]; then
if [ -z "$dns" ] || [ "$dns" = '*' ]; then
domains="$backup_domains"
else
echo "$dns" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
echo "$dns" |tr ',' '\n' > $tmpdir/selected.txt
domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
fi
@ -539,7 +538,7 @@ if [ "$mail" != 'no' ] && [ ! -z "$MAIL_SYSTEM" ]; then
if [ -z "$mail" ] || [ "$mail" = '*' ]; then
domains="$backup_domains"
else
echo "$mail" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
echo "$mail" |tr ',' '\n' > $tmpdir/selected.txt
domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
fi
@ -636,7 +635,7 @@ if [ "$db" != 'no' ] && [ ! -z "$DB_SYSTEM" ]; then
if [ -z "$db" ] || [ "$db" = '*' ]; then
databases="$backup_databases"
else
echo "$db" |tr ',' '\n' | sed -e "s/$/$/" > $tmpdir/selected.txt
echo "$db" |tr ',' '\n' > $tmpdir/selected.txt
databases=$(echo "$backup_databases" |egrep -f $tmpdir/selected.txt)
fi

14
bin/v-schedule-user-restore
View file

@ -23,19 +23,6 @@ udir=$8
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Check backup ownership function
is_backup_available() {
passed=false
if [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then
passed=true
elif [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then
passed=true
fi
if [ $passed = false ]; then
check_result $E_FORBIDEN "permission denied"
fi
}
#----------------------------------------------------------#
# Verifications #
@ -47,7 +34,6 @@ is_system_enabled "$BACKUP_SYSTEM" 'BACKUP_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_backup_enabled
is_backup_scheduled 'restore'
is_backup_available "$user" "$backup"
#----------------------------------------------------------#

23
bin/v-search-object
View file

@ -84,22 +84,6 @@ OLD_IFS=$IFS
IFS=$'\n'
# User loop
search_user=$(ls -1 $VESTA/data/users |grep $object)
for user in $search_user; do
if [ -e "$VESTA/data/users/$user/user.conf" ]; then
source $VESTA/data/users/$user/user.conf
((i ++))
type=$(echo $type|cut -f1 -d \.)
str="ID='$i' USER='$user' TYPE='user' KEY='$user'"
str="$str RESULT='$user' ALIAS=''"
str="$str LINK='$user' PARENT=''"
str="$str SUSPENDED='$SUSPENDED' TIME='$TIME'"
str="$str DATE='$DATE'"
echo $str >> $conf
fi
done
# User data loop
for user in $(ls $VESTA/data/users/); do
# Search query
search=$(grep "$object" \
@ -170,13 +154,12 @@ for user in $(ls $VESTA/data/users/); do
# DNS Records
if [ "$type" = 'dns' ]; then
if [ -n "$(echo $RECORD $VALUE |grep $object)" ]; then
dom="$(echo $row|cut -f 1 -d :|cut -f 9 -d /|sed 's/.conf//')"
if [ -n "$(echo $RECORD |grep $object)" ]; then
key="RECORD"
result="$RECORD.$dom"
result="$RECORD.$DOMAIN"
suspended=$SUSPENDED
object_link=$ID
object_parent=$dom
object_parent=$DOMAIN
object_time=$TIME
object_date=$DATE
((i ++))

34
bin/v-update-letsencrypt-ssl
View file

@ -23,34 +23,12 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
lecounter=0
hostname=$(hostname)
echo "[$(date)] : -----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt_cron.log
# Checking user certificates
for user in $($BIN/v-list-users plain |cut -f 1); do
USER_DATA=$VESTA/data/users/$user
for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
limit_check=1
fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
if [[ "$hostname" = "$domain" ]]; then
if [[ "$fail_counter" -eq 7 ]]; then
limit_check=0
fi
if [[ "$fail_counter" -eq 8 ]]; then
fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
send_email_to_admin "LetsEncrypt renewing hostname $hostname" "Warning: hostname $domain failed for LetsEncrypt renewing"
fi
fi
if [[ "$fail_counter" -ge 7 ]] && [[ "$limit_check" -eq 1 ]]; then
# echo "$domain failed $fail_counter times for LetsEncrypt renewing, skipping"
echo "[$(date)] : $domain failed $fail_counter times for LetsEncrypt renewing, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log
continue;
fi
crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
not_after=$(echo "$crt_data" |grep "Not After" |cut -f 2,3,4 -d :)
expiration=$(date -d "$not_after" +%s)
@ -59,7 +37,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
days_valid=$((seconds_valid / 86400))
if [[ "$days_valid" -lt 31 ]]; then
if [ $lecounter -gt 0 ]; then
sleep 120
sleep 10
fi
((lecounter++))
aliases=$(echo "$crt_data" |grep DNS:)
@ -69,15 +47,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
if [ $? -ne 0 ]; then
if [[ $msg == *"is suspended" ]]; then
echo "[$(date)] : SUSPENDED: $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log
else
echo "[$(date)] : $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log
echo "$domain $msg"
fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
echo "[$(date)] : fail_counter = $fail_counter" >> /usr/local/vesta/log/letsencrypt_cron.log
echo "fail_counter = $fail_counter"
fi
echo "$domain $msg"
fi
fi
done

8
bin/v-update-sys-rrd-mem
View file

@ -61,13 +61,13 @@ fi
# Parsing data
if [ "$period" = 'daily' ]; then
mem=$(free -m)
used=$(echo "$mem" |awk '(NR == 2)' |awk '{print $3}')
used=$(echo "$mem" |grep Mem |awk '{print $3}')
if [ -z "$(echo "$mem" | grep available)" ]; then
free=$(echo "$mem" |grep buff/cache |awk '{print $4}')
free=$(echo "$mem" |grep buffers/cache |awk '{print $4}')
else
free=$(echo "$mem" |awk '(NR == 2)' |awk '{print $7}')
free=$(echo "$mem" |grep Mem |awk '{print $7}')
fi
swap=$(echo "$mem" |awk '(NR == 3)' |awk '{print $3}')
swap=$(echo "$mem" |grep Swap |awk '{print $3}')
# Updating rrd
rrdtool update $RRD/mem/mem.rrd N:$used:$swap:$free

20
bin/v-update-sys-vesta
View file

@ -28,26 +28,6 @@ source $VESTA/conf/vesta.conf
# Checking arg number
check_args '1' "$#" 'PACKAGE'
valid=0
if [ "$package" = "vesta" ]; then
valid=1
fi
if [ "$package" = "vesta-nginx" ]; then
valid=1
fi
if [ "$package" = "vesta-php" ]; then
valid=1
fi
if [ "$package" = "vesta-ioncube" ]; then
valid=1
fi
if [ "$package" = "vesta-softaculous" ]; then
valid=1
fi
if [ $valid -eq 0 ]; then
echo "Package $package is not valid"
exit 1
fi
#----------------------------------------------------------#
# Action #

2
func/db.sh
View file

@ -322,7 +322,7 @@ delete_pgsql_database() {
psql_connect $HOST
query="REVOKE ALL PRIVILEGES ON DATABASE $database FROM $DBUSER"
psql_query "$query" > /dev/null
psql_qyery "$query" > /dev/null
query="DROP DATABASE $database"
psql_query "$query" > /dev/null

18
func/domain.sh
View file

@ -412,24 +412,6 @@ update_domain_zone() {
VALUE=$(idn --quiet -a -t "$VALUE")
fi
# Split long TXT entries into 255 chunks
if [ "$TYPE" = 'TXT' ]; then
txtlength=${#VALUE}
if [ $txtlength -gt 255 ]; then
already_chunked=0
if [[ $VALUE == *"\" \""* ]] || [[ $VALUE == *"\"\""* ]]; then
already_chunked=1
fi
if [ $already_chunked -eq 0 ]; then
if [[ ${VALUE:0:1} = '"' ]]; then
txtlength=$(( $txtlength - 2 ))
VALUE=${VALUE:1:txtlength}
fi
VALUE=$(echo $VALUE | fold -w 255 | xargs -I '$' echo -n '"$"')
fi
fi
fi
if [ "$SUSPENDED" != 'yes' ]; then
eval echo -e "\"$fields\""|sed "s/%quote%/'/g" >> $zn_conf
fi

111
func/main.sh
View file

@ -296,20 +296,6 @@ is_dir_symlink() {
fi
}
# Check if file exists
if_file_exists() {
if [[ -f "$1" ]]; then
check_result $E_FORBIDEN "$1 file exists"
fi
}
# Check if directory exists
if_dir_exists() {
if [[ -d "$1" ]]; then
check_result $E_FORBIDEN "$1 directory exists"
fi
}
# Get object value
get_object_value() {
object=$(grep "$2='$3'" $USER_DATA/$1.conf)
@ -831,23 +817,6 @@ is_format_valid_shell() {
exit $E_INVALID
fi
}
format_no_quotes() {
exclude="['|\"]"
if [[ "$1" =~ $exclude ]]; then
check_result "$E_INVALID" "Invalid $2 contains qoutes (\" or ') :: $1"
fi
is_no_new_line_format "$1"
}
is_no_new_line_format() {
test=$(echo "$1" | head -n1 );
if [[ "$test" != "$1" ]]; then
check_result "$E_INVALID" "invalid value :: $1"
fi
}
# Format validation controller
is_format_valid() {
for arg_name in $*; do
@ -856,7 +825,6 @@ is_format_valid() {
case $arg_name in
account) is_user_format_valid "$arg" "$arg_name";;
action) is_fw_action_format_valid "$arg";;
alias) is_alias_format_valid "$arg" ;;
aliases) is_alias_format_valid "$arg" ;;
antispam) is_boolean_format_valid "$arg" 'antispam' ;;
antivirus) is_boolean_format_valid "$arg" 'antivirus' ;;
@ -882,7 +850,6 @@ is_format_valid() {
host) is_object_format_valid "$arg" "$arg_name" ;;
hour) is_cron_format_valid "$arg" $arg_name ;;
id) is_int_format_valid "$arg" 'id' ;;
interface) is_interface_format_valid "$arg" ;;
ip) is_ip_format_valid "$arg" ;;
ip_name) is_domain_format_valid "$arg" 'IP name';;
ip_status) is_ip_status_format_valid "$arg" ;;
@ -972,81 +939,3 @@ format_aliases() {
aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//")
fi
}
alter_web_counter() {
user=$1
domain=$2
USER_DATA=$VESTA/data/users/$user
varc=$3
vard="\$${varc}"
counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard")
if [ -z "$counter" ]; then
add_object_key "web" 'DOMAIN' "$domain" "$varc" "TIME"
counter=0
fi
((counter++))
backup_counter=$counter
update_object_value 'web' 'DOMAIN' "$domain" "$vard" "$counter"
counter=$backup_counter
echo $counter
}
reset_web_counter() {
user=$1
domain=$2
USER_DATA=$VESTA/data/users/$user
varc=$3
vard="\$${varc}"
update_object_value 'web' 'DOMAIN' "$domain" "$vard" "0"
}
get_web_counter() {
user=$1
domain=$2
USER_DATA=$VESTA/data/users/$user
varc=$3
vard="\$${varc}"
counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard")
if [ -z "$counter" ]; then
counter=0
fi
echo $counter
}
# Simple chmod wrapper that skips symlink files after glob expand
# Taken from HestiaCP
no_symlink_chmod() {
local filemode=$1; shift;
for i in "$@"; do
[[ -L ${i} ]] && continue
chmod "${filemode}" "${i}"
done
}
# $1 = subject
# $2 = body
send_email_to_admin() {
email=$(grep CONTACT /usr/local/vesta/data/users/admin/user.conf)
email=$(echo "$email" | cut -f 2 -d "'")
if [ -z "$email" ]; then
if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
email=$NOTIFY_ADMIN_FULL_BACKUP
fi
fi
if [ -z "$email" ]; then
return;
fi
echo "$2" | $SENDMAIL -s "$1" "$email" 'yes'
}

10
func/rebuild.sh
View file

@ -51,7 +51,7 @@ rebuild_user_conf() {
mkdir -p $HOMEDIR/$user/conf
chmod a+x $HOMEDIR/$user
chmod a+x $HOMEDIR/$user/conf
chown --no-dereference $user:$user $HOMEDIR/$user
chown $user:$user $HOMEDIR/$user
chown root:root $HOMEDIR/$user/conf
# Update disk pipe
@ -80,7 +80,7 @@ rebuild_user_conf() {
chmod 751 $HOMEDIR/$user/conf/web
chmod 751 $HOMEDIR/$user/web
chmod 771 $HOMEDIR/$user/tmp
chown --no-dereference $user:$user $HOMEDIR/$user/web
chown $user:$user $HOMEDIR/$user/web
if [ -z "$create_user" ]; then
$BIN/v-rebuild-web-domains $user $restart
fi
@ -183,10 +183,10 @@ rebuild_web_domain_conf() {
fi
# Set folder permissions
no_symlink_chmod 551 $HOMEDIR/$user/web/$domain \
chmod 551 $HOMEDIR/$user/web/$domain \
$HOMEDIR/$user/web/$domain/stats \
$HOMEDIR/$user/web/$domain/logs
no_symlink_chmod 751 $HOMEDIR/$user/web/$domain/private \
chmod 751 $HOMEDIR/$user/web/$domain/private \
$HOMEDIR/$user/web/$domain/cgi-bin \
$HOMEDIR/$user/web/$domain/public_html \
$HOMEDIR/$user/web/$domain/public_shtml \
@ -194,7 +194,7 @@ rebuild_web_domain_conf() {
chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
# Set ownership
chown --no-dereference $user:$user $HOMEDIR/$user/web/$domain \
chown $user:$user $HOMEDIR/$user/web/$domain \
$HOMEDIR/$user/web/$domain/private \
$HOMEDIR/$user/web/$domain/cgi-bin \
$HOMEDIR/$user/web/$domain/public_html \

2
install/debian/7/nginx/phpmyadmin.inc
View file

@ -1,5 +1,5 @@
location /phpmyadmin {
alias /usr/share/phpmyadmin;
alias /usr/share/phpmyadmin/;
location ~ /(libraries|setup) {
return 404;

2
install/debian/7/nginx/phppgadmin.inc
View file

@ -1,5 +1,5 @@
location /phppgadmin {
alias /usr/share/phppgadmin;
alias /usr/share/phppgadmin/;
location ~ ^/phppgadmin/(.*\.php)$ {
alias /usr/share/phppgadmin/$1;

2
install/debian/7/nginx/webmail.inc
View file

@ -1,5 +1,5 @@
location /webmail {
alias /var/lib/roundcube;
alias /var/lib/roundcube/;
location ~ /(config|temp|logs) {
return 404;

1
install/debian/7/pma/apache.conf
View file

@ -15,7 +15,6 @@ Alias /phpmyadmin /usr/share/phpmyadmin
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
</IfModule>

1
install/debian/7/templates/web/apache2/basedir.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/7/templates/web/apache2/basedir.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/7/templates/web/apache2/default.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/7/templates/web/apache2/default.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/7/templates/web/apache2/hosting.stpl
View file

@ -24,7 +24,6 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

2
install/debian/7/templates/web/apache2/hosting.tpl
View file

@ -14,6 +14,7 @@
<Directory %docroot%>
AllowOverride All
Options +Includes -Indexes +ExecCGI
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value upload_max_filesize 10M
php_admin_value max_execution_time 20
php_admin_value post_max_size 8M
@ -23,7 +24,6 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/7/templates/web/apache2/phpcgi.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/7/templates/web/apache2/phpcgi.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/7/templates/web/apache2/phpfcgid.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/7/templates/web/apache2/phpfcgid.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/7/templates/web/php5-fpm/default.tpl
View file

@ -11,7 +11,6 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

1
install/debian/7/templates/web/php5-fpm/socket.tpl
View file

@ -14,7 +14,6 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

2
install/debian/7/templates/web/skel/public_html/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
<a href="http://vestacp.com/">Powered by VESTA</a>
</div>
</body>

2
install/debian/7/templates/web/skel/public_shtml/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
<a href="http://vestacp.com/">Powered by VESTA</a>
</div>
</body>

2
install/debian/8/nginx/phpmyadmin.inc
View file

@ -1,5 +1,5 @@
location /phpmyadmin {
alias /usr/share/phpmyadmin;
alias /usr/share/phpmyadmin/;
location ~ /(libraries|setup) {
return 404;

2
install/debian/8/nginx/phppgadmin.inc
View file

@ -1,5 +1,5 @@
location /phppgadmin {
alias /usr/share/phppgadmin;
alias /usr/share/phppgadmin/;
location ~ ^/phppgadmin/(.*\.php)$ {
alias /usr/share/phppgadmin/$1;

2
install/debian/8/nginx/webmail.inc
View file

@ -1,5 +1,5 @@
location /webmail {
alias /var/lib/roundcube;
alias /var/lib/roundcube/;
location ~ /(config|temp|logs) {
return 404;

1
install/debian/8/pma/apache.conf
View file

@ -15,7 +15,6 @@ Alias /phpmyadmin /usr/share/phpmyadmin
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
</IfModule>

1
install/debian/8/templates/web/apache2/basedir.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/8/templates/web/apache2/basedir.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/8/templates/web/apache2/default.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/8/templates/web/apache2/default.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/8/templates/web/apache2/hosting.stpl
View file

@ -24,7 +24,6 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/8/templates/web/apache2/hosting.tpl
View file

@ -23,7 +23,6 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/8/templates/web/apache2/phpcgi.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/8/templates/web/apache2/phpcgi.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/8/templates/web/apache2/phpfcgid.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/8/templates/web/apache2/phpfcgid.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/8/templates/web/php5-fpm/default.tpl
View file

@ -11,7 +11,6 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

1
install/debian/8/templates/web/php5-fpm/socket.tpl
View file

@ -14,7 +14,6 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

2
install/debian/8/templates/web/skel/public_html/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
<a href="http://vestacp.com/">Powered by VESTA</a>
</div>
</body>

2
install/debian/8/templates/web/skel/public_shtml/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
<a href="http://vestacp.com/">Powered by VESTA</a>
</div>
</body>

4
install/debian/9/exim/exim4.conf.template
View file

@ -138,7 +138,7 @@ acl_check_rcpt:
acl_check_data:
.ifdef CLAMD
deny message = Message contains a virus ($malware_name) and has been rejected
malware = */defer_ok
malware = *
condition = ${if eq{$acl_m0}{yes}{yes}{no}}
.endif
@ -164,7 +164,7 @@ acl_check_data:
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}}
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept

10
install/debian/9/nginx/nginx.conf
View file

@ -75,9 +75,7 @@ http {
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/13;
set_real_ip_from 104.24.0.0/14;
#set_real_ip_from 104.16.0.0/12;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
@ -99,10 +97,10 @@ http {
# SSL PCI Compliance
ssl_session_cache shared:SSL:20m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
# Error pages

2
install/debian/9/nginx/phpmyadmin.inc
View file

@ -1,5 +1,5 @@
location /phpmyadmin {
alias /usr/share/phpmyadmin;
alias /usr/share/phpmyadmin/;
location ~ /(libraries|setup) {
return 404;

2
install/debian/9/nginx/phppgadmin.inc
View file

@ -1,5 +1,5 @@
location /phppgadmin {
alias /usr/share/phppgadmin;
alias /usr/share/phppgadmin/;
location ~ ^/phppgadmin/(.*\.php)$ {
alias /usr/share/phppgadmin/$1;

2
install/debian/9/nginx/webmail.inc
View file

@ -1,5 +1,5 @@
location /webmail {
alias /var/lib/roundcube;
alias /var/lib/roundcube/;
location ~ /(config|temp|logs) {
return 404;

1
install/debian/9/pma/apache.conf
View file

@ -15,7 +15,6 @@ Alias /phpmyadmin /usr/share/phpmyadmin
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
</IfModule>

1
install/debian/9/templates/web/apache2/basedir.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/9/templates/web/apache2/basedir.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/9/templates/web/apache2/default.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/9/templates/web/apache2/default.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/9/templates/web/apache2/hosting.stpl
View file

@ -24,7 +24,6 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/9/templates/web/apache2/hosting.tpl
View file

@ -23,7 +23,6 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/9/templates/web/apache2/phpcgi.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/9/templates/web/apache2/phpcgi.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/9/templates/web/apache2/phpfcgid.stpl
View file

@ -17,7 +17,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/9/templates/web/apache2/phpfcgid.tpl
View file

@ -16,7 +16,6 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

64
install/debian/9/templates/web/nginx/php-fpm/invoiceninja.stpl
View file

@ -1,64 +0,0 @@
server {
listen %ip%:%web_ssl_port%;
server_name %domain_idn% %alias_idn%;
root %sdocroot%/public;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
sendfile off;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/snginx.%domain%.conf*;
}

59
install/debian/9/templates/web/nginx/php-fpm/invoiceninja.tpl
View file

@ -1,59 +0,0 @@
server {
listen %ip%:%web_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%/public;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
sendfile off;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

48
install/debian/9/templates/web/nginx/php-fpm/mautic.stpl
View file

@ -1,48 +0,0 @@
server {
listen %ip%:%web_ssl_port%;
server_name %domain_idn% %alias_idn%;
root %sdocroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
location / {
try_files $uri /index.php?$query_string;
}
location ~ '\.php$' {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
include /etc/nginx/fastcgi_params;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/snginx.%domain%.conf*;
}

44
install/debian/9/templates/web/nginx/php-fpm/mautic.tpl
View file

@ -1,44 +0,0 @@
server {
listen %ip%:%web_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
location / {
try_files $uri /index.php?$query_string;
}
location ~ '\.php$' {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
include /etc/nginx/fastcgi_params;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

1
install/debian/9/templates/web/php-fpm/default.tpl
View file

@ -11,7 +11,6 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

1
install/debian/9/templates/web/php-fpm/socket.tpl
View file

@ -14,7 +14,6 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

2
install/debian/9/templates/web/skel/public_html/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
<a href="http://vestacp.com/">Powered by VESTA</a>
</div>
</body>

2
install/debian/9/templates/web/skel/public_shtml/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
<a href="http://vestacp.com/">Powered by VESTA</a>
</div>
</body>

Some files were not shown because too many files have changed in this diff Show more