tuend/DirectAdmin-1.62.4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ud

Browse Source
This commit is contained in:
tuend-work
2025-11-13 07:11:29 +07:00
parent 8f6c0541ad
commit f1bb645dd1
214 changed files with 34847 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
services/custombuild/custombuild.tar.gz
View File

Binary file not shown.

26324
services/custombuild/custombuild/custombuild/build Normal file
View File

File diff suppressed because it is too large Load Diff

13
services/custombuild/custombuild/custombuild/configure/ap2/cert_config.txt Normal file
View File

@@ -0,0 +1,13 @@
[ req ]
default_bits = 1024
distinguished_name = req_distinguished_name
prompt = no
[ req_distinguished_name ]
C = US
ST = Someprovince
L = Sometown
O = none
OU = none
CN = localhost
emailAddress = webmaster@localhost

1
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/directadmin-vhosts.conf Normal file
View File

@@ -0,0 +1 @@

8
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-alias.conf Normal file
View File

@@ -0,0 +1,8 @@
Alias /config "/var/www/html/redirect.php"
Alias /phpMyAdmin "/var/www/html/phpMyAdmin/"
Alias /phpmyadmin "/var/www/html/phpMyAdmin/"
Alias /pma "/var/www/html/phpMyAdmin/"
Alias /squirrelmail "/var/www/html/squirrelmail/"
Alias /roundcube "/var/www/html/roundcube/"
Alias /webmail "/var/www/html/roundcube/"
Alias /.well-known/acme-challenge "/var/www/html/.well-known/acme-challenge/"

93
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-autoindex.conf Normal file
View File

@@ -0,0 +1,93 @@
#
# Directives controlling the display of server-generated directory listings.
#
# Required modules: mod_authz_core, mod_authz_host,
# mod_autoindex, mod_alias
#
# To see the listing of a directory, the Options directive for the
# directory must include "Indexes", and the directory must not contain
# a file matching those listed in the DirectoryIndex directive.
#
#
# IndexOptions: Controls the appearance of server-generated directory
# listings.
#
IndexOptions HTMLTable VersionSort
# We include the /icons/ alias for FancyIndexed directory listings. If
# you do not use FancyIndexing, you may comment this out.
#
#Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Require all granted
</Directory>
#
# AddIcon* directives tell the server which icon to show for different
# files or filename extensions. These are only displayed for
# FancyIndexed directories.
#
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
#
# DefaultIcon is which icon to show for files which do not have an icon
# explicitly set.
#
DefaultIcon /icons/unknown.gif
#
# AddDescription allows you to place a short description after a file in
# server-generated indexes. These are only displayed for FancyIndexed
# directories.
# Format: AddDescription "description" filename
#
#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz
#
# ReadmeName is the name of the README file the server will look for by
# default, and append to directory listings.
#
# HeaderName is the name of a file which should be prepended to
# directory indexes.
ReadmeName README.html
HeaderName HEADER.html
#
# IndexIgnore is a set of filenames which directory indexing should ignore
# and not include in the listing. Shell-style wildcarding is permitted.
#
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

24
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-cloudflare.conf Normal file
View File

@@ -0,0 +1,24 @@
# Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 173.245.48.0/20
RemoteIPTrustedProxy 103.21.244.0/22
RemoteIPTrustedProxy 103.22.200.0/22
RemoteIPTrustedProxy 103.31.4.0/22
RemoteIPTrustedProxy 141.101.64.0/18
RemoteIPTrustedProxy 108.162.192.0/18
RemoteIPTrustedProxy 190.93.240.0/20
RemoteIPTrustedProxy 188.114.96.0/20
RemoteIPTrustedProxy 197.234.240.0/22
RemoteIPTrustedProxy 198.41.128.0/17
RemoteIPTrustedProxy 162.158.0.0/15
RemoteIPTrustedProxy 104.16.0.0/13
RemoteIPTrustedProxy 104.24.0.0/14
RemoteIPTrustedProxy 172.64.0.0/13
RemoteIPTrustedProxy 131.0.72.0/22
RemoteIPTrustedProxy 2400:cb00::/32
RemoteIPTrustedProxy 2606:4700::/32
RemoteIPTrustedProxy 2803:f800::/32
RemoteIPTrustedProxy 2405:b500::/32
RemoteIPTrustedProxy 2405:8100::/32
RemoteIPTrustedProxy 2a06:98c0::/29
RemoteIPTrustedProxy 2c0f:f248::/32

50
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-dav.conf Normal file
View File

@@ -0,0 +1,50 @@
#
# Distributed authoring and versioning (WebDAV)
#
# Required modules: mod_alias, mod_auth_digest, mod_authn_core, mod_authn_file,
# mod_authz_core, mod_authz_user, mod_dav, mod_dav_fs,
# mod_setenvif
# The following example gives DAV write access to a directory called
# "uploads" under the ServerRoot directory.
#
# The User/Group specified in httpd.conf needs to have write permissions
# on the directory where the DavLockDB is placed and on any directory where
# "Dav On" is specified.
#DavLockDB "/etc/httpd/var/DavLock"
#Alias /davuploads "/etc/httpd/uploads"
#<Directory "/etc/httpd/uploads">
# Dav On
#
# AuthType Digest
# AuthName DAV-upload
# You can use the htdigest program to create the password database:
# htdigest -c "/etc/httpd/user.passwd" DAV-upload admin
# AuthUserFile "/etc/httpd/user.passwd"
# AuthDigestProvider file
# Allow universal read-access, but writes are restricted
# to the admin user.
# <RequireAny>
# Require method GET POST OPTIONS
# Require user admin
# </RequireAny>
#</Directory>
#
# The following directives disable redirects on non-GET requests for
# a directory that does not include the trailing slash. This fixes a
# problem with several clients that do not appropriately handle
# redirects for folders with DAV methods.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[01234]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
BrowserMatch " Konqueror/4" redirect-carefully

116
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-default.conf Normal file
View File

@@ -0,0 +1,116 @@
#
# This configuration file reflects default settings for Apache HTTP Server.
#
# You may change these, but chances are that you may not need to.
#
#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 60
#
# ProxyTimeout: The number of seconds before proxy receives and sends time out.
#
ProxyTimeout 1800
#
# ProxyErrorOverride: Override error pages for proxied content.
#
ProxyErrorOverride off
#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On
#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100
#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 2
#
# UseCanonicalName: Determines how Apache constructs self-referencing
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client. When set "On", Apache will use the value of the
# ServerName directive.
#
UseCanonicalName Off
#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Major
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
ServerSignature Off
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
#
# Set a timeout for how long the client may take to send the request header
# and body.
# The default for the headers is header=20-40,MinRate=500, which means wait
# for the first byte of headers for 20 seconds. If some data arrives,
# increase the timeout corresponding to a data rate of 500 bytes/s, but not
# above 40 seconds.
# The default for the request body is body=20,MinRate=500, which is the same
# but has no upper limit for the timeout.
# To disable, set to header=0 body=0
#
<IfModule reqtimeout_module>
RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
</IfModule>
TraceEnable Off
<IfModule mod_headers.c>
RequestHeader unset Proxy early
</IfModule>
<IfModule Litespeed>
CacheRoot /home/lscache/
</IfModule>

28
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-deflate.conf Normal file
View File

@@ -0,0 +1,28 @@
#
# Required modules: mod_deflate
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.2/mod/mod_deflate.html>
# for further details before you try to setup deflate module.
#
<Location />
# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# Don't compress images and other uncompressible content
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|png|rar|zip|exe|flv|swf|mov|wma|mp3|mp4|avi|mp?g)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary
</Location>

20
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-directories-new.conf Normal file
View File

@@ -0,0 +1,20 @@
<Directory />
Options SymLinksIfOwnerMatch
AllowOverride None
Require all denied
</Directory>
<Directory /home>
AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,IncludesNOEXEC,Indexes,ExecCGI,MultiViews,SymLinksIfOwnerMatch,None
Options IncludesNoExec Includes SymLinksIfOwnerMatch ExecCGI
AllowMethods |HTTP_METHODS|
</Directory>
Include /etc/httpd/conf/extra/httpd-hostname.conf
<Directory /var/www/cgi-bin>
AllowOverride None
Options None
Require all granted
</Directory>

13
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-directories-old.conf Normal file
View File

@@ -0,0 +1,13 @@
<Directory />
AllowOverride All
Options All -MultiViews -Indexes +SymLinksIfOwnerMatch +IncludesNoExec +Includes
AllowMethods |HTTP_METHODS|
</Directory>
Include /etc/httpd/conf/extra/httpd-hostname.conf
<Directory /var/www/cgi-bin>
AllowOverride None
Options None
Require all granted
</Directory>

1
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-directoryindex.conf Normal file
View File

@@ -0,0 +1 @@
DirectoryIndex index.html index.htm index.shtml index.php index.phtml

20
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-fcgid.conf Normal file
View File

@@ -0,0 +1,20 @@
#
# mod_fcgid configuration file
#
<IfModule mod_fcgid.c>
FcgidIPCDir /var/run/fcgidsock
SharememPath /var/run/fcgid_shm
FcgidMinProcessesPerClass 0
FcgidMaxProcessesPerClass 8
FcgidMaxProcesses 300
FcgidProcessLifeTime 120
FcgidIdleScanInterval 30
FcgidIdleTimeout 60
FcgidBusyTimeout 3600
FcgidIOTimeout 2000
FcgidMaxRequestLen 1073741824
FcgidPassHeader Authorization
FcgidFixPathinfo 1
AddHandler fcgid-script .fcgi
</IfModule>

40
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-info.conf Normal file
View File

@@ -0,0 +1,40 @@
#
# Get information about the requests being processed by the server
# and the configuration of the server.
#
# Required modules: mod_authz_core, mod_authz_host,
# mod_info (for the server-info handler),
# mod_status (for the server-status handler)
#
# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Change the ".example.com" to match your domain to enable.
<Location /server-status>
SetHandler server-status
AuthType basic
AuthName "Apache status"
AuthUserFile /var/www/passwd-server-status
Require valid-user
</Location>
#
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
#
ExtendedStatus On
#
# Allow remote server configuration reports, with the URL of
# http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".example.com" to match your domain to enable.
#
<Location /server-info>
SetHandler server-info
AuthType basic
AuthName "Apache status"
AuthUserFile /var/www/passwd-server-status
Require valid-user
</Location>

141
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-languages.conf Normal file
View File

@@ -0,0 +1,141 @@
#
# Settings for hosting different languages.
#
# Required modules: mod_mime, mod_negotiation
# DefaultLanguage and AddLanguage allows you to specify the language of
# a document. You can then use content negotiation to give a browser a
# file in a language the user can understand.
#
# Specify a default language. This means that all data
# going out without a specific language tag (see below) will
# be marked with this one. You probably do NOT want to set
# this unless you are sure it is correct for all cases.
#
# * It is generally better to not mark a page as
# * being a certain language than marking it with the wrong
# * language!
#
# DefaultLanguage nl
#
# Note 1: The suffix does not have to be the same as the language
# keyword --- those with documents in Polish (whose net-standard
# language code is pl) may wish to use "AddLanguage pl .po" to
# avoid the ambiguity with the common suffix for perl scripts.
#
# Note 2: The example entries below illustrate that in some cases
# the two character 'Language' abbreviation is not identical to
# the two character 'Country' code for its country,
# E.g. 'Danmark/dk' versus 'Danish/da'.
#
# Note 3: In the case of 'ltz' we violate the RFC by using a three char
# specifier. There is 'work in progress' to fix this and get
# the reference data for rfc1766 cleaned up.
#
# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
# Norwegian (no) - Polish (pl) - Portugese (pt)
# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
# Turkish (tr) - Simplified Chinese (zh-CN) - Spanish (es)
# Traditional Chinese (zh-TW)
#
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage tr .tr
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
# LanguagePriority allows you to give precedence to some languages
# in case of a tie during content negotiation.
#
# Just list the languages in decreasing order of preference. We have
# more or less alphabetized them here. You probably want to change this.
#
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
#
# ForceLanguagePriority allows you to serve a result page rather than
# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
# [in case no accepted languages matched the available variants]
#
ForceLanguagePriority Prefer Fallback
#
# Commonly used filename extensions to character sets. You probably
# want to avoid clashes with the language extensions, unless you
# are good at carefully testing your setup after each change.
# See http://www.iana.org/assignments/character-sets for the
# official list of charset names and their respective RFCs.
#
AddCharset us-ascii.ascii .us-ascii
AddCharset ISO-8859-1 .iso8859-1 .latin1
AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
AddCharset ISO-8859-3 .iso8859-3 .latin3
AddCharset ISO-8859-4 .iso8859-4 .latin4
AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru
AddCharset ISO-8859-6 .iso8859-6 .arb .arabic
AddCharset ISO-8859-7 .iso8859-7 .grk .greek
AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew
AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk
AddCharset ISO-8859-10 .iso8859-10 .latin6
AddCharset ISO-8859-13 .iso8859-13
AddCharset ISO-8859-14 .iso8859-14 .latin8
AddCharset ISO-8859-15 .iso8859-15 .latin9
AddCharset ISO-8859-16 .iso8859-16 .latin10
AddCharset ISO-2022-JP .iso2022-jp .jis
AddCharset ISO-2022-KR .iso2022-kr .kis
AddCharset ISO-2022-CN .iso2022-cn .cis
AddCharset Big5.Big5 .big5 .b5
AddCharset cn-Big5 .cn-big5
# For russian, more than one charset is used (depends on client, mostly):
AddCharset WINDOWS-1251 .cp-1251 .win-1251
AddCharset CP866 .cp866
AddCharset KOI8 .koi8
AddCharset KOI8-E .koi8-e
AddCharset KOI8-r .koi8-r .koi8-ru
AddCharset KOI8-U .koi8-u
AddCharset KOI8-ru .koi8-uk .ua
AddCharset ISO-10646-UCS-2 .ucs2
AddCharset ISO-10646-UCS-4 .ucs4
AddCharset UTF-7 .utf7
AddCharset UTF-8 .utf8
AddCharset UTF-16 .utf16
AddCharset UTF-16BE .utf16be
AddCharset UTF-16LE .utf16le
AddCharset UTF-32 .utf32
AddCharset UTF-32BE .utf32be
AddCharset UTF-32LE .utf32le
AddCharset euc-cn .euc-cn
AddCharset euc-gb .euc-gb
AddCharset euc-jp .euc-jp
AddCharset euc-kr .euc-kr
#Not sure how euc-tw got in - IANA doesn't list it???
AddCharset EUC-TW .euc-tw
AddCharset gb2312 .gb2312 .gb
AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
AddCharset shift_jis .shift_jis .sjis

33
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-manual.conf Normal file
View File

@@ -0,0 +1,33 @@
#
# Provide access to the documentation on your server as
# http://yourserver.example.com/manual/
# The documentation is always available at
# http://httpd.apache.org/docs/2.4/
#
# Required modules: mod_alias, mod_authz_core, mod_authz_host,
# mod_setenvif, mod_negotiation
#
AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br|ru))?(/.*)?$ "/var/www/manual$1"
<Directory "/var/www/manual">
Options Indexes
AllowOverride None
Require all granted
<Files *.html>
SetHandler type-map
</Files>
# .tr is text/troff in mime.types!
<Files *.html.tr.utf8>
ForceType text/html
</Files>
AddLanguage da .da
SetEnvIf Request_URI ^/manual/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)/ prefer-language=$1
RedirectMatch 301 ^/manual(?:/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)){2,}(/.*)?$ /manual/$1$2
LanguagePriority en da de es fr ja ko pt-br ru tr
ForceLanguagePriority Prefer Fallback
</Directory>

39
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-modsecurity.conf Normal file
View File

@@ -0,0 +1,39 @@
LoadFile /usr/local/lib/libxml2.so
LoadModule security2_module /usr/lib/apache/mod_security2.so
<IfModule mod_security2.c>
# Default recommended configuration
SecRuleEngine On
SecRequestBodyAccess On
SecDefaultAction "phase:2,deny,log,status:406"
SecRequestBodyLimitAction ProcessPartial
SecResponseBodyLimitAction ProcessPartial
SecRequestBodyLimit 13107200
SecRequestBodyNoFilesLimit 131072
SecAuditLogFormat JSON
SecPcreMatchLimit 250000
SecPcreMatchLimitRecursion 250000
SecCollectionTimeout 600
SecDebugLog /var/log/httpd/modsec_debug.log
SecDebugLogLevel 0
SecAuditEngine RelevantOnly
<IfModule mod_ruid2.c>
SecAuditLogDirMode 1733
SecAuditLogFileMode 0550
SecAuditLogType Concurrent
SecAuditLogStorageDir /var/log/modsec_audit
</IfModule>
SecAuditLog /var/log/httpd/modsec_audit.log
SecUploadDir /tmp
SecTmpDir /tmp
SecDataDir /tmp
SecTmpSaveUploadedFiles on
# ModSecurity Core Rules Set and Local configuration
IncludeOptional /etc/modsecurity.d/*.conf.main
IncludeOptional /etc/modsecurity.d/*.conf
IncludeOptional /usr/local/directadmin/data/admin/modsecurity_rules
</IfModule>

127
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-mpm.conf Normal file
View File

@@ -0,0 +1,127 @@
#
# Server-Pool Management (MPM specific)
#
#
# PidFile: The file in which the server should record its process
# identification number when it starts.
#
# Note that this is the default PidFile for most MPMs.
#
<IfModule !mpm_netware_module>
PidFile "/var/run/httpd.pid"
</IfModule>
#
# Only one of the below sections will be relevant on your
# installed httpd. Use "apachectl -l" to find out the
# active mpm.
#
#
# Only one of the below sections will be relevant on your
# installed httpd. Use "apachectl -l" to find out the
# active mpm.
#
# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# MaxRequestWorkers: maximum number of server processes allowed to start
# MaxConnectionsPerChild: maximum number of connections a server process serves
# before terminating
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
ServerLimit 450
MaxRequestWorkers 450
MaxConnectionsPerChild 10000
</IfModule>
# worker MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestWorkers: maximum number of worker threads
# MaxConnectionsPerChild: maximum number of connections a server process serves
# before terminating
<IfModule mpm_worker_module>
StartServers 6
MinSpareThreads 50
MaxSpareThreads 150
ThreadsPerChild 50
MaxRequestWorkers 300
MaxConnectionsPerChild 10000
</IfModule>
# event MPM
# StartServers: initial number of server processes to start
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestWorkers: maximum number of worker threads
# MaxConnectionsPerChild: maximum number of connections a server process serves
# before terminating
<IfModule mpm_event_module>
StartServers 6
MinSpareThreads 32
MaxSpareThreads 128
ThreadsPerChild 64
ServerLimit 32
MaxRequestWorkers 2048
MaxConnectionsPerChild 10000
</IfModule>
# NetWare MPM
# ThreadStackSize: Stack size allocated for each worker thread
# StartThreads: Number of worker threads launched at server startup
# MinSpareThreads: Minimum number of idle threads, to handle request spikes
# MaxSpareThreads: Maximum number of idle threads
# MaxThreads: Maximum number of worker threads alive at the same time
# MaxConnectionsPerChild: Maximum number of connections a thread serves. It
# is recommended that the default value of 0 be set
# for this directive on NetWare. This will allow the
# thread to continue to service requests indefinitely.
<IfModule mpm_netware_module>
ThreadStackSize 65536
StartThreads 250
MinSpareThreads 25
MaxSpareThreads 250
MaxThreads 1000
MaxConnectionsPerChild 0
</IfModule>
# OS/2 MPM
# StartServers: Number of server processes to maintain
# MinSpareThreads: Minimum number of idle threads per process,
# to handle request spikes
# MaxSpareThreads: Maximum number of idle threads per process
# MaxConnectionsPerChild: Maximum number of connections per server process
<IfModule mpm_mpmt_os2_module>
StartServers 2
MinSpareThreads 5
MaxSpareThreads 10
MaxConnectionsPerChild 0
</IfModule>
# WinNT MPM
# ThreadsPerChild: constant number of worker threads in the server process
# MaxConnectionsPerChild: maximum number of connections a server process serves
<IfModule mpm_winnt_module>
ThreadsPerChild 150
MaxConnectionsPerChild 0
</IfModule>
# The maximum number of free Kbytes that every allocator is allowed
# to hold without calling free(). In threaded MPMs, every thread has its own
# allocator. When not set, or when set to zero, the threshold will be set to
# unlimited.
<IfModule !mpm_netware_module>
MaxMemFree 2048
</IfModule>
<IfModule mpm_netware_module>
MaxMemFree 100
</IfModule>

35
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-multilang-errordoc.conf Normal file
View File

@@ -0,0 +1,35 @@
#
# The configuration below implements multi-language error documents through
# content-negotiation.
#
# Required modules: mod_alias, mod_authz_core, mod_authz_host,
# mod_include, mod_negotiation
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
# Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /var/www/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis. The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.
#Alias /error/ "/var/www/error/"
<Directory "/var/www/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Require all granted
LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
ForceLanguagePriority Prefer Fallback
</Directory>
ErrorDocument 404 /404.shtml

3
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-ssl-protocol.intermediate.conf Normal file
View File

@@ -0,0 +1,3 @@
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off

4
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-ssl-protocol.modern.conf Normal file
View File

@@ -0,0 +1,4 @@
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2
SSLHonorCipherOrder off
SSLSessionTickets off

3
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-ssl-protocol.old.conf Normal file
View File

@@ -0,0 +1,3 @@
SSLProtocol All -SSLv2 -SSLv3 -TLSv1
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder On

242
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-ssl.conf Normal file
View File

@@ -0,0 +1,242 @@
#
# This is the Apache server configuration file providing SSL support.
# It contains the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these
# directives see <URL:http://httpd.apache.org/docs/2.4/mod/mod_ssl.html>
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
#
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the SSL library.
# The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
#
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
#
# When we also provide SSL we have to listen to the
# standard HTTP port (see above) and to the HTTPS port
#
# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
#
Listen |PORT_443|
##
## SSL Global Context
##
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
##
#
# Some MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
#SSLSessionCache dbm:/var/logs/ssl_scache
SSLSessionCache shmcb:/var/log/httpd/ssl_scache(512000)
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
#SSLMutex file:/var/log/httpd/ssl_mutex
# Disable SSLv2/3, TLSv1
SSLProtocol All -SSLv2 -SSLv3 -TLSv1
SSLHonorCipherOrder On
# https://mozilla.github.io/server-side-tls/ssl-config-generator/ intermediate configuration.
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
##
## SSL Virtual Host Context
##
<VirtualHost _default_:|PORT_443|>
# General setup for the virtual host
DocumentRoot "/var/www/html"
ServerName www.example.com:|PORT_443|
ServerAdmin you@example.com
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
# https://mozilla.github.io/server-side-tls/ssl-config-generator/ intermediate configuration.
SSLHonorCipherOrder On
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. Keep
# in mind that if you have both an RSA and a DSA certificate you
# can configure both in parallel (to also allow the use of DSA
# ciphers, etc.)
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
#SSLCertificateFile /etc/httpd/conf/server-dsa.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
#SSLCertificateKeyFile /etc/httpd/conf/server-dsa.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/httpd/conf/server-ca.crt
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
SSLCACertificateFile /etc/httpd/conf/ssl.crt/server.ca
#SSLCACertificatePath /etc/httpd/conf/ssl.crt
#SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
# authentication or alternatively one huge file containing all
# of them (file must be PEM encoded)
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
#SSLCARevocationPath /etc/httpd/conf/ssl.crl
#SSLCARevocationFile /etc/httpd/conf/ssl.crl/ca-bundle.crl
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn't wait for
# the close notify alert from client. When you need a different shutdown
# approach you can use one of the following variables:
# o ssl-unclean-shutdown:
# This forces an unclean shutdown when the connection is closed, i.e. no
# SSL close notify alert is send or allowed to received. This violates
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
# this when you receive I/O errors because of the standard approach where
# mod_ssl sends the close notify alert.
# o ssl-accurate-shutdown:
# This forces an accurate shutdown when the connection is closed, i.e. a
# SSL close notify alert is send and mod_ssl waits for the close notify
# alert of the client. This is 100% SSL/TLS standard compliant, but in
# practice often causes hanging connections with brain-dead browsers. Use
# this only for browsers where you know that their SSL implementation
# works correctly.
# Notice: Most problems of broken clients are also related to the HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog /var/log/httpd/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

14
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-userdir.conf Normal file
View File

@@ -0,0 +1,14 @@
# Settings for user home directories
#
# Required module: mod_authz_core, mod_authz_host, mod_userdir
#
# UserDir: The name of the directory that is appended onto a user's home
# directory if a ~user request is received. Note that you must also set
# the default access control for these directories, as in the example below.
#
UserDir disabled
<IfModule LiteSpeed>
DisableCgiOverride On
</IfModule>

67
services/custombuild/custombuild/custombuild/configure/ap2/conf/extra/httpd-vhosts.conf Normal file
View File

@@ -0,0 +1,67 @@
#
# Virtual Hosts
#
# Required modules: mod_log_config
#
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
##########################################################
# Use name-based virtual hosting. #
# All NameVirtualHost lines are in this file #
# Don't remove this line or apache will generate errors. #
##########################################################
Include /etc/httpd/conf/ips.conf
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any <VirtualHost> block.
#
<VirtualHost |IP|:|PORT_80||LINKEDIP|>
ServerAdmin webmaster@localhost
UserDir public_html
DocumentRoot /var/www/html
ServerName localhost
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
CustomLog /var/log/httpd/homedir.log homedir
CustomLog /var/log/httpd/access_log combined
ErrorLog /var/log/httpd/error_log
<IfModule !mod_ruid2.c>
SuexecUserGroup webapps webapps
</IfModule>
</VirtualHost>
<VirtualHost |IP|:|PORT_443||LINKEDIPSSL|>
ServerAdmin webmaster@localhost
UserDir public_html
DocumentRoot /var/www/html
ServerName localhost
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
CustomLog /var/log/httpd/homedir.log homedir
CustomLog /var/log/httpd/access_log combined
ErrorLog /var/log/httpd/error_log
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLCACertificateFile /etc/httpd/conf/ssl.crt/server.ca
<IfModule !mod_ruid2.c>
SuexecUserGroup webapps webapps
</IfModule>
</VirtualHost>

234
services/custombuild/custombuild/custombuild/configure/ap2/conf/httpd.conf Normal file
View File

@@ -0,0 +1,234 @@
#
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.4> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
# for a discussion of each configuration directive.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to specify a local disk on the
# Mutex directive, if file-based mutexes are used. If you wish to share the
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
#
ServerRoot "/etc/httpd"
#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen |PORT_80|
<IfModule unixd_module>
#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
User apache
Group apache
</IfModule>
#LoadModule dummy_module /usr/lib/apache/mod_dummy.so
Include /etc/httpd/conf/extra/httpd-phpmodules.conf
#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. admin@your-domain.com
#
ServerAdmin admin@localhost
DocumentRoot "/var/www/html"
<IfModule dir_module>
Include /etc/httpd/conf/extra/httpd-directoryindex.conf
</IfModule>
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ".ht*">
Require all denied
</Files>
#
# The following lines prevent .user.ini files from being viewed by Web clients.
#
<Files ".user.ini">
Require all denied
</Files>
#
# The following lines prevent .env files from being viewed by Web clients.
#
<Files ".env">
Require all denied
</Files>
#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog /var/log/httpd/error_log
#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn
<IfModule log_config_module>
#replace %b with %O for more accurate logging
<IfModule mod_logio.c>
LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%a %l %u %t \"%r\" %>s %O" common
LogFormat "%O %I" bytes
LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog /var/log/httpd/access_log common
</IfModule>
<IfModule alias_module>
# Include some DirectAdmin alias
Include conf/extra/httpd-alias.conf
</IfModule>
#DefaultType text/plain
<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/x-gzip .tgz
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler cgi-script .cgi
AddHandler type-map var
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
AddType video/x-ms-asf .avi
AddType video/mpeg .mpg
AddType video/mpeg .mpeg
AddType video/quicktime .mov
AddType video/x-ms-wmv .wmv
</IfModule>
#
# MaxRanges: Maximum number of Ranges in a request before
# returning the entire resource, or one of the special
# values 'default', 'none' or 'unlimited'.
# Default setting is to accept 200 Ranges.
#MaxRanges unlimited
#
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall may be used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
# Defaults: EnableMMAP On, EnableSendfile Off
#
#EnableMMAP off
#EnableSendfile off
#######################################################################################
# For user configurations not maintained by DirectAdmin. Empty by default.
#######################################################################################
Include conf/extra/httpd-includes.conf
#######################################################################################
# Supplemental configuration
#######################################################################################
# CloudFlare whitelisted IPs
Include conf/extra/httpd-cloudflare.conf
# Options and AllowOverrides
Include conf/extra/httpd-directories.conf
# Nginx reverse proxy configuration
Include conf/extra/httpd-nginx.conf
# Server-pool management (MPM specific)
Include conf/extra/httpd-mpm.conf
# Multi-language error messages
Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
Include conf/extra/httpd-autoindex.conf
# Language settings
Include conf/extra/httpd-languages.conf
# User home directories
#Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
Include conf/extra/httpd-info.conf
# Suphp
Include conf/extra/httpd-suphp.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
Include conf/extra/httpd-dav.conf
# Various default settings
Include conf/extra/httpd-default.conf
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
# Deflate module settings
Include conf/extra/httpd-deflate.conf
#######################################################################################
# Do not change anything in files below, because they are rewritten by DirectAdmin #
#######################################################################################
# This is needed for PHP
Include conf/extra/httpd-php-handlers.conf
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
# All the DirectAdmin vhosts
Include conf/extra/directadmin-vhosts.conf
#######################################################################################
# End of included files that are rewritten by DirectAdmin #
#######################################################################################
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

385
services/custombuild/custombuild/custombuild/configure/ap2/conf/magic Normal file
View File

@@ -0,0 +1,385 @@
# Magic data for mod_mime_magic Apache module (originally for file(1) command)
# The module is described in /manual/mod/mod_mime_magic.html
#
# The format is 4-5 columns:
# Column #1: byte number to begin checking from, ">" indicates continuation
# Column #2: type of data to match
# Column #3: contents of data to match
# Column #4: MIME type of result
# Column #5: MIME encoding of result (optional)
#------------------------------------------------------------------------------
# Localstuff: file(1) magic for locally observed files
# Add any locally observed files here.
#------------------------------------------------------------------------------
# end local stuff
#------------------------------------------------------------------------------
#------------------------------------------------------------------------------
# Java
0 short 0xcafe
>2 short 0xbabe application/java
#------------------------------------------------------------------------------
# audio: file(1) magic for sound formats
#
# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
#
# Sun/NeXT audio data
0 string .snd
>12 belong 1 audio/basic
>12 belong 2 audio/basic
>12 belong 3 audio/basic
>12 belong 4 audio/basic
>12 belong 5 audio/basic
>12 belong 6 audio/basic
>12 belong 7 audio/basic
>12 belong 23 audio/x-adpcm
# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
# that uses little-endian encoding and has a different magic number
# (0x0064732E in little-endian encoding).
0 lelong 0x0064732E
>12 lelong 1 audio/x-dec-basic
>12 lelong 2 audio/x-dec-basic
>12 lelong 3 audio/x-dec-basic
>12 lelong 4 audio/x-dec-basic
>12 lelong 5 audio/x-dec-basic
>12 lelong 6 audio/x-dec-basic
>12 lelong 7 audio/x-dec-basic
# compressed (G.721 ADPCM)
>12 lelong 23 audio/x-dec-adpcm
# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
# AIFF audio data
8 string AIFF audio/x-aiff
# AIFF-C audio data
8 string AIFC audio/x-aiff
# IFF/8SVX audio data
8 string 8SVX audio/x-aiff
# Creative Labs AUDIO stuff
# Standard MIDI data
0 string MThd audio/unknown
#>9 byte >0 (format %d)
#>11 byte >1 using %d channels
# Creative Music (CMF) data
0 string CTMF audio/unknown
# SoundBlaster instrument data
0 string SBI audio/unknown
# Creative Labs voice data
0 string Creative\ Voice\ File audio/unknown
## is this next line right? it came this way...
#>19 byte 0x1A
#>23 byte >0 - version %d
#>22 byte >0 \b.%d
# [GRR 950115: is this also Creative Labs? Guessing that first line
# should be string instead of unknown-endian long...]
#0 long 0x4e54524b MultiTrack sound data
#0 string NTRK MultiTrack sound data
#>4 long x - version %ld
# Microsoft WAVE format (*.wav)
# [GRR 950115: probably all of the shorts and longs should be leshort/lelong]
# Microsoft RIFF
0 string RIFF audio/unknown
# - WAVE format
>8 string WAVE audio/x-wav
# MPEG audio.
0 beshort&0xfff0 0xfff0 audio/mpeg
# C64 SID Music files, from Linus Walleij <triad@df.lth.se>
0 string PSID audio/prs.sid
#------------------------------------------------------------------------------
# c-lang: file(1) magic for C programs or various scripts
#
# XPM icons (Greg Roelofs, newt@uchicago.edu)
# ideally should go into "images", but entries below would tag XPM as C source
0 string /*\ XPM image/x-xbm 7bit
# this first will upset you if you're a PL/1 shop... (are there any left?)
# in which case rm it; ascmagic will catch real C programs
# C or REXX program text
0 string /* text/plain
# C++ program text
0 string // text/plain
#------------------------------------------------------------------------------
# compress: file(1) magic for pure-compression formats (no archives)
#
# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
#
# Formats for various forms of compressed data
# Formats for "compress" proper have been moved into "compress.c",
# because it tries to uncompress it to figure out what's inside.
# standard unix compress
0 string \037\235 application/octet-stream x-compress
# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
0 string \037\213 application/octet-stream x-gzip
# According to gzip.h, this is the correct byte order for packed data.
0 string \037\036 application/octet-stream
#
# This magic number is byte-order-independent.
#
0 short 017437 application/octet-stream
# XXX - why *two* entries for "compacted data", one of which is
# byte-order independent, and one of which is byte-order dependent?
#
# compacted data
0 short 0x1fff application/octet-stream
0 string \377\037 application/octet-stream
# huf output
0 short 0145405 application/octet-stream
# Squeeze and Crunch...
# These numbers were gleaned from the Unix versions of the programs to
# handle these formats. Note that I can only uncrunch, not crunch, and
# I didn't have a crunched file handy, so the crunch number is untested.
# Keith Waclena <keith@cerberus.uchicago.edu>
#0 leshort 0x76FF squeezed data (CP/M, DOS)
#0 leshort 0x76FE crunched data (CP/M, DOS)
# Freeze
#0 string \037\237 Frozen file 2.1
#0 string \037\236 Frozen file 1.0 (or gzip 0.5)
# lzh?
#0 string \037\240 LZH compressed data
#------------------------------------------------------------------------------
# frame: file(1) magic for FrameMaker files
#
# This stuff came on a FrameMaker demo tape, most of which is
# copyright, but this file is "published" as witness the following:
#
0 string \<MakerFile application/x-frame
0 string \<MIFFile application/x-frame
0 string \<MakerDictionary application/x-frame
0 string \<MakerScreenFon application/x-frame
0 string \<MML application/x-frame
0 string \<Book application/x-frame
0 string \<Maker application/x-frame
#------------------------------------------------------------------------------
# html: file(1) magic for HTML (HyperText Markup Language) docs
#
# from Daniel Quinlan <quinlan@yggdrasil.com>
# and Anna Shergold <anna@inext.co.uk>
#
0 string \<!DOCTYPE\ HTML text/html
0 string \<!doctype\ html text/html
0 string \<HEAD text/html
0 string \<head text/html
0 string \<TITLE text/html
0 string \<title text/html
0 string \<html text/html
0 string \<HTML text/html
0 string \<!-- text/html
0 string \<h1 text/html
0 string \<H1 text/html
# XML eXtensible Markup Language, from Linus Walleij <triad@df.lth.se>
0 string \<?xml text/xml
#------------------------------------------------------------------------------
# images: file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
#
# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
# additions by janl@ifi.uio.no as well as others. Jan also suggested
# merging several one- and two-line files into here.
#
# XXX - byte order for GIF and TIFF fields?
# [GRR: TIFF allows both byte orders; GIF is probably little-endian]
#
# [GRR: what the hell is this doing in here?]
#0 string xbtoa btoa'd file
# PBMPLUS
# PBM file
0 string P1 image/x-portable-bitmap 7bit
# PGM file
0 string P2 image/x-portable-greymap 7bit
# PPM file
0 string P3 image/x-portable-pixmap 7bit
# PBM "rawbits" file
0 string P4 image/x-portable-bitmap
# PGM "rawbits" file
0 string P5 image/x-portable-greymap
# PPM "rawbits" file
0 string P6 image/x-portable-pixmap
# NIFF (Navy Interchange File Format, a modification of TIFF)
# [GRR: this *must* go before TIFF]
0 string IIN1 image/x-niff
# TIFF and friends
# TIFF file, big-endian
0 string MM image/tiff
# TIFF file, little-endian
0 string II image/tiff
# possible GIF replacements; none yet released!
# (Greg Roelofs, newt@uchicago.edu)
#
# GRR 950115: this was mine ("Zip GIF"):
# ZIF image (GIF+deflate alpha)
0 string GIF94z image/unknown
#
# GRR 950115: this is Jeremy Wohl's Free Graphics Format (better):
# FGF image (GIF+deflate beta)
0 string FGF95a image/unknown
#
# GRR 950115: this is Thomas Boutell's Portable Bitmap Format proposal
# (best; not yet implemented):
# PBF image (deflate compression)
0 string PBF image/unknown
# GIF
0 string GIF image/gif
# JPEG images
0 beshort 0xffd8 image/jpeg
# PC bitmaps (OS/2, Windoze BMP files) (Greg Roelofs, newt@uchicago.edu)
0 string BM image/bmp
#>14 byte 12 (OS/2 1.x format)
#>14 byte 64 (OS/2 2.x format)
#>14 byte 40 (Windows 3.x format)
#0 string IC icon
#0 string PI pointer
#0 string CI color icon
#0 string CP color pointer
#0 string BA bitmap array
0 string \x89PNG image/png
0 string FWS application/x-shockwave-flash
0 string CWS application/x-shockwave-flash
#------------------------------------------------------------------------------
# lisp: file(1) magic for lisp programs
#
# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
0 string ;; text/plain 8bit
# Emacs 18 - this is always correct, but not very magical.
0 string \012( application/x-elc
# Emacs 19
0 string ;ELC\023\000\000\000 application/x-elc
#------------------------------------------------------------------------------
# mail.news: file(1) magic for mail and news
#
# There are tests to ascmagic.c to cope with mail and news.
0 string Relay-Version: message/rfc822 7bit
0 string #!\ rnews message/rfc822 7bit
0 string N#!\ rnews message/rfc822 7bit
0 string Forward\ to message/rfc822 7bit
0 string Pipe\ to message/rfc822 7bit
0 string Return-Path: message/rfc822 7bit
0 string Path: message/news 8bit
0 string Xref: message/news 8bit
0 string From: message/rfc822 7bit
0 string Article message/news 8bit
#------------------------------------------------------------------------------
# msword: file(1) magic for MS Word files
#
# Contributor claims:
# Reversed-engineered MS Word magic numbers
#
0 string \376\067\0\043 application/msword
0 string \333\245-\0\0\0 application/msword
# disable this one because it applies also to other
# Office/OLE documents for which msword is not correct. See PR#2608.
#0 string \320\317\021\340\241\261 application/msword
#------------------------------------------------------------------------------
# printer: file(1) magic for printer-formatted files
#
# PostScript
0 string %! application/postscript
0 string \004%! application/postscript
# Acrobat
# (due to clamen@cs.cmu.edu)
0 string %PDF- application/pdf
#------------------------------------------------------------------------------
# sc: file(1) magic for "sc" spreadsheet
#
38 string Spreadsheet application/x-sc
#------------------------------------------------------------------------------
# tex: file(1) magic for TeX files
#
# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
#
# From <conklin@talisman.kaleida.com>
# Although we may know the offset of certain text fields in TeX DVI
# and font files, we can't use them reliably because they are not
# zero terminated. [but we do anyway, christos]
0 string \367\002 application/x-dvi
#0 string \367\203 TeX generic font data
#0 string \367\131 TeX packed font data
#0 string \367\312 TeX virtual font data
#0 string This\ is\ TeX, TeX transcript text
#0 string This\ is\ METAFONT, METAFONT transcript text
# There is no way to detect TeX Font Metric (*.tfm) files without
# breaking them apart and reading the data. The following patterns
# match most *.tfm files generated by METAFONT or afm2tfm.
#2 string \000\021 TeX font metric data
#2 string \000\022 TeX font metric data
#>34 string >\0 (%s)
# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
#0 string \\input\ texinfo Texinfo source text
#0 string This\ is\ Info\ file GNU Info text
# correct TeX magic for Linux (and maybe more)
# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
#
0 leshort 0x02f7 application/x-dvi
# RTF - Rich Text Format
0 string {\\rtf application/rtf
#------------------------------------------------------------------------------
# animation: file(1) magic for animation/movie formats
#
# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
# MPEG file
0 string \000\000\001\263 video/mpeg
#
# The contributor claims:
# I couldn't find a real magic number for these, however, this
# -appears- to work. Note that it might catch other files, too,
# so BE CAREFUL!
#
# Note that title and author appear in the two 20-byte chunks
# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
# 255 (hex FF)! DL format SUCKS BIG ROCKS.
#
# DL file version 1 , medium format (160x100, 4 images/screen)
0 byte 1 video/unknown
0 byte 2 video/unknown
# Quicktime video, from Linus Walleij <triad@df.lth.se>
# from Apple quicktime file format documentation.
4 string moov video/quicktime
4 string mdat video/quicktime

1510
services/custombuild/custombuild/custombuild/configure/ap2/conf/mime.types Normal file
View File

File diff suppressed because it is too large Load Diff

43
services/custombuild/custombuild/custombuild/configure/ap2/configure.apache Normal file
View File

@@ -0,0 +1,43 @@
#!/bin/sh
"./configure" \
"--prefix=/etc/httpd" \
"--exec-prefix=/etc/httpd" \
"--bindir=/usr/bin" \
"--sbindir=/usr/sbin" \
"--sysconfdir=/etc/httpd/conf" \
"--enable-so" \
"--enable-dav" \
"--enable-dav-fs" \
"--enable-dav-lock" \
"--enable-suexec" \
"--enable-deflate" \
"--enable-unique-id" \
"--enable-cgi" \
"--disable-cgid" \
"--enable-mods-static=most" \
"--enable-mpms-shared=all" \
"--with-suexec-safedir=/usr/local/safe-bin" \
"--with-suexec-caller=apache" \
"--with-suexec-docroot=/" \
"--with-suexec-gidmin=100" \
"--with-suexec-logfile=/var/log/httpd/suexec_log" \
"--with-suexec-uidmin=100" \
"--with-suexec-userdir=public_html" \
"--with-suexec-bin=/usr/sbin/suexec" \
"--with-included-apr" \
"--with-pcre=/usr/local" \
"--includedir=/usr/include/apache" \
"--libexecdir=/usr/lib/apache" \
"--libdir=/usr/lib/apache" \
"--mandir=/usr/share/man" \
"--datadir=/var/www" \
"--localstatedir=/var" \
"--enable-logio" \
"--enable-ssl" \
"--enable-rewrite" \
"--enable-proxy" \
"--enable-expires" \
"--enable-reqtimeout" \
"--with-ssl=/usr" \
"--disable-md" \
"--enable-headers"

2
services/custombuild/custombuild/custombuild/configure/ap2/configure.modsecurity Normal file
View File

@@ -0,0 +1,2 @@
#!/bin/sh
./configure --with-yajl

35
services/custombuild/custombuild/custombuild/configure/ap2/configure.php53 Normal file
View File

@@ -0,0 +1,35 @@
#!/bin/sh
./configure \
--with-apxs2 \
--with-config-file-scan-dir=/usr/local/lib/php.conf.d \
--with-curl \
--with-gd \
--enable-gd-native-ttf \
--with-gettext \
--with-jpeg-dir=/usr/local/lib \
--with-freetype-dir=/usr/local/lib \
--with-libxml-dir=/usr/local/lib \
--with-kerberos \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-mysql=mysqlnd \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=mysqlnd \
--with-pcre-regex=/usr/local \
--with-pdo-mysql=mysqlnd \
--with-pear \
--with-png-dir=/usr/local/lib \
--with-xsl \
--with-zlib \
--enable-zip \
--with-iconv=/usr/local \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--with-icu-dir=/usr/local/icu \
--enable-intl

35
services/custombuild/custombuild/custombuild/configure/ap2/configure.php54 Normal file
View File

@@ -0,0 +1,35 @@
#!/bin/sh
./configure \
--with-apxs2 \
--with-config-file-scan-dir=/usr/local/lib/php.conf.d \
--with-curl \
--with-gd \
--enable-gd-native-ttf \
--with-gettext \
--with-jpeg-dir=/usr/local/lib \
--with-freetype-dir=/usr/local/lib \
--with-libxml-dir=/usr/local/lib \
--with-kerberos \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-mysql=mysqlnd \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=mysqlnd \
--with-pcre-regex=/usr/local \
--with-pdo-mysql=mysqlnd \
--with-pear \
--with-png-dir=/usr/local/lib \
--with-xsl \
--with-zlib \
--enable-zip \
--with-iconv=/usr/local \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--with-icu-dir=/usr/local/icu \
--enable-intl

35
services/custombuild/custombuild/custombuild/configure/ap2/configure.php55 Normal file
View File

@@ -0,0 +1,35 @@
#!/bin/sh
./configure \
--with-apxs2 \
--with-config-file-scan-dir=/usr/local/lib/php.conf.d \
--with-curl \
--with-gd \
--enable-gd-native-ttf \
--with-gettext \
--with-jpeg-dir=/usr/local/lib \
--with-freetype-dir=/usr/local/lib \
--with-libxml-dir=/usr/local/lib \
--with-kerberos \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-mysql=mysqlnd \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=mysqlnd \
--with-pcre-regex=/usr/local \
--with-pdo-mysql=mysqlnd \
--with-pear \
--with-png-dir=/usr/local/lib \
--with-xsl \
--with-zlib \
--enable-zip \
--with-iconv=/usr/local \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--with-icu-dir=/usr/local/icu \
--enable-intl

35
services/custombuild/custombuild/custombuild/configure/ap2/configure.php56 Normal file
View File

@@ -0,0 +1,35 @@
#!/bin/sh
./configure \
--with-apxs2 \
--with-config-file-scan-dir=/usr/local/lib/php.conf.d \
--with-curl \
--with-gd \
--enable-gd-native-ttf \
--with-gettext \
--with-jpeg-dir=/usr/local/lib \
--with-freetype-dir=/usr/local/lib \
--with-libxml-dir=/usr/local/lib \
--with-kerberos \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-mysql=mysqlnd \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=mysqlnd \
--with-pcre-regex=/usr/local \
--with-pdo-mysql=mysqlnd \
--with-pear \
--with-png-dir=/usr/local/lib \
--with-xsl \
--with-zlib \
--enable-zip \
--with-iconv=/usr/local \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--with-icu-dir=/usr/local/icu \
--enable-intl

35
services/custombuild/custombuild/custombuild/configure/ap2/configure.php70 Normal file
View File

@@ -0,0 +1,35 @@
#!/bin/sh
./configure \
--with-apxs2 \
--with-config-file-scan-dir=/usr/local/lib/php.conf.d \
--with-curl \
--with-gd \
--enable-gd-native-ttf \
--with-gettext \
--with-jpeg-dir=/usr/local/lib \
--with-freetype-dir=/usr/local/lib \
--with-libxml-dir=/usr/local/lib \
--with-kerberos \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=mysqlnd \
--with-pcre-regex=/usr/local \
--with-pdo-mysql=mysqlnd \
--with-pear \
--with-png-dir=/usr/local/lib \
--with-webp-dir=/usr/local/lib \
--with-xsl \
--with-zlib \
--enable-zip \
--with-iconv=/usr/local \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--with-icu-dir=/usr/local/icu \
--enable-intl

35
services/custombuild/custombuild/custombuild/configure/ap2/configure.php71 Normal file
View File

@@ -0,0 +1,35 @@
#!/bin/sh
./configure \
--with-apxs2 \
--with-config-file-scan-dir=/usr/local/lib/php.conf.d \
--with-curl \
--with-gd \
--enable-gd-native-ttf \
--with-gettext \
--with-jpeg-dir=/usr/local/lib \
--with-freetype-dir=/usr/local/lib \
--with-libxml-dir=/usr/local/lib \
--with-kerberos \
--with-openssl \
--with-mcrypt \
--with-mhash \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=mysqlnd \
--with-pcre-regex=/usr/local \
--with-pdo-mysql=mysqlnd \
--with-pear \
--with-png-dir=/usr/local/lib \
--with-webp-dir=/usr/local/lib \
--with-xsl \
--with-zlib \
--enable-zip \
--with-iconv=/usr/local \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--with-icu-dir=/usr/local/icu \
--enable-intl

34
services/custombuild/custombuild/custombuild/configure/ap2/configure.php72 Normal file
View File

@@ -0,0 +1,34 @@
#!/bin/sh
./configure \
--with-apxs2 \
--with-config-file-scan-dir=/usr/local/lib/php.conf.d \
--with-curl \
--with-gd \
--with-gettext \
--with-jpeg-dir=/usr/local/lib \
--with-freetype-dir=/usr/local/lib \
--with-libxml-dir=/usr/local/lib \
--with-kerberos \
--with-openssl \
--with-mhash \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=mysqlnd \
--with-pcre-regex=/usr/local \
--with-pdo-mysql=mysqlnd \
--with-pear \
--with-png-dir=/usr/local/lib \
--with-sodium=/usr/local \
--with-webp-dir=/usr/local/lib \
--with-xsl \
--with-zlib \
--enable-zip \
--with-iconv=/usr/local \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--with-icu-dir=/usr/local/icu \
--enable-intl

35
services/custombuild/custombuild/custombuild/configure/ap2/configure.php73 Normal file
View File

@@ -0,0 +1,35 @@
#!/bin/sh
./configure \
--with-apxs2 \
--with-config-file-scan-dir=/usr/local/lib/php.conf.d \
--with-curl \
--with-gd \
--with-gettext \
--with-jpeg-dir=/usr/local/lib \
--with-freetype-dir=/usr/local/lib \
--with-libxml-dir=/usr/local/lib \
--with-kerberos \
--with-openssl \
--with-mhash \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=mysqlnd \
--with-pcre-regex=/usr/local \
--with-pdo-mysql=mysqlnd \
--with-pear \
--with-png-dir=/usr/local/lib \
--with-sodium=/usr/local \
--with-webp-dir=/usr/local/lib \
--with-xsl \
--with-zlib \
--enable-zip \
--without-libzip \
--with-iconv=/usr/local \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--with-icu-dir=/usr/local/icu \
--enable-intl

29
services/custombuild/custombuild/custombuild/configure/ap2/configure.php74 Normal file
View File

@@ -0,0 +1,29 @@
#!/bin/sh
./configure \
--with-apxs2 \
--with-config-file-scan-dir=/usr/local/lib/php.conf.d \
--with-curl \
--enable-gd \
--with-gettext \
--with-jpeg \
--with-freetype \
--with-kerberos \
--with-openssl \
--with-mhash \
--with-mysql-sock=/var/lib/mysql/mysql.sock \
--with-mysqli=mysqlnd \
--with-pdo-mysql=mysqlnd \
--with-sodium=/usr/local \
--with-webp \
--with-xsl \
--with-zlib \
--with-zip \
--with-iconv=/usr/local \
--enable-bcmath \
--enable-calendar \
--enable-exif \
--enable-ftp \
--enable-sockets \
--enable-soap \
--enable-mbstring \
--enable-intl

2
services/custombuild/custombuild/custombuild/configure/clamav/configure.clamav Normal file
View File

@@ -0,0 +1,2 @@
#!/bin/sh
cmake .. -D CMAKE_INSTALL_PREFIX=/usr/local -D APP_CONFIG_DIRECTORY=/etc -D ENABLE_MILTER=OFF -D ENABLE_TESTS=OFF

11
services/custombuild/custombuild/custombuild/configure/clamav/runav.conf Normal file
View File

@@ -0,0 +1,11 @@
# ---------------------------------------------------------------
# Core ModSecurity Rule Set ver.2.2.9
# Copyright (C) 2006-2012 Trustwave All rights reserved.
#
# The OWASP ModSecurity Core Rule Set is distributed under
# Apache Software License (ASL) version 2
# Please see the enclosed LICENCE file for full details.
# ---------------------------------------------------------------
SecRule FILES_TMPNAMES "@inspectFile /usr/local/bin/runav.pl" \
"phase:2,t:none,block,msg:'Virus found in uploaded file',id:'950115',tag:'MALICIOUS_SOFTWARE/VIRUS',tag:'PCI/5.1',severity:'2',setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},setvar:tx.%{rule.id}-MALICIOUS_SOFTWARE/VIRUS-%{matched_var_name}=%{tx.0}"

40
services/custombuild/custombuild/custombuild/configure/clamav/runav.pl Normal file
View File

@@ -0,0 +1,40 @@
#!/usr/bin/perl
#
# runav.pl
# Copyright (c) 2004-2011 Trustwave
#
# This script is an interface between ModSecurity and its
# ability to intercept files being uploaded through the
# web server, and ClamAV
$CLAMDSCAN = "/usr/local/bin/clamdscan";
if ($#ARGV != 0) {
print "Usage: runav.pl <filename>\n";
exit;
}
my ($FILE) = shift @ARGV;
$cmd = "$CLAMDSCAN --stdout --no-summary $FILE";
$input = `$cmd`;
$input =~ m/^(.+)/;
$error_message = $1;
$output = "1 Unable to parse clamscan output [$1]";
if ($error_message =~ m/: Empty file\.?$/) {
$output = "1 empty file";
}
elsif ($error_message =~ m/: (.+) ERROR$/) {
$output = "1 clamscan: $1";
}
elsif ($error_message =~ m/: (.+) FOUND$/) {
$output = "0 clamscan: $1";
}
elsif ($error_message =~ m/: OK$/) {
$output = "1 clamscan: OK";
}
print "$output\n";

46
services/custombuild/custombuild/custombuild/configure/csf.pignore Normal file
View File

@@ -0,0 +1,46 @@
exe:/usr/libexec/dovecot/pop3
exe:/usr/libexec/dovecot/imap
exe:/usr/libexec/dovecot/lmtp
exe:/usr/libexec/dovecot/stats
exe:/usr/libexec/dovecot/managesieve-login
exe:/usr/libexec/dovecot/indexer
exe:/usr/libexec/dovecot/indexer-worker
exe:/usr/local/bin/freshclam
exe:/usr/local/bin/clamd
exe:/usr/share/cagefs-skeleton/usr/selector/lsphp
exe:/usr/selector/lsphp
exe:/usr/local/bin/lsphp
exe:/usr/lib/systemd/systemd-timesyncd
pexe:/usr/local/lsws/bin/lshttpd.*
pexe:/usr/local/php../bin/php_uploadscan.sh
pexe:/opt/alt/php../usr/bin/php-cgi
pexe:/opt/alt/php../usr/bin/php
pexe:/opt/alt/php../usr/bin/lsphp
pexe:/usr/local/php../sbin/php-fpm..
pexe:/usr/local/php../bin/php-cgi..
pexe:/usr/local/php../bin/php..
pexe:/usr/local/php../bin/lsphp..
exe:/usr/local/mysql/bin/mysqld
exe:/usr/sbin/pure-ftpd
exe:/usr/local/bin/pureftpd_uploadscan.sh
exe:/usr/selector/php
exe:/usr/selector/php-cli
exe:/usr/sbin/nginx
exe:/usr/sbin/proxyexec
pexe:/usr/local/safe-bin/fcgid...sh
exe:/usr/sbin/rsyslogd
exe:/usr/sbin/atd
exe:/usr/bin/wget
exe:/bin/gzip
exe:/bin/tar
exe:/usr/bin/rspamd
exe:/opt/netdata/usr/libexec/netdata/plugins.d/go.d.plugin
exe:/opt/netdata/bin/srv/netdata
exe:/opt/netdata/usr/libexec/netdata/plugins.d/apps.plugin
exe:/opt/netdata/bin/bash
exe:/usr/local/bin/redis-server
exe:/usr/sbin/unitd
exe:/usr/local/bin/curl
exe:/usr/bin/curl
user:netdata
user:mysql

2
services/custombuild/custombuild/custombuild/configure/curl/configure.curl Normal file
View File

@@ -0,0 +1,2 @@
#!/bin/sh
./configure --with-openssl

25
services/custombuild/custombuild/custombuild/configure/custombuild/eol_os.txt Normal file
View File

@@ -0,0 +1,25 @@
CentOS 3
CentOS 4
CentOS 5
Fedora 1
Fedora 2
Fedora 3
Fedora 4
Fedora 5
Fedora 6
Fedora 7
Fedora 8
Fedora 9
Fedora 10
FreeBSD 3
FreeBSD 4
FreeBSD 5
FreeBSD 6
FreeBSD 7
FreeBSD 8
FreeBSD 9
Debian 3
Debian 4
Debian 5
Debian 6
Debian 7

18
services/custombuild/custombuild/custombuild/configure/dovecot/conf.d/90-fts-xapian.conf Normal file
View File

@@ -0,0 +1,18 @@
#add quota to end of line in:
#/etc/dovecot/conf/mail_plugins.conf, eg:
#mail_plugins = $mail_plugins fts fts_xapian
plugin {
plugin = fts fts_xapian
fts = xapian
fts_xapian = partial=2 full=20 verbose=0
fts_autoindex = yes
fts_enforced = yes
fts_autoindex_exclude = \Junk
fts_autoindex_exclude2 = \Trash
fts_autoindex_exclude3 = \INBOX.spam
fts_autoindex_exclude4 = \Inbox.Trash
}

11
services/custombuild/custombuild/custombuild/configure/dovecot/conf.d/90-quota.conf Normal file
View File

@@ -0,0 +1,11 @@
#add quota to end of line in:
#/etc/dovecot/conf/mail_plugins.conf, eg:
#mail_plugins = $mail_plugins quota
#add imap_quota to end of line in:
#/etc/dovecot/conf/imap_mail_plugins.conf, eg:
#mail_plugins = $mail_plugins imap_quota
plugin {
quota = maildir
}

46
services/custombuild/custombuild/custombuild/configure/dovecot/conf.d/90-sieve.conf Normal file
View File

@@ -0,0 +1,46 @@
#add sieve to end of line in:
#/etc/dovecot/conf/protocols.conf, eg:
#protocols = imap pop3 lmtp sieve
#Managesieve service (allows rules editing on client-side)
service managesieve-login {
inet_listener sieve {
port = 4190
}
service_count = 1
process_min_avail = 4
}
service managesieve {
}
protocol sieve {
managesieve_max_line_length = 65536
managesieve_implementation_string = Dovecot Pigeonhole
managesieve_max_compile_errors = 5
managesieve_logout_format = bytes=%i/%o
log_path = /var/log/dovecot-sieve-errors.log
info_log_path = /var/log/dovecot-sieve.log
}
plugin {
#More details: http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration
# The location of the user's main script storage. The active script
# in this storage is used as the main user script executed during
# delivery. The include extension fetches the :personal scripts
# from this location. When ManageSieve is used, this is also where
# scripts are uploaded. This example uses the file system as
# storage, with all the user's scripts located in the directory
# `~/sieve' and the active script (symbolic link) located at
# `~/.dovecot.sieve'.
sieve = file:~/sieve;active=~/.dovecot.sieve
# If the user has no personal active script (i.e. if the location
# indicated in sieve= does not exist or has no active script), use
# this one:
sieve_default = /var/lib/dovecot/sieve/default.sieve
# The include extension fetches the :global scripts from this
# location.
sieve_global = /var/lib/dovecot/sieve/global/
}

10
services/custombuild/custombuild/custombuild/configure/dovecot/conf.d/90-zlib.conf Normal file
View File

@@ -0,0 +1,10 @@
#add zlib to end of line in:
#/etc/dovecot/conf/mail_plugins.conf, eg:
#mail_plugins = $mail_plugins quota zlib
plugin {
# use zstd for compression
zlib_save = zstd
# level 6
zlib_save_level = 6
}

1
services/custombuild/custombuild/custombuild/configure/dovecot/conf/imap_mail_plugins.conf Normal file
View File

@@ -0,0 +1 @@
mail_plugins = $mail_plugins

5
services/custombuild/custombuild/custombuild/configure/dovecot/conf/ip.conf Normal file
View File

@@ -0,0 +1,5 @@
#IPv4
listen = *
#IPv4 and IPv6:
#listen = *, ::

3
services/custombuild/custombuild/custombuild/configure/dovecot/conf/limits.conf Normal file
View File

@@ -0,0 +1,3 @@
default_process_limit=2048
default_client_limit=12288
default_vsz_limit=8GB

25
services/custombuild/custombuild/custombuild/configure/dovecot/conf/lmtp.conf Normal file
View File

@@ -0,0 +1,25 @@
#Regex HOSTNAMe below.
#add sieve to end of line in:
#/etc/dovecot/conf/lmtp_mail_plugins.conf
#mail_plugins = $mail_plugins sieve
# LMTP socket for local delivery from exim
service lmtp {
executable = lmtp -L
process_min_avail = 16
unix_listener lmtp-client {
user = mail
group = mail
mode = 0660
}
}
lmtp_rcpt_check_quota = yes
protocol lmtp {
!include lmtp_mail_plugins.conf
log_path = /var/log/dovecot-lmtp-errors.log
info_log_path = /var/log/dovecot-lmtp.log
postmaster_address = root@%{hostname}
quota_full_tempfail = no
}

1
services/custombuild/custombuild/custombuild/configure/dovecot/conf/lmtp_mail_plugins.conf Normal file
View File

@@ -0,0 +1 @@
mail_plugins = $mail_plugins

4
services/custombuild/custombuild/custombuild/configure/dovecot/conf/mail_max_userip_connections.conf Normal file
View File

@@ -0,0 +1,4 @@
mail_max_userip_connections = 15
remote 127.0.0.1 {
mail_max_userip_connections = 150
}

1
services/custombuild/custombuild/custombuild/configure/dovecot/conf/mail_plugins.conf Normal file
View File

@@ -0,0 +1 @@
mail_plugins = $mail_plugins zlib

1
services/custombuild/custombuild/custombuild/configure/dovecot/conf/maildir_copy_with_hardlinks.conf Normal file
View File

@@ -0,0 +1 @@
maildir_copy_with_hardlinks = no

56
services/custombuild/custombuild/custombuild/configure/dovecot/conf/namespace_private.conf Normal file
View File

@@ -0,0 +1,56 @@
namespace inbox {
type = private
separator = .
prefix =
inbox = yes
mailbox Drafts {
special_use = \Drafts
auto = subscribe
}
mailbox Junk {
special_use = \Junk # autocreate Junk, but don't autosubscribe
auto = create
}
mailbox spam {
special_use = \Junk
auto = no
}
mailbox Spam {
special_use = \Junk
auto = no
}
mailbox Trash {
special_use = \Trash
auto = subscribe
}
mailbox Sent {
special_use = \Sent
auto = subscribe
}
mailbox "Sent Messages" {
special_use = \Sent
auto = no
}
mailbox "Sent Items" {
special_use = \Sent
auto = no
}
mailbox Archive {
special_use = \Archive
auto = no
}
mailbox "Archives" {
special_use = \Archive
auto = no
}
}

1
services/custombuild/custombuild/custombuild/configure/dovecot/conf/protocols.conf Normal file
View File

@@ -0,0 +1 @@
protocols = imap pop3 lmtp

6
services/custombuild/custombuild/custombuild/configure/dovecot/conf/ssl.conf Normal file
View File

@@ -0,0 +1,6 @@
ssl_cert = </etc/exim.cert
ssl_key = </etc/exim.key
ssl_dh = </etc/dovecot/dh.pem
ssl_min_protocol = TLSv1
ssl_cipher_list = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

2
services/custombuild/custombuild/custombuild/configure/dovecot/configure.dovecot Normal file
View File

@@ -0,0 +1,2 @@
#!/bin/sh
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --with-systemdsystemunitdir=/etc/systemd/system --without-icu

76
services/custombuild/custombuild/custombuild/configure/dovecot/dovecot.conf Normal file
View File

@@ -0,0 +1,76 @@
#0.4
## Dovecot 2.0 configuration file
!include conf/ip.conf
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@&
auth_verbose = yes
disable_plaintext_auth = no
login_greeting = Dovecot DA ready.
mail_access_groups = mail
default_login_user = dovecot
mail_location = maildir:~/Maildir
!include conf/limits.conf
!include conf/namespace_private.conf
!include conf/maildir_copy_with_hardlinks.conf
!include_try conf/custom_passdb.conf
passdb {
username_filter = !*@*
driver = shadow
}
passdb {
username_filter = *@*
args = username_format=%n /etc/virtual/%d/passwd
driver = passwd-file
}
!include_try conf/alternate_passwd.conf
!include conf/protocols.conf
!include conf/mail_plugins.conf
service auth {
user = root
}
service imap-login {
process_min_avail = 16
user = dovecot
}
service pop3-login {
process_min_avail = 16
user = dovecot
}
!include conf/ssl.conf
userdb {
# hide "unknown user"
auth_verbose = no
driver = passwd
}
userdb {
args = username_format=%n /etc/virtual/%d/passwd
driver = passwd-file
}
verbose_proctitle = yes
protocol imap {
!include conf/imap_mail_plugins.conf
}
protocol pop3 {
pop3_uidl_format = %08Xu%08Xv
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s, bytes=%i/%o
}
!include conf/mail_max_userip_connections.conf
!include_try conf/lmtp.conf
!include conf.d/*.conf

82
services/custombuild/custombuild/custombuild/configure/fastcgi/fcgid.sh Normal file
View File

@@ -0,0 +1,82 @@
#!/usr/bin/env bash
PHP_VER=`echo $0 | grep -o '[0-9]*'`
OPTIONS=
if [ "$1" != "" ]; then
if [ -s "$1" ]; then
OPTIONS=" -c ${1} ${OPTIONS}"
fi
shift
fi
if [ "$1" = "jail=true" ]; then
JAIL=true
shift
fi
if [ -z "${JAIL}" ]; then
if getent passwd $(id -u) | grep -m1 -q ':/usr/bin/jailshell$'; then
JAIL=true
else
JAIL=false
fi
fi
if [ "$#" -gt 0 ]; then
SENDMAIL_FROM="`echo $@ | grep -o 'sendmail_from=[^ ]*' | cut -d'\"' -f2`"
if [ "${SENDMAIL_FROM}" != "" ]; then
SENDMAIL_ADD="-f ${SENDMAIL_FROM}"
else
SENDMAIL_ADD="-f admin@`hostname`"
fi
else
SENDMAIL_ADD="-f admin@`hostname`"
fi
# http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
# Set desired PHP_FCGI_* environment variables.
# Example:
# PHP FastCGI processes exit after 500 requests by default.
# JE: Do not limit it to facilitate XCache (or set it really high, like 10000)
PHP_FCGI_MAX_REQUESTS=0
export PHP_FCGI_MAX_REQUESTS
# See http://www.webhostingtalk.com/archive/index.php/t-1165678.html
PHP_FCGI_CHILDREN=0
export PHP_FCGI_CHILDREN
set -euo pipefail
if [ -x /usr/bin/bwrap ] && ${JAIL}; then
(exec -a jailphp bwrap --ro-bind /usr /usr \
--ro-bind /lib /lib \
--ro-bind-try /lib64 /lib64 \
--ro-bind /bin /bin \
--ro-bind /sbin /sbin \
--bind $(getent passwd $(id -u) | cut -d: -f6) $(getent passwd $(id -u) | cut -d: -f6) \
--dir /var \
--dir /tmp \
--proc /proc \
--symlink ../tmp var/tmp \
--dev /dev \
--ro-bind-try /etc/localtime /etc/localtime \
--ro-bind-try /etc/ld.so.cache /etc/ld.so.cache \
--ro-bind-try /etc/resolv.conf /etc/resolv.conf \
--ro-bind-data 13 $(getent passwd $(id -u) | cut -d: -f6)/.msmtprc \
--ro-bind-try /etc/ssl /etc/ssl \
--ro-bind-try /etc/pki /etc/pki \
--ro-bind-try /etc/man_db.conf /etc/man_db.conf \
--bind-try /var/lib/mysql/mysql.sock /var/lib/mysql/mysql.sock \
--bind-try /home/mysql/mysql.sock /home/mysql/mysql.sock \
--bind-try /tmp/mysql.sock /tmp/mysql.sock \
--unshare-all \
--share-net \
--die-with-parent \
--dir /run/user/$(id -u) \
--file 11 /etc/passwd \
--file 12 /etc/group \
/usr/local/php${PHP_VER}/bin/php-cgi${PHP_VER} ${OPTIONS} -d sendmail_path="/usr/sbin/sendmail -t -i ${SENDMAIL_ADD}" "$@") \
11< <(getent passwd $(id -u) 65534) \
12< <(getent group $(id -g) 65534) \
13< <(cat /etc/exim.jail/$(id -nu).conf 2>/dev/null)
else
exec /usr/local/php${PHP_VER}/bin/php-cgi${PHP_VER} ${OPTIONS} -d sendmail_path="/usr/sbin/sendmail -t -i ${SENDMAIL_ADD}" $@
fi

33
services/custombuild/custombuild/custombuild/configure/fastcgi/fcgid_freebsd.sh Normal file
View File

@@ -0,0 +1,33 @@
#!/bin/sh
PHP_VER=`echo $0 | grep -o '[0-9]*'`
OPTIONS=
if [ "$1" != "" ]; then
if [ -s "$1" ]; then
OPTIONS=" -c ${1} ${OPTIONS}"
fi
shift
fi
if [ "$#" -gt 0 ]; then
SENDMAIL_FROM="`echo $@ | grep -o 'sendmail_from=[^ ]*' | cut -d'\"' -f2`"
if [ "${SENDMAIL_FROM}" != "" ]; then
SENDMAIL_ADD="-f ${SENDMAIL_FROM}"
fi
else
SENDMAIL_ADD="-f admin@`hostname`"
fi
# http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
# Set desired PHP_FCGI_* environment variables.
# Example:
# PHP FastCGI processes exit after 500 requests by default.
# JE: Do not limit it to facilitate XCache (or set it really high, like 10000)
PHP_FCGI_MAX_REQUESTS=0
export PHP_FCGI_MAX_REQUESTS
# See http://www.webhostingtalk.com/archive/index.php/t-1165678.html
PHP_FCGI_CHILDREN=0
export PHP_FCGI_CHILDREN
exec /usr/local/php${PHP_VER}/bin/php-cgi${PHP_VER} ${OPTIONS} -d sendmail_path="/usr/sbin/sendmail -t -i ${SENDMAIL_ADD}" $@

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.53 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php53/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php53 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php53/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm53.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.54 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php54/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php54 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php54/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm54.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.55 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php55/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php55 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php55/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm55.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.56 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php56/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php56 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php56/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm56.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.70 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php70/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php70 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php70/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm70.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.71 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php71/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php71 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php71/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm71.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.72 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php72/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php72 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php72/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm72.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.73 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php73/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php73 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php73/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm73.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.74 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php74/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php74 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php74/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm74.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.80 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php80/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php80 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php80/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm80.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.81 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php81/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php81 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php81/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm81.conf

68
services/custombuild/custombuild/custombuild/configure/fpm/conf/php-fpm.conf.82 Normal file
View File

@@ -0,0 +1,68 @@
[global]
error_log = log/php-fpm.log
; syslog_facility is used to specify what type of program is logging the
; message. This lets syslogd specify that messages from different facilities
; will be handled differently.
; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
; Default Value: daemon
;syslog.facility = daemon
; syslog_ident is prepended to every message. If you have multiple FPM
; instances running on the same server, you can change the default value
; which must suit common needs.
; Default Value: php-fpm
;syslog.ident = php-fpm
; Log level
; Possible Values: alert, error, warning, notice, debug
; Default Value: notice
log_level = notice
;;;;;;;;;;;;;;;;;;;;
; Pool Definitions ;
;;;;;;;;;;;;;;;;;;;;
[webapps]
user = $pool
group = $pool
listen = /usr/local/php82/sockets/$pool.sock
listen.owner = $pool
listen.group = apache
listen.mode = 660
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 60
pm.max_requests = 1000
;pm.status_path = /status
;ping.path = /ping
;ping.response = pong
;access.log = log/$pool.access.log
;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
;slowlog = log/$pool.log.slow
;request_slowlog_timeout = 0
;request_terminate_timeout = 30s
security.limit_extensions = .php .php5 .php82 .inc .phtml
; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
; the current environment.
; Default Value: clean env
;env[HOSTNAME] = $HOSTNAME
;env[PATH] = /usr/local/bin:/usr/bin:/bin
;env[TMP] = /tmp
;env[TMPDIR] = /tmp
;env[TEMP] = /tmp
;php_flag[display_errors] = off
;php_admin_value[error_log] = /var/log/fpm-php.www.log
;php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 32M
;php_admin_value[open_basedir] = /tmp:/var/tmp:/var/www/html:/usr/local/php82/lib/php
; Load all DA User configs
include=/usr/local/directadmin/data/users/*/php/php-fpm82.conf

3
services/custombuild/custombuild/custombuild/configure/imagemagick/configure.imagemagick Normal file
View File

@@ -0,0 +1,3 @@
#!/bin/sh
./configure \
--prefix=/usr/local

2
services/custombuild/custombuild/custombuild/configure/modsecurity/configure.modsecurity Normal file
View File

@@ -0,0 +1,2 @@
#!/bin/sh
./configure --with-lua=/usr/local

23
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-cloudflare.conf Normal file
View File

@@ -0,0 +1,23 @@
real_ip_header X-Forwarded-For;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/13;
set_real_ip_from 104.24.0.0/14;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;

33
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-defaults.conf Normal file
View File

@@ -0,0 +1,33 @@
default_type application/octet-stream;
tcp_nopush on;
tcp_nodelay on;
sendfile on;
log_format bytes '$bytes_sent $request_length';
keepalive_timeout 15;
types_hash_max_size 2048;
disable_symlinks if_not_owner from=$document_root;
server_tokens off;
client_max_body_size 1024m;
client_body_buffer_size 128k;
server_names_hash_bucket_size 128;
server_names_hash_max_size 10240;
ssl_dhparam /etc/nginx/ssl.crt/dhparams.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
proxy_read_timeout 1800s;
# https://mozilla.github.io/server-side-tls/ssl-config-generator/ intermediate configuration.
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
include /etc/nginx/nginx-directoryindex.conf;

1
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-directoryindex.conf Normal file
View File

@@ -0,0 +1 @@
index index.html index.htm index.php;

1
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-events.conf Normal file
View File

@@ -0,0 +1 @@
worker_connections 10240;

4
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-fastcgi-cache.conf Normal file
View File

@@ -0,0 +1,4 @@
fastcgi_cache_path /var/run/nginx-fastcgi-cache levels=1:2 keys_zone=FASTCGICACHE:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;

9
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-gzip.conf Normal file
View File

@@ -0,0 +1,9 @@
gzip on;
gzip_static on;
gzip_disable "msie6";
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 1;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js image/svg+xml;
gzip_buffers 16 8k;

13
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-info.conf Normal file
View File

@@ -0,0 +1,13 @@
location /nginx_status {
# Enable nginx status page
stub_status on;
# Disable status page logging in access_log
access_log off;
# Allow access from 127.0.0.1
allow 127.0.0.1;
# Deny all the other connections
deny all;
}

27
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-modsecurity.conf Normal file
View File

@@ -0,0 +1,27 @@
# Default recommended configuration
SecRuleEngine On
SecRequestBodyAccess On
SecDefaultAction "phase:2,deny,log,status:406"
SecRequestBodyLimitAction ProcessPartial
SecResponseBodyLimitAction ProcessPartial
SecRequestBodyLimit 13107200
SecRequestBodyNoFilesLimit 131072
SecAuditLogFormat JSON
SecPcreMatchLimit 250000
SecPcreMatchLimitRecursion 250000
SecCollectionTimeout 600
SecDebugLog /var/log/nginx/modsec_debug.log
SecDebugLogLevel 0
SecAuditEngine RelevantOnly
SecAuditLog /var/log/nginx/modsec_audit.log
SecUploadDir /tmp
SecTmpDir /tmp
SecDataDir /tmp
SecTmpSaveUploadedFiles on
# ModSecurity Core Rules Set and Local configuration
Include /etc/modsecurity.d/*.conf.main
Include /etc/modsecurity.d/*.conf

20
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-userdir.conf Normal file
View File

@@ -0,0 +1,20 @@
#Support UserDir (~/user/)
location ~^/~(?<userdir_user>.+?)(?<userdir_uri>/.*)?$ {
alias /home/$userdir_user/public_html$userdir_uri;
autoindex on;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
#try_files does not work after alias directive
if (!-f $request_filename) {
return 404;
}
fastcgi_param DOCUMENT_ROOT /home/$userdir_user/public_html;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/usr/local/php54/sockets/$userdir_user.sock;
}
}

56
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx-vhosts.conf Normal file
View File

@@ -0,0 +1,56 @@
server {
listen |IP|:|PORT_80|;
listen 127.0.0.1:|PORT_80|;
listen [::1]:|PORT_80|;
|LINKEDIP|
server_name $hostname |IP|;
root /var/www/html;
include /etc/nginx/nginx-userdir.conf;
# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/usr/local/php54/sockets/webapps.sock;
}
include /etc/nginx/nginx-info.conf;
include /etc/nginx/webapps.conf;
}
# HTTPS server
#
server {
listen |IP|:|PORT_443| ssl|SPACE_HTTP2|;
listen 127.0.0.1:|PORT_443| ssl|SPACE_HTTP2|;
listen [::1]:|PORT_443| ssl|SPACE_HTTP2|;
|LINKEDIPSSL|
server_name $hostname |IP|;
ssl_certificate /etc/nginx/ssl.crt/server.crt.combined;
ssl_certificate_key /etc/nginx/ssl.key/server.key;
root /var/www/html;
include /etc/nginx/nginx-userdir.conf;
# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/usr/local/php54/sockets/webapps.sock;
}
include /etc/nginx/nginx-info.conf;
include /etc/nginx/webapps.ssl.conf;
}

31
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx.conf Normal file
View File

@@ -0,0 +1,31 @@
#user nginx;
worker_processes auto;
pid /var/run/nginx.pid;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
events {
include /etc/nginx/nginx-events.conf;
}
http {
include /etc/nginx/mime.types;
# For user configurations not maintained by DirectAdmin. Empty by default.
include /etc/nginx/nginx-includes.conf;
# Supplemental configuration
include /etc/nginx/nginx-fastcgi-cache.conf;
include /etc/nginx/nginx-cloudflare.conf;
include /etc/nginx/nginx-modsecurity-enable.conf;
include /etc/nginx/nginx-defaults.conf;
include /etc/nginx/nginx-gzip.conf;
include /etc/nginx/directadmin-ips.conf;
include /etc/nginx/directadmin-settings.conf;
include /etc/nginx/nginx-vhosts.conf;
include /etc/nginx/directadmin-vhosts.conf;
}

8
services/custombuild/custombuild/custombuild/configure/nginx/conf/nginx_limits.conf Normal file
View File

@@ -0,0 +1,8 @@
fastcgi_buffer_size 128k;
fastcgi_buffers 256 16k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_send_timeout 600;
fastcgi_read_timeout 600;
fastcgi_intercept_errors on;
fastcgi_param HTTP_PROXY "";

7
services/custombuild/custombuild/custombuild/configure/nginx/conf/webapps_settings.conf Normal file
View File

@@ -0,0 +1,7 @@
try_files $uri =404;
root /var/www/html/;
fastcgi_pass unix:/usr/local/php54/sockets/webapps.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
include /etc/nginx/nginx_limits.conf;

4
services/custombuild/custombuild/custombuild/configure/nginx/configure.modsecurity Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/sh
./configure \
--enable-standalone-module \
--disable-mlogc

20
services/custombuild/custombuild/custombuild/configure/nginx/configure.nginx Normal file
View File

@@ -0,0 +1,20 @@
#!/bin/sh
./configure \
"--user=nginx" \
"--group=nginx" \
"--prefix=/usr" \
"--sbin-path=/usr/sbin" \
"--conf-path=/etc/nginx/nginx.conf" \
"--pid-path=/var/run/nginx.pid" \
"--http-log-path=/var/log/nginx/access_log" \
"--error-log-path=/var/log/nginx/error_log" \
"--without-mail_imap_module" \
"--without-mail_smtp_module" \
"--with-http_ssl_module" \
"--with-http_realip_module" \
"--with-http_stub_status_module" \
"--with-http_gzip_static_module" \
"--with-http_dav_module" \
"--with-http_v2_module" \
"--add-module=../ngx_cache_purge" \
"--with-cc-opt='-D FD_SETSIZE=32768'"

23
services/custombuild/custombuild/custombuild/configure/nginx_reverse/conf/nginx-cloudflare.conf Normal file
View File

@@ -0,0 +1,23 @@
real_ip_header X-Forwarded-For;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/13;
set_real_ip_from 104.24.0.0/14;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;

33
services/custombuild/custombuild/custombuild/configure/nginx_reverse/conf/nginx-defaults.conf Normal file
View File

@@ -0,0 +1,33 @@
default_type application/octet-stream;
tcp_nopush on;
tcp_nodelay on;
sendfile on;
log_format bytes '$bytes_sent $request_length';
keepalive_timeout 15;
types_hash_max_size 2048;
disable_symlinks if_not_owner from=$document_root;
server_tokens off;
client_max_body_size 1024m;
client_body_buffer_size 128k;
server_names_hash_bucket_size 128;
server_names_hash_max_size 10240;
ssl_dhparam /etc/nginx/ssl.crt/dhparams.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
# https://mozilla.github.io/server-side-tls/ssl-config-generator/ intermediate configuration.
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
proxy_ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
proxy_ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
include /etc/nginx/nginx-directoryindex.conf;

1
services/custombuild/custombuild/custombuild/configure/nginx_reverse/conf/nginx-directoryindex.conf Normal file
View File

@@ -0,0 +1 @@
index index.html index.htm index.php;

1
services/custombuild/custombuild/custombuild/configure/nginx_reverse/conf/nginx-events.conf Normal file
View File

@@ -0,0 +1 @@
worker_connections 10240;

4
services/custombuild/custombuild/custombuild/configure/nginx_reverse/conf/nginx-fastcgi-cache.conf Normal file
View File

@@ -0,0 +1,4 @@
fastcgi_cache_path /var/run/nginx-fastcgi-cache levels=1:2 keys_zone=FASTCGICACHE:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;

9
services/custombuild/custombuild/custombuild/configure/nginx_reverse/conf/nginx-gzip.conf Normal file
View File

@@ -0,0 +1,9 @@
gzip on;
gzip_static on;
gzip_disable "msie6";
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 1;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js image/svg+xml;
gzip_buffers 16 8k;

Some files were not shown because too many files have changed in this diff Show More