tuend/DirectAdmin-1.62.4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
264cd752ce63ee61c1e9b18fad4f75e53c0ba637
DirectAdmin-1.62.4/services/custombuild/custombuild.bk/custombuild/build
tuend-work 264cd752ce z
2025-11-13 07:57:06 +07:00

26325 lines
881 KiB
Bash
Raw Blame History

#!/bin/sh
# This script is written by DirectAdmin and Martynas Bendorius (smtalk)
BUILDSCRIPT_VER=2.0.0
NAME=custombuild
OS=`uname`
WORKDIR=/usr/local/directadmin/${NAME}
cd ${WORKDIR}
#Added for security
chmod 700 ${WORKDIR}/build >/dev/null 2>&1
chmod 700 ${WORKDIR} >/dev/null 2>&1
#Just making sure there are no default grep options set in .bashrc
GREP_OPTIONS=""
if [ "$(id -u)" != "0" ]; then
echo "You must be root to execute the script. Exiting."
exit 1
fi
#If we have no sysbk directory (it's first entry in doAll()), we know that CB has never ran, thus it's a new install, we also have no versions.txt at the same time
if [ ! -d /usr/local/sysbk ]; then
NEW_INSTALL=true
else
NEW_INSTALL=false
fi
doHook(){
if [ ! -z "${1}" ] && [ ! -z "${2}" ]; then
if [ -d ${WORKDIR}/custom/hooks/${1}/${2} ]; then
find ${WORKDIR}/custom/hooks/${1}/${2} -type f -name '*.sh' | while read line; do
echo "Executing '$line'..."
. "$line"
done
HOOK_ERROR_CODE=$?
if [ ${HOOK_ERROR_CODE} -ne 0 ]; then
echo "Hook exited with error code: ${HOOK_ERROR_CODE}. Exiting..."
exit ${HOOK_ERROR_CODE}
fi
fi
fi
}
OPTIONS_CONF=${WORKDIR}/options.conf
PHP_EXTENSIONS_CONF=${WORKDIR}/php_extensions.conf
OPTIONS_CONF_EXISTS=1
if [ ! -e ${OPTIONS_CONF} ]; then
OPTIONS_CONF_EXISTS=0
fi
VERSIONS_FILE=${WORKDIR}/versions.txt
PATCHES_VERSIONS_FILE=${WORKDIR}/patches_versions.txt
VERSIONS_FILE_CUSTOM=${WORKDIR}/custom_versions.txt
VERSIONS_FILE_CL=${WORKDIR}/versions_cl.txt
VERSIONS_FILE_CWAF=${WORKDIR}/versions_cwaf.txt
VERSIONS_FILE_LITESPEED=${WORKDIR}/versions_litespeed.txt
LOCKFILE=${WORKDIR}/.custombuild
LOGFILE=${WORKDIR}/custombuild.log
PROFTPD_PREFIX=/usr
B64=1
DEBIAN_VERSION=/etc/debian_version
if [ -e ${DEBIAN_VERSION} ]; then
OS_DEBIAN_VER=`grep -m1 -o '^[^\.]*' ${DEBIAN_VERSION}`
export DEBIAN_FRONTEND=noninteractive
else
if [ -s /etc/os-release ]; then
OS_CENTOS_VER=`grep -m1 '^VERSION_ID=' /etc/os-release | cut -d. -f1 | cut -d'"' -f2`
else
OS_CENTOS_VER=`grep -m1 -o '[0-9]*\.[0-9]*' /etc/redhat-release | cut -d. -f1`
#CentOS Stream 8 support
if [ -z "${OS_CENTOS_VER}" ]; then
OS_CENTOS_VER=`grep -m1 -o '[0-9]*$' /etc/redhat-release`
fi
fi
if [ -e /etc/yum.repos.d/oracle-epel-ol8.repo ]; then
EPEL_REPO_NAME=ol8_developer_EPEL
else
EPEL_REPO_NAME=epel
fi
fi
if [ "$1" != "update" ]; then
if [ "${OS}" = "FreeBSD" ]; then
echo "${OS} is not supported by DirectAdmin anymore."
exit 1
elif [ -e ${DEBIAN_VERSION} ]; then
if [ "${OS_DEBIAN_VER}" = "7" ] || [ "${OS_DEBIAN_VER}" = "8" ]; then
echo "${OS} ${OS_DEBIAN_VER} is not supported by DirectAdmin anymore."
exit 1
fi
elif [ "${OS_CENTOS_VER}" = "6" ]; then
echo "RHEL/CentOS ${OS_CENTOS_VER} is not supported by DirectAdmin anymore."
exit 1
fi
fi
if uname -m | grep -qE -m1 'amd64|x86_64'; then
B64=1
elif uname -m | grep -qE -m1 'aarch64'; then
B64=2
fi
EXEC_CL_COMMANDS_ONCE=false
CL_COMPONENT_UPDATE=false
CPU_CORES=1
DA_BIN=/usr/local/directadmin/directadmin
MD5SUM=/usr/bin/md5sum
is_os_eol() {
EOL_FILE=${WORKDIR}/configure/custombuild/eol_os.txt
if [ -e ${WORKDIR}/custom/custombuild/eol_os.txt ]; then
EOL_FILE=${WORKDIR}/custom/custombuild/eol_os.txt
fi
DA_OS=`${DA_BIN} o | head -n1 | cut -d"'" -f2 | cut -d"." -f1`
if grep -m1 -q "^${DA_OS}$" ${EOL_FILE}; then
echo 1
else
echo 0
fi
return
}
EXIT_CODE=0
LANG=C
LSWS_HOME=/usr/local/lsws
# Emulate ${!variable}
eval_var() {
var=${1}
if [ -z ${var} ]; then
echo ""
else
eval newval="\$${var}"
echo $newval
fi
}
removeLockfile() {
rm -f ${LOCKFILE}
trap - INT TERM EXIT
}
kill_childs() {
if [ -s ${LOCKFILE} ]; then
CB_PID=`cat ${LOCKFILE}`
for process in `ps -ef | awk -v cb_pid=${CB_PID} '{ if ( $3 == cb_pid ) { print $2 }}'`; do
kill ${process}
done
fi
}
doKill() {
if [ -s ${LOCKFILE} ]; then
kill_childs
removeLockfile
kill -9 ${CB_PID}
exit 0
else
echo "There is no CustomBuild process running."
fi
exit 0
}
getTimezone() {
if [ -e ${DEBIAN_VERSION} ]; then
if [ -e /etc/timezone ]; then
DATETIMEZONE="`cat /etc/timezone`"
fi
else
if [ -e /etc/sysconfig/clock ]; then
DATETIMEZONE="`grep -m1 '^ZONE=' /etc/sysconfig/clock | cut -d'"' -f2 | cut -d= -f2`"
elif [ -e /usr/bin/timedatectl ]; then
DATETIMEZONE="`timedatectl | grep -m1 'Time.*zone:' | cut -d: -f2 | awk '{print $1}'`"
fi
fi
if [ "${DATETIMEZONE}" = "" ]; then
DATETIMEZONE="Europe/London"
fi
echo ${DATETIMEZONE} | awk '{print $1}'
}
random_pass() {
#No special characters yet, because they'd cause problems with regexes and PEAR::DB to split the DNS string correctly in roundcube config.inc.php
RPC=`awk -v min=10 -v max=17 'BEGIN{srand(); print int(min+rand()*(max-min+1))}'`
tr -cd 'a-zA-Z0-9' < /dev/urandom 2>/dev/null | head -c${RPC} # perl generates a random integer between 10 and 16
}
remove_file() {
if [ "$1" = "" ]; then
do_exit 1 "File not specified for remove_file..."
fi
if [ -e $1 ]; then
echo "Removing file: $1..."
rm -f $1
fi
}
remove_directory() {
if [ "$1" = "" ]; then
do_exit 1 "File not specified for remove_file..."
fi
COUNT_SLASHES="`echo \"$1\" | grep -o '/' | wc -l`"
if [ "${COUNT_SLASHES}" -lt 2 ]; then
do_exit 1 "Too dangerous path to remove: $1. Exiting..."
fi
if [ -d $1 ]; then
echo "Removing directory: $1..."
rm -rf $1
fi
}
# Systemd
SYSTEMDDIR=/etc/systemd/system
CB_SYSTEMD=${WORKDIR}/configure/systemd
CB_CUST_SYSTEMD=${WORKDIR}/custom/systemd
SYSTEMD_SCRIPTS=/usr/libexec
HOSTNAME="`hostname -f 2>/dev/null`"
if [ -z "${HOSTNAME}" ] && [ -x /usr/bin/hostnamectl ]; then
HOSTNAME=`/usr/bin/hostnamectl --static | head -n1`
if ! echo "${HOSTNAME}" | grep -m1 -q '\.'; then
HOSTNAME=`grep -m1 -o "${HOSTNAME}\.[^ ]*" /etc/hosts`
fi
fi
if [ -z "${HOSTNAME}" ]; then
HOSTNAME="your.server.com"
fi
#There are used in other sections, so must be executed everytime
PHP1_RELEASE_SET="5.3 5.4 5.5 5.6 7.0 7.1 7.2 7.3 7.4 8.0 8.1 8.2"
PHP1_SHORTRELEASE_SET="`echo ${PHP1_RELEASE_SET} | tr -d '.'`"
is_cloudlinux_solo() {
CL_SOLO_FILE=/etc/cloudlinux-edition-solo
if [ -e "$CL_SOLO_FILE" ]; then
echo 1
else
echo 0
fi
return
}
USE_ALL_SETTINGS=1
use_all_settings_toggle() {
USE_ALL_SETTINGS=0
}
GETOPT_CASE=1
getopt_case_toggle() {
GETOPT_CASE=0
}
case "$1" in
version) use_all_settings_toggle ;;
kill) use_all_settings_toggle ;;
update_da) getopt_case_toggle ;;
get_timezone) getopt_case_toggle ;;
set_versions_txt) getopt_case_toggle ;;
show_file) getopt_case_toggle ;;
esac
if [ ! -e ${OPTIONS_CONF} ]; then
USE_ALL_SETTINGS=1
fi
if [ "${USE_ALL_SETTINGS}" = "1" ]; then
#################################################
#ALL SETTINGS
#SECTIONS OF OPTIONS
ALL_SECTIONS="PHP_SETTINGS MYSQL_SETTINGS WEBSERVER_SETTINGS WEBAPPS_SETTINGS CLAMAV_SETTINGS MAIL_SETTINGS FTP_SETTINGS STATS_SETTINGS PHP_EXT_SETTINGS CUSTOMBUILD_SETTINGS CRON_SETTINGS CLOUDLINUX_SETTINGS ADVANCED_SETTINGS"
PHP_EXT_SETTINGS="BZ2 GMP IONCUBE IMAP OPCACHE HTSCANNER IGBINARY IMAGICK LDAP PHALCON REDIS SNUFFLEUPAGUS SUHOSIN XMLRPC ZEND"
PHP_SETTINGS="PHP1_RELEASE PHP1_MODE PHP2_RELEASE PHP2_MODE PHP3_RELEASE PHP3_MODE PHP4_RELEASE PHP4_MODE SECURE_PHP PHP_INI PHP_TIMEZONE PHP_INI_TYPE X_MAIL_HEADER"
MYSQL_SETTINGS="MYSQL MARIADB MYSQL_INST MYSQL_BACKUP MYSQL_BACKUP_GZIP MYSQL_BACKUP_DIR MYSQL_FORCE_COMPILE"
WEBSERVER_SETTINGS="UNIT WEBSERVER HTTP_METHODS LITESPEED_SERIALNO MODSECURITY MODSECURITY_RULESET APACHE_VER APACHE_MPM MOD_RUID2 USERDIR_ACCESS HARDEN_SYMLINKS_PATCH USE_HOSTNAME_FOR_ALIAS REDIRECT_HOST REDIRECT_HOST_HTTPS"
WEBAPPS_SETTINGS="PHPMYADMIN PHPMYADMIN_PUBLIC PHPMYADMIN_VER SQUIRRELMAIL ROUNDCUBE WEBAPPS_INBOX_PREFIX"
MAIL_SETTINGS="EXIM EXIMCONF EXIMCONF_RELEASE BLOCKCRACKING EASY_SPAM_FIGHTER SPAMD SA_UPDATE DOVECOT DOVECOT_CONF MAIL_COMPRESS PIGEONHOLE"
CLAMAV_SETTINGS="CLAMAV CLAMAV_EXIM MODSECURITY_UPLOADSCAN PROFTPD_UPLOADSCAN PUREFTPD_UPLOADSCAN SUHOSIN_PHP_UPLOADSCAN"
FTP_SETTINGS="FTPD"
STATS_SETTINGS="AWSTATS WEBALIZER"
CUSTOMBUILD_SETTINGS="CUSTOMBUILD CUSTOMBUILD_PLUGIN AUTOVER BOLD CLEAN CLEANAPACHE CLEAN_OLD_TARBALLS CLEAN_OLD_WEBAPPS DOWNLOADSERVER UNOFFICIAL_MIRRORS"
CRON_SETTINGS="CRON CRON_FREQUENCY EMAIL NOTIFICATIONS UPDATES WEBAPPS_UPDATES"
CLOUDLINUX_SETTINGS="CLOUDLINUX CLOUDLINUX_BETA CAGEFS"
ADVANCED_SETTINGS="CSF CURL SSL_CONFIGURATION REDIS"
PHP_EXT_SETTINGS_DESC="PHP Extension Settings"
PHP_SETTINGS_DESC="PHP Settings"
MYSQL_SETTINGS_DESC="MySQL Settings"
WEBSERVER_SETTINGS_DESC="WEB Server Settings"
WEBAPPS_SETTINGS_DESC="WEB Applications Settings"
CLAMAV_SETTINGS_DESC="ClamAV-related Settings"
MAIL_SETTINGS_DESC="Mail Settings"
FTP_SETTINGS_DESC="FTP Settings"
STATS_SETTINGS_DESC="Statistics Settings"
CUSTOMBUILD_SETTINGS_DESC="CustomBuild Settings"
CRON_SETTINGS_DESC="Cronjob Settings"
CLOUDLINUX_SETTINGS_DESC="CloudLinux Settings"
ADVANCED_SETTINGS_DESC="Advanced Settings"
YESNO_SET="yes no"
#OPTIONS.CONF
PHP1_RELEASE_DEF="8.1"
PHP1_MODE_SET="php-fpm fastcgi suphp lsphp mod_php"
PHP1_MODE_DEF="lsphp"
PHP1_RELEASE_DESC="Default version of PHP."
PHP1_MODE_DESC="Mode of the default PHP version. lsphp is only compatible with LiteSpeed, OpenLiteSpeed WWW servers or CloudLinux+Apache except CloudLinux Solo Edition. For nginx (not as a reverse proxy for apache) php-fpm must be chosen."
PHP2_RELEASE_SET="${PHP1_RELEASE_SET} no"
PHP2_RELEASE_DEF="no"
PHP2_MODE_SET="php-fpm fastcgi suphp lsphp"
PHP2_MODE_DEF="php-fpm"
PHP2_RELEASE_DESC="Additional version of PHP."
PHP2_MODE_DESC="Mode of the additional PHP version."
PHP3_RELEASE_SET="${PHP2_RELEASE_SET}"
PHP3_RELEASE_DEF="${PHP2_RELEASE_DEF}"
PHP3_MODE_SET="${PHP2_MODE_SET}"
PHP3_MODE_DEF="${PHP2_MODE_DEF}"
PHP3_RELEASE_DESC="${PHP2_RELEASE_DESC}"
PHP3_MODE_DESC="${PHP2_MODE_DESC}"
PHP4_RELEASE_SET="${PHP2_RELEASE_SET}"
PHP4_RELEASE_DEF="${PHP2_RELEASE_DEF}"
PHP4_MODE_SET="${PHP2_MODE_SET}"
PHP4_MODE_DEF="${PHP2_MODE_DEF}"
PHP4_RELEASE_DESC="${PHP2_RELEASE_DESC}"
PHP4_MODE_DESC="${PHP2_MODE_DESC}"
SECURE_PHP_SET="${YESNO_SET}"
SECURE_PHP_DEF="no"
SECURE_PHP_DESC="Disable dangerous PHP functions."
EOL_COMMENT="Not in active development anymore, thus not recommended."
#php_extensions.conf things start with PHP_, but they're listed without PHP_ inside the file
PHP_HTSCANNER_SET="${YESNO_SET}"
PHP_HTSCANNER_DEF="no"
PHP_HTSCANNER_DESC="htscanner for Apache (allows to confige php in .htaccess files using PHP)."
PHP_BZ2_SET="${YESNO_SET}"
PHP_BZ2_DEF="no"
PHP_BZ2_DESC="Bz2 extension for PHP."
PHP_GMP_SET="${YESNO_SET}"
PHP_GMP_DEF="no"
PHP_GMP_DESC="GMP extension for PHP."
PHP_LDAP_SET="${YESNO_SET}"
PHP_LDAP_DEF="no"
PHP_LDAP_DESC="LDAP extension for PHP."
PHP_OPCACHE_SET="${YESNO_SET}"
PHP_OPCACHE_DEF="yes"
PHP_OPCACHE_DESC="opCache opcode cacher for PHP."
PHP_IONCUBE_SET="${YESNO_SET}"
PHP_IONCUBE_DEF="yes"
PHP_IONCUBE_DESC="PHP loader for ionCube Secured Files."
PHP_IMAGICK_SET="${YESNO_SET}"
PHP_IMAGICK_DEF="no"
PHP_IMAGICK_DESC="ImageMagick extension for PHP."
PHP_PSR_SET="${YESNO_SET}"
PHP_PSR_DEF="no"
PHP_PSR_DESC="Psr extension for PHP."
PHP_PHALCON_SET="${YESNO_SET}"
PHP_PHALCON_DEF="no"
PHP_PHALCON_DESC="Phalcon extension for PHP."
PHP_REDIS_SET="${YESNO_SET}"
PHP_REDIS_DEF="no"
PHP_REDIS_DESC="Redis extension for PHP."
PHP_READLINE_SET="${YESNO_SET}"
PHP_READLINE_DEF="no"
PHP_READLINE_DESC="Readline extension for PHP."
PHP_IMAP_SET="${YESNO_SET}"
PHP_IMAP_DEF="no"
PHP_IMAP_DESC="IMAP extension for PHP."
PHP_XMLRPC_SET="${YESNO_SET}"
PHP_XMLRPC_DEF="no"
PHP_XMLRPC_DESC="XMLRPC extension for PHP."
PHP_SNUFFLEUPAGUS_SET="${YESNO_SET}"
PHP_SNUFFLEUPAGUS_DEF="no"
PHP_SNUFFLEUPAGUS_DESC="Snuffleupagus security module."
PHP_IGBINARY_SET="${YESNO_SET}"
PHP_IGBINARY_DEF="no"
PHP_IGBINARY_DESC="Drop in replacement for the standard php serializer."
PHP_SUHOSIN_SET="${YESNO_SET}"
PHP_SUHOSIN_DEF="no"
PHP_SUHOSIN_DESC="Suhosin advanced protection system for PHP. ${EOL_COMMENT}"
PHP_ZEND_SET="${YESNO_SET}"
PHP_ZEND_DEF="yes"
PHP_ZEND_DESC="Zend Guard Loader is a free runtime application that enables PHP to run the scripts encoded by Zend Guard. ${EOL_COMMENT}"
###end of php_extensions.conf
PHP_INI_SET="${YESNO_SET}"
PHP_INI_DEF="no"
PHP_INI_DESC="Enables ability to update php.ini file of PHP (rewrites any customizations!)."
PHP_TIMEZONE_SET="userinput"
PHP_TIMEZONE_DEF="$(getTimezone)"
PHP_TIMEZONE_DESC="date.timezone setting in php.ini file of PHP. https://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone."
PHP_INI_TYPE_SET="production development"
PHP_INI_TYPE_DEF="production"
PHP_INI_TYPE_DESC="Type of php.ini file. php.ini-development contains settings recommended for use in development environments. php.ini-production contains settings recommended for use in production environments."
REDIS_SET="${YESNO_SET}"
REDIS_DEF="no"
REDIS_DESC="Redis key-value database."
SUHOSIN_PHP_UPLOADSCAN_SET="${YESNO_SET}"
SUHOSIN_PHP_UPLOADSCAN_DEF="no"
SUHOSIN_PHP_UPLOADSCAN_DESC="Scan PHP uploaded scripts using suhosin upload verification script and ClamAV antivirus (clamdscan). ClamAV must be installed and suhosin option should be enabled for the setting to work."
#OUTPUT AS x-mail-header
X_MAIL_HEADER_SET="${YESNO_SET}"
X_MAIL_HEADER_DEF="yes"
X_MAIL_HEADER_DESC="mail.add_x_header setting in php.ini file of PHP. https://www.php.net/manual/en/mail.configuration.php#ini.mail.add-x-header"
UNIT_SET="${YESNO_SET}"
UNIT_DEF="no"
UNIT_DESC="Nginx Unit. Dynamic Application Server. ALPHA support."
WEBSERVER_SET="apache nginx nginx_apache litespeed openlitespeed"
WEBSERVER_DEF="openlitespeed"
WEBSERVER_DESC="WWW Server."
HTTP_METHODS_SET="userinput"
HTTP_METHODS_DEF="ALL"
HTTP_METHODS_DESC="Allowed HTTP methods. Enabled with rewrite_confs or webserver update."
LITESPEED_SERIALNO_SET="userinput"
LITESPEED_SERIALNO_DEF="trial"
LITESPEED_SERIALNO_DESC="Serial number of LiteSpeed Enterprise license."
MODSECURITY_SET="${YESNO_SET}"
MODSECURITY_DEF="no"
MODSECURITY_DESC="ModSecurity - Web application firewall."
MODSECURITY_RULESET_SET="comodo owasp no"
MODSECURITY_RULESET_DEF="owasp"
MODSECURITY_RULESET_DESC="ModSecurity rule set. Set to 'no' to use no ruleset. Comodo option provides Comodo Rule Set for ModSecurity: https://modsecurity.comodo.com/. OWASP ModSecurity Core Rule Set: https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project. Add custom rules to custom/modsecurity/conf, they'd be added automatically to /etc/modsecurity.d after './build modsecurity' or './build modsecurity_rules' is ran."
APACHE_VER_SET="2.4"
APACHE_VER_DEF="2.4"
APACHE_VER_DESC="Apache version."
APACHE_MPM_SET="prefork event worker auto"
APACHE_MPM_DEF="auto"
APACHE_MPM_DESC="Apache Multi-Processing Module. 'auto' mode sets MPM to be Prefork if PHP as mod_php is chosen, because this way PHP is not thread-safe. Otherwise Event MPM is set."
USERDIR_ACCESS_SET="${YESNO_SET}"
USERDIR_ACCESS_DEF="no"
USERDIR_ACCESS_DESC="Allows accessing contents of public_html using https://hostname/~user, if enabled."
MOD_RUID2_SET="${YESNO_SET}"
#mod_ruid2 segfaults on debian, centos8
MOD_RUID2_DEF="no"
MOD_RUID2_DESC="mod_ruid2 is an Apache extension that allows requests to a domain to run as the owner of that domain, instead of the Apache user. Not supported on newer Debian/AlmaLinux systems."
#OUTPUT as harden-symlinks-patch
HARDEN_SYMLINKS_PATCH_SET="${YESNO_SET}"
HARDEN_SYMLINKS_PATCH_DEF="yes"
HARDEN_SYMLINKS_PATCH_DESC="Patches apache to include hardened symlinks patch. https://da-mirror.wpcloud.vn/services/custombuild/harden-symlinks-2.4.patch."
USE_HOSTNAME_FOR_ALIAS_SET="${YESNO_SET} auto"
USE_HOSTNAME_FOR_ALIAS_DEF="no"
USE_HOSTNAME_FOR_ALIAS_DESC="Redirects WEB appplications addresses to server hostname. Useful with FastCGI mode of PHP ('auto' option enables it for FastCGI mode of PHP only)."
REDIRECT_HOST_SET="userinput"
REDIRECT_HOST_DEF="${HOSTNAME}"
REDIRECT_HOST_DESC="Hostname used for use_hostname_for_alias setting."
REDIRECT_HOST_HTTPS_SET="${YESNO_SET}"
REDIRECT_HOST_HTTPS_DEF="no"
REDIRECT_HOST_HTTPS_DESC="Enables SSL redirection for use_hostname_for_alias setting."
MYSQL_INST_SET="mysql mariadb no"
if [ -e /root/.skip_mysql_install ]; then
MYSQL_INST_DEF="no"
else
MYSQL_INST_DEF="mariadb"
fi
MYSQL_INST_DESC="Enables management of MySQL/MariaDB using CustomBuild."
MYSQL_DESC="MySQL version."
MARIADB_DESC="MariaDB version."
MYSQL_BACKUP_SET="${YESNO_SET}"
MYSQL_BACKUP_DEF="yes"
MYSQL_BACKUP_DESC="Backups MySQL databases before the installation of MySQL/MariaDB server."
MYSQL_BACKUP_GZIP_SET="${YESNO_SET}"
MYSQL_BACKUP_GZIP_DEF="no"
MYSQL_BACKUP_GZIP_DESC="Compress MySQL database backups."
MYSQL_BACKUP_DIR_SET="userinput"
MYSQL_BACKUP_DIR_DEF="/usr/local/directadmin/custombuild/mysql_backups"
MYSQL_BACKUP_DIR_DESC="Sets full path for mysql_backup option were MySQL backups should be placed."
MYSQL_FORCE_COMPILE_SET="${YESNO_SET}"
MYSQL_FORCE_COMPILE_DEF="no"
if [ "${B64}" = "2" ]; then
MYSQL_FORCE_COMPILE_DEF="yes"
fi
MYSQL_FORCE_COMPILE_DESC="Force compilation of MySQL/MariaDB instead of using system packages (RPM, DEB)"
PHPMYADMIN_SET="${YESNO_SET}"
if [ -e /root/.skip_mysql_install ]; then
PHPMYADMIN_DEF="no"
else
PHPMYADMIN_DEF="yes"
fi
PHPMYADMIN_DESC="Enables management of phpMyAdmin (Web application to manage MySQL databases) using CustomBuild."
PHPMYADMIN_PUBLIC_SET="${YESNO_SET}"
PHPMYADMIN_PUBLIC_DEF="yes"
PHPMYADMIN_PUBLIC_DESC="Makes phpMyAdmin accessible over /phpMyAdmin/ for everyone, if set to 'yes'. Setting this option to 'no' would make it available only from DirectAdmin (single-sign-on)."
PHPMYADMIN_VER_SET="3 4 5"
PHPMYADMIN_VER_DEF="5"
PHPMYADMIN_VER_DESC="Selects the version of phpMyAdmin to install. Takes effect only when phpmyadmin option is enabled."
SQUIRRELMAIL_SET="${YESNO_SET}"
SQUIRRELMAIL_DEF="no"
SQUIRRELMAIL_DESC="Enables management of SquirrelMail webmail using CustomBuild."
ROUNDCUBE_SET="${YESNO_SET}"
if [ -e /root/.skip_mysql_install ]; then
ROUNDCUBE_DEF="no"
else
ROUNDCUBE_DEF="yes"
fi
ROUNDCUBE_DESC="Enables management of RoundCube webmail using CustomBuild."
WEBAPPS_INBOX_PREFIX_SET="${YESNO_SET}"
WEBAPPS_INBOX_PREFIX_DEF="no"
WEBAPPS_INBOX_PREFIX_DESC="Adds INBOX. prefix to all of the mailbox folders in SquirrelMail/RoundCube (like: INBOX.Sent instead of just Sent)"
EXIM_SET="${YESNO_SET}"
EXIM_DEF="yes"
EXIM_DESC="Enables management of Exim MTA (Mail Transfer Agent) using CustomBuild."
EXIMCONF_SET="${YESNO_SET}"
EXIMCONF_DEF="yes"
EXIMCONF_DESC="Enables ability to update exim.conf and exim.pl files of Exim MTA (rewrites any customizations!)."
EXIMCONF_RELEASE_SET="4.5"
EXIMCONF_RELEASE_DEF="4.5"
EXIMCONF_RELEASE_DESC="Sets appopriate version of exim.conf to update."
BLOCKCRACKING_SET="${YESNO_SET}"
BLOCKCRACKING_DEF="no"
BLOCKCRACKING_DESC="Enables BlockCracking in exim.conf for outgoing spam mitigation. Requires exim configuration version 4.3 or higher. More information: https://forum.directadmin.com/showthread.php?t=50059."
EASY_SPAM_FIGHTER_SET="${YESNO_SET}"
EASY_SPAM_FIGHTER_DEF="no"
EASY_SPAM_FIGHTER_DESC="Enables Easy Spam Figher in exim.conf for incoming spam mitigation. Requires exim configuration version 4.3 or higher. More information: https://forum.directadmin.com/showthread.php?t=50059."
CLAMAV_SET="${YESNO_SET}"
CLAMAV_DEF="no"
CLAMAV_DESC="Enables management of ClamAV antivirus engine using CustomBuild. Enables ClamAV automatically in Exim configuration."
CLAMAV_EXIM_SET="${YESNO_SET}"
CLAMAV_EXIM_DEF="yes"
CLAMAV_EXIM_DESC="Enables ClamAV automatically in Exim configuration together with the installation of ClamAV."
SPAMD_SET="rspamd spamassassin no"
SPAMD_DEF="no"
SPAMD_DESC="Enables management of Rspamd or SpamAssassin spam filters using CustomBuild. Enables Rspamd or SpamAssassin automatically in Exim configuration."
SA_UPDATE_SET="no daily weekly monthly"
SA_UPDATE_DEF="daily"
SA_UPDATE_DESC="Installs a cronjob for sa-update to update SpamAssassin Spam Filter Rules daily, weekly or monthly using CustomBuild. Takes effect only if SpamAssassin is enabled on the server, at the installation time of SpamAssassin, CustomBuild cronjob or 'spamassassin_cron' call."
DOVECOT_SET="${YESNO_SET}"
DOVECOT_DEF="yes"
DOVECOT_DESC="Enables management of Dovecot IMAP and POP3 email server using CustomBuild."
DOVECOT_CONF_SET="${YESNO_SET}"
DOVECOT_CONF_DEF="yes"
DOVECOT_CONF_DESC="Enables management of Dovecot configuration files using CustomBuild."
PIGEONHOLE_SET="${YESNO_SET}"
PIGEONHOLE_DEF="yes"
PIGEONHOLE_DESC="Enables management of Pigeonhole (enables Sieve language and the ManageSieve protocol, allows users to configure email filtering in their email clients) for Dovecot IMAP and POP3 email server using CustomBuild. When this setting is enabled, Pigeonhole is enabled with update/installation of Dovecot. RoundCube plugin to manage email filtering is enabled with update/installation of RoundCube."
MAIL_COMPRESS_SET="${YESNO_SET}"
MAIL_COMPRESS_DEF="no"
MAIL_COMPRESS_DESC="Enables gzip compression for new emails (using zlib in dovecot). Compressed emails take less space (when testing, compressed mail folders took ~20% of their initial disk space). To compress old emails manual action is needed (script to automate the process: dovecot_compress.sh)."
AWSTATS_SET="${YESNO_SET}"
AWSTATS_DEF="no"
AWSTATS_DESC="Enables management of AWstats (generates advanced web server statistics graphically) using CustomBuild."
WEBALIZER_SET="${YESNO_SET}"
WEBALIZER_DEF="yes"
WEBALIZER_DESC="Enables management of Webalizer (generates advanced web server statistics graphically) using CustomBuild."
MODSECURITY_UPLOADSCAN_SET="${YESNO_SET}"
MODSECURITY_UPLOADSCAN_DEF="no"
MODSECURITY_UPLOADSCAN_DESC="Scan HTTP uploaded files using ClamAV, when ModSecurity is enabled. ClamAV needs to be installed for this setting to work."
FTPD_SET="proftpd pureftpd no"
FTPD_DEF="pureftpd"
FTPD_DESC="FTP Server."
PUREFTPD_UPLOADSCAN_SET="${YESNO_SET}"
PUREFTPD_UPLOADSCAN_DEF="no"
PUREFTPD_UPLOADSCAN_DESC="Scan FTP uploaded files in Pure-FTPd using ClamAV. ClamAV needs to be installed for this setting to work."
PROFTPD_UPLOADSCAN_SET="${YESNO_SET}"
PROFTPD_UPLOADSCAN_DEF="no"
PROFTPD_UPLOADSCAN_DESC="Scan FTP uploaded files in ProFTPd using ClamAV. ClamAV needs to be installed for this setting to work."
CURL_SET="${YESNO_SET}"
CURL_DEF="no"
CURL_DESC="Enables management of cURL (library and command-line tool for transferring data using various protocols) using CustomBuild."
SSL_CONFIGURATION_SET="modern intermediate old"
SSL_CONFIGURATION_DEF="intermediate"
SSL_CONFIGURATION_DESC="Auto-generated SSL ciphers/protocol list used in configuration, based on https://ssl-config.mozilla.org/."
CUSTOMBUILD_SET="1.1 1.2 2.0"
CUSTOMBUILD_DEF="2.0"
CUSTOMBUILD_DESC="CustomBuild version to be used. WARNING: not recommended to change the setting without deep knowledge about upgrade/downgrade of the CustomBuild script."
CUSTOMBUILD_PLUGIN_SET="${YESNO_SET}"
CUSTOMBUILD_PLUGIN_DEF="yes"
CUSTOMBUILD_PLUGIN_DESC="CustomBuild plugin, shown in DirectAdmin admin level."
AUTOVER_SET="${YESNO_SET}"
AUTOVER_DEF="no"
AUTOVER_DESC="Updates versions.txt file (latest versions of the packages are listed there) with every execution of the CustomBuild script."
BOLD_SET="${YESNO_SET}"
BOLD_DEF="yes"
BOLD_DESC="Enables bold effect for important output in terminal."
CLEAN_SET="${YESNO_SET}"
CLEAN_DEF="yes"
CLEAN_DESC="Cleans not needed folders in the CustomBuild directory. Folders are often left from the previous packge installations."
CLEANAPACHE_SET="${YESNO_SET}"
CLEANAPACHE_DEF="yes"
CLEANAPACHE_DESC="Removes Apache directory when the installation is finished. Takes effect only when 'clean' option is enabled."
CLEAN_OLD_TARBALLS_SET="${YESNO_SET}"
CLEAN_OLD_TARBALLS_DEF="yes"
CLEAN_OLD_TARBALLS_DESC="Removes tarballs of old (unused) packages."
CLEAN_OLD_WEBAPPS_SET="${YESNO_SET}"
CLEAN_OLD_WEBAPPS_DEF="yes"
CLEAN_OLD_WEBAPPS_DESC="Removes old WEB application folders from /var/www/html. Takes effect when any WEB application is installed/updated."
DOWNLOADSERVER_SET="da-mirror.wpcloud.vn"
if [ -s ${WORKDIR}/servers.txt ]; then
DOWNLOADSERVER_SET="da-mirror.wpcloud.vn `awk '{ printf "%s ", $0 }' ${WORKDIR}/servers.txt`"
fi
DOWNLOADSERVER_DEF="da-mirror.wpcloud.vn"
DOWNLOADSERVER_DESC="Sets which download server to use to download files needed by the CustomBuild script. Any other server than ${DOWNLOADSERVER_DEF} may take 24 hours for latest files to be synced, however they may have better speeds than ${DOWNLOADSERVER_DEF}."
UNOFFICIAL_MIRRORS_SET="${YESNO_SET}"
UNOFFICIAL_MIRRORS_DEF="no"
UNOFFICIAL_MIRRORS_DESC="Enables the use of unofficial mirror. DirectAdmin is not responsible for the content hosted there. Not recommended to use."
CRON_SET="${YESNO_SET}"
CRON_DEF="yes"
CRON_DESC="Enables cronjob for CustomBuild scheduled jobs set."
CRON_FREQUENCY_SET="daily weekly monthly"
CRON_FREQUENCY_DEF="daily"
CRON_FREQUENCY_DESC="Sets the execution frequency of the Cronjob (scheduled jobs). Takes effect only when the 'cron' option is enabled."
EMAIL_SET="userinput"
EMAIL_DEF="email@domain.com"
EMAIL_DESC="Sets the email for notifications about the updates available. Takes effect only when 'cron' and 'notifications' options are enabled."
NOTIFICATIONS_SET="${YESNO_SET}"
NOTIFICATIONS_DEF="no"
NOTIFICATIONS_DESC="Sets the email for notifications about the updates available. Takes effect only when 'cron' option is enabled."
UPDATES_SET="${YESNO_SET}"
UPDATES_DEF="no"
UPDATES_DESC="Enables automatic updates of all available to update packages managed by the CustomBuild script. Takes effect only when 'cron' option is enabled. WARNING: not recommended in production!"
WEBAPPS_UPDATES_SET="${YESNO_SET}"
WEBAPPS_UPDATES_DEF="no"
WEBAPPS_UPDATES_DESC="Enables automatic updates of all WEB applications enabled. Takes effect only when 'cron' option is enabled."
CSF_SET="${YESNO_SET}"
CSF_DEF="no"
CSF_DESC="Enables ConfigServer Security & Firewall (csf)."
CLOUDLINUX_SET="${YESNO_SET}"
if uname -a | grep -m1 -q '\.lve' || uname -a | grep -m1 -q 'el7h'; then
CLOUDLINUX_DEF="yes"
else
CLOUDLINUX_DEF="no"
fi
CLOUDLINUX_DESC="Enables CloudLinux support in the CustomBuild script (automatic patching using CloudLinux patches for specific components). NOTE: CloudLinux needs to be installed on the system. https://www.cloudlinux.com."
CLOUDLINUX_BETA_SET="${YESNO_SET}"
CLOUDLINUX_BETA_DEF="no"
CLOUDLINUX_BETA_DESC="Enables BETA repository for CloudLinux packages. NOTE: CloudLinux needs to be installed on the system. https://www.cloudlinux.com."
CAGEFS_SET="${YESNO_SET}"
if [ -x /usr/sbin/cagefsctl ]; then
CAGEFS_DEF="yes"
else
CAGEFS_DEF="no"
fi
CAGEFS_DESC="Enables support of CageFS component by CloudLinux in the CustomBuild script (automatic updating of files in CageFS using 'cagefsctl --force-update'). NOTE: CloudLinux needs to be installed on the system. https://www.cloudlinux.com."
fi
#################################################
showVersion() {
echo "${BUILDSCRIPT_VER} (rev: 2945)"
}
if [ ! -d ${WORKDIR}/patches ]; then
mkdir -p ${WORKDIR}/patches
chmod 700 ${WORKDIR}/patches
fi
doCSFpignore() {
CSF_PIGNORE="/etc/csf/csf.pignore"
CSF_PIGNORE_SOURCE="${WORKDIR}/configure/csf.pignore"
if [ -s ${WORKDIR}/custom/csf.pignore ]; then
CSF_PIGNORE_SOURCE="${WORKDIR}/custom/csf.pignore"
fi
if [ -s ${CSF_PIGNORE} ] && [ -s ${CSF_PIGNORE_SOURCE} ]; then
#very nice&quick way to add missing lines in destination file
grep -x -f ${CSF_PIGNORE_SOURCE} ${CSF_PIGNORE} | awk 'FNR==NR{a[$0]; next} !($0 in a)' - ${CSF_PIGNORE_SOURCE} >> ${CSF_PIGNORE}
#if file has been edited - restart lfd (suppress errors/warnings, as it could be disabled)
find ${CSF_PIGNORE} -mmin -1 -type f -print -exec csf --lfd restart 2>&1 >/dev/null \;
fi
}
initLogfile() {
LOG_IP=localhost
if [ `who | wc -l` -gt 0 ]; then
LOG_IP=`echo $SSH_CLIENT | cut -d' ' -f1`
fi
if [ ! -e ${LOGFILE} ]; then
touch ${LOGFILE}
chmod 600 ${LOGFILE}
else
LOGSIZE=`stat -c %s ${LOGFILE}`
#Rotate the logfile if the filesize is >10MB
if [ ${LOGSIZE} -gt 10485760 ]; then
rm -f ${LOGFILE}.1
mv ${LOGFILE} ${LOGFILE}.1
touch ${LOGFILE}
chmod 600 ${LOGFILE}
fi
fi
}
if [ "`grep -c processor /proc/cpuinfo`" -gt 0 ]; then
CPU_CORES="`grep -c processor /proc/cpuinfo`"
fi
MEMORY=`grep -m1 'MemTotal' /proc/meminfo | awk '{print $2}'`
#Avoid OOM by making CB not cross-compile on boxes with low amount of memory
if [ ! -z "${MEMORY}" ]; then
if [ ${MEMORY} -lt 2097152 ]; then
CPU_CORES=1
fi
fi
#check path for /usr/local/bin
if ! echo "${PATH}" | grep -qF -m1 '/usr/local/bin:'; then
export PATH=/usr/local/bin:$PATH
fi
#check PKG_CONFIG_PATH for /usr/local/lib/pkgconfig
if ! echo "${PKG_CONFIG_PATH}" | grep -qF -m1 '/usr/local/lib/pkgconfig:'; then
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig:${PKG_CONFIG_PATH}
fi
# Main variables
HTTPDDIR=/etc/httpd
HTTPDCONF=/etc/httpd/conf
HTTPD_CONF=${HTTPDCONF}/httpd.conf
PHPMODULES=${HTTPDCONF}/extra/httpd-phpmodules.conf
NGINXCONF=/etc/nginx
WWWDIR=/var/www/html
DACONF_FILE=/usr/local/directadmin/conf/directadmin.conf
DACONF_TEMPLATE_FILE=/usr/local/directadmin/data/templates/directadmin.conf
DA_MY_CNF=/usr/local/directadmin/conf/my.cnf
SERVICES=/usr/local/directadmin/data/admin/services.status
TASK_QUEUE=/usr/local/directadmin/data/task.queue.cb
DOVECOT_CONFIG=/etc/dovecot/dovecot.conf
SKIP_CMD_OPTIONS=0
skip_cmd_toggle() {
SKIP_CMD_OPTIONS=1
}
case "$1" in
"") skip_cmd_toggle ;;
opt_help) skip_cmd_toggle ;;
set) skip_cmd_toggle ;;
set_php) skip_cmd_toggle ;;
get_versions_txt) skip_cmd_toggle ;;
update_script) skip_cmd_toggle ;;
version) skip_cmd_toggle ;;
kill) skip_cmd_toggle ;;
update_da) skip_cmd_toggle ;;
list_configs_json) skip_cmd_toggle ;;
settings_json) skip_cmd_toggle ;;
get_timezone) skip_cmd_toggle ;;
custom_config) skip_cmd_toggle ;;
set_versions_txt) skip_cmd_toggle ;;
show_component_config) skip_cmd_toggle ;;
remove_customized_config) skip_cmd_toggle ;;
show_file) skip_cmd_toggle ;;
check_options) skip_cmd_toggle ;;
update) skip_cmd_toggle ;;
update_data) skip_cmd_toggle ;;
gen_help_json) skip_cmd_toggle ;;
versions_json) skip_cmd_toggle ;;
versions_ajax) skip_cmd_toggle ;;
versions_nobold) skip_cmd_toggle ;;
versions) skip_cmd_toggle ;;
gen_help) skip_cmd_toggle ;;
list_removals) skip_cmd_toggle ;;
list_removals_json) skip_cmd_toggle ;;
remove_items) skip_cmd_toggle ;;
esac
IPV6=0
if [ "${SKIP_CMD_OPTIONS}" = "0" ]; then
if [ -e ${DA_BIN} ]; then
IPV6=`${DA_BIN} c | grep -m1 '^ipv6=' | cut -d= -f2`
fi
fi
CWD=${WORKDIR}
FORCE=0
HIDE_CHANGES=0
# Applications variables
APPUSER=webapps
APPGROUP=${APPUSER}
APP_TMP=/var/www/tmp
STRINGS=/usr/bin/strings
MYSQL_DATA=/var/lib/mysql
if [ -e /etc/debian_version ]; then
# If /var/lib/mysql doesn't exist, and /home/mysql is there - our datadir is /home/mysql, used on very old boxes only
if [ -d /home/mysql ] && [ ! -d /var/lib/mysql/mysql ]; then
MYSQL_DATA=/home/mysql
fi
MYSQL_BIN=/usr/local/mysql/bin/mysql
elif [ -x /usr/local/mysql/bin/mysql ]; then
MYSQL_BIN=/usr/local/mysql/bin/mysql
elif [ ! -x /usr/bin/mysql ] && [ "${OS_CENTOS_VER}" != "7" ] && [ "${OS_CENTOS_VER}" != "8" ]; then
MYSQL_BIN=/usr/local/mysql/bin/mysql
else
MYSQL_BIN=/usr/bin/mysql
fi
#Check if mysql database exists
if [ -d ${MYSQL_DATA}/mysql ]; then
SQL_PATH_IS_EMPTY=false
else
SQL_PATH_IS_EMPTY=true
fi
CURL_CONNECT_OPTIONS="-L --progress-bar --connect-timeout 5 --retry 3 --fail"
#$1 = https://files1.da.com/some/exim.conf
#$2 = /etc/exim.conf
safeDownloadWithMove() {
OUTPUT_FILE=$1
DOWNLOAD_URL=$2
GLOBAL_TMP=${CWD}/temp
if [ ! -d "${GLOBAL_TMP}" ]; then
mkdir -p "${GLOBAL_TMP}"
fi
TMP_FILE=$(mktemp --tmpdir=${GLOBAL_TMP} --suffix=safeDownloadWithMove)
if [ -z "${TMP_FILE}" ]; then
do_exit 1 "Unable to create temporary file ${TMP_FILE}, exiting..."
fi
TRY=0
while ! curl ${CURL_CONNECT_OPTIONS} -o "${TMP_FILE}" "${DOWNLOAD_URL}"; do
echo "Download of ${DOWNLOAD_URL} failed, re-downloading the file..."
TRY=`expr ${TRY} + 1`
if [ ${TRY} -eq 4 ]; then
rm -f "${TMP_FILE}"
do_exit 1 "Download of ${DOWNLOAD_URL} failed ${TRY} times, exiting..."
fi
done
if ! mv -f "${TMP_FILE}" "${OUTPUT_FILE}"; then
rm -f "${TMP_FILE}"
do_exit 1 "Move from ${TMP_FILE} to ${OUTPUT_FILE} failed, exiting..."
fi
}
MARIADB_DEF="10.6"
MYSQL_DEF="5.7"
if [ "${OS_CENTOS_VER}" = "8" ]; then
#We don't have RPMs for EL8 of older versions in our mirrors
MARIADB_SET="10.3 10.4 10.5 10.6"
MYSQL_SET="8.0"
MYSQL_DEF="8.0"
elif [ "${OS_CENTOS_VER}" = "9" ]; then
#Even if we use binaries there, we still want to stay rpm-compatible
MARIADB_SET="10.6"
MYSQL_DEF="10.6"
MYSQL_SET="8.0"
MYSQL_DEF="8.0"
else
MARIADB_SET="5.5 10.0 10.1 10.2 10.3 10.4 10.5 10.6"
MYSQL_SET="5.5 5.6 5.7 8.0"
fi
# Check if workdir exists
if [ ! -d ${WORKDIR} ]; then
do_exit 1 "Directory ${WORKDIR} does not exist."
fi
file_mtime="stat --format=%Y"
set_LoadModule() {
# Add to httpd-phpmodules.conf
MODULE_NAME=$1
MODULE_FILENAME=$2
MODULE_FULLPATH=/usr/lib/apache/${MODULE_FILENAME}
if ! grep -m1 -q " ${MODULE_NAME} " ${PHPMODULES} && [ -e ${MODULE_FULLPATH} ]; then
echo "LoadModule ${MODULE_NAME} /usr/lib/apache/${MODULE_FILENAME}" >> ${PHPMODULES}
fi
perl -pi -e "s|^LoadModule ${MODULE_NAME}|#LoadModule ${MODULE_NAME}|g" /etc/httpd/conf/httpd.conf
}
ensure_my_cnf() {
#1 = path to cnf
#2 = user
#3 = pass
#4 = optional source file to compare with. update 1 if 4 is newer.
# host will be on the command line, as that's how DA already does it.
E_MY_CNF=$1
E_MY_CNF_DIR="`dirname ${E_MY_CNF}`"
if [ ! -d ${E_MY_CNF_DIR} ]; then
mkdir -p ${E_MY_CNF_DIR}
fi
W=0
if [ ! -s ${E_MY_CNF} ]; then
W=1
fi
if [ "${W}" = "0" ] && [ "${4}" != "" ]; then
if [ ! -s $4 ]; then
if [ -d "${MYSQL_DATA}" ]; then
echo "ensure_my_cnf: cannot find $4"
fi
W=1
else
MY_CNF_T=`${file_mtime} ${E_MY_CNF}`
SRC_CNF_T=`${file_mtime} ${4}`
if [ "${MY_CNF_T}" -lt "${SRC_CNF_T}" ]; then
echo "Found outdated ${E_MY_CNF}. Rewriting from ${4}"
W=1
fi
fi
fi
if [ "${W}" = "1" ]; then
echo '[client]' > ${E_MY_CNF}
chmod 600 ${E_MY_CNF}
echo "user=${2}" >> ${E_MY_CNF}
ESC_PASS=`echo "${3}" | sed -e 's/\"/\\\"/'`
echo "password=\"${ESC_PASS}\"" >> ${E_MY_CNF}
fi
}
csf_enable_quic() {
if [ -s /etc/csf/csf.conf ]; then
CSFRESTART=false
if ! grep -m1 -q '^UDP_IN = ".*443' /etc/csf/csf.conf && grep -m1 -q '^TCP_IN = ".*443' /etc/csf/csf.conf; then
if ! grep -m1 -q '^UDP_IN = ""' /etc/csf/csf.conf; then
perl -pi -e 's|^UDP_IN \= "|UDP_IN = "443,|g' /etc/csf/csf.conf
CSFRESTART=true
fi
fi
if ! grep -m1 -q '^UDP_OUT = ".*443' /etc/csf/csf.conf && grep -m1 -q '^TCP_OUT = ".*443' /etc/csf/csf.conf; then
if ! grep -m1 -q '^UDP6_IN = ""' /etc/csf/csf.conf; then
perl -pi -e 's|^UDP_OUT \= "|UDP_OUT = "443,|g' /etc/csf/csf.conf
CSFRESTART=true
fi
fi
if ! grep -m1 -q '^UDP6_IN = ".*443' /etc/csf/csf.conf && grep -m1 -q '^TCP6_IN = ".*443' /etc/csf/csf.conf; then
if ! grep -m1 -q '^UDP6_IN = ""' /etc/csf/csf.conf; then
perl -pi -e 's|^UDP6_IN \= "|UDP6_IN = "443,|g' /etc/csf/csf.conf
CSFRESTART=true
fi
fi
if ! grep -m1 -q '^UDP6_OUT = ".*443' /etc/csf/csf.conf && grep -m1 -q '^TCP6_OUT = ".*443' /etc/csf/csf.conf; then
if ! grep -m1 -q '^UDP6_OUT = ""' /etc/csf/csf.conf; then
perl -pi -e 's|^UDP6_OUT \= "|UDP6_OUT = "443,|g' /etc/csf/csf.conf
CSFRESTART=true
fi
fi
if ${CSFRESTART} && csf --status 2&>1 >/dev/null; then
echo "Opened UDP ports for QUIC in CSF, restarting CSF..."
/usr/sbin/csf -r 2&>1 >/dev/null
fi
fi
}
csf_enable_rspamd() {
if [ -s /etc/csf/csf.conf ]; then
CSFRESTART=false
if ! grep -m1 -q '^UDP_OUT = ".*11335' /etc/csf/csf.conf; then
if ! grep -m1 -q '^UDP6_IN = ""' /etc/csf/csf.conf; then
perl -pi -e 's|^UDP_OUT \= "|UDP_OUT = "11335,|g' /etc/csf/csf.conf
CSFRESTART=true
fi
fi
if ! grep -m1 -q '^UDP6_OUT = ".*11335' /etc/csf/csf.conf; then
if ! grep -m1 -q '^UDP6_OUT = ""' /etc/csf/csf.conf; then
perl -pi -e 's|^UDP6_OUT \= "|UDP6_OUT = "11335,|g' /etc/csf/csf.conf
CSFRESTART=true
fi
fi
if ${CSFRESTART} && csf --status 2&>1 >/dev/null; then
echo "Opened UDP ports for Rspamd in CSF, restarting CSF..."
/usr/sbin/csf -r 2&>1 >/dev/null
fi
fi
}
create_global_modsecurity_rules() {
if [ ! -e /usr/local/directadmin/data/admin/modsecurity_rules ]; then
touch /usr/local/directadmin/data/admin/modsecurity_rules
chmod 600 /usr/local/directadmin/data/admin/modsecurity_rules
chown diradmin:diradmin /usr/local/directadmin/data/admin/modsecurity_rules
fi
}
initMySQL() {
if [ "${MYSQL_OPT}" = "8.0" ] && [ "${MYSQL_INST_OPT}" = "mysql" ]; then
SKIP_MYSQL_UPGRADE=true
else
SKIP_MYSQL_UPGRADE=false
fi
#MySQL settings
DA_MYSQL=/usr/local/directadmin/conf/mysql.conf
if [ -s ${DA_MYSQL} ]; then
MYSQLUSER=`grep -m1 "^user=" ${DA_MYSQL} | cut -d= -f2`
MYSQLPASSWORD=`grep -m1 "^passwd=" ${DA_MYSQL} | cut -d= -f2`
else
MYSQLUSER='da_admin'
MYSQLPASSWORD='nothing'
fi
if [ -s $DA_MYSQL ] && [ `grep -m1 -c -e "^host=" ${DA_MYSQL}` -gt "0" ]; then
MYSQLHOST=`grep -m1 "^host=" ${DA_MYSQL} | cut -d= -f2`
else
MYSQLHOST=localhost
fi
#Where connections to mysql are from. Usualy the server IP, unless on a LAN.
MYSQL_ACCESS_HOST=localhost
if [ "$MYSQLHOST" != "localhost" ]; then
MYSQL_ACCESS_HOST="`grep -r -l -m1 '^status=server$' /usr/local/directadmin/data/admin/ips | cut -d/ -f8`"
if [ "${MYSQL_ACCESS_HOST}" = "" ]; then
MYSQL_ACCESS_HOST="`grep -im1 ${HOSTNAME} /etc/hosts | awk '{print $1}'`"
if [ "${MYSQL_ACCESS_HOST}" = "" ]; then
if [ -s ${WORKDIR}/scripts/setup.txt ]; then
MYSQL_ACCESS_HOST=`cat ${WORKDIR}/scripts/setup.txt | grep -m1 -e '^ip=' | cut -d= -f2`
fi
if [ "${MYSQL_ACCESS_HOST}" = "" ]; then
echo "Unable to detect your server IP in /etc/hosts. Please enter it: "
read MYSQL_ACCESS_HOST
fi
fi
fi
fi
ensure_my_cnf ${DA_MY_CNF} "${MYSQLUSER}" "${MYSQLPASSWORD}" "${DA_MYSQL}"
chown diradmin:diradmin ${DA_MY_CNF}
}
allSettings_options() {
for section in $ALL_SECTIONS; do
DESC=${section}_DESC
echo "#$(eval_var ${DESC})"
COUNT="0"
if [ ${section} = "PHP_EXT_SETTINGS" ]; then
continue
fi
for setting in $(eval_var ${section}); do
SETTING_NAME=`echo $setting | tr "[A-Z]" "[a-z]"`
POSSIBLE_VALUES_VAR=${setting}_SET
POSSIBLE_VALUES="`echo $(eval_var ${POSSIBLE_VALUES_VAR}) | awk -v OFS=", " '$1=$1'`"
DEFAULT_VALUE=${setting}_DEF
CURRENT_VALUE=${setting}_OPT
if [ ! -z "$(eval_var ${SETTING_NAME})" ]; then
echo "${SETTING_NAME}=$(eval_var ${SETTING_NAME})"
else
echo "${SETTING_NAME}=$(eval_var ${DEFAULT_VALUE})"
fi
COUNT="1"
done
if [ "${COUNT}" = "1" ]; then
echo ""
fi
done
echo '#PHP extensions can be found in php_extensions.conf'
}
allSettings_php_extensions() {
echo "#PHP Extension Settings"
for setting in $(eval_var ${PHP_EXT_SETTINGS}); do
SETTING_NAME=`echo $setting | tr "[A-Z]" "[a-z]"`
POSSIBLE_VALUES_VAR=PHP_${setting}_SET
POSSIBLE_VALUES="`echo $(eval_var ${POSSIBLE_VALUES_VAR}) | awk -v OFS=", " '$1=$1'`"
DEFAULT_VALUE=PHP_${setting}_DEF
CURRENT_VALUE=PHP_${setting}_OPT
EXPORTED_SETTING_NAME="php_${SETTING_NAME}"
if [ ! -z "$(eval_var ${EXPORTED_SETTING_NAME})" ]; then
echo "${SETTING_NAME}=$(eval_var ${EXPORTED_SETTING_NAME})"
else
echo "${SETTING_NAME}=$(eval_var ${DEFAULT_VALUE})"
fi
done
}
# Write options.conf
if [ "${OPTIONS_CONF_EXISTS}" = "0" ]; then
echo "Cannot find ${OPTIONS_CONF}, writing defaults."
allSettings_options > ${OPTIONS_CONF}
allSettings_php_extensions > ${PHP_EXTENSIONS_CONF}
fi
# Write php_extensions.conf exists
if [ ! -s "${PHP_EXTENSIONS_CONF}" ] && [ -s "${OPTIONS_CONF}" ]; then
for option in `echo "${PHP_EXT_SETTINGS}" | tr '[A-Z]' '[a-z]'`; do {
if grep -m1 -q "^${option}=" "${OPTIONS_CONF}"; then
grep -m1 "^${option}=" "${OPTIONS_CONF}" >> ${PHP_EXTENSIONS_CONF}
sed -i "/^${option}=/d" "${OPTIONS_CONF}"
fi
}
done
fi
# Check if options.conf exists
if [ -s ${PHP_EXTENSIONS_CONF} ]; then
#Read php_extensions.conf as 'source'
PHP_EXTENSIONS_CONF_SOURCE=`grep -o "^[a-zA-Z0-9_]*=[^;<>\'\!=() ]*" ${PHP_EXTENSIONS_CONF} | perl -p -e 's|^|php_|g'`
eval ${PHP_EXTENSIONS_CONF_SOURCE}
fi
# Check if options.conf exists
if [ ! -e ${OPTIONS_CONF} ]; then
do_exit 1 "Options file options.conf does not exist."
else
#Read options.conf as 'source'
OPTIONS_CONF_SOURCE=`grep -o "^[a-zA-Z0-9_]*=[^;<>\'\!=() ]*" ${OPTIONS_CONF}`
eval ${OPTIONS_CONF_SOURCE}
fi
####################################################
run_dataskq() {
DATASKQ_OPT=$1
if [ -s ${DACONF_FILE} ]; then
/usr/local/directadmin/dataskq ${DATASKQ_OPT} --custombuild
fi
}
cagefsctl_update() {
if [ "${CAGEFS_OPT}" = "yes" ] && [ -e /usr/sbin/cagefsctl ]; then
echo "CageFS: Executing 'cagefsctl --force-update'..."
if [ -e /usr/bin/ionice ]; then
/usr/bin/ionice -c3 /usr/sbin/cagefsctl --force-update
else
/usr/sbin/cagefsctl --force-update
fi
cagefsctl --remount-all
fi
}
writeLog() {
initLogfile
echo "`date +'%Y-%m-%d %H:%M:%S'` ${LOG_IP}: $@" >> ${LOGFILE}
}
get_line_from_file() {
#$1 is any part of the name, make sure it wouldn't have duplicates, as it'd select only the first instance of the match
#$2 is full path to txt file
if [ ! -s $2 ]; then
do_exit 1 "$2 does not exist."
fi
if grep -m1 -q "^$1" $2; then
RESULT="`grep -m1 \"^$1\" ${WORKDIR}/$2`"
else
RESULT=""
fi
echo "${RESULT}"
}
EXISTS_VERSIONS_FILE_CUSTOM=false
if [ -s ${VERSIONS_FILE_CUSTOM} ]; then
EXISTS_VERSIONS_FILE_CUSTOM=true
fi
getVer() {
APEEND=`echo ${1} | awk '{gsub(/\./,"_",$1);gsub(/-/,"_",$1);print $1;}'`
RESULT=$(eval_var VERSIONS_TXT_${APEEND})
if [ "${RESULT}" = "" ]; then
>&2 echo "ERROR: version of $1 not found in versions.txt!"
RESULT="0"
fi
echo "${RESULT}"
}
do_exit() {
if [ "$2" != "" ]; then
echo "$2"
fi
removeLockfile
if ${NEW_INSTALL}; then
echo "action=notify&value=admin&subject=CustomBuild installation has failed&message=CustomBuild installation has failed, please check the following file for more information:%0A/usr/local/directadmin/custombuild/install.txt" >> ${TASK_QUEUE}
run_dataskq
fi
exit $1
}
getDA_Opt() {
#$1 is option name
#$2 is default value
if [ ! -s ${DACONF_FILE} ]; then
echo $2
return
fi
if ! ${DA_BIN} c | grep -m1 -q -e "^$1="; then
echo $2
return
fi
${DA_BIN} c | grep -m1 "^$1=" | cut -d= -f2
}
getPhpOpt() {
#$1 is option name
#$2 is default value
FULL_VARIABLE=php_$1
GET_OPTION="$(eval_var ${FULL_VARIABLE})"
if [ "${GET_OPTION}" = "" ]; then
if grep -m1 -q "^${1}=" "${OPTIONS_CONF}"; then
grep -m1 "^${1}=" "${OPTIONS_CONF}" >> ${PHP_EXTENSIONS_CONF}
sed -i "/^${1}=/d" "${OPTIONS_CONF}"
GET_OPTION=`grep -m1 "^${1}=" "${PHP_EXTENSIONS_CONF}" | cut -d= -f2`
eval `echo "${FULL_VARIABLE}=${2}"`
else
echo "$1=$2" >> ${PHP_EXTENSIONS_CONF}
GET_OPTION="${2}"
eval `echo "${FULL_VARIABLE}=${2}"`
fi
fi
echo ${GET_OPTION}
}
getOpt() {
#$1 is option name
#$2 is default value
GET_OPTION="$(eval_var $1)"
if [ "${GET_OPTION}" = "" ]; then
echo "$1=$2" >> ${OPTIONS_CONF}
GET_OPTION="${2}"
eval `echo "${1}=${2}"`
fi
echo ${GET_OPTION}
}
have_php_system() {
#Checks to see if we can use system() based on the disable_functions
if [ ! -s "${PHP_INI}" ]; then
echo 1
return
fi
C=`grep -m1 -c ^disable_functions ${PHP_INI}`
if [ "${C}" -eq 0 ]; then
echo 1
return
fi
C=`grep -m1 ^disable_functions ${PHP_INI} | grep -m1 -c system`
if [ "${C}" -eq 1 ]; then
echo 0
return
fi
echo 1
return
}
secure_phpini() {
if [ -e $1 ]; then
if grep -m1 -q -e disable_functions $1; then
CURRENT_DISABLE_FUNCT="`grep -m1 'disable_functions' $1`"
if [ -s ${WORKDIR}/custom/php_disable_functions ]; then
NEW_DISABLE_FUNCT="`head -n1 ${WORKDIR}/custom/php_disable_functions`"
else
NEW_DISABLE_FUNCT="exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname"
fi
perl -pi -e "s#${CURRENT_DISABLE_FUNCT}#disable_functions \= ${NEW_DISABLE_FUNCT}#" $1
else
echo "disable_functions = ${NEW_DISABLE_FUNCT}" >> $1
fi
perl -pi -e 's/^register_globals = On/register_globals = Off/' $1
perl -pi -e 's/^mysql.allow_local_infile = On/mysql.allow_local_infile = Off/' $1
perl -pi -e 's/^mysqli.allow_local_infile = On/mysqli.allow_local_infile = Off/' $1
perl -pi -e 's/^;mysqli.allow_local_infile = On/mysqli.allow_local_infile = Off/' $1
perl -pi -e 's/^expose_php = On/expose_php = Off/' $1
writeLog "secure_phpini: $1 secured"
fi
}
####################################################
secure_php() {
if [ "${SECURE_PHP_OPT}" != "yes" ]; then
setOpt secure_php yes
fi
secure_phpini ${PHP_INI}
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
EVAL_PHP_INI_VAR=PHP_INI_FPM${php_shortrelease}
secure_phpini $(eval_var ${EVAL_PHP_INI_VAR})
done
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
if [ -e /etc/cl.selector/global_php.ini ]; then
secure_phpini /etc/cl.selector/global_php.ini
if [ -e /usr/sbin/cagefsctl ]; then
/usr/sbin/cagefsctl --setup-cl-selector
fi
fi
fi
echo "PHP has been secured."
RESTART_APACHE="1"
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
echo "Restarting php-fpm${PHP1_SHORTRELEASE}."
control_service php-fpm${PHP1_SHORTRELEASE} restart
RESTART_APACHE="0"
fi
if [ "${PHP2_MODE_OPT}" = "php-fpm" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
echo "Restarting php-fpm${PHP2_SHORTRELEASE}."
control_service php-fpm${PHP2_SHORTRELEASE} restart
fi
if [ "${PHP3_MODE_OPT}" = "php-fpm" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
echo "Restarting php-fpm${PHP3_SHORTRELEASE}."
control_service php-fpm${PHP3_SHORTRELEASE} restart
fi
if [ "${PHP4_MODE_OPT}" = "php-fpm" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
echo "Restarting php-fpm${PHP4_SHORTRELEASE}."
control_service php-fpm${PHP4_SHORTRELEASE} restart
fi
if [ "${RESTART_APACHE}" = "1" ]; then
control_service httpd restart
fi
}
#Used to set values ON/OFF in the services.status.
#set_service name ON|OFF|delete
set_service() {
if [ ! -e ${SERVICES} ]; then
if [ ! -d /usr/local/directadmin/data/admin ]; then
mkdir -p /usr/local/directadmin/data/admin
chown diradmin:diradmin /usr/local/directadmin/data/admin
chown diradmin:diradmin /usr/local/directadmin/data
chmod 700 /usr/local/directadmin/data/admin
chmod 711 /usr/local/directadmin/data
fi
touch ${SERVICES}
chown diradmin:diradmin ${SERVICES}
chmod 600 ${SERVICES}
fi
if [ "$2" = "delete" ]; then
if ! grep -q "^$1=" ${SERVICES}; then
return
else
perl -pi -e "s/^${1}=.*\n//" ${SERVICES}
fi
return
fi
if [ "$2" = "ON" ] || [ "$2" = "OFF" ]; then
if ! grep -q "^$1=" ${SERVICES}; then
echo "$1=$2" >> ${SERVICES}
else
perl -pi -e "s/^$1=.*/$1=$2/" ${SERVICES}
fi
return
fi
echo "setService $1: unknown option: $2"
}
control_service() {
SERVICE_NAME=$1
SERVICE_ACTION=$2
systemctl ${SERVICE_ACTION} ${SERVICE_NAME}.service
}
#sets the value of $1 to $2 in the file $3
setVal() {
if [ ! -e $3 ]; then
return
fi
if ! grep -m1 -q "^${1}=" ${3}; then
#ok, it's not there, add it.
echo "$1=$2" >> $3
return
else
#ok, the value is already in the file $3, so use perl to regex it.
perl -pi -e "s/^`grep -m1 "^${1}=" ${3}`/${1}=${2}/" ${3}
fi
}
#A > B: 1
#A = B: 0
#A < B: -1
#3rd option is descriptor
version_cmp() {
A=`echo $1 | cut -d- -f1`
B=`echo $2 | cut -d- -f1`
if [ "$A" = "" ] || [ "$B" = "" ]; then
echo "version_cmp has a blank value when checking $3"
return
fi
if ! echo "$A" | grep -m1 -q '^[0-9]' || ! echo "$B" | grep -m1 -q '^[0-9]'; then
echo "version_cmp has a wrong version when checking $3 for version comparison, ${A} vs. ${B}"
return
fi
#swap underscore with dot.
A=`echo $A | tr '_' '.'`
B=`echo $B | tr '_' '.'`
A1=`echo $A | cut -d. -f1`
B1=`echo $B | cut -d. -f1`
if [ "$A1" -gt "$B1" ]; then
echo 1
return
fi
if [ "$A1" -lt "$B1" ]; then
echo -1
return
fi
A2=`echo $A | cut -d. -f2`
B2=`echo $B | cut -d. -f2`
if [ "$A2" -gt "$B2" ]; then
echo 1
return
fi
if [ "$A2" -lt "$B2" ]; then
echo -1
return
fi
A3=`echo $A | cut -d. -f3`
B3=`echo $B | cut -d. -f3`
if [ "$A3" = "" ] && [ "$B3" = "" ]; then
echo 0
return
fi
if [ "$A3" = "" ]; then
if [ "$B3" = "0" ]; then
echo 0;
else
echo 1
fi
return
fi
if [ "$B3" = "" ]; then
if [ "$A3" = "0" ]; then
echo 0;
else
echo -1
fi
return
fi
if [ "$A3" -gt "$B3" ]; then
echo 1
return
fi
if [ "$A3" -lt "$B3" ]; then
echo -1
return
fi
echo 0
}
####################################################
GCCOPTIONS_CACHE=0
getGccOptions() {
if [ "${GCCOPTIONS_CACHE}" = "0" ]; then
# Exim always takes /usr/bin/gcc, even if it exists in /usr/local/bin/gcc. Other components built in /usr, not /usr/local might take it form there too.
if [ -s /usr/bin/gcc ]; then
GCC_VERSION="`/usr/bin/gcc --version | head -n1 | grep -o '[0-9]*\.[0-9]*' | head -n1`"
else
GCC_VERSION="`gcc --version | head -n1 | grep -o '[0-9]*\.[0-9]*' | head -n1`"
fi
if [ "`version_cmp ${GCC_VERSION} 4.9 'gcc ver check'`" -ge 0 ]; then
GCCOPTIONS_CACHE="-fstack-protector-strong"
else
GCCOPTIONS_CACHE="-fstack-protector --param ssp-buffer-size=4"
fi
fi
echo ${GCCOPTIONS_CACHE}
}
#These are needed for some functions outside
BOLD_OPT=`getOpt bold ${BOLD_DEF}`
# Variables for bolded text
boldon=""
boldoff=""
if [ "${BOLD_OPT}" = "yes" ]; then
boldon="`tput -Txterm bold`"
boldoff="`tput -Txterm sgr0`"
fi
CLEAN_OPT=`getOpt clean ${CLEAN_DEF}`
if [ -s ${DEBIAN_VERSION} ]; then
MYSQL_FORCE_COMPILE_OPT=`getOpt mysql_force_compile ${MYSQL_FORCE_COMPILE_DEF}`
else
MYSQL_FORCE_COMPILE_OPT=`getOpt mysql_force_compile ${MYSQL_FORCE_COMPILE_DEF}`
fi
DOWNLOADSERVER_OPT=`getOpt downloadserver ${DOWNLOADSERVER_DEF}`
UNOFFICIAL_MIRRORS_OPT=`getOpt unofficial_mirrors ${UNOFFICIAL_MIRRORS_DEF}`
DOWNLOADSERVERS_OFFICIAL_LIST="files-fi.directadmin.com files-fr.directadmin.com files-lt.directadmin.com da-mirror.wpcloud.vn files-sg.directadmin.com files-ca.directadmin.com"
DOWNLOADSERVERS_UNOFFICIAL_HTTPS_LIST="files6.directadmin.com files9.directadmin.com files11.directadmin.com directadmin.mirror.liteserver.nl damirror.unix-solutions.be mirror.serverion.com damirror.pars.host mirrors.ereznet.co.il mirror.ihost.md directadmin.mirrors.misaka.one directadmin.hostmark.pl damirror.cj2.nl"
#We have spacing at the beginning/end to let grep work fine with these
DOWNLOADSERVERS_HTTPS_LIST=" files1.directadmin.com ${DOWNLOADSERVERS_OFFICIAL_LIST} ${DOWNLOADSERVERS_UNOFFICIAL_HTTPS_LIST} "
DOWNLOADSERVER_SCHEME=http
if echo "${DOWNLOADSERVERS_HTTPS_LIST}" | grep -m1 -q " ${DOWNLOADSERVER_OPT} "; then
DOWNLOADSERVER_SCHEME=https
fi
WEBPATH=http://da-mirror.wpcloud.vn/services/custombuild
WEBPATH_SERVICES=http://da-mirror.wpcloud.vn/services
WEBPATH_BACKUP_IP=da-mirror.wpcloud.vn
WEBPATH_BACKUP=http://da-mirror.wpcloud.vn/services/custombuild
WEBPATH_SERVICES_BACKUP=http://da-mirror.wpcloud.vn/services
WEBPATH_CL=https://repo.cloudlinux.com/cloudlinux/sources/da
WEBPATH_CWAF=https://waf.comodo.com
WEBPATH_LITESPEED=https://www.litespeedtech.com/packages
WEBPATH_SGIT=https://raw.githubusercontent.com/irf1404/Directadmin/master/services
WEBPATH_BGIT=https://raw.githubusercontent.com/irf1404/Directadmin/master/services/custombuild
setPhpOpt() {
#$1 is option name
#$2 is value
READ_OPTION_NAME="$1"
READ_OPTION_VALUE="$2"
SET_IN_FILENAME="${PHP_EXTENSIONS_CONF}"
if echo " ioncube suhosin zend htscanner imagick opcache " | grep -m1 -q " ${READ_OPTION_NAME} "; then
if grep -m1 -q "^${READ_OPTION_NAME}=" ${OPTIONS_CONF}; then
if ! grep -m1 -q "^${READ_OPTION_NAME}=" ${PHP_EXTENSIONS_CONF}; then
grep -m1 "^${READ_OPTION_NAME}=" ${OPTIONS_CONF} >> "${PHP_EXTENSIONS_CONF}"
fi
sed -i "/^${READ_OPTION_NAME}=/d" ${OPTIONS_CONF}
fi
fi
VAR=`echo ${READ_OPTION_NAME} | tr "[a-z]" "[A-Z]"`
if [ -z "$(eval_var PHP_${VAR}_DEF)" ]; then
echo "${READ_OPTION_NAME} is not a valid option."
EXIT_CODE=50
return
fi
VALID="no"
for i in $(eval_var PHP_${VAR}_SET); do
if [ "${i}" = "${READ_OPTION_VALUE}" ] || [ "${i}" = "userinput" ]; then
VALID="yes"
break
fi
done
if [ "${VALID}" = "no" ]; then
echo "${READ_OPTION_VALUE} is not a valid setting for ${READ_OPTION_NAME} option."
EXIT_CODE=51
return
fi
OPT_VALUE="`grep -m1 "^${READ_OPTION_NAME}=" "${SET_IN_FILENAME}" | cut -d= -f2 | perl -p0 -e 's|@|\\\\@|g'`"
if [ -z "${OPT_VALUE}" ] && [ "${SET_IN_FILENAME}" = "${PHP_EXTENSIONS_CONF}" ]; then
if grep -m1 -q "^${READ_OPTION_NAME}=" ${OPTIONS_CONF}; then
grep -m1 "^${READ_OPTION_NAME}=" ${OPTIONS_CONF} >> "${PHP_EXTENSIONS_CONF}"
sed -i "/^${READ_OPTION_NAME}=/d" ${OPTIONS_CONF}
OPT_VALUE="`grep -m1 "^${READ_OPTION_NAME}=" "${SET_IN_FILENAME}" | cut -d= -f2 | perl -p0 -e 's|@|\\\\@|g'`"
fi
fi
if [ ! -z "${OPT_VALUE}" ]; then
perl -pi -e "s#${READ_OPTION_NAME}=${OPT_VALUE}#${READ_OPTION_NAME}=${READ_OPTION_VALUE}#" "${SET_IN_FILENAME}"
else
echo "${READ_OPTION_NAME}=${OPT_VALUE}" >> "${SET_IN_FILENAME}"
fi
if [ "${HIDE_CHANGES}" = "0" ] && [ "${OPT_VALUE}" != "${READ_OPTION_VALUE}" ]; then
echo "Changed ${boldon}${READ_OPTION_NAME}${boldoff} option from ${boldon}${OPT_VALUE}${boldoff} to ${boldon}${READ_OPTION_VALUE}${boldoff}" | perl -p0 -e 's|\\\@|\@|g'
elif [ "${HIDE_CHANGES}" = "0" ] && [ "${OPT_VALUE}" = "${READ_OPTION_VALUE}" ]; then
echo "${boldon}${READ_OPTION_NAME}${boldoff} is already set to ${boldon}${READ_OPTION_VALUE}${boldoff}" | perl -p0 -e 's|\\\@|\@|g'
fi
}
setOpt() {
#$1 is option name
#$2 is value
READ_OPTION_NAME="$1"
READ_OPTION_VALUE="`echo \"$2\" | perl -p0 -e 's|@|\\\\@|g' | perl -p0 -e 's|\\+|\\\\+|g'`"
#Rewrite spamassassin to spamd for backwards compatibility
if [ "${READ_OPTION_NAME}" = "spamassassin" ]; then
READ_OPTION_NAME="spamd"
if [ "${READ_OPTION_VALUE}" = "yes" ]; then
READ_OPTION_VALUE="spamassassin"
fi
fi
SET_IN_FILENAME="${OPTIONS_CONF}"
if echo " ioncube suhosin zend htscanner imagick opcache " | grep -m1 -q " ${READ_OPTION_NAME} "; then
setPhpOpt "${READ_OPTION_NAME}" "${READ_OPTION_VALUE}"
return
fi
VAR=`echo ${READ_OPTION_NAME} | tr "[a-z]" "[A-Z]"`
if [ -z "$(eval_var ${VAR}_DEF)" ]; then
echo "${READ_OPTION_NAME} is not a valid option."
EXIT_CODE=50
return
fi
VALID="no"
for i in $(eval_var ${VAR}_SET); do
if [ "${i}" = "${READ_OPTION_VALUE}" ] || [ "${i}" = "userinput" ]; then
VALID="yes"
break
fi
done
if [ "${VALID}" = "no" ]; then
echo "${READ_OPTION_VALUE} is not a valid setting for ${READ_OPTION_NAME} option."
EXIT_CODE=51
return
fi
OPT_VALUE="`grep -m1 "^${READ_OPTION_NAME}=" "${SET_IN_FILENAME}" | cut -d= -f2 | perl -p0 -e 's|@|\\\\@|g' | perl -p0 -e 's|\\+|\\\\+|g'`"
perl -pi -e "s#${READ_OPTION_NAME}=${OPT_VALUE}#${READ_OPTION_NAME}=${READ_OPTION_VALUE}#" "${SET_IN_FILENAME}"
if [ "${HIDE_CHANGES}" = "0" ] && [ "${OPT_VALUE}" != "${READ_OPTION_VALUE}" ]; then
echo "Changed ${boldon}${READ_OPTION_NAME}${boldoff} option from ${boldon}${OPT_VALUE}${boldoff} to ${boldon}${READ_OPTION_VALUE}${boldoff}" | perl -p0 -e 's|\\\@|\@|g' | perl -p0 -e 's|\\\+|\+|g'
elif [ "${HIDE_CHANGES}" = "0" ] && [ "${OPT_VALUE}" = "${READ_OPTION_VALUE}" ]; then
echo "${boldon}${READ_OPTION_NAME}${boldoff} is already set to ${boldon}${READ_OPTION_VALUE}${boldoff}" | perl -p0 -e 's|\\\@|\@|g' | perl -p0 -e 's|\\\+|\+|g'
fi
}
getWebserverPorts() {
# 443 and 80 ports
PORT_80=`getDA_Opt port_80 80`
PORT_443=`getDA_Opt port_443 443`
# Reverse proxy ports
PORT_8080=`getDA_Opt port_8080 8080`
PORT_8081=`getDA_Opt port_8081 8081`
}
case "$1" in
"") getopt_case_toggle ;;
version) getopt_case_toggle ;;
kill) getopt_case_toggle ;;
update_da) getopt_case_toggle ;;
get_timezone) getopt_case_toggle ;;
set_versions_txt) getopt_case_toggle ;;
show_file) getopt_case_toggle ;;
esac
if [ "${GETOPT_CASE}" = "1" ]; then
CSF_OPT=`getOpt csf ${CSF_DEF}`
#CloudLinux
CLOUDLINUX_OPT=`getOpt cloudlinux ${CLOUDLINUX_DEF}`
CLOUDLINUX_BETA_OPT=`getOpt cloudlinux_beta ${CLOUDLINUX_BETA_DEF}`
CAGEFS_OPT=`getOpt cagefs ${CAGEFS_DEF}`
#Find PowerTools repo name on RHEL-like distros version 8
#Find PowerTools repo name
if [ "${OS_CENTOS_VER}" = "8" ]; then
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
POWERTOOLS=cloudlinux-PowerTools
elif [ -e /etc/yum.repos.d/CentOS-PowerTools.repo ] && grep -m1 -q '\[PowerTools\]' /etc/yum.repos.d/CentOS-PowerTools.repo; then
POWERTOOLS=PowerTools
elif [ -e /etc/yum.repos.d/oracle-linux-ol8.repo ]; then
POWERTOOLS=ol8_codeready_builder
elif [ -e /etc/yum.repos.d/redhat.repo ]; then
POWERTOOLS=codeready-builder-for-rhel-8-x86_64-rpms
else
POWERTOOLS=powertools
fi
fi
# Read options.conf
FTPD_OPT=`getOpt ftpd ${FTPD_DEF}`
PUREFTPD_UPLOADSCAN_OPT=`getOpt pureftpd_uploadscan ${PUREFTPD_UPLOADSCAN_DEF}`
PROFTPD_UPLOADSCAN_OPT=`getOpt proftpd_uploadscan ${PROFTPD_UPLOADSCAN_DEF}`
# Replace spamassassin= to spamd=
if grep -m1 -q "^spamassassin=" ${OPTIONS_CONF}; then
perl -pi -e 's|spamassassin=yes|spamd=spamassassin|g' ${OPTIONS_CONF}
perl -pi -e 's|spamassassin=no|spamd=no|g' ${OPTIONS_CONF}
fi
SPAMD_OPT=`getOpt spamd ${SPAMASSASSIN_DEF}`
SA_UPDATE_OPT=`getOpt sa_update ${SA_UPDATE_DEF}`
CLAMAV_OPT=`getOpt clamav ${CLAMAV_DEF}`
CLAMAV_EXIM_OPT=`getOpt clamav_exim ${CLAMAV_EXIM_DEF}`
MODSECURITY_UPLOADSCAN_OPT=`getOpt modsecurity_uploadscan ${MODSECURITY_UPLOADSCAN_DEF}`
UNIT_OPT=`getOpt unit ${UNIT_DEF}`
WEBSERVER_OPT=`getOpt webserver ${WEBSERVER_DEF}`
HTTP_METHODS_OPT=`getOpt http_methods ${HTTP_METHODS_DEF}`
LITESPEED_SERIALNO_OPT=`getOpt litespeed_serialno ${LITESPEED_SERIALNO_DEF}`
MODSECURITY_OPT=`getOpt modsecurity ${MODSECURITY_DEF}`
MODSECURITY_RULESET_OPT=`getOpt modsecurity_ruleset ${MODSECURITY_RULESET_DEF}`
HN_T=${HOSTNAME}
REDIRECT_HOST_OPT=`getOpt redirect_host ${HN_T}`
REDIRECT_HOST_HTTPS_OPT=`getOpt redirect_host_https ${REDIRECT_HOST_HTTPS_DEF}`
USE_HOSTNAME_FOR_ALIAS_OPT=`getOpt use_hostname_for_alias ${USE_HOSTNAME_FOR_ALIAS_DEF}`
TZ_T=$(getTimezone)
PHP_TIMEZONE_OPT=`getOpt php_timezone ${TZ_T}`
#Apache
APACHE_VER_OPT=`getOpt apache_ver ${APACHE_VER_DEF}`
APACHE_MPM_OPT=`getOpt apache_mpm ${APACHE_MPM_DEF}`
MOD_RUID2_OPT=`getOpt mod_ruid2 ${MOD_RUID2_DEF}`
USERDIR_ACCESS_OPT=`getOpt userdir_access ${USERDIR_ACCESS_DEF}`
HARDEN_SYMLINKS_PATCH_OPT=`getOpt harden_symlinks_patch ${HARDEN_SYMLINKS_PATCH_DEF}`
#PHP
PHP1_RELEASE_OPT=`getOpt php1_release ${PHP1_RELEASE_DEF}`
PHP2_RELEASE_OPT=`getOpt php2_release ${PHP2_RELEASE_DEF}`
PHP3_RELEASE_OPT=`getOpt php3_release ${PHP3_RELEASE_DEF}`
PHP4_RELEASE_OPT=`getOpt php4_release ${PHP4_RELEASE_DEF}`
PHP1_SHORTRELEASE=`echo ${PHP1_RELEASE_OPT} | tr -d '.'`
PHP2_SHORTRELEASE=`echo ${PHP2_RELEASE_OPT} | tr -d '.'`
PHP3_SHORTRELEASE=`echo ${PHP3_RELEASE_OPT} | tr -d '.'`
PHP4_SHORTRELEASE=`echo ${PHP4_RELEASE_OPT} | tr -d '.'`
PHP1_MODE_OPT=`getOpt php1_mode ${PHP1_MODE_DEF}`
PHP2_MODE_OPT=`getOpt php2_mode ${PHP2_MODE_DEF}`
PHP3_MODE_OPT=`getOpt php3_mode ${PHP3_MODE_DEF}`
PHP4_MODE_OPT=`getOpt php4_mode ${PHP4_MODE_DEF}`
SECURE_PHP_OPT=`getOpt secure_php ${SECURE_PHP_DEF}`
PHP_INI_TYPE_OPT=`getOpt php_ini_type ${PHP_INI_TYPE_DEF}`
REDIS_OPT=`getOpt redis ${REDIS_DEF}`
#php_extensions.conf options
PHP_BZ2_OPT=`getPhpOpt bz2 ${PHP_BZ2_DEF}`
PHP_GMP_OPT=`getPhpOpt gmp ${PHP_GMP_DEF}`
PHP_HTSCANNER_OPT=`getPhpOpt htscanner ${PHP_HTSCANNER_DEF}`
PHP_IGBINARY_OPT=`getPhpOpt igbinary ${PHP_IGBINARY_DEF}`
PHP_IMAGICK_OPT=`getPhpOpt imagick ${PHP_IMAGICK_DEF}`
PHP_IMAP_OPT=`getPhpOpt imap ${PHP_IMAP_DEF}`
PHP_IONCUBE_OPT=`getPhpOpt ioncube ${PHP_IONCUBE_DEF}`
PHP_LDAP_OPT=`getPhpOpt ldap ${PHP_LDAP_DEF}`
PHP_OPCACHE_OPT=`getPhpOpt opcache ${PHP_OPCACHE_DEF}`
PHP_PHALCON_OPT=`getPhpOpt phalcon ${PHP_PHALCON_DEF}`
PHP_REDIS_OPT=`getPhpOpt redis ${PHP_REDIS_DEF}`
PHP_READLINE_OPT=`getPhpOpt readline ${PHP_READLINE_DEF}`
PHP_SUHOSIN_OPT=`getPhpOpt suhosin ${PHP_SUHOSIN_DEF}`
PHP_SNUFFLEUPAGUS_OPT=`getPhpOpt snuffleupagus ${PHP_SNUFFLEUPAGUS_DEF}`
PHP_XMLRPC_OPT=`getPhpOpt xmlrpc ${PHP_XMLRPC_DEF}`
PHP_ZEND_OPT=`getPhpOpt zend ${PHP_ZEND_DEF}`
#backwards compatibility
IONCUBE_OPT=${PHP_IONCUBE_OPT}
OPCACHE_OPT=${PHP_OPCACHE_OPT}
HTSCANNER_OPT=${PHP_HTSCANNER_OPT}
ZEND_OPT=${PHP_ZEND_OPT}
IMAGICK_OPT=${PHP_IMAGICK_OPT}
SUHOSIN_OPT=${PHP_SUHOSIN_OPT}
SUHOSIN_PHP_UPLOADSCAN_OPT=`getOpt suhosin_php_uploadscan ${SUHOSIN_PHP_UPLOADSCAN_DEF}`
X_MAIL_HEADER_OPT=`getOpt x_mail_header ${X_MAIL_HEADER_DEF}`
APCONF=ap2
HAVE_FPM_CGI=no
HAVE_FCGID=no
HAVE_SUPHP_CGI=no
HAVE_CLI=no
HAVE_LSPHP=no
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
eval `echo "HAVE_FPM${php_shortrelease}_CGI=no"`
eval `echo "HAVE_FCGID${php_shortrelease}=no"`
eval `echo "HAVE_SUPHP${php_shortrelease}_CGI=no"`
eval `echo "HAVE_CLI${php_shortrelease}=no"`
eval `echo "HAVE_LSPHP${php_shortrelease}=no"`
eval `echo "PHP${php_shortrelease}_CONFIGURE=configure/php/configure.php${php_shortrelease}"`
if [ -e custom/${APCONF}/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE=custom/${APCONF}/configure.php${php_shortrelease}"`
fi
if [ -e custom/php/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE=custom/php/configure.php${php_shortrelease}"`
fi
done
if [ "${PHP1_RELEASE_OPT}" != "no" ] && [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
HAVE_FPM_CGI=yes
eval `echo "HAVE_FPM${PHP1_SHORTRELEASE}_CGI=yes"`
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ] && [ "${PHP2_MODE_OPT}" = "php-fpm" ]; then
HAVE_FPM_CGI=yes
eval `echo "HAVE_FPM${PHP2_SHORTRELEASE}_CGI=yes"`
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ] && [ "${PHP3_MODE_OPT}" = "php-fpm" ]; then
HAVE_FPM_CGI=yes
eval `echo "HAVE_FPM${PHP3_SHORTRELEASE}_CGI=yes"`
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ] && [ "${PHP4_MODE_OPT}" = "php-fpm" ]; then
HAVE_FPM_CGI=yes
eval `echo "HAVE_FPM${PHP4_SHORTRELEASE}_CGI=yes"`
fi
if [ "${PHP1_RELEASE_OPT}" != "no" ] && [ "${PHP1_MODE_OPT}" = "fastcgi" ]; then
HAVE_FCGID=yes
eval `echo "HAVE_FCGID${PHP1_SHORTRELEASE}=yes"`
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ] && [ "${PHP2_MODE_OPT}" = "fastcgi" ]; then
HAVE_FCGID=yes
eval `echo "HAVE_FCGID${PHP2_SHORTRELEASE}=yes"`
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ] && [ "${PHP3_MODE_OPT}" = "fastcgi" ]; then
HAVE_FCGID=yes
eval `echo "HAVE_FCGID${PHP3_SHORTRELEASE}=yes"`
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ] && [ "${PHP4_MODE_OPT}" = "fastcgi" ]; then
HAVE_FCGID=yes
eval `echo "HAVE_FCGID${PHP4_SHORTRELEASE}=yes"`
fi
if [ "${PHP1_RELEASE_OPT}" != "no" ] && [ "${PHP1_MODE_OPT}" = "suphp" ]; then
HAVE_SUPHP_CGI=yes
eval `echo "HAVE_SUPHP${PHP1_SHORTRELEASE}_CGI=yes"`
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ] && [ "${PHP2_MODE_OPT}" = "suphp" ]; then
HAVE_SUPHP_CGI=yes
eval `echo "HAVE_SUPHP${PHP2_SHORTRELEASE}_CGI=yes"`
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ] && [ "${PHP3_MODE_OPT}" = "suphp" ]; then
HAVE_SUPHP_CGI=yes
eval `echo "HAVE_SUPHP${PHP3_SHORTRELEASE}_CGI=yes"`
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ] && [ "${PHP4_MODE_OPT}" = "suphp" ]; then
HAVE_SUPHP_CGI=yes
eval `echo "HAVE_SUPHP${PHP4_SHORTRELEASE}_CGI=yes"`
fi
#Check just php1 and no other modes, as mod_php is not allowed to be 2/3/4th
if [ "${PHP1_RELEASE_OPT}" != "no" ] && [ "${PHP1_MODE_OPT}" = "mod_php" ]; then
HAVE_CLI=yes
eval `echo "HAVE_CLI${PHP1_SHORTRELEASE}=yes"`
fi
if [ "${PHP1_RELEASE_OPT}" != "no" ] && [ "${PHP1_MODE_OPT}" = "lsphp" ]; then
HAVE_LSPHP=yes
eval `echo "HAVE_LSPHP${PHP1_SHORTRELEASE}=yes"`
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ] && [ "${PHP2_MODE_OPT}" = "lsphp" ]; then
HAVE_LSPHP=yes
eval `echo "HAVE_LSPHP${PHP2_SHORTRELEASE}=yes"`
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ] && [ "${PHP3_MODE_OPT}" = "lsphp" ]; then
HAVE_LSPHP=yes
eval `echo "HAVE_LSPHP${PHP3_SHORTRELEASE}=yes"`
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ] && [ "${PHP4_MODE_OPT}" = "lsphp" ]; then
HAVE_LSPHP=yes
eval `echo "HAVE_LSPHP${PHP4_SHORTRELEASE}=yes"`
fi
if [ "${PHP1_MODE_OPT}" = "mod_php" ] && [ "${MOD_RUID2_OPT}" = "no" ]; then
APPGROUP=apache
fi
#MySQL
MYSQL_INST_OPT=`getOpt mysql_inst ${MYSQL_INST_DEF}`
if [ "${MYSQL_INST_OPT}" = "yes" ]; then
HIDE_CHANGES=1
if [ "`has_mariadb`" = "0" ]; then
setOpt mysql_inst mysql
else
setOpt mysql_inst mariadb
fi
MYSQL_INST_OPT=`getOpt mysql_inst ${MYSQL_INST_DEF}`
fi
MYSQL_BACKUP_OPT=`getOpt mysql_backup ${MYSQL_BACKUP_DEF}`
MYSQL_OPT=`getOpt mysql ${MYSQL_DEF}`
MARIADB_OPT=`getOpt mariadb ${MARIADB_DEF}`
MYSQL_BACKUP_GZIP_OPT=`getOpt mysql_backup_gzip ${MYSQL_BACKUP_GZIP_DEF}`
MYSQL_BACKUP_DIR_OPT=`getOpt mysql_backup_dir ${MYSQL_BACKUP_DIR_DEF}`
MYSQLNAME="MySQL"
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
MYSQLNAME="MariaDB"
fi
#Email
DOVECOT_OPT=`getOpt dovecot ${DOVECOT_DEF}`
DOVECOT_CONF_OPT=`getOpt dovecot_conf ${DOVECOT_CONF_DEF}`
PIGEONHOLE_OPT=`getOpt pigeonhole ${PIGEONHOLE_DEF}`
MAIL_COMPRESS_OPT=`getOpt mail_compress ${MAIL_COMPRESS_DEF}`
EXIM_OPT=`getOpt exim ${EXIM_DEF}`
EXIMCONF_OPT=`getOpt eximconf ${EXIMCONF_DEF}`
EXIMCONF_RELEASE_OPT=`getOpt eximconf_release ${EXIMCONF_RELEASE_DEF}`
BLOCKCRACKING_OPT=`getOpt blockcracking ${BLOCKCRACKING_DEF}`
EASY_SPAM_FIGHTER_OPT=`getOpt easy_spam_fighter ${EASY_SPAM_FIGHTER_DEF}`
#Applications
PHPMYADMIN_OPT=`getOpt phpmyadmin ${PHPMYADMIN_DEF}`
PHPMYADMIN_PUBLIC_OPT=`getOpt phpmyadmin_public ${PHPMYADMIN_PUBLIC_DEF}`
PHPMYADMIN_VER_OPT=`getOpt phpmyadmin_ver ${PHPMYADMIN_VER_DEF}`
SQUIRRELMAIL_OPT=`getOpt squirrelmail ${SQUIRRELMAIL_DEF}`
ROUNDCUBE_OPT=`getOpt roundcube ${ROUNDCUBE_DEF}`
WEBAPPS_INBOX_PREFIX_NEWDEF="no"
if [ "${OPTIONS_CONF_EXISTS}" = "1" ]; then
WEBAPPS_INBOX_PREFIX_NEWDEF="yes"
fi
WEBAPPS_INBOX_PREFIX_OPT=`getOpt webapps_inbox_prefix ${WEBAPPS_INBOX_PREFIX_NEWDEF}`
#Statistics software
AWSTATS_OPT=`getOpt awstats ${AWSTATS_DEF}`
WEBALIZER_OPT=`getOpt webalizer ${WEBALIZER_DEF}`
CURL_OPT=`getOpt curl ${CURL_DEF}`
SSL_CONFIGURATION_OPT=`getOpt ssl_configuration ${SSL_CONFIGURATION_DEF}`
#CustomBuild
AUTOVER_OPT=`getOpt autover ${AUTOVER_DEF}`
CLEAN_OLD_TARBALLS_OPT=`getOpt clean_old_tarballs ${CLEAN_OLD_TARBALLS_DEF}`
CLEAN_OLD_WEBAPPS_OPT=`getOpt clean_old_webapps ${CLEAN_OLD_WEBAPPS_DEF}`
CLEANAPACHE_OPT=`getOpt cleanapache ${CLEANAPACHE_DEF}`
CUSTOMBUILD_OPT=`getOpt custombuild ${CUSTOMBUILD_DEF}`
CUSTOMBUILD_PLUGIN_OPT=`getOpt custombuild_plugin ${CUSTOMBUILD_PLUGIN_DEF}`
#Cron
CRON_OPT=`getOpt cron ${CRON_DEF}`
CRON_FREQUENCY_OPT=`getOpt cron_frequency ${CRON_FREQUENCY_DEF}`
EMAIL_OPT=`getOpt email ${EMAIL_DEF}`
NOTIFICATIONS_OPT=`getOpt notifications ${NOTIFICATIONS_DEF}`
UPDATES_OPT=`getOpt updates ${UPDATES_DEF}`
WEBAPPS_UPDATES_OPT=`getOpt webapps_updates ${WEBAPPS_UPDATES_DEF}`
VERSIONS_CL="versions.txt"
if [ "${CLOUDLINUX_BETA_OPT}" = "yes" ]; then
VERSIONS_CL="versions_beta.txt"
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
if [ ! -s ${VERSIONS_FILE_LITESPEED} ]; then
curl ${CURL_CONNECT_OPTIONS} ${WEBPATH_LITESPEED}/versions.txt -o ${VERSIONS_FILE_LITESPEED} 2> /dev/null
fi
if [ ! -s ${VERSIONS_FILE_LITESPEED} ]; then
curl ${CURL_CONNECT_OPTIONS} ${WEBPATH_LITESPEED}/versions.txt -o ${VERSIONS_FILE_LITESPEED} 2> /dev/null
fi
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
if [ ! -s ${VERSIONS_FILE_CL} ]; then
curl ${CURL_CONNECT_OPTIONS} ${WEBPATH_CL}/${VERSIONS_CL} -o ${VERSIONS_FILE_CL} 2> /dev/null
fi
if [ ! -s ${VERSIONS_FILE_CL} ]; then
curl ${CURL_CONNECT_OPTIONS} ${WEBPATH_CL}/${VERSIONS_CL} -o ${VERSIONS_FILE_CL} 2> /dev/null
fi
fi
if [ "${MODSECURITY_OPT}" = "yes" ] && [ "${MODSECURITY_RULESET_OPT}" = "comodo" ]; then
if [ ! -s ${VERSIONS_FILE_CWAF} ]; then
curl ${CURL_CONNECT_OPTIONS} ${WEBPATH_CWAF}/doc/comodo_versions.txt -o ${VERSIONS_FILE_CWAF} 2> /dev/null
fi
if [ ! -s ${VERSIONS_FILE_CWAF} ]; then
curl ${CURL_CONNECT_OPTIONS} ${WEBPATH_CWAF}/doc/comodo_versions.txt -o ${VERSIONS_FILE_CWAF} 2> /dev/null
fi
fi
fi
allSettings() {
for section in $ALL_SECTIONS; do
PHP_EXT_SETTINGS_SECTION=false
PHP_EXT_SETTINGS_SECTION_PREFIX=""
if [ ${section} = "PHP_EXT_SETTINGS" ]; then
PHP_EXT_SETTINGS_SECTION=true
PHP_EXT_SETTINGS_SECTION_PREFIX="PHP_"
fi
DESC=${section}_DESC
echo "------------------------------------------"
echo "$(eval_var ${DESC})"
echo "------------------------------------------"
for setting in $(eval_var ${section}); do
SETTING_NAME=`echo $setting | tr "[A-Z]" "[a-z]"`
POSSIBLE_VALUES_VAR=${PHP_EXT_SETTINGS_SECTION_PREFIX}${setting}_SET
POSSIBLE_VALUES="`echo $(eval_var ${POSSIBLE_VALUES_VAR}) | awk -v OFS=", " '$1=$1'`"
DEFAULT_VALUE=${PHP_EXT_SETTINGS_SECTION_PREFIX}${setting}_DEF
CURRENT_VALUE=${PHP_EXT_SETTINGS_SECTION_PREFIX}${setting}_OPT
echo -n "${SETTING_NAME}: ${POSSIBLE_VALUES}. Current value: $(eval_var ${CURRENT_VALUE}). Default value: $(eval_var ${DEFAULT_VALUE})."
if [ "$1" = "full" ]; then
DESCRIPTION="${PHP_EXT_SETTINGS_SECTION_PREFIX}${setting}_DESC"
echo " Description: $(eval_var ${DESCRIPTION})"
else
echo ""
fi
done
echo ""
done
}
allSettingsJSON() {
echo "{"
NUM_OF_SECTIONS=`echo $ALL_SECTIONS | wc -w`
CUR_SECTION=0
for section in $ALL_SECTIONS; do
PHP_EXT_SETTINGS_SECTION=false
PHP_EXT_SETTINGS_SECTION_PREFIX=""
if [ ${section} = "PHP_EXT_SETTINGS" ]; then
PHP_EXT_SETTINGS_SECTION=true
PHP_EXT_SETTINGS_SECTION_PREFIX="PHP_"
fi
CUR_SECTION=`expr ${CUR_SECTION} + 1`
NUM_OF_SETTINGS=`echo "$(eval_var ${section})" | wc -w`
CUR_SETTING=0
LOWERCASE_SECTION=`echo $section | tr "[A-Z]" "[a-z]"`
SECTION_DESC=${section}_DESC
printf "\t\"${LOWERCASE_SECTION}\": {\n"
printf "\t\t\"description\": \"$(eval_var ${SECTION_DESC})\",\n"
for setting in $(eval_var ${section}); do
CUR_SETTING=`expr ${CUR_SETTING} + 1`
SETTING_NAME=`echo $setting | tr "[A-Z]" "[a-z]"`
POSSIBLE_VALUES_VAR=${PHP_EXT_SETTINGS_SECTION_PREFIX}${setting}_SET
POSSIBLE_VALUES=""
NUM_OF_VALUES=`echo $(eval_var ${POSSIBLE_VALUES_VAR}) | wc -w`
CUR_VALUE=0
for value in $(eval_var ${POSSIBLE_VALUES_VAR}); do
CUR_VALUE=`expr ${CUR_VALUE} + 1`
if [ ${CUR_VALUE} -ne ${NUM_OF_VALUES} ]; then
POSSIBLE_VALUES="${POSSIBLE_VALUES}\"$value\","
else
POSSIBLE_VALUES="${POSSIBLE_VALUES}\"${value}\""
fi
done
DEFAULT_VALUE=${PHP_EXT_SETTINGS_SECTION_PREFIX}${setting}_DEF
CURRENT_VALUE=${PHP_EXT_SETTINGS_SECTION_PREFIX}${setting}_OPT
DESCRIPTION="${setting}_DESC"
printf "\t\t\"${SETTING_NAME}\": {\n"
printf "\t\t\t\"values\": [${POSSIBLE_VALUES}],\n"
printf "\t\t\t\"default\": \"$(eval_var ${DEFAULT_VALUE})\",\n"
printf "\t\t\t\"current\": \"$(eval_var ${CURRENT_VALUE})\",\n"
printf "\t\t\t\"description\": \"$(eval_var ${DESCRIPTION})\"\n"
if [ ${CUR_SETTING} -ne ${NUM_OF_SETTINGS} ]; then
printf "\t\t},\n"
else
printf "\t\t}\n"
fi
done
if [ ${CUR_SECTION} -ne ${NUM_OF_SECTIONS} ]; then
printf "\t},\n"
else
printf "\t}\n"
fi
done
echo "}"
}
OPENSSL_VERSION_CACHE=0
openssl_version() {
if [ "${OPENSSL_VERSION_CACHE}" = "0" ] && [ -x /usr/bin/openssl ]; then
#doesn't include letters!
OPENSSL_VERSION_CACHE=`/usr/bin/openssl version | head -n1 | cut -d\ -f2 | cut -d- -f1 | tr -d '[a-z]'`
fi
echo $OPENSSL_VERSION_CACHE
}
MYSQL_VERSION_CACHE=0
mysql_version() {
if [ "${MYSQL_VERSION_CACHE}" = "0" ] && [ -x ${MYSQL_BIN} ]; then
MYSQL_VERSION_CACHE=`${MYSQL_BIN} --version | grep -m1 -o '[0-9]*\.[0-9]*\.[0-9]*'`
fi
echo $MYSQL_VERSION_CACHE
}
MYSQL_MAIN_CACHE=0
mysql_main() {
if [ "${MYSQL_MAIN_CACHE}" = "0" ] && [ -x ${MYSQL_BIN} ]; then
MYSQL_MAIN_CACHE=`${MYSQL_BIN} --version | grep -m1 -o '[0-9]*\.[0-9]*\.[0-9]*' | cut -d. -f1,2`
fi
echo $MYSQL_MAIN_CACHE
}
HAS_MARIADB_CACHE=-1
has_mariadb() {
if [ "${HAS_MARIADB_CACHE}" = "-1" ] && [ -x ${MYSQL_BIN} ]; then
HAS_MARIADB_CACHE=`${MYSQL_BIN} --version | grep -c -m1 MariaDB`
fi
echo $HAS_MARIADB_CACHE
}
####################################################
doRestartDA() {
echo "action=directadmin&value=reload" >> ${TASK_QUEUE}
run_dataskq
}
doDAVersionCheck() {
DIRECTADMINV=`/usr/local/directadmin/directadmin v | awk '{print $3}' | cut -d. -f2,3`
if [ "`version_cmp ${DIRECTADMINV} 1.63 'DA version check'`" -lt 0 ]; then
do_exit 1 "${boldon}Your DirectAdmin version (${DIRECTADMINV}) is older than minimal required for this version of CustomBuild (1.63). Please run '/usr/local/directadmin/custombuild/build update_da'${boldoff}"
fi
}
doChecks() {
if [ -x ${DA_BIN} ] && [ -s ${DACONF_FILE} ]; then
# doDAVersionCheck
echo "Phien ban Directadmin hoi cu nhung khong sao. Toi xu ly duoc ==))"
fi
doCSFpignore
if [ -s ${WORKDIR}/config.json ]; then
if grep -m1 -q 8372 ${WORKDIR}/config.json; then
rm -f ${WORKDIR}/config.json
fi
fi
if [ ! -s /etc/mime.types ]; then
curl ${CURL_CONNECT_OPTIONS} ${WEBPATH}/mime.types -o /etc/mime.types
fi
if [ "${APACHE_VER_OPT}" != "2.4" ] && [ "${APACHE_VER_OPT}" != "" ]; then
do_exit 1 "CustomBuild 2.0 does support Apache 2.4 only. Please check your apache_ver value in the options.conf file: ${APACHE_VER_OPT}."
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
CORRECT_MARIADB_VER="`echo ${MARIADB_SET} | grep -c ${MARIADB_OPT}`"
if [ "${CORRECT_MARIADB_VER}" = "0" ]; then
do_exit 1 "Incorrect mysql value (used to specify MariaDB release) set in the options.conf file. Set: ${MARIADB_OPT}. Available values: ${MARIADB_SET}."
fi
if [ "${MARIADB_OPT}" != "5.5" ] && [ "${MARIADB_OPT}" != "10.0" ] && [ "${MARIADB_OPT}" != "10.1" ] && [ "${MARIADB_OPT}" != "10.2" ] && [ "${MARIADB_OPT}" != "10.3" ] && [ "${MARIADB_OPT}" != "10.4" ] && [ "${MARIADB_OPT}" != "10.5" ] && [ "${MARIADB_OPT}" != "10.6" ]; then
do_exit 1 "Wrong mariadb value set in ${OPTIONS_CONF}."
fi
elif [ "${MYSQL_INST_OPT}" = "mysql" ]; then
CORRECT_MYSQL_VER="`echo ${MYSQL_SET} | grep -c ${MYSQL_OPT}`"
if [ "${CORRECT_MYSQL_VER}" = "0" ]; then
do_exit 1 "Incorrect mysql value (used to specify MySQL release) set in the options.conf file. Set: ${MYSQL_OPT}. Available values: ${MYSQL_SET}."
fi
if [ "${MYSQL_OPT}" != "5.5" ] && [ "${MYSQL_OPT}" != "5.6" ] && [ "${MYSQL_OPT}" != "5.7" ] && [ "${MYSQL_OPT}" != "8.0" ]; then
do_exit 1 "Wrong mysql value set in ${OPTIONS_CONF}."
fi
fi
if [ "${PHP_INI_TYPE_OPT}" != "development" ] && [ "${PHP_INI_TYPE_OPT}" != "production" ]; then
do_exit 1 "Wrong php_ini_type set in options.conf."
fi
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
if [ "${HAVE_CLI}" = "yes" ] || [ "${HAVE_SUPHP_CGI}" = "yes" ] || [ "${HAVE_FCGID}" = "yes" ] || [ "${HAVE_LSPHP}" = "yes" ]; then
do_exit 1 "nginx webserver is only compatible with php-fpm PHP mode."
fi
fi
if [ "${WEBSERVER_OPT}" != "openlitespeed" ] && [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${SSL_CONFIGURATION_OPT}" = "modern" ]; then
OFFER_MODERN_SSL_SET=true
if [ -e ${DEBIAN_VERSION} ]; then
if [ "${OS_DEBIAN_VER}" = "9" ]; then
OFFER_MODERN_SSL_SET=false
OS_NAME="Debian ${OS_DEBIAN_VER}"
fi
else
if [ "${OS_CENTOS_VER}" = "7" ]; then
OFFER_MODERN_SSL_SET=false
OS_NAME="CentOS/RHEL/CloudLinux ${OS_CENTOS_VER}"
fi
fi
if ! ${OFFER_MODERN_SSL_SET}; then
do_exit 1 "${WEBSERVER_OPT} webserver does not support 'modern' ssl_configuration option due to lack of support of TLSv1.3 in OpenSSL package on ${OS_NAME}."
fi
fi
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ "${HAVE_FCGID}" = "yes" ] || [ "${PHP1_MODE_OPT}" = "lsphp" ] ; then
do_exit 1 "${WEBSERVER_OPT} webserver configuration option is not compatible with lsphp or php-fastcgi PHP mode with mod_ruid2 enabled."
fi
fi
fi
if [ "${MOD_RUID2_OPT}" = "yes" ] && [ "${HAVE_SUPHP_CGI}" = "yes" ]; then
echo "WARNING: It's not recommended to use ${WEBSERVER_OPT} with mod_ruid2 & suPHP enabled. It's a redundant and slow combination."
sleep 1
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
if [ "${PHP1_MODE_OPT}" != "lsphp" ]; then
do_exit 1 "php1_mode must be set to lsphp when using ${WEBSERVER_OPT} WEB server."
fi
if [ "${PHP2_MODE_OPT}" != "lsphp" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
do_exit 1 "php2_mode must be set to lsphp when using ${WEBSERVER_OPT} WEB server."
fi
if [ "${PHP3_MODE_OPT}" != "lsphp" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
do_exit 1 "php3_mode must be set to lsphp when using ${WEBSERVER_OPT} WEB server."
fi
if [ "${PHP4_MODE_OPT}" != "lsphp" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
do_exit 1 "php4_mode must be set to lsphp when using ${WEBSERVER_OPT} WEB server."
fi
elif [ "${CLOUDLINUX_OPT}" != "yes" ] || [ $(is_cloudlinux_solo) -eq 1 ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ "${PHP1_MODE_OPT}" = "lsphp" ]; then
do_exit 1 "php1_mode cannot be set to lsphp when using ${WEBSERVER_OPT} WEB server and CloudLinux disabled."
fi
if [ "${PHP2_MODE_OPT}" = "lsphp" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
do_exit 1 "php2_mode cannot be set to lsphp when using ${WEBSERVER_OPT} WEB server and CloudLinux disabled."
fi
if [ "${PHP3_MODE_OPT}" = "lsphp" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
do_exit 1 "php3_mode cannot be set to lsphp when using ${WEBSERVER_OPT} WEB server and CloudLinux disabled."
fi
if [ "${PHP4_MODE_OPT}" = "lsphp" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
do_exit 1 "php4_mode cannot be set to lsphp when using ${WEBSERVER_OPT} WEB server and CloudLinux disabled."
fi
fi
fi
if [ "${PHP1_MODE_OPT}" != "php-fpm" ] && [ "${PHP1_MODE_OPT}" != "fastcgi" ] && [ "${PHP1_MODE_OPT}" != "mod_php" ] && [ "${PHP1_MODE_OPT}" != "suphp" ] && [ "${PHP1_MODE_OPT}" != "lsphp" ]; then
do_exit 1 "Please set a correct PHP mode (mode set for php1_release should be php-fpm, fastcgi, mod_php, suphp or lsphp)."
fi
if [ "${PHP2_MODE_OPT}" != "php-fpm" ] && [ "${PHP2_MODE_OPT}" != "fastcgi" ] && [ "${PHP2_MODE_OPT}" != "suphp" ] && [ "${PHP2_MODE_OPT}" != "lsphp" ]; then
do_exit 1 "Please set a correct PHP mode (mode set for php2_release should be php-fpm, fastcgi, suphp or lsphp)."
fi
if [ "${PHP3_MODE_OPT}" != "php-fpm" ] && [ "${PHP3_MODE_OPT}" != "fastcgi" ] && [ "${PHP3_MODE_OPT}" != "suphp" ] && [ "${PHP3_MODE_OPT}" != "lsphp" ]; then
do_exit 1 "Please set a correct PHP mode (mode set for php3_release should be php-fpm, fastcgi, suphp or lsphp)."
fi
if [ "${PHP4_MODE_OPT}" != "php-fpm" ] && [ "${PHP4_MODE_OPT}" != "fastcgi" ] && [ "${PHP4_MODE_OPT}" != "suphp" ] && [ "${PHP4_MODE_OPT}" != "lsphp" ]; then
do_exit 1 "Please set a correct PHP mode (mode set for php4_release should be php-fpm, fastcgi, suphp or lsphp)."
fi
PHP1_RELEASE_CHECK=0
for i in `echo "${PHP1_RELEASE_SET}"`; do
if [ "${PHP1_RELEASE_OPT}" = "$i" ]; then
PHP1_RELEASE_CHECK=1
fi
done
PHP2_RELEASE_CHECK=0
for i in `echo "${PHP2_RELEASE_SET} no"`; do
if [ "${PHP2_RELEASE_OPT}" = "$i" ]; then
PHP2_RELEASE_CHECK=1
fi
done
PHP3_RELEASE_CHECK=0
for i in `echo "${PHP3_RELEASE_SET} no"`; do
if [ "${PHP3_RELEASE_OPT}" = "$i" ]; then
PHP3_RELEASE_CHECK=1
fi
done
PHP4_RELEASE_CHECK=0
for i in `echo "${PHP4_RELEASE_SET} no"`; do
if [ "${PHP4_RELEASE_OPT}" = "$i" ]; then
PHP4_RELEASE_CHECK=1
fi
done
if [ "${PHP1_MODE_OPT}" = "mod_php" ] && [ "${PHP2_MODE_OPT}" = "mod_php" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
do_exit 1 "Cannot install both versions of PHP in mod_php mode."
elif [ "${PHP1_RELEASE_CHECK}" = "0" ]; then
do_exit 1 "Wrong php1_release set in the options.conf: ${PHP1_RELEASE_OPT}."
elif [ "${PHP2_RELEASE_CHECK}" = "0" ]; then
do_exit 1 "Wrong php2_release set in the options.conf: ${PHP2_RELEASE_OPT}."
elif [ "${PHP3_RELEASE_CHECK}" = "0" ]; then
do_exit 1 "Wrong php3_release set in the options.conf: ${PHP3_RELEASE_OPT}."
elif [ "${PHP4_RELEASE_CHECK}" = "0" ]; then
do_exit 1 "Wrong php4_release set in the options.conf: ${PHP4_RELEASE_OPT}."
fi
# Check for the same versions set
SAME_PHP_VERSION=false
if [ "${PHP1_RELEASE_OPT}" = "${PHP2_RELEASE_OPT}" ] || [ "${PHP1_RELEASE_OPT}" = "${PHP3_RELEASE_OPT}" ] || [ "${PHP1_RELEASE_OPT}" = "${PHP4_RELEASE_OPT}" ]; then
SAME_PHP_VERSION=true
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
if [ "${PHP2_RELEASE_OPT}" = "${PHP3_RELEASE_OPT}" ] || [ "${PHP2_RELEASE_OPT}" = "${PHP4_RELEASE_OPT}" ]; then
SAME_PHP_VERSION=true
fi
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ] && [ "${PHP3_RELEASE_OPT}" = "${PHP4_RELEASE_OPT}" ]; then
SAME_PHP_VERSION=true
fi
if ${SAME_PHP_VERSION}; then
do_exit 1 "Cannot install the same version of PHP for both releases."
fi
#ensure php2/3/4_release is not set twice
for php_number in {2..4}; do {
C=`grep -c -e "^php${php_number}_release=" ${OPTIONS_CONF}`
if [ "${C}" -gt 1 ]; then
grep -e "^php${php_number}_release=" ${OPTIONS_CONF}
do_exit 1 "php${php_number}_release has been set twice in the options.conf. This will cause problems. Edit it to remove one of them."
fi
C=`grep -c -e "^php${php_number}_mode=" ${OPTIONS_CONF}`
if [ "${C}" -gt 1 ]; then
grep -e "^php${php_number}_mode=" ${OPTIONS_CONF}
do_exit 1 "php${php_number}_mode has been set twice in the options.conf. This will cause problems. Edit it to remove one of them."
fi
};
done
# WARNING: REPETITION IS EVIL BUSINESS: it might be better to write it as a for loop
#php 5.5 and older will never compile with openssl 1.1.0
if [ "${PHP1_RELEASE_OPT}" = "5.3" ] || [ "${PHP1_RELEASE_OPT}" = "5.4" ] || [ "${PHP1_RELEASE_OPT}" = "5.5" ] || [ "${PHP2_RELEASE_OPT}" = "5.3" ] || [ "${PHP2_RELEASE_OPT}" = "5.4" ] || [ "${PHP2_RELEASE_OPT}" = "5.5" ] || [ "${PHP3_RELEASE_OPT}" = "5.3" ] || [ "${PHP3_RELEASE_OPT}" = "5.4" ] || [ "${PHP3_RELEASE_OPT}" = "5.5" ] || [ "${PHP4_RELEASE_OPT}" = "5.3" ] || [ "${PHP4_RELEASE_OPT}" = "5.4" ] || [ "${PHP4_RELEASE_OPT}" = "5.5" ]; then
OV=`openssl_version | cut -d. -f1,2`
if [ "${OV}" != "" ] && [ "`version_cmp ${OV} 1.1 'php 5.x vs openssl 1.1.0 ver check'`" -ge 0 ] && [ ! -e ${WORKDIR}/custom/fpm/.custom_openssl ]; then
do_exit 1 "php 5.3, 5.4, 5.5 cannot compile against openssl 1.1.0 or higher. Try php 5.6 or higher."
fi
fi
#php 8.0 and older will never compile with openssl 3.0
if echo "${PHP1_RELEASE_OPT}" | grep -q '^5\|^7\|^8\.0' || echo "${PHP2_RELEASE_OPT}" | grep -q '^5\|^7\|^8\.0' || echo "${PHP3_RELEASE_OPT}" | grep -q '^5\|^7\|^8\.0' || echo "${PHP4_RELEASE_OPT}" | grep -q '^5\|^7\|^8\.0'; then
OV=`openssl_version | cut -d. -f1,2`
if [ "${OV}" != "" ] && [ "`version_cmp ${OV} 3.0 'php 5.x and 7.x vs openssl 3.0 ver check'`" -ge 0 ] && [ ! -e ${WORKDIR}/custom/fpm/.custom_openssl ]; then
do_exit 1 "php 5.x, 7.x and 8.0 cannot compile against openssl 3.0 or higher. Try php 8.1 or higher."
fi
fi
if [ "${APACHE_VER_OPT}" != "2.4" ] && [ "${APACHE_VER_OPT}" != "" ]; then
do_exit 1 "Wrong apache_ver value set in ${OPTIONS_CONF}."
fi
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
if [ "${OS_CENTOS_VER}" != "7" ]; then
do_exit 1 "mod_ruid2 does not support CentOS8/9."
fi
fi
if [ "${FTPD_OPT}" = "pureftpd" ]; then
if [ -s "$DACONF_FILE" ]; then
UNIFIED_FTP=`/usr/local/directadmin/directadmin c | grep -m1 unified_ftp_password_file | cut -d= -f2`
if [ "$UNIFIED_FTP" != "1" ]; then
echo "unified_ftp_password_file is not set to 1. You must convert before you can use pureftpd"
echo "Please read this guide: https://www.directadmin.com/features.php?id=1134"
echo ""
echo "Simulation:"
echo " cd /usr/local/directadmin"
echo " echo 'action=convert&value=unifiedftp&simulate=yes' >> data/task.queue"
echo " ./dataskq d1"
echo ""
echo "Conversion:"
echo " cd /usr/local/directadmin"
echo " echo 'unified_ftp_password_file=1' >> conf/directadmin.conf"
echo " echo 'action=convert&value=unifiedftp' >> data/task.queue"
echo " ./dataskq d1"
do_exit 1 ""
fi
fi
fi
if [ "${CRON_FREQUENCY_OPT}" != "daily" ] && [ "${CRON_FREQUENCY_OPT}" != "weekly" ] && [ "${CRON_FREQUENCY_OPT}" != "monthly" ]; then
echo "Wrong cron_frequency value set in ${OPTIONS_CONF}"
echo "Current value: ${CRON_FREQUENCY_OPT}"
do_exit 1 "Valid values: daily, weekly, or monthly"
fi
if [ "${SA_UPDATE_OPT}" != "no" ] && [ "${SA_UPDATE_OPT}" != "daily" ] && [ "${SA_UPDATE_OPT}" != "weekly" ] && [ "${SA_UPDATE_OPT}" != "monthly" ]; then
echo "Wrong sa_update value set in ${OPTIONS_CONF}"
echo "Current value: ${SA_UPDATE_OPT}"
do_exit 1 "Valid values: no, daily, weekly, or monthly"
fi
if [ "${EASY_SPAM_FIGHTER_OPT}" = "yes" ] && [ "${SPAMD_OPT}" != "spamassassin" ] && [ "${SPAMD_OPT}" != "rspamd" ]; then
echo "easy_spam_fighter requires spamassassin to be enabled."
do_exit 1 "Install SpamAssassin: https://help.directadmin.com/item.php?id=36"
fi
if [ "${DOWNLOADSERVER_OPT}" = "files26.directadmin.com" ]; then
setOpt downloadserver damirror.unix-solutions.be
echo "files26 has been replaced with new name damirror.unix-solutions.be, used on the next run"
fi
if [ -e /usr/include/sys/select.h ] && [ ! -s /usr/include/sys/select.h ] && [ ! -e ${DEBIAN_VERSION} ]; then
echo "Found broken glibc-headers package, reinstalling..."
yum -y reinstall glibc-headers
fi
if [ ! -e ${DEBIAN_VERSION} ]; then
if [ -e /etc/yum.repos.d/oracle-linux-ol8.repo ] && [ ! -e /etc/yum.repos.d/oracle-epel-ol8.repo ]; then
yum -y install oraclelinux-release-el8
elif [ ! -e /etc/yum.repos.d/oracle-linux-ol8.repo ] && [ ! -e /etc/yum.repos.d/oracle-epel-ol8.repo ] && [ ! -e /etc/yum.repos.d/epel.repo ]; then
yum -y install epel-release
if [ ! -e /etc/yum.repos.d/epel.repo ]; then
if [ "${OS_CENTOS_VER}" = "7" ]; then
yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
elif [ "${OS_CENTOS_VER}" = "8" ]; then
yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
elif [ "${OS_CENTOS_VER}" = "9" ]; then
yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
fi
fi
fi
fi
}
json_toggle() {
JSON_CASE=1
}
JSON_CASE=0
case "$1" in
versions_json) json_toggle ;;
list_removals_json) json_toggle ;;
gen_help_json) json_toggle ;;
list_configs_json) json_toggle ;;
settings_json) json_toggle ;;
esac
GET_FILE_FAILED_COUNT=0
#getFile file.tar.gz name (localfile.tar.gz)
#getFile all/awstats/file.tar.gz awstats awstats.tar.gz
getFile() {
cd ${CWD}
TRY_DIFFERENT_THRESH=2
GIVE_UP_THRESH=5
LOCAL_NAME=$1
if [ "$3" != "" ]; then
LOCAL_NAME=$3
fi
if [ ! -s "${CWD}/${LOCAL_NAME}" ]; then
printf "Downloading\t\t${LOCAL_NAME}...\n"
if [ "$4" = "hexan" ]; then
safeDownloadWithMove "${CWD}/${LOCAL_NAME}" "${WEBPATH_BGIT}/${1}"
else
safeDownloadWithMove "${CWD}/${LOCAL_NAME}" "${WEBPATH}/${1}"
if [ ! -s "${CWD}/${LOCAL_NAME}" ]; then
echo "Downloaded file ${CWD}/${LOCAL_NAME} does not exist or is empty after download"
echo "cwd is: `pwd`"
echo "${boldon}Fileserver might be down, using the backup file server..${boldoff}"
safeDownloadWithMove "${CWD}/${LOCAL_NAME}" "${WEBPATH_BACKUP}/${1}"
if [ "${GET_FILE_FAILED_COUNT}" -eq ${GIVE_UP_THRESH} ]; then
echo ""
echo ""
echo "${boldon}There seem to be many connection issues. Check your network and /etc/resolv.conf file${boldoff}"
echo "Also try finding a faster server: https://help.directadmin.com/item.php?id=305"
echo ""
echo ""
sleep 5
#messages/changes will now stop because it's above.
GET_FILE_FAILED_COUNT=$((GET_FILE_FAILED_COUNT+1))
elif [ "${GET_FILE_FAILED_COUNT}" -lt ${GIVE_UP_THRESH} ]; then
GET_FILE_FAILED_COUNT=$((GET_FILE_FAILED_COUNT+1))
if [ "${GET_FILE_FAILED_COUNT}" -gt ${TRY_DIFFERENT_THRESH} ]; then
echo ""
echo "${boldon}Too many failed attempts with ${DOWNLOADSERVER_OPT}. Will try a different server.${boldoff}"
SET_DL=da-mirror.wpcloud.vn
case "${DOWNLOADSERVER_OPT}" in
da-mirror.wpcloud.vn) SET_DL=${WEBPATH_BACKUP_IP}
;;
files1.directadmin.com) SET_DL=${WEBPATH_BACKUP_IP}
;;
files2.directadmin.com) SET_DL=files1.directadmin.com
;;
files8.directadmin.com) SET_DL=files6.directadmin.com
;;
files11.directadmin.com) SET_DL=files6.directadmin.com
;;
files15.directadmin.com) SET_DL=files6.directadmin.com
;;
files16.directadmin.com) SET_DL=files6.directadmin.com
;;
esac
echo "${boldon}We'll temporarily try using $SET_DL instead${boldoff}"
echo ""
DOWNLOADSERVER_OPT=${SET_DL}
if echo "${DOWNLOADSERVERS_HTTPS_LIST}" | grep -m1 -q " ${DOWNLOADSERVER_OPT} "; then
DOWNLOADSERVER_SCHEME=https
else
DOWNLOADSERVER_SCHEME=http
fi
WEBPATH=http://da-mirror.wpcloud.vn/services/custombuild
WEBPATH_SERVICES=http://da-mirror.wpcloud.vn/services
sleep 2
fi
fi
fi
fi
fi
}
downloadVersionsTxt() {
#safeDownloadWithMove "${CWD}/versions.txt" "${WEBPATH}/versions.txt"
#safeDownloadWithMove "${CWD}/patches_versions.txt" "${WEBPATH}/patches_versions.txt"
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
safeDownloadWithMove "${CWD}/versions_litespeed.txt" "${WEBPATH_LITESPEED}/versions.txt"
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
safeDownloadWithMove "${CWD}/versions_cl.txt" "${WEBPATH_CL}/${VERSIONS_CL}"
fi
if [ "${MODSECURITY_OPT}" = "yes" ] && [ "${MODSECURITY_RULESET_OPT}" = "comodo" ]; then
safeDownloadWithMove "${VERSIONS_FILE_CWAF}" "${WEBPATH_CWAF}/doc/comodo_versions.txt"
fi
}
SKIP_LDCONFIG_SECTION=0
skip_ldconfig_toggle() {
SKIP_LDCONFIG_SECTION=1
}
case "$1" in
"") skip_ldconfig_toggle ;;
opt_help) skip_ldconfig_toggle ;;
set) skip_ldconfig_toggle ;;
set_php) skip_ldconfig_toggle ;;
get_versions_txt) skip_ldconfig_toggle ;;
update_script) skip_ldconfig_toggle ;;
version) skip_ldconfig_toggle ;;
set_fastest) skip_ldconfig_toggle ;;
set_fastest_quiet) skip_ldconfig_toggle ;;
kill) skip_ldconfig_toggle ;;
update_da) skip_ldconfig_toggle ;;
list_configs_json) skip_ldconfig_toggle ;;
settings_json) skip_ldconfig_toggle ;;
get_timezone) skip_ldconfig_toggle ;;
custom_config) skip_ldconfig_toggle ;;
set_versions_txt) skip_ldconfig_toggle ;;
show_component_config) skip_ldconfig_toggle ;;
remove_customized_config) skip_ldconfig_toggle ;;
show_file) skip_ldconfig_toggle ;;
check_options) skip_ldconfig_toggle ;;
esac
if [ "${SKIP_LDCONFIG_SECTION}" = "0" ]; then
#Is the default PHP running as CGI? This variable is not used anymore, but left for the future
GREP_PHP_MODE="`grep -m1 '^php1_mode=' ${WORKDIR}/options.conf | cut -d= -f2`"
# Get apache version from directadmin.conf
DACONF_APACHE_VER=1.3
if [ -e ${DACONF_FILE} ]; then
DACONF_APACHE_VER=`grep -m1 "^apache_ver=" ${DACONF_FILE} | cut -d= -f2`
fi
# Download versions.txt if AUTOVER_OPT is set to "yes"
if [ "${AUTOVER_OPT}" = "yes" ]; then
downloadVersionsTxt
fi
# Check if ld.so.conf has /usr/local/lib
if [ ! -e /etc/ld.so.conf ] || [ "`grep -m1 -c -E '/usr/local/lib$' /etc/ld.so.conf`" = "0" ]; then
echo "/usr/local/lib" >> /etc/ld.so.conf
/sbin/ldconfig
fi
# Check if ld.so.conf has /usr/local/lib
if [ -d /usr/local/lib64 ]; then
if [ ! -e /etc/ld.so.conf ] || [ "`grep -m1 -c -E '/usr/local/lib64$' /etc/ld.so.conf`" = "0" ]; then
echo "/usr/local/lib64" >> /etc/ld.so.conf
/sbin/ldconfig
fi
fi
if [ "$1" = "apache" ] || [ "$1" = "nginx_apache" ]; then
if [ "`grep -m1 -c -E '^/usr/lib/apache$' /etc/ld.so.conf`" = "1" ]; then
perl -pi -e 's|^/usr/lib/apache|#/usr/lib/apache|' /etc/ld.so.conf
/sbin/ldconfig
fi
fi
fi
getFileCL() {
cd ${CWD}
if [ ! -s ${1} ]; then
safeDownloadWithMove "${CWD}/${1}" "${WEBPATH_CL}/${1}"
tar xzf ${1} --no-same-owner
fi
}
getFileCWAF() {
cd ${CWD}
if [ ! -s ${1} ]; then
safeDownloadWithMove "${CWD}/${1}" "${WEBPATH_CWAF}/api/da_vendor?file=${1}"
tar xzf ${1} --no-same-owner
fi
}
getFileLSWS() {
cd ${CWD}
if [ ! -s ${1} ]; then
safeDownloadWithMove "${CWD}/${1}" ${WEBPATH_LITESPEED}/${LITESPEED_REPO}/${1}
fi
}
####################################################
add_to_system_backup() {
SB_TYPE=$1
SB_WHERE=$2
F=/usr/local/sysbk/mod/custom.$SB_TYPE
if [ ! -e ${F} ]; then
return;
fi
if [ ! -e ${SB_WHERE} ]; then
echo "add_to_system_backups: cannot find $SB_WHERE to add to $F";
return;
fi
C=`grep -c -e "^${SB_WHERE}\$" $F`
if [ "$C" -gt 0 ]; then
return;
fi
echo "${SB_WHERE}" >> $F
echo "$SB_WHERE added to $F";
}
####################################################
# Rewrite directadmin-vhosts.conf
doVhosts() {
PATHNAME=${HTTPDCONF}/extra
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
PATHNAME=${NGINXCONF}
elif [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
PATHNAME=${LSWS_HOME}/conf
fi
if [ ! -d ${PATHNAME} ]; then
mkdir -p ${PATHNAME}
fi
echo -n '' > ${PATHNAME}/directadmin-vhosts.conf
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
for i in `ls /usr/local/directadmin/data/users/*/nginx.conf`; do
echo "include $i;" >> ${PATHNAME}/directadmin-vhosts.conf
done
elif [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ]; then
for i in `ls /usr/local/directadmin/data/users/*/httpd.conf`; do
echo "Include $i" >> ${PATHNAME}/directadmin-vhosts.conf
done
elif [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
for i in `ls /usr/local/directadmin/data/users/*/openlitespeed.conf`; do
echo "include $i" >> ${PATHNAME}/directadmin-vhosts.conf
done
elif [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo -n '' > ${NGINXCONF}/directadmin-vhosts.conf
for i in `ls /usr/local/directadmin/data/users/*/nginx.conf`; do
echo "include $i;" >> ${NGINXCONF}/directadmin-vhosts.conf
done
for i in `ls /usr/local/directadmin/data/users/*/httpd.conf`; do
echo "Include $i" >> ${PATHNAME}/directadmin-vhosts.conf
done
fi
}
####################################################
# We need this up for compatibility purposes
PHP_INI_OPT=`getOpt php_ini no`
roundcube_version() {
RCVERFILE=/var/www/html/roundcube/program/include/iniset.php
if [ ! -e $RCVERFILE ]; then
echo 0
return
fi
grep -m1 "RCMAIL_VERSION" $RCVERFILE | cut -d\' -f4 | cut -d\ -f1
}
exim_version() {
/usr/sbin/exim -bV 2>/dev/null | grep -m1 'built' | head -n1 | awk '{ print $3 }' | tr '_' '.'
}
exim_conf_version() {
COUNT=0
T_EXIMCONFV=0
if [ -e /etc/exim.conf ]; then
COUNT=`head -n1 /etc/exim.conf | grep -c 'Version'`
if [ "${COUNT}" -gt 0 ]; then
T_EXIMCONFV="`head -n1 /etc/exim.conf | awk '{ print $6 }'`"
fi
if [ "${T_EXIMCONFV}" = "0" ]; then
COUNT=`head -n2 /etc/exim.conf | grep -c release`
if [ "${COUNT}" -gt 0 ]; then
T_EXIMCONFV="`head -n2 /etc/exim.conf | grep release | awk '{ print $2 }' | cut -d. -f4,5,6 | cut -d- -f1`"
fi
fi
fi
if [ "${T_EXIMCONFV}" = "0" ]; then
writeLog "exim_conf_version: Cannot determine version of /etc/exim.conf";
fi
echo $T_EXIMCONFV
}
exim_dkim_conf_version() {
T_EXIMDKIMV=0
if [ -e /etc/exim.dkim.conf ]; then
T_EXIMDKIMV=`head -n1 /etc/exim.dkim.conf | cut -d\# -f2`
fi
if [ "${T_EXIMDKIMV}" = "" ]; then
T_EXIMDKIMV=0
fi
echo ${T_EXIMDKIMV}
}
exim_pl_version() {
EPL=/etc/exim.pl
if [ ! -s ${EPL} ]; then
echo 0
return;
fi
grep '#VERSION=' /etc/exim.pl | head -n1 | cut -d= -f2
}
rspamd_conf_version() {
COUNT=0
T_RSDV=0
RSDTXT=/etc/exim/rspamd/README.txt
if [ -e ${RSDTXT} ]; then
COUNT=`head -n1 ${RSDTXT} | grep -c '^#'`
if [ "${COUNT}" -gt 0 ]; then
T_RSDV="`head -n1 ${RSDTXT} | cut -d'#' -f2`"
fi
fi
echo ${T_RSDV}
}
getVerLSWS() {
RESULT=`grep -m1 ^$1: ${VERSIONS_FILE_LITESPEED} | cut -d ':' -f 2`
if ${EXISTS_VERSIONS_FILE_CUSTOM}; then
if grep -m1 -q ^$1: ${VERSIONS_FILE_CUSTOM}; then
RESULT=`grep -m1 ^$1: ${VERSIONS_FILE_CUSTOM} | cut -d ':' -f 2`
fi
fi
if [ "${RESULT}" = "" ]; then
>&2 echo "ERROR: version of $1 not found in versions_litespeed.txt!"
RESULT="0"
fi
echo "${RESULT}"
}
getVerCL() {
RESULT=`grep -m1 ^$1: ${VERSIONS_FILE_CL} | cut -d ':' -f 2`
if ${EXISTS_VERSIONS_FILE_CUSTOM}; then
if grep -m1 -q ^$1: ${VERSIONS_FILE_CUSTOM}; then
RESULT=`grep -m1 ^$1: ${VERSIONS_FILE_CUSTOM} | cut -d ':' -f 2`
fi
fi
if [ "${RESULT}" = "" ]; then
>&2 echo "ERROR: version of $1 not found in versions_cl.txt!"
RESULT="0"
fi
echo "${RESULT}"
}
getVerCWAF() {
RESULT=`grep -m1 ^$1: ${VERSIONS_FILE_CWAF} | cut -d ':' -f 2`
if ${EXISTS_VERSIONS_FILE_CUSTOM}; then
if grep -m1 -q ^$1: ${VERSIONS_FILE_CUSTOM}; then
RESULT=`grep -m1 ^$1: ${VERSIONS_FILE_CUSTOM} | cut -d ':' -f 2`
fi
fi
if [ "${RESULT}" = "" ]; then
>&2 echo "ERROR: version of $1 not found in versions_cwaf.txt!"
RESULT="0"
fi
echo "${RESULT}"
}
GET_SERVICE_VERSIONS=1
dont_skip_toggle() {
GET_SERVICE_VERSIONS=0
}
case "$1" in
"") dont_skip_toggle ;;
version) dont_skip_toggle ;;
kill) dont_skip_toggle ;;
update_da) dont_skip_toggle ;;
get_timezone) dont_skip_toggle ;;
set_versions_txt) dont_skip_toggle ;;
show_file) dont_skip_toggle ;;
settings_json) dont_skip_toggle ;;
check_options) dont_skip_toggle ;;
opt_help) dont_skip_toggle ;;
get_versions_txt) dont_skip_toggle ;;
update_script) dont_skip_toggle ;;
set_fastest) dont_skip_toggle ;;
set_fastest_quiet) dont_skip_toggle ;;
esac
if [ "$1" = "gen_help_json" ] && [ "$2" != "" ]; then
GET_SERVICE_VERSIONS=0
fi
# check if we have versions.txt
if [ ! -s ${VERSIONS_FILE} ]; then
cd ${WORKDIR}
getFile versions.txt versions.txt versions.txt hexan
# Hexan
fi
if [ ! -s ${VERSIONS_FILE} ]; then
do_exit 1 "There is no versions.txt file. Unable to download."
else
SOURCE_VERSIONS_TXT=`awk -F ":" '{gsub(/\./,"_",$1);gsub(/-/,"_",$1);print "VERSIONS_TXT_"$1"="$2}' ./versions.txt`
eval ${SOURCE_VERSIONS_TXT}
if [ -s ./custom_versions.txt ]; then
SOURCE_VERSIONS_TXT=`awk -F ":" '{gsub(/\./,"_",$1);gsub(/-/,"_",$1);print "VERSIONS_TXT_"$1"="$2}' ./custom_versions.txt`
eval ${SOURCE_VERSIONS_TXT}
fi
fi
# check if we have patches_versions.txt
#if [ ! -s ${PATCHES_VERSIONS_FILE} ]; then
# cd ${WORKDIR}
# getFile patches_versions.txt patches_versions
#fi
#if [ ! -s ${PATCHES_VERSIONS_FILE} ]; then
# do_exit 1 "There is no versions.txt file. Unable to download."
#fi
#The following one needs an exception:
ROUNDCUBE_VER=`getVer roundcubemail`
ROUNDCUBE_MAJOR_VER=`echo ${ROUNDCUBE_VER} | cut -d. -f1`
if [ "${PHP1_RELEASE_OPT}" = "5.3" ]; then
SQUIRRELMAIL_VER=`getVer squirrelmail`
SQUIRRELMAIL_VER_NAME=squirrelmail
else
SQUIRRELMAIL_VER=`getVer squirrelmail_svn`
SQUIRRELMAIL_VER_NAME=squirrelmail_svn
fi
if [ "${GET_SERVICE_VERSIONS}" = "1" ]; then
if [ "$1" != "list_configs_json" ] && [ "$1" != "custom_config" ] && [ "$1" != "show_component_config" ] && [ "$1" != "remove_customized_config" ]; then
if [ "${WEBSERVER_OPT}" = "litespeed" ] && [ ! -e versions_litespeed.txt ] ; then
getFile versions_litespeed.txt versions_litespeed
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ ! -e versions_cl.txt ]; then
getFile versions_cl.txt versions_cl
fi
if [ "${MODSECURITY_OPT}" = "yes" ] && [ "${MODSECURITY_RULESET_OPT}" = "comodo" ] && [ ! -e versions_cwaf.txt ]; then
getFile versions_cwaf.txt versions_cwaf
fi
#####################################################
# User Variables
MOD_LSAPI_VER=no
MOD_HOSTINGLIMITS_VER=no
MOD_PROCTITLE_VER=no
CL_PHP_LSAPI_VER=no
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
MOD_LSAPI_VER=`getVerCL mod_lsapi`
MOD_HOSTINGLIMITS_VER=`getVerCL mod_hostinglimits`
MOD_PROCTITLE_VER=`getVerCL mod_proctitle`
CL_PHP_LSAPI_VER=`getVerCL php-litespeed`
fi
NGINX_VER=`getVer nginx`
APACHE2_VER=`getVer apache2.4`
APR_VER=`getVer apr`
APR_UTIL_VER=`getVer apr-util`
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
PHP_VERSION_NUMBER=`getVer php${php_shortrelease}`
eval `echo "PHP${php_shortrelease}_VER=${PHP_VERSION_NUMBER}"`
done
PHP1_VERSION_EVAL_VAR=PHP${PHP1_SHORTRELEASE}_VER
PHP1_RELEASE_VER=$(eval_var ${PHP1_VERSION_EVAL_VAR})
PHP2_RELEASE_VER=no
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
PHP2_VERSION_EVAL_VAR=PHP${PHP2_SHORTRELEASE}_VER
PHP2_RELEASE_VER=$(eval_var ${PHP2_VERSION_EVAL_VAR})
fi
PHP3_RELEASE_VER=no
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
PHP3_VERSION_EVAL_VAR=PHP${PHP3_SHORTRELEASE}_VER
PHP3_RELEASE_VER=$(eval_var ${PHP3_VERSION_EVAL_VAR})
fi
PHP4_RELEASE_VER=no
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
PHP4_VERSION_EVAL_VAR=PHP${PHP4_SHORTRELEASE}_VER
PHP4_RELEASE_VER=$(eval_var ${PHP4_VERSION_EVAL_VAR})
fi
MODSECURITY_VER=`getVer modsecurity`
MODSECURITY_FILENAME=modsecurity
LIBMODSECURITY_VER=`getVer modsecurity3`
LIBMODSECURITY_FILENAME=modsecurity
MODSECURITY_NGINX_CONNECTOR_VER=`getVer modsecurity3_nginx`
MODSECURITY_NGINX_CONNECTOR_FILENAME=modsecurity-nginx
MODSECURITY_APACHE_CONNECTOR_VER=`getVer modsecurity3_apache`
MODSECURITY_APACHE_CONNECTOR_FILENAME=modsecurity-apache
if [ "${MODSECURITY_RULESET_OPT}" = "comodo" ] && [ "${MODSECURITY_OPT}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
CWAF_RULES_LS_VER=`getVerCWAF cwaf_rules_ls`
elif [ "${WEBSERVER_OPT}" = "apache" ]; then
CWAF_RULES_VER=`getVerCWAF cwaf_rules`
else
CWAF_RULES_NGINX_VER=`getVerCWAF cwaf_rules_nginx_3`
fi
fi
OWASP_RULES_VER=`getVer owasp3_rules`
HTSCANNER_VER=`getVer htscanner`
MOD_RUID2_VER=`getVer mod_ruid2`
MOD_ACLR2_VER=`getVer mod_aclr2`
MOD_FCGID_VER=`getVer mod_fcgid`
FCGID_SH_VER=`getVer fcgid_sh`
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
if [ "${MYSQL_OPT}" = "5.5" ]; then
MYSQL_VER=`getVer mysql5.5`
elif [ "${MYSQL_OPT}" = "5.6" ]; then
MYSQL_VER=`getVer mysql5.6`
elif [ "${MYSQL_OPT}" = "5.7" ]; then
MYSQL_VER=`getVer mysql5.7`
elif [ "${MYSQL_OPT}" = "8.0" ]; then
MYSQL_VER=`getVer mysql8.0`
else
MYSQL_VER=0
fi
else
if [ "${MARIADB_OPT}" = "5.5" ]; then
MARIADB_VER=`getVer mariadb5.5`
elif [ "${MARIADB_OPT}" = "10.0" ]; then
MARIADB_VER=`getVer mariadb10.0`
elif [ "${MARIADB_OPT}" = "10.1" ]; then
MARIADB_VER=`getVer mariadb10.1`
elif [ "${MARIADB_OPT}" = "10.2" ]; then
MARIADB_VER=`getVer mariadb10.2`
elif [ "${MARIADB_OPT}" = "10.3" ]; then
MARIADB_VER=`getVer mariadb10.3`
elif [ "${MARIADB_OPT}" = "10.4" ]; then
MARIADB_VER=`getVer mariadb10.4`
elif [ "${MARIADB_OPT}" = "10.5" ]; then
MARIADB_VER=`getVer mariadb10.5`
elif [ "${MARIADB_OPT}" = "10.6" ]; then
MARIADB_VER=`getVer mariadb10.6`
else
MARIADB_VER=0
fi
fi
CURL_VER=`getVer curl`
SUPHP_VER=`getVer suphp_current`
DOVECOT_VER=`getVer dovecot`
DOVECOT_REL=`echo ${DOVECOT_VER} | cut -d. -f1,2`
PIGEONHOLE_VER=no
if [ "${DOVECOT_REL}" = "2.3" ]; then
DOVECOT_SHORTREL=23
PIGEONHOLE_VER=`getVer pigeonhole23`
fi
FTS_XAPIAN_VER=`getVer fts-xapian`
XAPIAN_CORE_VER=`getVer xapian-core`
BUBBLEWRAP_VER=`getVer bubblewrap`
JAILSHELL_SH_VER=`getVer jailshell_sh`
EXIM_VER=`getVer exim`
S_NAIL_VER=`getVer s-nail`
MSMTP_VER=`getVer msmtp`
LUA_VER=`getVer lua`
BLOCKCRACKING_VER=`getVer blockcracking`
EASY_SPAM_FIGHTER_VER=`getVer easy_spam_figther`
RSPAMD_CONF_VER=`getVer rspamd_conf`
LIBSPF2_VER=`getVer libspf2`
if [ "${EXIMCONF_RELEASE_OPT}" = "4.5" ]; then
EXIM_CONF_VER=`getVer exim_conf_45`
EXIM_PL_VER=`getVer exim_pl_45`
else
EXIM_CONF_VER=`getVer exim_conf_45`
EXIM_PL_VER=`getVer exim_pl_45`
fi
PROFTPD_VER=`getVer proftpd`
PUREFTPD_VER=`getVer pureftpd`
LIBZIP_VER=`getVer libzip`
COMPOSER_VER=`getVer composer`
WP_VER=`getVer wp-cli`
IMAPSYNC_VER=`getVer imapsync`
LEGO_VER=`getVer lego`
IMAGICK_VER=`getVer imagick`
XMLRPC_VER=`getVer xmlrpc`
IMAGEMAGICK_VER=`getVer imagemagick`
CLAMAV_VER=`getVer clamav`
AWSTATS_VER=`getVer awstats`
AWSTATS_PROCESS_VER=`getVer awstats_process`
UNIT_VER=`getVer unit`
SUHOSIN_VER=`getVer suhosin`
OPCACHE_VER=`getVer zendopcache`
IGBINARY_VER=`getVer igbinary`
PSR_VER=`getVer psr`
PHALCON_VER=`getVer phalcon`
REDIS_VER=`getVer redis`
PHPREDIS_VER=`getVer phpredis`
SNUFFLEUPAGUS_VER=`getVer snuffleupagus`
IMAP_VER=`getVer imap`
if [ "${B64}" = "1" ]; then
IONCUBE_VER=`getVer ioncube_loaders_lin_x86-64`
elif [ "${B64}" = "2" ]; then
IONCUBE_VER=`getVer ioncube_loaders_lin_aarch64`
fi
LIBMAXMINDDB_VER=`getVer libmaxminddb`
GEOIPUPDATE_VER=`getVer geoipupdate`
# Applications versions
PHPMYADMIN_REMOTE_PATCH=pma_auth_logging.patch
if [ "${PHPMYADMIN_VER_OPT}" = "5" ]; then
PHPMYADMIN_VER=`getVer phpmyadmin5`
else
PHPMYADMIN_VER=`getVer phpmyadmin4`
fi
SQUIRRELMAIL_LOCALE_VER=`getVer squirrelmail_locale`
SQUIRRELMAIL_LOGGER_VER=`getVer squirrel_logger`
OPENLITESPEED_VER=`getVer openlitespeed`
LITESPEED_VER=no
LETSENCRYPT_VER=`getVer letsencrypt_sh`
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
LITESPEED_MAIN_VER=`getVerLSWS release`
LITESPEED_REPO_START=`echo ${LITESPEED_MAIN_VER} | cut -d. -f1`
LITESPEED_REPO="${LITESPEED_REPO_START}.0"
if [ "${B64}" = "1" ]; then
LITESPEED_VER_NAME="lsws-${LITESPEED_MAIN_VER}-ent-x86_64-linux"
else
LITESPEED_VER_NAME="lsws-${LITESPEED_MAIN_VER}-ent-aarch64-linux"
fi
LITESPEED_VER=`getVerLSWS ${LITESPEED_VER_NAME}`
LSWS_OS="linux"
if [ "${B64}" = "1" ]; then
LITESPEED_NAME="lsws-${LITESPEED_VER}-ent-x86_64-${LSWS_OS}"
else
LITESPEED_NAME="lsws-${LITESPEED_VER}-ent-aarch64-${LSWS_OS}"
fi
fi
# SpamAssassin versions
SPAMASSASSIN_VER=`getVer spamassassin`
RSPAMD_VER=`getVer rspamd`
LITESPEED_TRIAL_KEY=${WORKDIR}/configure/litespeed/trial.key
if [ -e ${WORKDIR}/custom/litespeed/trial.key ]; then
LITESPEED_TRIAL_KEY=${WORKDIR}/custom/litespeed/trial.key
fi
fi
# Variable for proftpd
PROFTPD_CONFIGURE=configure/proftpd/configure.proftpd
if [ -e custom/proftpd/configure.proftpd ]; then
PROFTPD_CONFIGURE=custom/proftpd/configure.proftpd
fi
PROFTPD_CONF=configure/proftpd/conf/proftpd.conf
if [ -e custom/proftpd/conf/proftpd.conf ]; then
PROFTPD_CONF=custom/proftpd/conf/proftpd.conf
fi
# Variable for ImageMagick
IMAGEMAGICK_CONFIGURE=configure/imagemagick/configure.imagemagick
if [ -e custom/imagemagick/configure.imagemagick ]; then
IMAGEMAGICK_CONFIGURE=custom/imagemagick/configure.imagemagick
fi
# Variable for pureftpd
PUREFTPD_CONFIGURE=configure/pureftpd/configure.pureftpd
if [ -e custom/pureftpd/configure.pureftpd ]; then
PUREFTPD_CONFIGURE=custom/pureftpd/configure.pureftpd
fi
PUREFTPD_CONF=configure/pureftpd/pure-ftpd.conf
if [ -e custom/pureftpd/pure-ftpd.conf ]; then
PUREFTPD_CONF=custom/pureftpd/pure-ftpd.conf
fi
# Variable for ClamAV
CLAMAV_CONFIGURE=configure/clamav/configure.clamav
if [ -e custom/clamav/configure.clamav ]; then
CLAMAV_CONFIGURE=custom/clamav/configure.clamav
fi
#Variable for ModSecurity
if [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ "${WEBSERVER_OPT}" = "nginx" ]; then
MODSECURITY_CONFIGURE=configure/modsecurity/configure.modsecurity
if [ -e custom/modsecurity/configure.modsecurity ]; then
MODSECURITY_CONFIGURE=custom/modsecurity/configure.modsecurity
fi
else
MODSECURITY_CONFIGURE=configure/ap2/configure.modsecurity
if [ -e custom/ap2/configure.modsecurity ]; then
MODSECURITY_CONFIGURE=custom/ap2/configure.modsecurity
fi
fi
# Variable for cURL
CURL_CONFIGURE=configure/curl/configure.curl
if [ -e custom/curl/configure.curl ]; then
CURL_CONFIGURE=custom/curl/configure.curl
fi
# Variables for ModSecurity uploadscan
RUNAV_PL=configure/clamav/runav.pl
if [ -e custom/clamav/runav.pl ]; then
RUNAV_PL=custom/clamav/runav.pl
fi
RUNAV_CONF=configure/clamav/runav.conf
if [ -e custom/clamav/runav.conf ]; then
RUNAV_CONF=custom/clamav/runav.conf
fi
# Variable for OPCACHE
OPCACHE_INI=configure/opcache/opcache.ini
if [ -e custom/opcache/opcache.ini ]; then
OPCACHE_INI=custom/opcache/opcache.ini
fi
# Variable for SUHOSIN
SUHOSIN_INI=configure/suhosin/suhosin.ini
if [ -e custom/suhosin/suhosin.ini ]; then
SUHOSIN_INI=custom/suhosin/suhosin.ini
fi
EXIM_MAKEFILE=""
if [ -e custom/exim/Makefile ]; then
EXIM_MAKEFILE=${CWD}/custom/exim/Makefile
fi
# Dovecot variables
DOVECOT_CONFIGURE=configure/dovecot/configure.dovecot
if [ -e custom/dovecot/configure.dovecot ]; then
DOVECOT_CONFIGURE=custom/dovecot/configure.dovecot
#to solve bogus ICU linking in FTS plugin of dovecot
if ! grep -m1 -q without-icu ${DOVECOT_CONFIGURE}; then
perl -pi -e 's|^\./configure |./configure --without-icu |g' ${DOVECOT_CONFIGURE}
fi
fi
DOVECOTCONFDIR=${WORKDIR}/configure/dovecot/conf
DOVECOTCUSTOMCONFDIR=0
if [ -d ${WORKDIR}/custom/dovecot/conf ]; then
DOVECOTCUSTOMCONFDIR=${WORKDIR}/custom/dovecot/conf
fi
DOVECTCONFFILE=${WORKDIR}/configure/dovecot/dovecot.conf
if [ -e ${WORKDIR}/custom/dovecot/dovecot.conf ]; then
DOVECTCONFFILE=${WORKDIR}/custom/dovecot/dovecot.conf
fi
DOVECTCONFSIEVE=${WORKDIR}/configure/dovecot/conf.d/90-sieve.conf
if [ -e ${WORKDIR}/custom/dovecot/conf.d/90-sieve.conf ]; then
DOVECTCONFSIEVE=${WORKDIR}/custom/dovecot/conf.d/90-sieve.conf
fi
DOVECTCONFFTS=${WORKDIR}/configure/dovecot/conf.d/90-fts-xapian.conf
if [ -e ${WORKDIR}/custom/dovecot/conf.d/90-fts-xapian.conf ]; then
DOVECTCONFFTS=${WORKDIR}/custom/dovecot/conf.d/90-fts-xapian.conf
fi
DOVECTCONFQUOTA=${WORKDIR}/configure/dovecot/conf.d/90-quota.conf
if [ -e ${WORKDIR}/custom/dovecot/conf.d/90-quota.conf ]; then
DOVECTCONFQUOTA=${WORKDIR}/custom/dovecot/conf.d/90-quota.conf
fi
DOVECOTCONFZLIB=${WORKDIR}/configure/dovecot/conf.d/90-zlib.conf
if [ -e ${WORKDIR}/custom/dovecot/conf.d/90-zlib.conf ]; then
DOVECOTCONFZLIB=${WORKDIR}/custom/dovecot/conf.d/90-zlib.conf
fi
# Variables for spamd
SPAMD_CONF=configure/${SPAMD_OPT}/exim.spamd.conf
if [ -e custom/${SPAMD_OPT}/exim.spamd.conf ]; then
SPAMD_CONF=custom/${SPAMD_OPT}/exim.spamd.conf
fi
# Variables for apache
APACHE2_CONFIGURE=configure/ap2/configure.apache
if [ -e custom/ap2/configure.apache ]; then
APACHE2_CONFIGURE=custom/ap2/configure.apache
fi
PHP_HANDLERS_HTTPD=/etc/httpd/conf/extra/httpd-php-handlers.conf
SUPHP_HTTPD=/etc/httpd/conf/extra/httpd-suphp.conf
APCONFDIR=${WORKDIR}/configure/${APCONF}/conf
APCUSTOMCONFDIR=0
#custom/configure isn't supposed to be there
if [ -d ${WORKDIR}/custom/configure/${APCONF}/conf ]; then
APCUSTOMCONFDIR=${WORKDIR}/custom/configure/${APCONF}/conf
fi
if [ -d ${WORKDIR}/custom/${APCONF}/conf ]; then
APCUSTOMCONFDIR=${WORKDIR}/custom/${APCONF}/conf
fi
APCERTCONF=configure/${APCONF}/cert_config.txt
if [ -e custom/configure/${APCONF}/cert_config.txt ]; then
APCERTCONF=custom/configure/${APCONF}/cert_config.txt
fi
if [ -e custom/${APCONF}/cert_config.txt ]; then
APCERTCONF=custom/${APCONF}/cert_config.txt
fi
# Variables for unit
UNIT_CONFIGURE=configure/unit/configure.unit
if [ -e custom/unit/configure.unit ]; then
UNIT_CONFIGURE=custom/unit/configure.unit
fi
# Variables for openlitespeed
OPENLITESPEED_CONFIGURE=configure/openlitespeed/configure.openlitespeed
if [ -e custom/openlitespeed/configure.openlitespeed ]; then
OPENLITESPEED_CONFIGURE=custom/openlitespeed/configure.openlitespeed
fi
OPENLITESPEEDCONFDIR=${WORKDIR}/configure/openlitespeed/conf
OPENLITESPEEDCUSTOMCONFDIR=0
if [ -d ${WORKDIR}/custom/openlitespeed/conf ]; then
OPENLITESPEEDCUSTOMCONFDIR=${WORKDIR}/custom/openlitespeed/conf
fi
OPENLITESPEED_EXTPROCESSORS_TEMPLATE=configure/openlitespeed/httpd-extprocessors.template
if [ -e custom/openlitespeed/httpd-extprocessors.template ]; then
OPENLITESPEED_EXTPROCESSORS_TEMPLATE=custom/openlitespeed/httpd-extprocessors.template
fi
OPENLITESPEED_WEBAPPS_EXTPROCESSOR_TEMPLATE=configure/openlitespeed/httpd-webapps-extprocessor.template
if [ -e custom/openlitespeed/httpd-webapps-extprocessor.template ]; then
OPENLITESPEED_WEBAPPS_EXTPROCESSOR_TEMPLATE=custom/openlitespeed/httpd-webapps-extprocessor.template
fi
# Variables for nginx
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
NGINX_CONFIGURE=configure/nginx_reverse/configure.nginx
if [ -e custom/nginx_reverse/configure.nginx ]; then
NGINX_CONFIGURE=custom/nginx_reverse/configure.nginx
fi
NGINXCONFDIR=${WORKDIR}/configure/nginx_reverse/conf
NGINXCUSTOMCONFDIR=0
if [ -d ${WORKDIR}/custom/nginx_reverse/conf ]; then
NGINXCUSTOMCONFDIR=${WORKDIR}/custom/nginx_reverse/conf
fi
else
NGINX_CONFIGURE=configure/nginx/configure.nginx
if [ -e custom/nginx/configure.nginx ]; then
NGINX_CONFIGURE=custom/nginx/configure.nginx
fi
NGINXCONFDIR=${WORKDIR}/configure/nginx/conf
NGINXCUSTOMCONFDIR=0
if [ -d ${WORKDIR}/custom/nginx/conf ]; then
NGINXCUSTOMCONFDIR=${WORKDIR}/custom/nginx/conf
fi
fi
NGINXTEMPLATESDIR=${WORKDIR}/configure/nginx_templates
NGINXCUSTOMEMPLATESDIR=0
if [ -d ${WORKDIR}/custom/nginx_templates ]; then
NGINXCUSTOMEMPLATESDIR=${WORKDIR}/custom/nginx_templates
fi
MODSECURITY_APACHE_INCLUDE=${WORKDIR}/configure/ap2/conf/extra/httpd-modsecurity.conf
if [ -e ${WORKDIR}/custom/ap2/conf/extra/httpd-modsecurity.conf ]; then
MODSECURITY_APACHE_INCLUDE=${WORKDIR}/custom/ap2/conf/extra/httpd-modsecurity.conf
fi
MODSECURITY_NGINX_INCLUDE=${WORKDIR}/configure/nginx/conf/nginx-modsecurity.conf
if [ -e ${WORKDIR}/custom/nginx/conf/nginx-modsecurity.conf ]; then
MODSECURITY_NGINX_INCLUDE=${WORKDIR}/custom/nginx/conf/nginx-modsecurity.conf
fi
if [ -s ${WORKDIR}/configure/openlitespeed/conf/httpd-listeners.conf ]; then
rm -f ${WORKDIR}/configure/openlitespeed/conf/httpd-listeners.conf
fi
MODSECURITY_OPENLITESPEED_INCLUDE=${WORKDIR}/configure/openlitespeed/conf/httpd-modsecurity.conf
if [ -e ${WORKDIR}/custom/openlitespeed/conf/httpd-modsecurity.conf ]; then
MODSECURITY_OPENLITESPEED_INCLUDE=${WORKDIR}/custom/openlitespeed/conf/httpd-modsecurity.conf
fi
MODSECURITY_NGINX_REVERSE_INCLUDE=${WORKDIR}/configure/nginx_reverse/conf/nginx-modsecurity.conf
if [ -e ${WORKDIR}/custom/nginx_reverse/conf/nginx-modsecurity.conf ]; then
MODSECURITY_NGINX_REVERSE_INCLUDE=${WORKDIR}/custom/nginx_reverse/conf/nginx-modsecurity.conf
fi
MODSECURITY_CUSTOM_RULES=${WORKDIR}/custom/modsecurity/conf
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
# Variables for php-fpm
eval `echo "PHP${php_shortrelease}_CONFIGURE_FPM=configure/php/configure.php${php_shortrelease}"`
if [ -e custom/fpm/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE_FPM=custom/fpm/configure.php${php_shortrelease}"`
fi
if [ -e custom/php/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE_FPM=custom/php/configure.php${php_shortrelease}"`
fi
eval `echo "PHP${php_shortrelease}_FPM_CONF=${WORKDIR}/configure/fpm/conf/php-fpm.conf.${php_shortrelease}"`
if [ -e ${WORKDIR}/custom/fpm/conf/php-fpm.conf.${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_FPM_CONF=${WORKDIR}/custom/fpm/conf/php-fpm.conf.${php_shortrelease}"`
fi
eval `echo "PHP_INI_FPM${php_shortrelease}=/usr/local/php${php_shortrelease}/lib/php.ini"`
eval `echo "PHP_SBIN_FPM${php_shortrelease}=/usr/local/php${php_shortrelease}/sbin/php-fpm${php_shortrelease}"`
# Variables for PHP as suPHP
EVAL_PHP_INI_SUPHP_VAR=PHP_SBIN_FPM${php_shortrelease}
eval `echo "PHP_INI_SUPHP${php_shortrelease}=$(eval_var ${EVAL_PHP_INI_SUPHP_VAR})"`
eval `echo "PHP_BIN_SUPHP${php_shortrelease}=/usr/local/php${php_shortrelease}/bin/php-cgi${php_shortrelease}"`
eval `echo "PHP_BIN_PHP${php_shortrelease}=/usr/local/php${php_shortrelease}/bin/php${php_shortrelease}"`
eval `echo "PHP${php_shortrelease}_CONFIGURE_SUPHP=configure/php/configure.php${php_shortrelease}"`
if [ -e custom/suphp/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE_SUPHP=custom/suphp/configure.php${php_shortrelease}"`
fi
if [ -e custom/php/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE_SUPHP=custom/php/configure.php${php_shortrelease}"`
fi
# Variables for php-fastcgi
eval `echo "PHP${php_shortrelease}_CONFIGURE_FCGI=configure/php/configure.php${php_shortrelease}"`
if [ -e custom/fastcgi/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE_FCGI=custom/fastcgi/configure.php${php_shortrelease}"`
fi
if [ -e custom/php/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE_FCGI=custom/php/configure.php${php_shortrelease}"`
fi
# Variables for lsphp
eval `echo "PHP${php_shortrelease}_CONFIGURE_LSPHP=configure/php/configure.php${php_shortrelease}"`
if [ -e custom/litespeed/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE_LSPHP=custom/litespeed/configure.php${php_shortrelease}"`
fi
if [ -e custom/php/configure.php${php_shortrelease} ]; then
eval `echo "PHP${php_shortrelease}_CONFIGURE_LSPHP=custom/php/configure.php${php_shortrelease}"`
fi
eval `echo "PHP_EXT_FPM${php_shortrelease}=/usr/local/php${php_shortrelease}/lib/php.conf.d/10-directadmin.ini"`
EVAL_PHP_EXT_SUPHP_VAR=PHP_EXT_FPM${php_shortrelease}
eval `echo "PHP_EXT_SUPHP${php_shortrelease}=$(eval_var ${EVAL_PHP_EXT_SUPHP_VAR})"`
done
PHP_CUSTOM_PHP_CONF_D_INI_PATH=${WORKDIR}/custom/php.conf.d
#php extensions file rewritten by DirectAdmin
PHP_EXT=/usr/local/lib/php.conf.d/10-directadmin.ini
PHP_INI=/usr/local/lib/php.ini
PHP_BIN=/usr/local/bin/php
PHP1_RELEASE_INI_EVAL="PHP_INI_FPM${PHP1_SHORTRELEASE}"
PHP1_INI_FILE="$(eval_var ${PHP1_RELEASE_INI_EVAL})"
PHP1_RELEASE_INI_EXT_EVAL="PHP_EXT_FPM${PHP1_SHORTRELEASE}"
PHP1_INI_EXT_FILE="$(eval_var ${PHP1_RELEASE_INI_EXT_EVAL})"
PHP1_INI_EXT_FILE_OLD="`echo ${PHP1_INI_EXT_FILE} | perl -p0 -e 's|10-directadmin.ini|directadmin.ini|'`"
if [ -e ${PHP1_INI_EXT_FILE_OLD} ] && [ ! -e ${PHP1_INI_EXT_FILE} ]; then
mv -f ${PHP1_INI_EXT_FILE_OLD} ${PHP1_INI_EXT_FILE}
fi
PHP2_INI_FILE="no"
PHP2_INI_EXT_FILE="no"
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
PHP2_INI_FILE=${PHP_INI}
PHP2_INI_EXT_FILE=${PHP_EXT}
if [ "${PHP2_MODE_OPT}" != "mod_php" ]; then
PHP2_RELEASE_INI_EVAL="PHP_INI_FPM${PHP2_SHORTRELEASE}"
PHP2_INI_FILE="$(eval_var ${PHP2_RELEASE_INI_EVAL})"
PHP2_RELEASE_INI_EXT_EVAL="PHP_EXT_FPM${PHP2_SHORTRELEASE}"
PHP2_INI_EXT_FILE="$(eval_var ${PHP2_RELEASE_INI_EXT_EVAL})"
fi
PHP2_INI_EXT_FILE_OLD="`echo ${PHP2_INI_EXT_FILE} | perl -p0 -e 's|10-directadmin.ini|directadmin.ini|'`"
if [ -e ${PHP2_INI_EXT_FILE_OLD} ] && [ ! -e ${PHP2_INI_EXT_FILE} ]; then
mv -f ${PHP2_INI_EXT_FILE_OLD} ${PHP2_INI_EXT_FILE}
fi
fi
PHP3_INI_FILE="no"
PHP3_INI_EXT_FILE="no"
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
PHP3_INI_FILE=${PHP_INI}
PHP3_INI_EXT_FILE=${PHP_EXT}
if [ "${PHP3_MODE_OPT}" != "mod_php" ]; then
PHP3_RELEASE_INI_EVAL="PHP_INI_FPM${PHP3_SHORTRELEASE}"
PHP3_INI_FILE="$(eval_var ${PHP3_RELEASE_INI_EVAL})"
PHP3_RELEASE_INI_EXT_EVAL="PHP_EXT_FPM${PHP3_SHORTRELEASE}"
PHP3_INI_EXT_FILE="$(eval_var ${PHP3_RELEASE_INI_EXT_EVAL})"
fi
PHP3_INI_EXT_FILE_OLD="`echo ${PHP3_INI_EXT_FILE} | perl -p0 -e 's|10-directadmin.ini|directadmin.ini|'`"
if [ -e ${PHP3_INI_EXT_FILE_OLD} ] && [ ! -e ${PHP3_INI_EXT_FILE} ]; then
mv -f ${PHP3_INI_EXT_FILE_OLD} ${PHP3_INI_EXT_FILE}
fi
fi
PHP4_INI_FILE="no"
PHP4_INI_EXT_FILE="no"
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
PHP4_INI_FILE=${PHP_INI}
PHP4_INI_EXT_FILE=${PHP_EXT}
if [ "${PHP4_MODE_OPT}" != "mod_php" ]; then
PHP4_RELEASE_INI_EVAL="PHP_INI_FPM${PHP4_SHORTRELEASE}"
PHP4_INI_FILE="$(eval_var ${PHP4_RELEASE_INI_EVAL})"
PHP4_RELEASE_INI_EXT_EVAL="PHP_EXT_FPM${PHP4_SHORTRELEASE}"
PHP4_INI_EXT_FILE="$(eval_var ${PHP4_RELEASE_INI_EXT_EVAL})"
fi
PHP4_INI_EXT_FILE_OLD="`echo ${PHP4_INI_EXT_FILE} | perl -p0 -e 's|10-directadmin.ini|directadmin.ini|'`"
if [ -e ${PHP4_INI_EXT_FILE_OLD} ] && [ ! -e ${PHP4_INI_EXT_FILE} ]; then
mv -f ${PHP4_INI_EXT_FILE_OLD} ${PHP4_INI_EXT_FILE}
fi
fi
#suhosin uploadscan script
SUHOSIN_PHP_UPLOADSCAN_SCRIPT=${WORKDIR}/configure/suhosin/php_uploadscan.sh
if [ -e ${WORKDIR}/custom/suhosin/php_uploadscan.sh ]; then
SUHOSIN_PHP_UPLOADSCAN_SCRIPT=${WORKDIR}/custom/suhosin/php_uploadscan.sh
fi
#pureftpd uploadscan script
PUREFTPD_UPLOADSCAN_SCRIPT=${WORKDIR}/configure/pureftpd/pureftpd_uploadscan.sh
if [ -e ${WORKDIR}/custom/pureftpd/pureftpd_uploadscan.sh ]; then
PUREFTPD_UPLOADSCAN_SCRIPT=${WORKDIR}/custom/pureftpd/pureftpd_uploadscan.sh
fi
#pureftpd SNI script
PUREFTPD_PURE_CERTD_SCRIPT=${WORKDIR}/configure/pureftpd/pureftpd_sni.sh
if [ -e ${WORKDIR}/custom/pureftpd/pureftpd_sni.sh ]; then
PUREFTPD_PURE_CERTD_SCRIPT=${WORKDIR}/custom/pureftpd/pureftpd_sni.sh
fi
SUPHP_CONFIGURE=configure/suphp/configure.suphp
if [ -e custom/suphp/configure.suphp ]; then
SUPHP_CONFIGURE=custom/suphp/configure.suphp
fi
SUPHP_PATH=/usr/local/suphp
SUPHP_CONF_FILE=${SUPHP_PATH}/etc/suphp.conf
SUPHP_SO=/usr/lib/apache/mod_suphp.so
PMA_MAIN_CONFIG=${CWD}/configure/phpmyadmin/config.inc.php
PMA_CUSTOM_CONFIG=
if [ -s ${CWD}/custom/phpmyadmin/config.inc.php ]; then
PMA_CUSTOM_CONFIG=${CWD}/custom/phpmyadmin/config.inc.php
fi
#custom script configs
WEBAPPS_LIST=${CWD}/custom/webapps.list
PMA_HTACCESS=${CWD}/custom/phpmyadmin/.htaccess
PMA_USER_INI=${CWD}/custom/phpmyadmin/.user.ini
PMA_THEMES=${CWD}/custom/phpmyadmin/themes
SQUIRREL_CONFIG=${CWD}/custom/squirrelmail/config.php
ROUNDCUBE_CONFIG=${CWD}/custom/roundcube/config.inc.php
ROUNDCUBE_CONFIG_DB=${ROUNDCUBE_CONFIG}
ROUNDCUBE_CONFIG_OLD=${CWD}/custom/roundcube/main.inc.php
ROUNDCUBE_CONFIG_DB_OLD=${CWD}/custom/roundcube/db.inc.php
if [ "${ROUNDCUBE_MAJOR_VER}" = "0" ]; then
ROUNDCUBE_CONFIG=${ROUNDCUBE_CONFIG_OLD}
ROUNDCUBE_CONFIG_DB=${ROUNDCUBE_CONFIG_DB_OLD}
fi
ROUNDCUBE_PLUGINS=${CWD}/custom/roundcube/plugins
ROUNDCUBE_SKINS=${CWD}/custom/roundcube/skins
ROUNDCUBE_VENDOR=${CWD}/custom/roundcube/vendor
ROUNDCUBE_COMPOSER=${CWD}/custom/roundcube/composer.json
ROUNDCUBE_PROGRAM=${CWD}/custom/roundcube/program
ROUNDCUBE_HTACCESS=${CWD}/custom/roundcube/.htaccess
# Variables for frontpage
ROOT_GRP=root
USER_INPUT=0
INPUT_VALUE=d
if [ ${B64} -eq 1 ]; then
IONCUBENAME=ioncube_loaders_lin_x86-64
ZENDNAME_PHP53=ZendGuardLoader-php-5.3-linux-glibc23-x86_64
ZENDNAME_PHP54=ZendGuardLoader-70429-PHP-5.4-linux-glibc23-x86_64
ZENDNAME_PHP55=zend-loader-php5.5-linux-x86_64
ZENDNAME_PHP56=zend-loader-php5.6-linux-x86_64
elif [ ${B64} -eq 2 ]; then
IONCUBENAME=ioncube_loaders_lin_aarch64
fi
ZENDFILE_GUARD53=${ZENDNAME_PHP53}.tar.gz
ZENDFILE_GUARD54=${ZENDNAME_PHP54}.tar.gz
ZENDFILE_GUARD55=${ZENDNAME_PHP55}.tar.gz
ZENDFILE_GUARD56=${ZENDNAME_PHP56}.tar.gz
IONCUBEFILE=${IONCUBENAME}.tar.gz
WEBALIZER_VER=`getVer webalizer`
WEBALIZER=webalizer-${WEBALIZER_VER}
WEBALIZER_FILE=webalizer-${WEBALIZER_VER}-src.tgz
fi
####################################################
ensureVersion() {
PERL_VER=`perl -v | head -n2 | tail -n1 | cut -d\ -f4 | cut -dv -f2`
NUM1=`echo $PERL_VER | cut -d. -f1`
NUM2=`echo $PERL_VER | cut -d. -f2`
NUM3=`echo $PERL_VER | cut -d. -f3`
if [ $NUM1 -gt 5 ]; then
return 1
fi
if [ $NUM2 -gt 6 ]; then
return 1
fi
if [ $NUM3 -gt 0 ]; then
return 1
fi
do_exit 1 "Your perl version is $PERL_VER. You require at least perl 5.6.1 for Mail-SpamAssassin-${SPAMASSASSIN_VER}."
}
####################################################
downloadMake() {
cd $CWD
VER=`getVer ${1}`
NAME=${1}-${VER}
getFile ${NAME}.tar.gz ${1}
tar xzf ${NAME}.tar.gz --no-same-owner
cd ${NAME}
perl Makefile.PL
make
make install
cd $CWD
}
####################################################
clean_tarball() {
#clean_tarball name current_version extension
if [ "$1" = "" ] || [ "$2" = "" ] || [ "$3" = "" ]; then
echo "Skipping $1 tarball, needs more arguments in doclean_old_tarballs()."
return
fi
for i in `ls ${WORKDIR} | grep "^${1}[-_][v0-9]" | grep -v "$2" | grep "$3$"`; do
rm -f ${WORKDIR}/$i
if [ "${CLEAN_OPT}" = "no" ]; then
echo "Removing ${WORKDIR}/$i..."
fi
done
}
doclean_old_tarballs() {
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
clean_tarball lsws ${LITESPEED_VER} tar.gz
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
clean_tarball openlitespeed ${OPENLITESPEED_VER} tar.gz
fi
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
clean_tarball nginx ${NGINX_VER} tar.gz
clean_tarball mod_aclr2 ${MOD_ACLR2_VER} tar.gz
fi
clean_tarball lego ${LEGO_VER} tar.gz
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
clean_tarball httpd ${APACHE2_VER} tar.gz
if [ "${HAVE_SUPHP_CGI}" = "yes" ]; then
clean_tarball suphp ${SUPHP_VER} tar.gz
fi
if [ "${HAVE_FCGID}" = "yes" ]; then
clean_tarball mod_fcgid ${MOD_FCGID_VER} tar.gz
fi
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
clean_tarball mod_ruid2 ${MOD_RUID2_VER} tar.bz2
fi
if [ "${HTSCANNER_OPT}" = "yes" ]; then
clean_tarball mod_htscanner2 ${HTSCANNER_VER} tgz
fi
fi
clean_tarball redis ${REDIS_VER} tar.gz
clean_tarball apr ${APR_VER} tar.gz
clean_tarball apr-util ${APR_UTIL_VER} tar.gz
clean_tarball imapsync ${IMAPSYNC_VER} tar.gz
if [ "${MODSECURITY_OPT}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ]; then
clean_tarball ${MODSECURITY_FILENAME} ${MODSECURITY_VER} tar.gz
else
clean_tarball ${LIBMODSECURITY_FILENAME} ${LIBMODSECURITY_VER} tar.gz
fi
clean_tarball owasp-modsecurity-crs ${OWASP_RULES_VER} tar.gz
clean_tarball ${MODSECURITY_NGINX_CONNECTOR_FILENAME} ${MODSECURITY_NGINX_CONNECTOR_VER} tar.gz
clean_tarball ${MODSECURITY_APACHE_CONNECTOR_FILENAME} ${MODSECURITY_APACHE_CONNECTOR_VER} tar.gz
if [ "${MODSECURITY_RULESET_OPT}" = "comodo" ]; then
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
clean_tarball cwaf_rules_ls ${CWAF_RULES_LS_VER} tgz
elif [ "${WEBSERVER_OPT}" = "apache" ]; then
clean_tarball cwaf_rules ${CWAF_RULES_VER} tgz
else
clean_tarball cwaf_rules_nginx_3 ${CWAF_RULES_NGINX_VER} tgz
fi
fi
fi
if [ "${CLAMAV_OPT}" = "yes" ]; then
clean_tarball clamav ${CLAMAV_VER} tar.gz
fi
if [ "${SPAMD_OPT}" = "spamassassin" ]; then
clean_tarball Mail-SpamAssassin ${SPAMASSASSIN_VER} tar.gz
elif [ "${SPAMD_OPT}" = "rspamd" ]; then
clean_tarball rspamd_conf ${RSPAMD_CONF_VER} tar.gz
fi
clean_tarball curl ${CURL_VER} tar.gz
clean_tarball libmaxminddb ${LIBMAXMINDDB_VER} tar.gz
clean_tarball geoipupdate ${GEOIPUPDATE_VER} tar.gz
clean_tarball libzip ${LIBZIP_VER} tar.gz
if [ "${PHP_IGBINARY_OPT}" = "yes" ]; then
clean_tarball igbinary ${IGBINARY_VER} tar.gz
fi
if [ "${IMAGICK_OPT}" = "yes" ]; then
clean_tarball imagick ${IMAGICK_VER} tgz
clean_tarball ImageMagick ${IMAGEMAGICK_VER} tar.gz
fi
if [ "${PHP_PHALCON_OPT}" = "yes" ]; then
clean_tarball psr ${PSR_VER} tgz
clean_tarball phalcon ${PHALCON_VER} tgz
fi
if [ "${PHP_SNUFFLEUPAGUS_OPT}" = "yes" ]; then
clean_tarball snuffleupagus ${SNUFFLEUPAGUS_VER} tar.gz
fi
if [ "${PHP_REDIS_OPT}" = "yes" ]; then
clean_tarball redis ${PHPREDIS_VER} tgz
fi
if [ "${PHP_IMAP_OPT}" = "yes" ]; then
clean_tarball imap ${IMAP_VER} tgz
fi
clean_tarball libspf2 ${LIBSPF2_VER} tar.gz
if [ "${EASY_SPAM_FIGHTER_OPT}" = "yes" ]; then
clean_tarball exim.easy_spam_fighter ${EASY_SPAM_FIGHTER_VER} tar.gz
fi
if [ "${BLOCKCRACKING_OPT}" = "yes" ]; then
clean_tarball exim.blockcracking ${BLOCKCRACKING_VER} tar.gz
fi
if [ "${PIGEONHOLE_OPT}" = "yes" ]; then
clean_tarball pigeohole${DOVECOT_SHORTREL} ${PIGEONHOLE_VER} tar.gz
fi
if [ "${WEBALIZER_OPT}" = "yes" ]; then
clean_tarball webalizer ${WEBALIZER_VER}-src tgz
fi
if [ "${FTPD_OPT}" = "proftpd" ]; then
clean_tarball proftpd ${PROFTPD_VER} tar.gz
else
clean_tarball pure-ftpd ${PUREFTPD_VER} tar.gz
fi
if [ "${EXIM_OPT}" = "yes" ]; then
clean_tarball exim ${EXIM_VER} tar.gz
clean_tarball s-nail ${S_NAIL_VER} tar.gz
fi
clean_tarball msmtp ${MSMTP_VER} tar.xz
clean_tarball lua ${LUA_VER} tar.gz
clean_tarball dovecot ${DOVECOT_VER} tar.gz
clean_tarball fts-xapian ${FTS_XAPIAN_VER} tar.gz
clean_tarball xapian-core ${XAPIAN_CORE_VER} tar.xz
clean_tarball bubblewrap ${BUBBLEWRAP_VER} tar.xz
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
clean_tarball roundcubemail ${ROUNDCUBE_VER} tar.gz
fi
if [ "${SQUIRRELMAIL_OPT}" = "yes" ]; then
clean_tarball squirrelmail ${SQUIRRELMAIL_VER} tar.gz
fi
if [ "${AWSTATS_OPT}" = "yes" ]; then
clean_tarball awstats ${AWSTATS_VER} tar.gz
fi
if [ "${UNIT_OPT}" = "yes" ]; then
clean_tarball unit ${UNIT_VER} tar.gz
fi
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
clean_tarball phpMyAdmin ${PHPMYADMIN_VER} tar.gz
fi
if [ "${SUHOSIN_OPT}" = "yes" ]; then
clean_tarball suhosin ${SUHOSIN_VER} tgz
fi
if [ "${OPCACHE_OPT}" = "yes" ]; then
clean_tarball zendopcache ${OPCACHE_VER} tgz
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
clean_tarball mod_lsapi ${MOD_LSAPI_VER} tar.gz
clean_tarball mod_hostinglimits ${MOD_HOSTINGLIMITS_VER} tar.gz
clean_tarball mod_proctitle ${MOD_PROCTITLE_VER} tar.gz
fi
#PHP bit needs to be different
for i in `ls ${WORKDIR} | grep '^php-' | grep -v "${PHP53_VER}" | grep -v "${PHP54_VER}" | grep -v "${PHP55_VER}" | grep -v "${PHP56_VER}" | grep -v "${PHP70_VER}" | grep -v "${PHP71_VER}" | grep -v "${PHP72_VER}" | grep -v "${PHP73_VER}" | grep -v "${PHP74_VER}" | grep -v "${PHP80_VER}" | grep -v "${PHP81_VER}" | grep tar.gz`; do
rm -f ${WORKDIR}/$i
if [ "${CLEAN_OPT}" = "no" ]; then
echo "Removing ${WORKDIR}/$i..."
fi
done
#Clean MySQL/MariaDB tarballs
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
for i in `ls /usr/local/ | grep ^mysql- | grep 'tar.gz$' | grep -v "^mysql-${MYSQL_VER}"`; do
rm -f /usr/local/$i
if [ "${CLEAN_OPT}" = "no" ]; then
echo "Removing /usr/local/$i..."
fi
done
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
for i in `ls /usr/local/ | grep ^mariadb- | grep 'tar.gz$' | grep -v "^mariadb-${MARIADB_VER}"`; do
rm -f /usr/local/$i
if [ "${CLEAN_OPT}" = "no" ]; then
echo "Removing /usr/local/$i..."
fi
done
fi
}
####################################################
doclean_old_webapps() {
if [ "${CLEAN_OLD_WEBAPPS_OPT}" != "yes" ]; then
do_exit 1 "You cannot clean webapps, because you do not have it set in options.conf file."
fi
#Clean phpMyAdmin
if [ "${PHPMYADMIN_OPT}" = "yes" ] && [ -e /var/www/html/phpMyAdmin ]; then
PHPMYADMIN_CUR=`ls -ld /var/www/html/phpMyAdmin | cut -d\> -f2 | cut -d- -f2,3,4`
for i in `ls /var/www/html/ | grep phpMyAdmin- | grep -v "${PHPMYADMIN_CUR}"`; do
rm -rf /var/www/html/$i
if [ "${CLEAN_OPT}" = "no" ]; then
echo "Removing /var/www/html/$i..."
fi
done
fi
#Clean SquirrelMail
if [ "${SQUIRRELMAIL_OPT}" = "yes" ] && [ -e /var/www/html/squirrelmail ]; then
SQUIRRELMAIL_CUR=`ls -ld /var/www/html/squirrelmail | cut -d\> -f2 | cut -d- -f2,3`
for i in `ls /var/www/html/ | grep squirrelmail- | grep -v -e "${SQUIRRELMAIL_CUR}\$"`; do
rm -rf /var/www/html/$i
if [ "${CLEAN_OPT}" = "no" ]; then
echo "Removing /var/www/html/$i..."
fi
done
fi
#Clean RoundCube
if [ "${ROUNDCUBE_OPT}" = "yes" ] && [ -e /var/www/html/roundcube ]; then
#ROUNDCUBE_CUR=`ls -ld /var/www/html/roundcube | cut -d\> -f2 | cut -d- -f2`
ROUNDCUBE_CUR=`roundcube_version`
for i in `ls /var/www/html/ | grep roundcubemail- | grep -v "${ROUNDCUBE_CUR}"`; do
rm -rf /var/www/html/$i
if [ "${CLEAN_OPT}" = "no" ]; then
echo "Removing /var/www/html/$i..."
fi
done
fi
#Clean AWstats
if [ "${AWSTATS_OPT}" = "yes" ] && [ -e /usr/local/awstats ]; then
AWSTATS_CUR=`ls -ld /usr/local/awstats | cut -d\> -f2 | cut -d- -f2`
for i in `ls /usr/local/ | grep awstats- | grep -v "${AWSTATS_CUR}"`; do
rm -rf /usr/local/$i
if [ "${CLEAN_OPT}" = "no" ]; then
echo "Removing /usr/local/$i..."
fi
done
fi
}
####################################################
doClean() {
cd ${CWD}
if [ -e ${LOCKFILE} ]; then
return
fi
rm -rf mod_ruid2-${MOD_RUID2_VER}
rm -rf ${MODSECURITY_FILENAME}-${MODSECURITY_VER}
rm -rf ${LIBMODSECURITY_FILENAME}-v${LIBMODSECURITY_VER}
rm -rf ${MODSECURITY_APACHE_CONNECTOR_FILENAME}-${MODSECURITY_APACHE_CONNECTOR_VER}
rm -rf ${MODSECURITY_NGINX_CONNECTOR_FILENAME}-${MODSECURITY_NGINX_CONNECTOR_VER}
rm -rf mod_aclr2-${MOD_ACLR2_VER}
rm -rf htscanner-${HTSCANNER_VER}
rm -rf mod_fcgid-${MOD_FCGID_VER}
rm -rf php-${PHP53_VER}
rm -rf php-${PHP54_VER}
rm -rf php-${PHP55_VER}
rm -rf php-${PHP56_VER}
rm -rf php-${PHP70_VER}
rm -rf php-${PHP71_VER}
rm -rf php-${PHP72_VER}
rm -rf php-${PHP73_VER}
rm -rf php-${PHP74_VER}
rm -rf php-${PHP80_VER}
rm -rf php-${PHP81_VER}
rm -rf php-${PHP82_VER}
rm -rf redis-${REDIS_VER}
rm -rf imapsync-imapsync-${IMAPSYNC_VER}
if [ "${UNIT_OPT}" = "yes" ]; then
rm -rf unit-${UNIT_VER}
fi
rm -rf xapian-core-${XAPIAN_CORE_VER}
rm -rf bubblewrap-${BUBBLEWRAP_VER}
rm -rf s-nail-${S_NAIL_VER}
rm -rf msmtp-${MSMTP_VER}
rm -rf lua-${LUA_VER}
rm -rf libpsf2-${LIBSPF2_VER}
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
rm -rf lsws-${LITESPEED_VER}
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
rm -rf openlitespeed-${OPENLITESPEED_VER}
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
rm -rf mod_lsapi-${MOD_LSAPI_VER}
rm -rf mod_proctitle-${MOD_PROCTITLE_VER}
fi
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
rm -rf mysql-${MYSQL_VER}
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
rm -rf mariadb-${MARIADB_VER}
fi
if [ "${PHP_IMAGICK_OPT}" = "yes" ]; then
rm -rf imagick-${IMAGICK_VER}
rm -rf ImageMagick-${IMAGEMAGICK_VER}
fi
if [ "${PHP_PHALCON_OPT}" = "yes" ]; then
rm -rf psr-${PSR_VER}
rm -rf phalcon-${PHALCON_VER}
fi
if [ "${PHP_IMAP_OPT}" = "yes" ]; then
rm -rf imap-${IMAP_VER}
fi
rm -rf curl-${CURL_VER}
rm -rf nginx-${NGINX_VER}
rm -rf libmaxminddb-${LIBMAXMINDDB_VER}
rm -rf geoipupdate-${GEOIPUPDATE_VER}
rm -rf libzip-${LIBZIP_VER}
rm -rf easy_spam_fighter
rm -rf libspf2-${LIBSPF2_VER}
rm -rf ${ZENDNAME_PHP53}
rm -rf ${ZENDNAME_PHP54}
rm -rf ${ZENDNAME_PHP55}
rm -rf ${ZENDNAME_PHP56}
rm -rf ${WEBALIZER}
rm -rf proftpd-${PROFTPD_VER}
rm -rf pure-ftpd-${PUREFTPD_VER}
rm -rf httpd-${APACHE2_VER}
rm -rf exim-${EXIM_VER}
rm -rf dovecot-${DOVECOT_VER}
rm -rf dovecot-ce-${DOVECOT_VER}
rm -rf suphp-${SUPHP_VER}
rm -rf suhosin-${SUHOSIN_VER}
rm -rf zendopcache-${OPCACHE_VER}
rm -rf dovecot-${DOVECOT_REL}-pigeonhole-${PIGEONHOLE_VER}
rm -rf Mail-SpamAssassin-${SPAMASSASSIN_VER}
rm -rf rspamd-${RSPAMD_VER}
rm -rf clamav-${CLAMAV_VER}
rm -rf ${ZENDNAME_PHP53}
rm -rf ${ZENDNAME_PHP54}
#Clean MySQL/MariaDB
if [ -h /usr/local/mysql ] && [ "${MYSQL_INST_OPT}" != "no" ]; then
MYSQL_CUR=`ls -ld /usr/local/mysql | cut -d\> -f2 | cut -d' ' -f2`
for i in `ls /usr/local/ | grep '^mysql-\|^mariadb-' | grep -v "${MYSQL_CUR}"`; do
if [ -h /usr/local/${i}/data ]; then
rm -rf /usr/local/$i
if [ "${CLEAN_OPT}" = "no" ]; then
echo "Removing /usr/local/$i..."
fi
fi
done
fi
if [ "${CLEAN_OLD_TARBALLS_OPT}" = "yes" ]; then
doclean_old_tarballs
fi
if [ "${CLEAN_OLD_WEBAPPS_OPT}" = "yes" ]; then
doclean_old_webapps
fi
if [ "${CLEAN_OPT}" = "no" ]; then
echo "All clean!"
fi
}
DOCLEAN_CASE=1
doclean_toggle() {
DOCLEAN_CASE=0
}
####################################################
if [ ! -e ${LOCKFILE} ]; then
case "$1" in
update) doclean_toggle ;;
update_data) doclean_toggle ;;
"") doclean_toggle ;;
gen_help_json) doclean_toggle ;;
opt_help) doclean_toggle ;;
set) doclean_toggle ;;
set_php) doclean_toggle ;;
get_versions_txt) doclean_toggle ;;
update_script) doclean_toggle ;;
versions_json) doclean_toggle ;;
versions_ajax) doclean_toggle ;;
gen_help) doclean_toggle ;;
version) doclean_toggle ;;
versions) doclean_toggle ;;
list_removals) doclean_toggle ;;
list_removals_json) doclean_toggle ;;
remove_items) doclean_toggle ;;
set_fastest) doclean_toggle ;;
set_fastest_quiet) doclean_toggle ;;
kill) doclean_toggle ;;
update_da) doclean_toggle ;;
versions_nobold) doclean_toggle ;;
list_configs_json) doclean_toggle ;;
settings_json) doclean_toggle ;;
get_timezone) doclean_toggle ;;
custom_config) doclean_toggle ;;
set_versions_txt) doclean_toggle ;;
show_component_config) doclean_toggle ;;
remove_customized_config) doclean_toggle ;;
show_file) doclean_toggle ;;
check_options) doclean_toggle ;;
esac
if [ "${CLEAN_OPT}" = "yes" ] && [ "${DOCLEAN_CASE}" = "1" ]; then
doClean
fi
fi
####################################################
BUILD_SECTIONS_CASE=1
build_section_toggle() {
BUILD_SECTIONS_CASE=0
}
case "$1" in
opt_help) build_section_toggle ;;
set) build_section_toggle ;;
set_php) build_section_toggle ;;
get_versions_txt) build_section_toggle ;;
update_script) build_section_toggle ;;
version) build_section_toggle ;;
set_fastest) build_section_toggle ;;
set_fastest_quiet) build_section_toggle ;;
kill) build_section_toggle ;;
update_da) build_section_toggle ;;
list_configs_json) build_section_toggle ;;
settings_json) build_section_toggle ;;
get_timezone) build_section_toggle ;;
custom_config) build_section_toggle ;;
set_versions_txt) build_section_toggle ;;
show_component_config) build_section_toggle ;;
remove_customized_config) build_section_toggle ;;
show_file) build_section_toggle ;;
check_options) build_section_toggle ;;
esac
if [ "${BUILD_SECTIONS_CASE}" = "1" ]; then
HELP_SECTIONS="BUILD_COMP BUILD_PHP_EXT BUILD_COMP_CONF BUILD_COMP_WEBAPPS BUILD_CB BUILD_OLD BUILD_UPDATE BUILD_UPDATE_PCG BUILD_ALL BUILD_PHP_EXTENSIONS BUILD_EXPERIENCED"
BUILD_PHP_EXT_SET="php_gmp php_igbinary php_ioncube php_imagick php_imap php_ldap php_opcache php_phalcon php_psr php_redis php_readline php_snuffleupagus php_suhosin php_xmlrpc php_zend"
BUILD_PHP_EXT_DESC="Install/update PHP extensions"
BUILD_PHP_EXT_REQADD=""
BUILD_COMP_SET="apache awstats awstats_process bubblewrap csf clamav composer curl dovecot exim geoipupdate imagemagick imapsync jailshell lego libmaxminddb libmodsecurity libspf2 litespeed lua mod_lsapi mod_proctitle mod_aclr2 mod_ruid2 mod_htscanner2 mod_fcgid modsecurity modsecurity_rules msmtp mysql netdata nginx nginx_apache openlitespeed pigeonhole php proftpd pureftpd redis rspamd snail spamassassin suphp unit webalizer wp"
BUILD_COMP_DESC="Install/update server components"
BUILD_COMP_REQADD=""
BUILD_COMP_CONF_SET="exim_conf dovecot_conf blockcracking easy_spam_fighter php_ini rewrite_confs secure_php spamassassin_cron litespeed_license litespeed_license_migrate"
BUILD_COMP_CONF_DESC="Components configuration options"
BUILD_COMP_CONF_REQADD=""
BUILD_COMP_WEBAPPS_SET="phpmyadmin roundcube squirrelmail"
BUILD_COMP_WEBAPPS_DESC="Install/update web applications"
BUILD_COMP_WEBAPPS_REQADD=""
BUILD_CB_SET="create_options custombuild_plugin cron opt_help options_nobold list_removals remove_items set set_fastest set_fastest_quiet update_da update_versions update_webapps used_configs versions version"
BUILD_CB_DESC="CustomBuild related options/functions"
BUILD_CB_SET_REQADD="opt_help set"
SET_ADDIT="option_name value"
OPT_HELP_ADDIT="(full)"
BUILD_OLD_SET="clean clean_old_webapps"
BUILD_OLD_DESC="Remove old build data"
BUILD_OLD_REQUADD=""
BUILD_UPDATE_SET="update update_script"
BUILD_UPDATE_DESC="Get latest build script with or without new packages"
BUILD_UPDATE_REQADD=""
BUILD_UPDATE_PCG_SET="update_data"
BUILD_UPDATE_PCG_DESC="Get packages for current build script"
BUILD_UPDATE_PCG_REQADD=""
BUILD_ALL_SET="all"
BUILD_ALL_DESC="Build everything what is set in the options.conf file"
BUILD_ALL_REQADD=""
BUILD_PHP_EXTENSIONS_SET="php_extensions"
BUILD_PHP_EXTENSIONS_DESC="Build all PHP extensions set set in the php_extensions.conf file"
BUILD_PHP_EXTENSIONS_REQADD=""
BUILD_EXPERIENCED_SET="php_expert php_htscanner2 set_service"
BUILD_EXPERIENCED_DESC="Recommended for experienced users only (!)"
BUILD_EXPERIENCED_REQADD="php_expert php_htscanner2 set_service"
PHP_EXPERT_ADDIT="php_release php_mode"
PHP_HTSCANNER2_ADDIT="php_release"
SET_SERVICE_ADDIT="service ON|OFF|delete"
fi
###################################################
generateHelp() {
for section in ${HELP_SECTIONS}; do
DESC=${section}_DESC
echo " +-----------------------------------------------------------+"
printf " | %-55s %-2s|\n" "$(eval_var ${DESC}):"
BUILDSET="${section}_SET"
BUILD_ADD_TO_OUT="${section}_REQADD"
for setting in $(eval_var ${BUILDSET}); do
ADDIT=""
for i in $(eval_var ${BUILD_ADD_TO_OUT}); do
ADDIT_VAR=`echo "${i}_ADDIT" | tr "[a-z]" "[A-Z]"`
if [ "$i" = "${setting}" ]; then
ADDIT="$(eval_var ${ADDIT_VAR})"
fi
done
printf " | %-55s %-2s|\n" " $0 ${setting} ${ADDIT}"
done
done
}
initJSONVars() {
####################################################
#SKIP LISTS for CustomBuild plugin to generate in JSON format accoring to the options set
HELP_SECTIONS_JSON_SKIP="BUILD_EXPERIENCED"
BUILD_PHP_EXT_SKIP=""
if [ "${PHP_IGBINARY_OPT}" = "no" ]; then
BUILD_PHP_EXT_SKIP="${BUILD_PHP_EXT_SKIP}igbinary "
fi
if [ "${IMAGICK_OPT}" = "no" ]; then
BUILD_PHP_EXT_SKIP="${BUILD_PHP_EXT_SKIP}imagick "
fi
if [ "${ZEND_OPT}" = "no" ]; then
BUILD_PHP_EXT_SKIP="${BUILD_PHP_EXT_SKIP}zend "
fi
if [ "${IONCUBE_OPT}" = "no" ]; then
BUILD_PHP_EXT_SKIP="${BUILD_PHP_EXT_SKIP}ioncube "
fi
if [ "${SUHOSIN_OPT}" = "no" ]; then
BUILD_PHP_EXT_SKIP="${BUILD_PHP_EXT_SKIP}suhosin "
fi
if [ "${PHP_SNUFFLEUPAGUS_OPT}" = "no" ]; then
BUILD_PHP_EXT_SKIP="${BUILD_PHP_EXT_SKIP}snuffleupagus "
fi
if [ "${PHP_PHALCON_OPT}" = "no" ]; then
BUILD_PHP_EXT_SKIP="${BUILD_PHP_EXT_SKIP}phalcon "
BUILD_PHP_EXT_SKIP="${BUILD_PHP_EXT_SKIP}psr "
fi
if [ "${PHP_IMAP_OPT}" = "no" ]; then
BUILD_PHP_EXT_SKIP="${BUILD_PHP_EXT_SKIP}imap "
fi
BUILD_COMP_SKIP=""
if [ "${WEBSERVER_OPT}" = "apache" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}nginx litespeed nginx_apache mod_aclr2 openlitespeed "
elif [ "${WEBSERVER_OPT}" = "nginx" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}apache litespeed nginx_apache mod_aclr2 openlitespeed "
elif [ "${WEBSERVER_OPT}" = "litespeed" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}apache nginx nginx_apache mod_aclr2 openlitespeed "
elif [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}apache litespeed nginx nginx_apache mod_aclr2 "
fi
if [ "${CURL_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}curl "
fi
if [ "${CLAMAV_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}clamav "
fi
if [ "${AWSTATS_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}awstats "
fi
if [ "${WEBALIZER_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}webalizer "
fi
if [ "${CSF_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}csf "
fi
if [ "${FTPD_OPT}" = "pureftpd" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}proftpd "
else
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}pureftpd "
fi
if [ "${MOD_RUID2_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}mod_ruid2 "
fi
if [ "${MODSECURITY_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}libmodsecurity modsecurity modsecurity_rules "
fi
if [ "${CLOUDLINUX_OPT}" = "no" ] || [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}mod_hostinglimits ${BUILD_COMP_SKIP}mod_lsapi ${BUILD_COMP_SKIP}mod_proctitle "
fi
if [ "${HTSCANNER_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}mod_htscanner2 "
fi
if [ "${HAVE_FCGID}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}mod_fcgid "
fi
if [ "${HAVE_SUPHP_CGI}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}suphp "
fi
if [ "${PIGEONHOLE_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}pigeonhole "
fi
if [ "${DOVECOT_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}dovecot "
fi
if [ "${MYSQL_INST_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}mysql "
fi
if [ "${SPAMD_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}spamassassin rspamd "
elif [ "${SPAMD_OPT}" = "rspamd" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}spamassassin "
else
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}rspamd "
fi
if [ "${EXIM_OPT}" = "no" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}exim "
fi
if [ "${OS_CENTOS_VER}" = "7" ]; then
BUILD_COMP_SKIP="${BUILD_COMP_SKIP}libzip "
fi
BUILD_COMP_CONF_SKIP=""
if [ "${PHP_INI_OPT}" = "no" ]; then
BUILD_COMP_CONF_SKIP="${BUILD_COMP_CONF_SKIP}php_ini "
fi
if [ "${EXIMCONF_OPT}" = "no" ]; then
BUILD_COMP_CONF_SKIP="${BUILD_COMP_CONF_SKIP}eximconf "
fi
if [ "${WEBSERVER_OPT}" != "litespeed" ]; then
BUILD_COMP_CONF_SKIP="${BUILD_COMP_CONF_SKIP}litespeed_license "
fi
if [ "${WEBSERVER_OPT}" != "litespeed" ] || [ "${LITESPEED_SERIALNO_OPT}" = "trial" ]; then
BUILD_COMP_CONF_SKIP="${BUILD_COMP_CONF_SKIP}litespeed_license_migrate "
fi
if [ "${DOVECOT_CONF_OPT}" = "no" ]; then
BUILD_COMP_CONF_SKIP="${BUILD_COMP_CONF_SKIP}dovecot_conf "
fi
if [ "${BLOCKCRACKING_OPT}" = "no" ]; then
BUILD_COMP_CONF_SKIP="${BUILD_COMP_CONF_SKIP}blockcracking "
fi
if [ "${EXIMCONF_OPT}" = "no" ]; then
BUILD_COMP_CONF_SKIP="${BUILD_COMP_CONF_SKIP}easy_spam_fighter "
fi
BUILD_CB_SKIP="create_options opt_help list_removals remove_items set set_fastest_quiet update_versions versions"
BUILD_COMP_WEBAPPS_SKIP=""
if [ "${PHPMYADMIN_OPT}" = "no" ]; then
BUILD_COMP_WEBAPPS_SKIP="${BUILD_COMP_WEBAPPS_SKIP}phpmyadmin "
fi
if [ "${ROUNDCUBE_OPT}" = "no" ]; then
BUILD_COMP_WEBAPPS_SKIP="${BUILD_COMP_WEBAPPS_SKIP}roundcube "
fi
if [ "${SQUIRRELMAIL_OPT}" = "no" ]; then
BUILD_COMP_WEBAPPS_SKIP="${BUILD_COMP_WEBAPPS_SKIP}squirremail "
fi
BUILD_OLD_SKIP=""
BUILD_UPDATE_SKIP=""
BUILD_UPDATE_PCG_SKIP=""
#DESCRIPTIONS
COMP_UNIT_NAME="Build Nginx Unit"
COMP_UNIT_DESC="Install/update Nginx Unit dynamic application server."
COMP_UNIT_VER="Version ${UNIT_VER}."
COMP_APACHE_NAME="Build Apache"
COMP_APACHE_DESC="Install/update Apache WEB server."
COMP_APACHE_VER="Version ${APACHE2_VER}."
COMP_AWSTATS_NAME="Build awstats"
COMP_AWSTATS_DESC="Install/update AWstats."
COMP_AWSTATS_VER="Version ${AWSTATS_VER}."
COMP_AWSTATS_PROCESS_NAME="Build awstats process"
COMP_AWSTATS_PROCESS_DESC="Install/update AWstats processing script."
COMP_AWSTATS_PROCESS_VER="Version ${AWSTATS_PROCESS_VER}."
COMP_BUBBLEWRAP_NAME="Build bubblewrap"
COMP_BUBBLEWRAP_DESC="Install/update bubblewrap."
COMP_BUBBLEWRAP_VER="Version ${BUBBLEWRAP_VER}."
COMP_JAILSHELL_NAME="Build jailshell"
COMP_JAILSHELL_DESC="Install/update jailshell."
COMP_JAILSHELL_VER="Version ${JAILSHELL_SH_VER}."
COMP_REDIS_NAME="Build redis"
COMP_REDIS_DESC="Install/update redis."
COMP_REDIS_VER="Version ${REDIS_VER}."
COMP_CSF_NAME="Build CSF"
COMP_CSF_DESC="Install/update ConfigServer Security & Firewall (csf)."
COMP_CSF_VER=""
COMP_CLAMAV_NAME="Build ClamAV"
COMP_CLAMAV_DESC="Install/update ClamAV antivirus engine."
COMP_CLAMAV_VER="Version ${CLAMAV_VER}."
COMP_COMPOSER_NAME="Build composer"
COMP_COMPOSER_DESC="Install/update composer."
COMP_COMPOSER_VER="Version ${COMPOSER_VER}."
COMP_WP_NAME="Build wp-cli"
COMP_WP_DESC="Install/update command-line interface for WordPress."
COMP_WP_VER="Version ${WP_VER}."
COMP_IMAPSYNC_NAME="Build imapsync"
COMP_IMAPSYNC_DESC="Install/update imapsync tool for mailbox synchronization."
COMP_IMAPSYNC_VER="Version ${IMAPSYNC_VER}."
COMP_LEGO_NAME="Build lego"
COMP_LEGO_DESC="Install/update lego Let's Encrypt client."
COMP_LEGO_VER="Version ${LEGO_VER}."
COMP_CURL_NAME="Build cURL"
COMP_CURL_DESC="Install/update cURL."
COMP_CURL_VER="Version ${CURL_VER}."
COMP_DOVECOT_NAME="Build Dovecot"
COMP_DOVECOT_DESC="Install/update Dovecot IMAP/POP3 server."
COMP_DOVECOT_VER="Version ${DOVECOT_VER}."
COMP_EXIM_NAME="Build Exim"
COMP_EXIM_DESC="Install/update Exim Mail Transfer Agent."
COMP_EXIM_VER="Version ${EXIM_VER}."
COMP_PHP_GMP_NAME="Build gmp"
COMP_PHP_GMP_DESC="Install/update gmp extension for PHP."
COMP_PHP_GMP_VER=""
COMP_PHP_LDAP_NAME="Build ldap"
COMP_PHP_LDAP_DESC="Install/update ldap extension for PHP."
COMP_PHP_LDAP_VER=""
COMP_PHP_BZ2_NAME="Build bz2"
COMP_PHP_BZ2_DESC="Install/update bz2 extension for PHP."
COMP_PHP_BZ2_VER=""
COMP_PHP_IGBINARY_NAME="Build igbinary"
COMP_PHP_IGBINARY_DESC="Install/update igbinary extension for PHP."
COMP_PHP_IGBINARY_VER="Version ${IGBINARY_VER}."
COMP_PHP_IMAGICK_NAME="Build imagick"
COMP_PHP_IMAGICK_DESC="Install/update ImageMagick extension for PHP."
COMP_PHP_IMAGICK_VER="Version ${IMAGICK_VER}."
COMP_PHP_SNUFFLEUPAGUS_NAME="Build snuffleupagus"
COMP_PHP_SNUFFLEUPAGUS_DESC="Install/update snuffleupagus extension for PHP."
COMP_PHP_SNUFFLEUPAGUS_VER="Version ${SNUFFLEUPAGUS_VER}."
COMP_PHP_PHALCON_NAME="Build phalcon"
COMP_PHP_PHALCON_DESC="Install/update Phalcon extension for PHP."
COMP_PHP_PHALCON_VER="Version ${PHALCON_VER}."
COMP_PHP_PSR_NAME="Build psr"
COMP_PHP_PSR_DESC="Install/update psr extension for PHP."
COMP_PHP_PSR_VER="Version ${PSR_VER}."
COMP_PHP_REDIS_NAME="Build redis"
COMP_PHP_REDIS_DESC="Install/update redis extension for PHP."
COMP_PHP_REDIS_VER="Version ${PHPREDIS_VER}."
COMP_PHP_READLINE_NAME="Build readline"
COMP_PHP_READLINE_DESC="Install/update readline extension for PHP."
COMP_PHP_READLINE_VER=""
COMP_PHP_IMAP_NAME="Build imap"
COMP_PHP_IMAP_DESC="Install/update imap extension for PHP."
COMP_PHP_IMAP_VER="Version ${IMAP_VER}."
COMP_PHP_XMLRPC_NAME="Build xmlrpc"
COMP_PHP_XMLRPC_DESC="Install/update xmlrpc extension for PHP."
COMP_PHP_XMLRPC_VER=""
COMP_IMAGEMAGICK_NAME="Build ImageMagick"
COMP_IMAGEMAGICK_DESC="Install/update ImageMagick."
COMP_IMAGEMAGICK_VER="Version ${IMAGEMAGICK_VER}."
COMP_PHP_IONCUBE_NAME="Build ionCube"
COMP_PHP_IONCUBE_DESC="Install/update ionCube."
COMP_PHP_IONCUBE_VER="Version ${IONCUBE_VER}."
COMP_PHP_SUHOSIN_NAME="Build suhosin"
COMP_PHP_SUHOSIN_DESC="Install/update suhosin."
COMP_PHP_SUHOSIN_VER="Version ${SUHOSIN_VER}."
COMP_LIBMAXMINDDB_NAME="Build libmaxminddb"
COMP_LIBMAXMINDDB_DESC="Install/update libmaxminddb."
COMP_LIBMAXMINDDB_VER="Version ${LIBMAXMINDDB_VER}."
COMP_GEOIPUPDATE_NAME="Build geoipupdate"
COMP_GEOIPUPDATE_DESC="Install/update geoipupdate."
COMP_GEOIPUPDATE_VER="Version ${GEOIPUPDATE_VER}."
COMP_LIBSPF2_NAME="Build libspf2"
COMP_LIBSPF2_DESC="Install/update libspf2."
COMP_LIBSPF2_VER="Version ${LIBSPF2_VER}."
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
COMP_MOD_LSAPI_NAME="Build mod_lsapi"
COMP_MOD_LSAPI_DESC="Install/update mod_lsapi."
COMP_MOD_LSAPI_VER="Version ${MOD_LSAPI_VER}."
COMP_MOD_HOSTINGLIMITS_NAME="Build mod_hostinglimits"
COMP_MOD_HOSTINGLIMITS_DESC="Install/update mod_hostinglimits."
COMP_MOD_HOSTINGLIMITS_VER="Version ${MOD_HOSTINGLIMITS_VER}."
COMP_MOD_PROCTITLE_NAME="Build mod_proctitle"
COMP_MOD_PROCTITLE_DESC="Install/update mod_proctitle."
COMP_MOD_PROCTITLE_VER="Version ${MOD_PROCTITLE_VER}."
fi
COMP_MOD_ACLR2_NAME="Build mod_aclr2"
COMP_MOD_ACLR2_DESC="Install/update mod_aclr2."
COMP_MOD_ACLR2_VER="Version ${MOD_ACLR2_VER}."
COMP_MOD_RUID2_NAME="Build mod_ruid2"
COMP_MOD_RUID2_DESC="Install/update mod_ruid2."
COMP_MOD_RUID2_VER="Version ${MOD_RUID2_VER}."
COMP_MODSECURITY_NAME="Build ModSecurity"
COMP_MODSECURITY_DESC="Install/update ModSecurity."
COMP_MODSECURITY_VER="Version ${MODSECURITY_VER}."
COMP_LIBMODSECURITY_NAME="Build LibModSecurity"
COMP_LIBMODSECURITY_DESC="Install/update LibModSecurity (ModSecurity 3.0)."
COMP_LIBMODSECURITY_VER="Version ${LIBMODSECURITY_VER}."
COMP_MODSECURITY_RULES_NAME="Build ModSecurity Rules"
COMP_MODSECURITY_RULES_DESC="Install/update ModSecurity rule set."
COMP_MODSECURITY_RULES_VER=""
COMP_PHP_OPCACHE_NAME="Build opcache"
COMP_PHP_OPCACHE_DESC="Install/update opcache."
COMP_PHP_OPCACHE_VER=""
COMP_MOD_HTSCANNER2_NAME="Build mod_htscanner2"
COMP_MOD_HTSCANNER2_DESC="Install/update mod_htscanner2."
COMP_MOD_HTSCANNER2_VER="Version ${HTSCANNER_VER}."
COMP_MOD_FCGID_NAME="Build mod_fcgid"
COMP_MOD_FCGID_DESC="Install/update mod_fcgid."
COMP_MOD_FCGID_VER="Version ${MOD_FCGID_VER}."
COMP_MYSQL_NAME="Build ${MYSQLNAME}"
COMP_MYSQL_DESC="Install/update ${MYSQLNAME}."
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
COMP_MYSQL_VER="Version ${MYSQL_VER}."
else
COMP_MYSQL_VER="Version ${MARIADB_VER}."
fi
COMP_NGINX_NAME="Build nginx"
COMP_NGINX_DESC="Install/update nginx WEB server."
COMP_NGINX_VER="Version ${NGINX_VER}."
COMP_LITESPEED_NAME="Build litespeed"
COMP_LITESPEED_DESC="Install/update LiteSpeed WEB server."
COMP_LITESPEED_VER="Version ${LITESPEED_VER}."
COMP_OPENLITESPEED_NAME="Build openlitespeed"
COMP_OPENLITESPEED_DESC="Install/update OpenLiteSpeed WEB server."
COMP_OPENLITESPEED_VER="Version ${OPENLITESPEED_VER}."
COMP_NETDATA_NAME="Build netdata"
COMP_NETDATA_DESC="Install/update netdata metrics for your server."
COMP_NETDATA_VER=""
COMP_NGINX_APACHE_NAME="Build nginx+Apache"
COMP_NGINX_APACHE_DESC="Install/update Apache and nginx (nginx as a reverse proxy for Apache)."
COMP_NGINX_APACHE_VER="Apache ${APACHE2_VER} and nginx ${NGINX_VER}."
COMP_PIGEONHOLE_NAME="Build Pigeonhole"
COMP_PIGEONHOLE_DESC="Install/update Pigeonhole used in Dovecot to provide Sieve email filtering and ManageSieve protocol."
COMP_PIGEONHOLE_VER="Version ${PIGEONHOLE_VER}."
COMP_PHP_NAME="Build PHP"
COMP_PHP_DESC="Install/update PHP."
if [ "${PHP2_RELEASE_OPT}" = "no" ] && [ "${PHP3_RELEASE_OPT}" = "no" ] && [ "${PHP4_RELEASE_OPT}" = "no" ]; then
COMP_PHP_VER="Version ${PHP1_RELEASE_OPT} as ${PHP1_MODE_OPT}."
elif [ "${PHP3_RELEASE_OPT}" = "no" ] && [ "${PHP4_RELEASE_OPT}" = "no" ]; then
COMP_PHP_VER="Version ${PHP1_RELEASE_OPT} as ${PHP1_MODE_OPT} (default) and ${PHP2_RELEASE_OPT} as ${PHP2_MODE_OPT} (additional)."
elif [ "${PHP3_RELEASE_OPT}" = "no" ] && [ "${PHP4_RELEASE_OPT}" = "no" ]; then
COMP_PHP_VER="Version ${PHP1_RELEASE_OPT} as ${PHP1_MODE_OPT} (default), ${PHP2_RELEASE_OPT} as ${PHP2_MODE_OPT} (additional) and ${PHP3_RELEASE_OPT} as ${PHP3_MODE_OPT} (additional)."
else
COMP_PHP_VER="Version ${PHP1_RELEASE_OPT} as ${PHP1_MODE_OPT} (default), ${PHP2_RELEASE_OPT} as ${PHP2_MODE_OPT} (additional), ${PHP3_RELEASE_OPT} as ${PHP3_MODE_OPT} (additional) and ${PHP4_RELEASE_OPT} as ${PHP4_MODE_OPT} (additional)."
fi
COMP_PROFTPD_NAME="Build ProFTPd"
COMP_PROFTPD_DESC="Install/update ProFTPD FTP server."
COMP_PROFTPD_VER="Version ${PROFTPD_VER}."
COMP_PUREFTPD_NAME="Build Pure-FTPd"
COMP_PUREFTPD_DESC="Install/update Pure-FTPd FTP server."
COMP_PUREFTPD_VER="Version ${PUREFTPD_VER}."
COMP_SPAMASSASSIN_NAME="Build SpamAssassin"
COMP_SPAMASSASSIN_DESC="Install/update SpamAssassin."
COMP_SPAMASSASSIN_VER="Version ${SPAMASSASSIN_VER}."
COMP_RSPAMD_NAME="Build Rspamd"
COMP_RSPAMD_DESC="Install/update Rspamd."
COMP_RSPAMD_VER="Version ${RSPAMD_VER}."
COMP_SNAIL_NAME="Build s-nail"
COMP_SNAIL_DESC="Install/update s-nail - environment for sending and receiving mail."
COMP_SNAIL_VER="Version ${S_NAIL_VER}."
COMP_MSMTP_NAME="Build msmtp"
COMP_MSMTP_DESC="Install/update msmtp - smtp client for jailed environments."
COMP_MSMTP_VER="Version ${MSMTP_VER}."
COMP_LUA_NAME="Build lua"
COMP_LUA_DESC="Install/update lua scripting language."
COMP_LUA_VER="Version ${LUA_VER}."
COMP_SPAMASSASSIN_CRON_NAME="Build SpamAssassin cron."
COMP_SPAMASSASSIN_CRON_DESC="Install SpamAssassin cronjob for periodic rule updates."
COMP_SUPHP_NAME="Build suPHP"
COMP_SUPHP_DESC="Install/update suPHP."
COMP_SUPHP_VER="Version ${SUPHP_VER}."
COMP_WEBALIZER_NAME="Build Webalizer"
COMP_WEBALIZER_DESC="Install/update Webalizer."
COMP_WEBALIZER_VER="Version ${WEBALIZER_VER}."
COMP_PHP_ZEND_NAME="Build Zend Guard loader"
COMP_PHP_ZEND_DESC="Install/update Zend Guard loader."
COMP_PHP_ZEND_VER=""
COMP_EXIM_CONF_NAME="Update Exim configuration files"
COMP_EXIM_CONF_DESC="Updates Exim configuration files (exim.conf and exim.pl). WARNING: Any customizations done will be lost."
COMP_DOVECOT_CONF_NAME="Update Dovecot configuration files"
COMP_DOVECOT_CONF_DESC="Updates Dovecot configuration files."
COMP_BLOCKCRACKING_NAME="Enable BlockCracking"
COMP_BLOCKCRACKING_DESC="Enables BlockCracking for outgoing SPAM mitigation in Exim configuration file (exim.conf). Requires Exim configuration version 4.3 or higher. More information: https://forum.directadmin.com/showthread.php?t=50059."
COMP_EASY_SPAM_FIGHTER_NAME="Enable Easy Spam Fighter"
COMP_EASY_SPAM_FIGHTER_DESC="Enables Easy Spam Fighter for incoming SPAM mitigation in Exim configuration file (exim.conf). Requires Exim configuration version 4.3 or higher. More information: https://forum.directadmin.com/showthread.php?t=50059."
COMP_PHP_INI_NAME="Update PHP configuration files"
COMP_PHP_INI_DESC="Updates php.ini configuration files used by PHP. WARNING: Any customizations done will be lost."
COMP_REWRITE_CONFS_NAME="Rewrite WEB server configuration files"
COMP_REWRITE_CONFS_DESC="Rewrites Apache/Nginx WEB server configuration files (useful when configuration got corrupted or needs to be updated). WARNING: customizations must be present in 'custom/' folder, otherwise they will be lost."
COMP_SECURE_PHP_NAME="Secure PHP"
COMP_SECURE_PHP_DESC="Disables dangerous PHP functions in php.ini file."
COMP_LITESPEED_LICENSE_NAME="Update LiceSpeed License"
COMP_LITESPEED_LICENSE_DESC="Updates LiteSpeed license using the serial number provided."
COMP_LITESPEED_LICENSE_MIGRATE_NAME="Migrate LiteSpeed License"
COMP_LITESPEED_LICENSE_MIGRATE_DESC="Releases LiteSpeed license (equivalent of 'lshttpd -m').."
COMP_PHPMYADMIN_NAME="Build phpMyAdmin"
COMP_PHPMYADMIN_DESC="Install/update phpMyAdmin WEB MySQL administration tool."
COMP_PHPMYADMIN_VER="Version ${PHPMYADMIN_VER}."
COMP_ROUNDCUBE_NAME="Build RoundCube"
COMP_ROUNDCUBE_DESC="Install/update RoundCube webmail."
COMP_ROUNDCUBE_VER="Version ${ROUNDCUBE_VER}."
COMP_CUSTOMBUILD_PLUGIN_NAME="Build CustomBuild plugin"
COMP_CUSTOMBUILD_PLUGIN_DESC="Install/update CustomBuild plugin."
COMP_SQUIRRELMAIL_NAME="Build SquirrelMail"
COMP_SQUIRRELMAIL_DESC="Install/update SquirrelMail webmail."
COMP_SQUIRRELMAIL_VER="Version ${SQUIRRELMAIL_VER}."
COMP_CREATE_OPTIONS_NAME="Regenerate options.conf file"
COMP_CREATE_OPTIONS_DESC="Re-create options.conf file by asking questions."
COMP_CRON_NAME="Enable/update CustomBuild cronjob"
COMP_CRON_DESC="Enables or updates cronjob used by CustomBuild to send notifications to specified email address about the updates, auto-update components."
COMP_OPT_HELP_NAME="Options.conf help"
COMP_OPT_HELP_DESC="Generates available options that could be used in the options.conf file."
COMP_OPTIONS_NOBOLD_NAME="Display options.conf settings"
COMP_OPTIONS_NOBOLD_DESC="Shows current options set in the options.conf file"
COMP_SET_NAME="Change options.conf setting"
COMP_SET_DESC="Changes value in the options.conf file"
COMP_SET_FASTEST_NAME="Set fastest download server"
COMP_SET_FASTEST_DESC="Selects the fastest download server to use and sets it in the options.conf file."
COMP_SET_FASTEST_QUIET_NAME="Set fastest download server (no output)"
COMP_SET_FASTEST_QUIET_DESC="Selects the fastest download server to use and sets it in the options.conf file. Command generates no output."
COMP_UPDATE_DA_NAME="Update DirectAdmin"
COMP_UPDATE_DA_DESC="Updates DirectAdmin to the latest version."
COMP_UPDATE_VERSIONS_NAME="Update all components"
COMP_UPDATE_VERSIONS_DESC="Checks what updates are available and applies them."
COMP_UPDATE_WEBAPPS_NAME="Update WEB applications."
COMP_UPDATE_WEBAPPS_DESC="Updates WEB applications if updates are available (only phpMyAdmin, RoundCube and SquirrelMail)."
COMP_USED_CONFIGS_NAME="Used configuration files"
COMP_USED_CONFIGS_DESC="Displays full paths to component configuration (./configure) files used by CustomBuild."
COMP_VERSIONS_NAME="Updates availale"
COMP_VERSIONS_DESC="Shows what updates are available to be applied on the system. Does not update them automatically."
COMP_VERSION_NAME="CustomBuild version"
COMP_VERSION_DESC="Shows CustomBuild version."
COMP_LIST_REMOVALS_NAME="List components for removal"
COMP_LIST_REMOVALS_DESC="Lists all components that are available for removal."
COMP_REMOVE_ITEMS_NAME="Remove not needed components"
COMP_REMOVE_ITEMS_DESC="Removes all components that are available for removal (components that are installed, but not set in options.conf)."
COMP_ALL_NAME="Build everything"
COMP_ALL_DESC="(Re)installs all components set in the options.conf file"
COMP_CLEAN_NAME="Clean old directories"
COMP_CLEAN_DESC="Removes not needed folders from CustomBuild directory."
COMP_CLEAN_OLD_WEBAPPS_NAME="Clean old WEB applications"
COMP_CLEAN_OLD_WEBAPPS_DESC="Removes old WEB applications that are not currently used from /var/www/html directory."
COMP_UPDATE_NAME="Update CustomBuild script and packages"
COMP_UPDATE_DESC="Updates CustomBuild script, grabs latest versions.txt file and packages."
COMP_UPDATE_SCRIPT_NAME="Update CustomBuild script"
COMP_UPDATE_SCRIPT_DESC="Updates CustomBuild script only (the 'build' file)."
COMP_UPDATE_DATA_NAME="Download packages"
COMP_UPDATE_DATA_DESC="Downloads packages needed for the CustomBuild script (does not include versions.txt file or the 'build' file)."
COMP_PHP_EXPERT_NAME="Install specified PHP version"
COMP_PHP_EXPERT_DESC="Installs specified PHP version, but does not apply any automatic configuration to it."
COMP_PHP_HTSCANNER2_NAME="Build php_htscanner2"
COMP_PHP_HTSCANNER2_DESC="Install/update php_htscanner2 component used by Apache and PHP."
COMP_SET_SERVICE_NAME="Service autostart"
COMP_SET_SERVICE_DESC="Calls set_setvice function with specified ON|OFF|delete values."
}
generateHelpJSON() {
initJSONVars
echo "{"
if [ "${1}" != "" ]; then
NUM_OF_SECTIONS=1
HELP_SECTIONS=`echo ${1} | tr "[a-z]" "[A-Z]"`
else
NUM_OF_SECTIONS=`echo ${HELP_SECTIONS} | wc -w`
fi
CUR_SECTION=0
for section in ${HELP_SECTIONS}; do
CUR_SECTION=`expr ${CUR_SECTION} + 1`
LOWERCASE_SECTION=`echo $section | tr "[A-Z]" "[a-z]"`
SECTION_DESC=${section}_DESC
SECTION_SET=${section}_SET
NUM_OF_SETTINGS=`echo "$(eval_var ${SECTION_SET})" | wc -w`
CUR_SETTING=0
SKIP_CAT="no"
for skip_cat_opt in ${HELP_SECTIONS_JSON_SKIP}; do
if [ "${section}" = "${skip_cat_opt}" ]; then
SKIP_CAT="yes"
break
fi
done
printf "\t\"${LOWERCASE_SECTION}\": {\n"
printf "\t\t\"description\": \"$(eval_var ${SECTION_DESC})\",\n"
printf "\t\t\"skip\": \"${SKIP_CAT}\",\n"
for setting in $(eval_var ${SECTION_SET}); do
CUR_SETTING=`expr ${CUR_SETTING} + 1`
SETTING_UP=`echo $setting | tr "[a-z]" "[A-Z]"`
BUILD_NAME="COMP_${SETTING_UP}_NAME"
DESCRIPTION="COMP_${SETTING_UP}_DESC"
VER_VAR="COMP_${SETTING_UP}_VER"
SKIP_VAR="${section}_SKIP"
SKIP="no"
for skip_opt in $(eval_var ${SKIP_VAR}); do
if [ "${setting}" = "${skip_opt}" ]; then
SKIP="yes"
break
fi
done
printf "\t\t\"${setting}\": {\n"
printf "\t\t\t\"build\": \"${setting}\",\n"
VERSION_STRING="$(eval_var ${VER_VAR})"
if [ "${section}" = "BUILD_COMP" ] || [ "${section}" = "BUILD_PHP_EXT" ] || [ "${section}" = "BUILD_COMP_WEBAPPS" ]; then
if [ "${VERSION_STRING}" = "Version 0." ]; then
SKIP="yes"
fi
fi
printf "\t\t\t\"skip\": \"${SKIP}\",\n"
printf "\t\t\t\"name\": \"$(eval_var ${BUILD_NAME})\",\n"
if [ "${section}" = "BUILD_COMP" ] || [ "${section}" = "BUILD_PHP_EXT" ] || [ "${section}" = "BUILD_COMP_WEBAPPS" ]; then
if [ "${VERSION_STRING}" != "Version ." ]; then
printf "\t\t\t\"version\": \"$(eval_var ${VER_VAR})\"\n",
fi
fi
printf "\t\t\t\"description\": \"$(eval_var ${DESCRIPTION})\"\n"
if [ ${CUR_SETTING} -ne ${NUM_OF_SETTINGS} ]; then
printf "\t\t},\n"
else
printf "\t\t}\n"
fi
done
if [ ${CUR_SECTION} -ne ${NUM_OF_SECTIONS} ]; then
printf "\t},\n"
else
printf "\t}\n"
fi
done
echo "}"
}
###################################################
showHelp() {
printf " +%-55s+\n" "-----------------------------------------------------------"
printf " | %-55s %-2s|\n" "DirectAdmin WebServices Installer"
printf " | %-55s %-2s|\n" "Written by Martynas Bendorius and DirectAdmin"
printf " | %-55s %-2s|\n" "Version: $(showVersion)"
printf " +%-55s+\n" "-----------------------------------------------------------"
printf " | %-55s %-2s|\n" "To build everything run:"
printf " | %-55s %-2s|\n" " $0 all"
printf " | %-55s %-2s|\n" ""
printf " | %-55s %-2s|\n" " ${boldon}NOTE${boldoff}: Command all will compile everything as it is set"
printf " | %-55s %-2s|\n" " in the options.conf file, please take a look at"
printf " | %-55s %-2s|\n" " \"$0 options\"!"
generateHelp
printf " +%-55s+\n" "-----------------------------------------------------------"
printf " | %-55s %-2s|\n" "You can pass a 2nd argument to automate the input:"
printf " | %-55s %-2s|\n" " $0 <option> d : do the default action"
printf " | %-55s %-2s|\n" " $0 <option> y : answer yes to all questions"
printf " | %-55s %-2s|\n" " $0 <option> n : answer no to all questions"
printf " +%-55s+\n" "-----------------------------------------------------------"
}
checkFile() {
if [ ! -s $1 ]; then
echo "*** Cannot find $1. Aborting ***"
do_exit 0
else
echo "Found $1"
fi
}
quitIfLocked() {
if [ -e ${LOCKFILE} ]; then
PID="`cat ${LOCKFILE}`"
echo "Another instance of custombuild is running (lockfile: ${LOCKFILE}, PID ${PID})."
if [ "$1" != "" ]; then
echo "Executing: $1"
fi
do_exit 1 ""
else
trap "rm -f ${LOCKFILE}; kill_childs; exit" INT TERM EXIT
echo $$ > ${LOCKFILE}
fi
}
####################################################
get_webmail_link() {
WL=roundcube
if [ "$ROUNDCUBE_OPT" = "no" ]; then
WL=squirrelmail
fi
if [ -s ${DACONF_FILE} ] && [ -s /usr/local/directadmin/directadmin ]; then
WL=`/usr/local/directadmin/directadmin c | grep -m1 '^webmail_link' | cut -d= -f2`
fi
echo "${WL}"
}
doPasswdServerStatus() {
if [ -e /var/www/html/passwd-server-status ]; then
rm -f /var/www/html/passwd-server-status
fi
touch /var/www/passwd-server-status
chown apache:apache /var/www/passwd-server-status
chmod 640 /var/www/passwd-server-status
if command -v htpasswd > /dev/null; then
if grep -q da_admin /var/www/passwd-server-status; then
sed -i '/da_admin/d' /var/www/passwd-server-status
fi
RANDOM_HTPASSWD_USER=`random_pass`
RANDOM_HTPASSWD_PASS=`random_pass`
htpasswd -b -c /var/www/passwd-server-status "${RANDOM_HTPASSWD_USER}" "${RANDOM_HTPASSWD_PASS}" >/dev/null 2>&1
echo "#Authenticate using:" >> /etc/httpd/conf/extra/httpd-info.conf
echo "#Username: ${RANDOM_HTPASSWD_USER}" >> /etc/httpd/conf/extra/httpd-info.conf
echo "#Password: ${RANDOM_HTPASSWD_PASS}" >> /etc/httpd/conf/extra/httpd-info.conf
fi
}
####################################################
doApacheHostConf() {
HOSTCONF=${HTTPDCONF}/extra/httpd-hostname.conf
if [ -e ${WORKDIR}/custom/ap2/conf/extra/httpd-hostname.conf ]; then
cp -pf ${WORKDIR}/custom/ap2/conf/extra/httpd-hostname.conf ${HOSTCONF}
else
echo -n '' > ${HOSTCONF}
if [ "${HAVE_FPM_CGI}" = "yes" ]; then
echo 'SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1' >> ${HOSTCONF}
fi
echo '<Directory /var/www/html>' >> ${HOSTCONF}
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
echo '<FilesMatch "\.(inc|php[0-9]*|phtml|phps)$">' >> ${HOSTCONF}
echo "AddHandler \"proxy:unix:/usr/local/php${PHP1_SHORTRELEASE}/sockets/webapps.sock|fcgi://localhost\" .inc .php .php5 .php${PHP1_SHORTRELEASE} .phtml" >> ${HOSTCONF}
echo '</FilesMatch>' >> ${HOSTCONF}
fi
if [ "${PHP1_MODE_OPT}" = "mod_php" ]; then
echo '<FilesMatch "\.(inc|php[0-9]*|phtml|phps)$">' >> ${HOSTCONF}
echo "AddHandler application/x-httpd-php .php" >> ${HOSTCONF}
echo '</FilesMatch>' >> ${HOSTCONF}
fi
echo ' Options +SymLinksIfOwnerMatch +IncludesNoExec -Indexes' >> ${HOSTCONF}
echo ' AllowOverride AuthConfig FileInfo Indexes Limit Options=Includes,IncludesNOEXEC,Indexes,ExecCGI,MultiViews,SymLinksIfOwnerMatch,None' >> ${HOSTCONF}
echo ' AllowMethods reset' >> ${HOSTCONF}
echo '' >> ${HOSTCONF}
echo ' Require all granted' >> ${HOSTCONF}
echo ' <IfModule mod_suphp.c>' >> ${HOSTCONF}
echo ' suPHP_Engine On' >> ${HOSTCONF}
echo ' suPHP_UserGroup webapps webapps' >> ${HOSTCONF}
echo ' </IfModule>' >> ${HOSTCONF}
echo ' <IfModule mod_ruid2.c>' >> ${HOSTCONF}
echo ' RUidGid webapps webapps' >> ${HOSTCONF}
echo ' </IfModule>' >> ${HOSTCONF}
echo ' <IfModule mod_lsapi.c>' >> ${HOSTCONF}
echo ' lsapi_user_group webapps webapps' >> ${HOSTCONF}
echo " php_admin_value session.save_path ${APP_TMP}" >> ${HOSTCONF}
echo " php_admin_value upload_tmp_dir ${APP_TMP}" >> ${HOSTCONF}
echo ' </IfModule>' >> ${HOSTCONF}
if [ "${PHP1_MODE_OPT}" = "mod_php" ]; then
echo ' <IfModule mod_php5.c>' >> ${HOSTCONF}
echo " php_admin_value session.save_path ${APP_TMP}" >> ${HOSTCONF}
echo " php_admin_value upload_tmp_dir ${APP_TMP}" >> ${HOSTCONF}
echo ' </IfModule>' >> ${HOSTCONF}
echo ' <IfModule mod_php7.c>' >> ${HOSTCONF}
echo " php_admin_value session.save_path ${APP_TMP}" >> ${HOSTCONF}
echo " php_admin_value upload_tmp_dir ${APP_TMP}" >> ${HOSTCONF}
echo ' </IfModule>' >> ${HOSTCONF}
echo ' <IfModule mod_php8.c>' >> ${HOSTCONF}
echo " php_admin_value session.save_path ${APP_TMP}" >> ${HOSTCONF}
echo " php_admin_value upload_tmp_dir ${APP_TMP}" >> ${HOSTCONF}
echo ' </IfModule>' >> ${HOSTCONF}
fi
ensure_webapps_tmp
WEBAPPS_FCGID_DIR=/var/www/fcgid
SUEXEC_PER_DIR="0"
if [ -s /usr/sbin/suexec ]; then
SUEXEC_PER_DIR="`/usr/sbin/suexec -V 2>&1 | grep -c 'AP_PER_DIR'`"
fi
if [ "${PHP1_MODE_OPT}" = "fastcgi" ]; then
echo ' <IfModule mod_fcgid.c>' >> ${HOSTCONF}
echo " FcgidWrapper /usr/local/safe-bin/fcgid${PHP1_SHORTRELEASE}.sh .php" >> ${HOSTCONF}
if [ "${SUEXEC_PER_DIR}" -gt 0 ]; then
echo ' SuexecUserGroup webapps webapps' >> ${HOSTCONF}
fi
echo ' <FilesMatch "\.(inc|php[0-9]*|phtml|phps)$">' >> ${HOSTCONF}
echo ' Options +ExecCGI' >> ${HOSTCONF}
echo ' AddHandler fcgid-script .php' >> ${HOSTCONF}
echo ' </FilesMatch>' >> ${HOSTCONF}
echo ' </IfModule>' >> ${HOSTCONF}
fi
echo '</Directory>' >> ${HOSTCONF}
# Do not show authentication logs for public
echo '<Directory /var/www/html/phpMyAdmin/log>' >> ${HOSTCONF}
echo ' Require all denied' >> ${HOSTCONF}
echo '</Directory>' >> ${HOSTCONF}
fi
}
options() {
if [ "${UNIT_OPT}" = "yes" ]; then
echo "Nginx Unit: ${boldon}${UNIT_VER}${boldoff}"
else
echo "Nginx Unit: ${boldon}no${boldoff}"
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "Apache: ${boldon}${APACHE2_VER}${boldoff}"
elif [ "${WEBSERVER_OPT}" = "nginx" ]; then
echo "Nginx: ${boldon}${NGINX_VER}${boldoff}"
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "Nginx (reverse proxy): ${boldon}${NGINX_VER}${boldoff}"
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
echo "Litespeed: ${boldon}${LITESPEED_VER}${boldoff}"
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
echo "OpenLitespeed: ${boldon}${OPENLITESPEED_VER}${boldoff}"
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "mod_lsapi: ${boldon}${MOD_LSAPI_VER}${boldoff}"
echo "mod_hostinglimits: ${boldon}${MOD_HOSTINGLIMITS_VER}${boldoff}"
echo "mod_proctitle: ${boldon}${MOD_PROCTITLE_VER}${boldoff}"
fi
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
echo "mod_ruid2: ${boldon}${MOD_RUID2_VER}${boldoff}"
else
echo "mod_ruid2: ${boldon}no${boldoff}"
fi
fi
if [ "${WEBSERVER_OPT}" = "apache" ]; then
if [ "${MODSECURITY_OPT}" = "yes" ]; then
echo "ModSecurity: ${boldon}${MODSECURITY_VER}${boldoff}"
echo "ModSecurity Rule Set: ${boldon}${MODSECURITY_RULESET_OPT}${boldoff}"
else
echo "ModSecurity: ${boldon}no${boldoff}"
fi
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ "${WEBSERVER_OPT}" = "nginx" ]; then
if [ "${MODSECURITY_OPT}" = "yes" ]; then
echo "LibModSecurity: ${boldon}${LIBMODSECURITY_VER}${boldoff}"
echo "LibModSecurity Rule Set: ${boldon}${MODSECURITY_RULESET_OPT}${boldoff}"
else
echo "LibModSecurity: ${boldon}no${boldoff}"
fi
fi
if [ "${HAVE_CLI}" = "no" ] && [ "${PHP1_MODE_OPT}" != "lsphp" ]; then
if [ "${HTSCANNER_OPT}" = "yes" ]; then
echo "htscanner: ${boldon}${HTSCANNER_VER}${boldoff}"
else
echo "htscanner: ${boldon}no${boldoff}"
fi
fi
if [ "${DOVECOT_OPT}" = "yes" ]; then
echo "Dovecot: ${boldon}${DOVECOT_VER}${boldoff}"
else
echo "Dovecot: ${boldon}no${boldoff}"
fi
echo "Dovecot configuration: ${boldon}${DOVECOT_CONF_OPT}${boldoff}"
if [ "${AWSTATS_OPT}" = "yes" ]; then
echo "AWstats: ${boldon}${AWSTATS_VER}${boldoff}"
else
echo "AWstats: ${boldon}no${boldoff}"
fi
if [ "${EXIM_OPT}" = "yes" ]; then
echo "Exim: ${boldon}${EXIM_VER}${boldoff}"
else
echo "Exim: ${boldon}no${boldoff}"
fi
if [ "${EXIMCONF_OPT}" = "yes" ]; then
echo "exim.conf update: ${boldon}${EXIMCONF_OPT}, release ${EXIMCONF_RELEASE_OPT}${boldoff}"
else
echo "exim.conf update: ${boldon}${EXIMCONF_OPT}${boldoff}"
fi
echo "BlockCracking: ${boldon}${BLOCKCRACKING_OPT}${boldoff}"
echo "Easy Spam Fighter: ${boldon}${EASY_SPAM_FIGHTER_OPT}${boldoff}"
if [ "${SPAMD_OPT}" = "spamassassin" ]; then
echo "SpamAssassin: ${boldon}${SPAMASSASSIN_VER}${boldoff}"
echo "SpamAssassin rule updates: ${boldon}${SA_UPDATE_OPT}${boldoff}"
elif [ "${SPAMD_OPT}" = "rspamd" ]; then
echo "Rspamd: ${boldon}${RSPAMD_VER}${boldoff}"
else
echo "SpamAssassin: ${boldon}no${boldoff}"
fi
if [ "${CLAMAV_OPT}" = "yes" ]; then
echo "ClamAV: ${boldon}${CLAMAV_VER}${boldoff}"
else
echo "ClamAV: ${boldon}no${boldoff}"
fi
if [ "${MYSQL_INST_OPT}" != "no" ]; then
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
echo "${MYSQLNAME}: ${boldon}${MYSQL_VER}${boldoff}"
else
echo "${MYSQLNAME}: ${boldon}${MARIADB_VER}${boldoff}"
fi
else
echo "${MYSQLNAME}: ${boldon}no${boldoff}"
fi
echo "MySQL backup: ${boldon}${MYSQL_BACKUP_OPT}${boldoff}"
if [ "${MYSQL_BACKUP_OPT}" = "yes" ]; then
echo "MySQL backup directory: ${boldon}${MYSQL_BACKUP_DIR_OPT}${boldoff}"
echo "MySQL compress backups: ${boldon}${MYSQL_BACKUP_GZIP_OPT}${boldoff}"
fi
echo "PHP (default): ${boldon}${PHP1_RELEASE_OPT}${boldoff} as ${boldon}${PHP1_MODE_OPT}${boldoff}"
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
echo "PHP (additional): ${boldon}${PHP2_RELEASE_OPT}${boldoff} as ${boldon}${PHP2_MODE_OPT}${boldoff}"
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
echo "PHP (additional, 3rd): ${boldon}${PHP3_RELEASE_OPT}${boldoff} as ${boldon}${PHP3_MODE_OPT}${boldoff}"
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
echo "PHP (additional, 4th): ${boldon}${PHP4_RELEASE_OPT}${boldoff} as ${boldon}${PHP4_MODE_OPT}${boldoff}"
fi
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
echo "phpMyAdmin: ${boldon}${PHPMYADMIN_VER}${boldoff}"
else
echo "phpMyAdmin: ${boldon}no${boldoff}"
fi
if [ "${FTPD_OPT}" = "proftpd" ]; then
echo "ProFTPD: ${boldon}${PROFTPD_VER}${boldoff}"
else
echo "ProFTPD: ${boldon}no${boldoff}"
fi
if [ "${FTPD_OPT}" = "pureftpd" ]; then
echo "Pure-FTPd: ${boldon}${PUREFTPD_VER}${boldoff}"
else
echo "Pure-FTPd: ${boldon}no${boldoff}"
fi
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
echo "RoundCube webmail: ${boldon}${ROUNDCUBE_VER}${boldoff}"
else
echo "RoundCube webmail: ${boldon}no${boldoff}"
fi
if [ "${WEBAPPS_INBBOX_PREFIX_OPT}" = "yes" ]; then
echo "Webapps using .INBOX prefix for IMAP folders: ${boldon}${WEBAPPS_INBBOX_PREFIX_OPT}${boldoff}"
fi
echo "Replace \"php.ini\" with '$0 all' and '$0 php_ini': ${boldon}${PHP_INI_OPT}${boldoff}"
if [ "${PHP_INI_OPT}" = "yes" ]; then
echo "Replace \"php.ini\" using type: ${boldon}${PHP_INI_TYPE_OPT}${boldoff}"
fi
if [ "${CRON_OPT}" = "yes" ]; then
echo "Cron for notifications and (or) updates: ${boldon}yes${boldoff}"
echo "Cron frequency: ${boldon}${CRON_FREQUENCY_OPT}${boldoff}"
if [ "${NOTIFICATIONS_OPT}" = "yes" ]; then
echo "Auto notifications: ${boldon}yes${boldoff}"
echo "Auto notifications email address: ${boldon}${EMAIL_OPT}${boldoff}"
fi
if [ "${UPDATES_OPT}" = "yes" ]; then
echo "Auto updates: ${boldon}yes${boldoff}"
fi
else
echo "Auto updates/notifications: ${boldon}no${boldoff}"
fi
echo "Run \"clean\" every time: ${boldon}${CLEAN_OPT}${boldoff}"
echo "Run \"clean_old_webapps\" every time: ${boldon}${CLEAN_OLD_WEBAPPS_OPT}${boldoff}"
echo "Run \"clean_old_tarballs\" every time: ${boldon}${CLEAN_OLD_TARBALLS_OPT}${boldoff}"
echo "Show texts in bold: ${boldon}${BOLD_OPT}${boldoff}"
if [ "${SQUIRRELMAIL_OPT}" = "yes" ]; then
echo "SquirrelMail: ${boldon}${SQUIRRELMAIL_VER}${boldoff}"
else
echo "SquirrelMail: ${boldon}no${boldoff}"
fi
echo "Zend Guard Loader: ${boldon}${ZEND_OPT}${boldoff}"
if [ "${IONCUBE_OPT}" = "yes" ]; then
echo "ionCube loader: ${boldon}${IONCUBE_VER}${boldoff}"
else
echo "ionCube loader: ${boldon}no${boldoff}"
fi
if [ "${SUHOSIN_OPT}" = "yes" ] && [ "${SUHOSIN_PHP_UPLOADSCAN_OPT}" = "yes" ]; then
echo "Suhosin (with PHP upload scan script): ${boldon}${SUHOSIN_VER}${boldoff}"
elif [ "${SUHOSIN_OPT}" = "yes" ] && [ "${SUHOSIN_PHP_UPLOADSCAN_OPT}" = "no" ]; then
echo "Suhosin: ${boldon}${SUHOSIN_VER}${boldoff}"
else
echo "Suhosin: ${boldon}no${boldoff}"
fi
}
####################################################
option_set_valid_php() {
#Used in create_options()
if [ -z $2 ]; then
if [ ! -z "$3" ]; then
OPTION_VALUE="${3}"
else
echo "Two arguments must be given for the function"
return
fi
else
OPTION_VALUE="${2}"
fi
VAR=`echo $1 | tr "[a-z]" "[A-Z]"`
if [ -z "$(eval_var PHP_${VAR}_SET)" ]; then
echo "${1} is not a valid option."
return
fi
VALID="no"
for i in $(eval_var PHP_${VAR}_SET); do
if [ "${i}" = "${OPTION_VALUE}" ] || [ "${i}" = "userinput" ]; then
VALID="yes"
break
fi
done
if [ "${VALID}" = "yes" ]; then
setPhpOpt $1 ${OPTION_VALUE}
else
echo "${boldon}Invalid selection, please enter the selection again.${boldoff}"
fi
echo ""
}
option_set_valid() {
#Used in create_options()
if [ -z "$2" ]; then
if [ ! -z "$3" ]; then
OPTION_VALUE="${3}"
else
echo "Two arguments must be given for the function"
return
fi
else
OPTION_VALUE="${2}"
fi
VAR=`echo $1 | tr "[a-z]" "[A-Z]"`
if [ -z "$(eval_var ${VAR}_SET)" ]; then
echo "${1} is not a valid option."
return
fi
VALID="no"
for i in $(eval_var ${VAR}_SET); do
if [ "${i}" = "${OPTION_VALUE}" ] || [ "${i}" = "userinput" ]; then
VALID="yes"
break
fi
done
if [ "${VALID}" = "yes" ]; then
setOpt $1 ${OPTION_VALUE}
else
echo "${boldon}Invalid selection, please enter the selection again.${boldoff}"
fi
echo ""
}
create_options() {
HIDE_CHANGES=1
if [ $# -eq 1 ]; then
INPUT_VALUE=$1
fi
if [ -s ${OPTIONS_CONF} ] && [ "${OPTIONS_CONF_EXISTS}" = "1" ]; then
echo -n "Would you like to backup the current options.conf? (yes/no, default: yes): "
read do_opt_backup
until [ "${do_opt_backup}" = "yes" ] || [ "${do_opt_backup}" = "no" ] || [ -z "${do_opt_backup}" ]; do
echo -n "Please enter 'yes', 'no' or click 'enter' for default: "
read do_opt_backup
done
if [ -z "${do_opt_backup}" ]; then
do_opt_backup="yes"
fi
if [ "${do_opt_backup}" = "yes" ]; then
cp -f ${OPTIONS_CONF} ${OPTIONS_CONF}.`date +%Y%m%d%I%M%S`.backup
echo "Backup created: ${OPTIONS_CONF}.`date +%Y%m%d%I%M%S`.backup"
fi
echo ""
fi
echo -n "Would you like the default settings of ${WEBSERVER_OPT} and php ${PHP1_RELEASE_OPT} as ${PHP1_MODE_OPT}? (yes/no, default: yes):"
read cb_defaults
until [ "${cb_defaults}" = "yes" ] || [ "${cb_defaults}" = "no" ] || [ -z "${cb_defaults}" ]; do
echo -n "Please enter 'yes' or 'no': "
read cb_defaults
done
if [ -z "${cb_defaults}" ]; then
cb_defaults="yes"
fi
if [ "${cb_defaults}" != "yes" ]; then
QUESTION_SET="`echo ${WEBSERVER_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select webserver you would like to use (${QUESTION_SET}, default: ${WEBSERVER_DEF}):"
read option_answer
option_set_valid webserver "${option_answer}" "${WEBSERVER_DEF}"
done
if [ -e /etc/redhat-release ]; then
if grep -q CloudLinux /etc/redhat-release; then
echo -n "Would you like to enable CloudLinux in CustomBuild? (yes/no, default: yes): "
read clopt
until [ "${clopt}" = "yes" ] || [ "${clopt}" = "no" ] || [ -z "${do_opt_backup}" ]; do
echo -n "Please enter 'yes' or 'no': "
read clopt
done
if [ -z "${clopt}" ]; then
clopt="yes"
fi
setOpt cloudlinux "${clopt}"
echo ""
fi
fi
QUESTION_SET="`echo ${MYSQL_INST_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select MySQL database server you would like to use (${QUESTION_SET}, default: ${MYSQL_INST_DEF}):"
read option_answer
option_set_valid mysql_inst "${option_answer}" "${MYSQL_INST_DEF}"
done
MYSQL_INST_ANSWER=${option_answer}
if [ -z "${MYSQL_INST_ANSWER}" ]; then
MYSQL_INST_ANSWER=${MYSQL_INST_DEF}
fi
if [ "${MYSQL_INST_ANSWER}" != "no" ]; then
if [ "${MYSQL_INST_ANSWER}" = "mysql" ]; then
QUESTION_SET="`echo ${MYSQL_SET} | tr ' ' '/'`"
QUESTION_DEF="${MYSQL_DEF}"
else
QUESTION_SET="`echo ${MARIADB_SET} | tr ' ' '/'`"
QUESTION_DEF="${MARIADB_DEF}"
fi
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select ${MYSQL_INST_ANSWER} version you would like to use (${QUESTION_SET}, default: ${QUESTION_DEF}):"
read option_answer
option_set_valid ${MYSQL_INST_ANSWER} "${option_answer}" "${QUESTION_DEF}"
done
fi
QUESTION_SET="`echo ${FTPD_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select FTP server you would like to use (${QUESTION_SET}, ${FTPD_DEF}):"
read option_answer
option_set_valid ftpd "${option_answer}" "${FTPD_DEF}"
done
QUESTION_SET="`echo ${PHP1_RELEASE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select default PHP version you would like to use (${QUESTION_SET}, default: ${PHP1_RELEASE_DEF}):"
read option_answer
option_set_valid php1_release "${option_answer}" "${PHP1_RELEASE_DEF}"
done
DEFPHP_ANSWER="no"
QUESTION_SET="`echo ${PHP1_MODE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select default PHP mode you would like to use (${QUESTION_SET}, default: ${PHP1_MODE_DEF}):"
read option_answer
option_set_valid php1_mode "${option_answer}" "${PHP1_MODE_DEF}"
done
DEFPHP_ANSWER=${option_answer}
if [ -z "${DEFPHP_ANSWER}" ]; then
DEFPHP_ANSWER="${PHP1_MODE_DEF}"
fi
echo -n "Would you like to have a second instance of PHP installed? (yes/no, default: no): "
read wantsec
until [ "${wantsec}" = "yes" ] || [ "${wantsec}" = "no" ] || [ -z "${wantsec}" ]; do
echo -n "Please enter 'yes' or 'no': "
read wantsec
if [ -z "${wantsec}" ]; then
wantsec="no"
fi
done
echo ""
if [ "${wantsec}" = "yes" ]; then
#PHP1_RELEASE_SET is not a bug here :) It's set not to display "no" as an option, because the previous question already asks if anyone would like to have a 2nd version of PHP
QUESTION_SET="`echo ${PHP1_RELEASE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select additional PHP version you would like to use (${QUESTION_SET}):"
read option_answer
option_set_valid php2_release ${option_answer}
done
QUESTION_SET="`echo ${PHP2_MODE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select additional PHP mode you would like to use (${QUESTION_SET}, default: ${PHP1_MODE_DEF}):"
read option_answer
option_set_valid php2_mode "${option_answer}" "${PHP1_MODE_DEF}"
done
echo -n "Would you like to have a third instance of PHP installed? (yes/no, default: no): "
read wantthird
until [ "${wantthird}" = "yes" ] || [ "${wantthird}" = "no" ] || [ -z "${wantthird}" ]; do
echo -n "Please enter 'yes' or 'no': "
read wantthird
if [ -z "${wantthird}" ]; then
wantthird="no"
fi
done
echo ""
if [ "${wantthird}" = "yes" ]; then
#PHP1_RELEASE_SET is not a bug here :) It's set not to display "no" as an option, because the previous question already asks if anyone would like to have a 2nd version of PHP
QUESTION_SET="`echo ${PHP1_RELEASE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select additional PHP version you would like to use (${QUESTION_SET}):"
read option_answer
option_set_valid php3_release ${option_answer}
done
QUESTION_SET="`echo ${PHP3_MODE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select additional PHP mode you would like to use (${QUESTION_SET}, default: ${PHP1_MODE_DEF}):"
read option_answer
option_set_valid php3_mode "${option_answer}" "${PHP1_MODE_DEF}"
done
echo -n "Would you like to have a fourth instance of PHP installed? (yes/no, default: no): "
read wantfourth
until [ "${wantfourth}" = "yes" ] || [ "${wantfourth}" = "no" ] || [ -z "${wantfourth}" ]; do
echo -n "Please enter 'yes' or 'no': "
read wantfourth
if [ -z "${wantfourth}" ]; then
wantfourth="no"
fi
done
echo ""
if [ "${wantfourth}" = "yes" ]; then
#PHP1_RELEASE_SET is not a bug here :) It's set not to display "no" as an option, because the previous question already asks if anyone would like to have a 2nd version of PHP
QUESTION_SET="`echo ${PHP1_RELEASE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select additional PHP version you would like to use (${QUESTION_SET}):"
read option_answer
option_set_valid php4_release ${option_answer}
done
QUESTION_SET="`echo ${PHP4_MODE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select additional PHP mode you would like to use (${QUESTION_SET}, default: ${PHP1_MODE_DEF}):"
read option_answer
option_set_valid php4_mode "${option_answer}" "${PHP1_MODE_DEF}"
done
fi
fi
fi
if [ "${DEFPHP_ANSWER}" = "mod_php" ]; then
QUESTION_SET="`echo ${MOD_RUID2_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select if you would like to use mod_ruid2 (${QUESTION_SET}, default: ${MOD_RUID2_DEF}):"
read option_answer
option_set_valid mod_ruid2 "${option_answer}" "${MOD_RUID2_DEF}"
done
else
setOpt mod_ruid2 no
fi
QUESTION_SET="`echo ${PHP_IONCUBE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select if you would like to use ionCube (${QUESTION_SET}, default: ${PHP_IONCUBE_DEF}):"
read option_answer
option_set_valid_php ioncube "${option_answer}" "${PHP_IONCUBE_DEF}"
done
QUESTION_SET="`echo ${PHP_OPCACHE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select if you would like to use opCache (${QUESTION_SET}, default: ${PHP_OPCACHE_DEF}):"
read option_answer
option_set_valid_php opcache "${option_answer}" "${PHP_OPCACHE_DEF}"
done
#EOL, not very useful question
#QUESTION_SET="`echo ${PHP_ZEND_SET} | tr ' ' '/'`"
#VALID="no"
#until [ "${VALID}" = "yes" ]; do
# echo -n "Please select if you would like to use Zend Guard Loader (${QUESTION_SET}, default: ${PHP_ZEND_DEF}):"
# read option_answer
# option_set_valid_php zend "${option_answer}" "${PHP_ZEND_DEF}"
#done
QUESTION_SET="`echo ${PHP_ZEND_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select if you would like to use Zend Guard Loader (${QUESTION_SET}, default: ${PHP_ZEND_DEF}):"
read option_answer
option_set_valid_php zend "${option_answer}" "${PHP_ZEND_DEF}"
done
QUESTION_SET="`echo ${EXIM_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select if you would like CustomBuild to manage Exim installation (${QUESTION_SET}, default: ${EXIM_DEF}):"
read option_answer
option_set_valid exim "${option_answer}" "${EXIM_DEF}"
done
QUESTION_SET="`echo ${DOVECOT_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select if you would like CustomBuild to manage Dovecot installation (${QUESTION_SET}, default: ${DOVECOT_DEF}):"
read option_answer
option_set_valid dovecot "${option_answer}" "${DOVECOT_DEF}"
done
QUESTION_SET="`echo ${PHPMYADMIN_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select if you would like CustomBuild to manage phpMyAdmin installation (${QUESTION_SET}, default: ${PHPMYADMIN_DEF}):"
read option_answer
option_set_valid phpmyadmin "${option_answer}" "${PHPMYADMIN_DEF}"
done
QUESTION_SET="`echo ${SQUIRRELMAIL_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select if you would like CustomBuild to manage SquirrelMail installation (${QUESTION_SET}, default: ${SQUIRRELMAIL_DEF}):"
read option_answer
option_set_valid squirrelmail "${option_answer}" "${SQUIRRELMAIL_DEF}"
done
QUESTION_SET="`echo ${ROUNDCUBE_SET} | tr ' ' '/'`"
VALID="no"
until [ "${VALID}" = "yes" ]; do
echo -n "Please select if you would like CustomBuild to manage RoundCube installation (${QUESTION_SET}, default: ${ROUNDCUBE_DEF}):"
read option_answer
option_set_valid roundcube "${option_answer}" "${ROUNDCUBE_DEF}"
done
fi
}
####################################################
used_configs() {
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "Apache configuration file: ${WORKDIR}/${APACHE2_CONFIGURE}"
fi
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
echo "Nginx configuration file: ${WORKDIR}/${NGINX_CONFIGURE}"
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "Nginx (reverse proxy) configuration file: ${WORKDIR}/${NGINX_CONFIGURE}"
fi
PHP_INI_VAR=PHP_INI_FPM${PHP1_SHORTRELEASE}
echo "PHP (default) php.ini file: $(eval_var ${PHP_INI_VAR})"
if [ "${PHP2_MODE_OPT}" != "mod_php" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
PHP_INI_VAR=PHP_INI_FPM${PHP2_SHORTRELEASE}
echo "PHP (additional) php.ini file: $(eval_var ${PHP_INI_VAR})"
fi
if [ "${PHP3_MODE_OPT}" != "mod_php" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
PHP_INI_VAR=PHP_INI_FPM${PHP3_SHORTRELEASE}
echo "PHP (additional, 3rd) php.ini file: $(eval_var ${PHP_INI_VAR})"
fi
if [ "${PHP4_MODE_OPT}" != "mod_php" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
PHP_INI_VAR=PHP_INI_FPM${PHP4_SHORTRELEASE}
echo "PHP (additional, 4th) php.ini file: $(eval_var ${PHP_INI_VAR})"
fi
if [ "${PHP1_MODE_OPT}" = "mod_php" ]; then
CONFIGURE_FILE_VAR=PHP${PHP1_SHORTRELEASE}_CONFIGURE
echo "PHP (default) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
CONFIGURE_FILE_VAR=PHP${PHP1_SHORTRELEASE}_CONFIGURE_FPM
echo "PHP (default) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP1_MODE_OPT}" = "suphp" ] || [ "${PHP2_MODE_OPT}" = "suphp" ]; then
echo "suPHP configuration file: ${WORKDIR}/${SUPHP_CONFIGURE}"
fi
if [ "${PHP1_MODE_OPT}" = "suphp" ]; then
echo "suPHP configuration file: ${WORKDIR}/${SUPHP_CONFIGURE}"
CONFIGURE_FILE_VAR=PHP${PHP1_SHORTRELEASE}_CONFIGURE_SUPHP
echo "PHP (default) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP1_MODE_OPT}" = "fastcgi" ]; then
CONFIGURE_FILE_VAR=PHP${PHP1_SHORTRELEASE}_CONFIGURE_FCGI
echo "PHP (default) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP1_MODE_OPT}" = "lsphp" ]; then
CONFIGURE_FILE_VAR=PHP${PHP1_SHORTRELEASE}_CONFIGURE_LSPHP
echo "PHP (default) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP2_MODE_OPT}" = "lsphp" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP2_SHORTRELEASE}_CONFIGURE_LSPHP
echo "PHP (additional) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP2_MODE_OPT}" = "suphp" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP2_SHORTRELEASE}_CONFIGURE_SUPHP
echo "PHP (additional) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP2_MODE_OPT}" = "fastcgi" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP2_SHORTRELEASE}_CONFIGURE_FCGI
echo "PHP (additional) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP2_MODE_OPT}" = "mod_php" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP2_SHORTRELEASE}_CONFIGURE
echo "PHP (additional) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP2_MODE_OPT}" = "php-fpm" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP2_SHORTRELEASE}_CONFIGURE_FPM
echo "PHP (additional) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP3_MODE_OPT}" = "lsphp" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP3_SHORTRELEASE}_CONFIGURE_LSPHP
echo "PHP (additional, 3rd) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP3_MODE_OPT}" = "suphp" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP3_SHORTRELEASE}_CONFIGURE_SUPHP
echo "PHP (additional, 3rd) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP3_MODE_OPT}" = "fastcgi" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP3_SHORTRELEASE}_CONFIGURE_FCGI
echo "PHP (additional, 3rd) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP3_MODE_OPT}" = "mod_php" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP3_SHORTRELEASE}_CONFIGURE
echo "PHP (additional, 3rd) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP3_MODE_OPT}" = "php-fpm" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP3_SHORTRELEASE}_CONFIGURE_FPM
echo "PHP (additional, 3rd) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP4_MODE_OPT}" = "lsphp" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP4_SHORTRELEASE}_CONFIGURE_LSPHP
echo "PHP (additional, 4th) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP4_MODE_OPT}" = "suphp" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP4_SHORTRELEASE}_CONFIGURE_SUPHP
echo "PHP (additional, 4th) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP4_MODE_OPT}" = "fastcgi" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP4_SHORTRELEASE}_CONFIGURE_FCGI
echo "PHP (additional, 4th) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP4_MODE_OPT}" = "mod_php" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP4_SHORTRELEASE}_CONFIGURE
echo "PHP (additional, 4th) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${PHP4_MODE_OPT}" = "php-fpm" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
CONFIGURE_FILE_VAR=PHP${PHP4_SHORTRELEASE}_CONFIGURE_FPM
echo "PHP (additional, 4th) configuration file: ${WORKDIR}/$(eval_var ${CONFIGURE_FILE_VAR})"
fi
if [ "${FTPD_OPT}" = "proftpd" ]; then
echo "ProFTPD configuration file: ${WORKDIR}/${PROFTPD_CONFIGURE}"
fi
if [ "${FTPD_OPT}" = "pureftpd" ]; then
echo "PureFTPD configuration file: ${WORKDIR}/${PUREFTPD_CONFIGURE}"
fi
if [ "${IMAGICK_OPT}" = "yes" ]; then
echo "ImageMagick configuration file: ${WORKDIR}/${IMAGEMAGICK_CONFIGURE}"
fi
if [ "${EXIM_OPT}" = "yes" ]; then
echo -n "Exim Makefile: "
if [ "${EXIM_MAKEFILE}" != "" ]; then
echo "${EXIM_MAKEFILE}"
else
echo "${WEBPATH}/Makefile"
fi
fi
if [ "${DOVECOT_OPT}" = "yes" ]; then
echo "Dovecot configuration file: ${WORKDIR}/${DOVECOT_CONFIGURE}"
fi
if [ -d ${PMA_THEMES} ]; then
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
echo "phpMyAdmin themes directory: ${PMA_THEMES}"
fi
fi
if [ -e ${PMA_MAIN_CONFIG} ]; then
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
echo "phpMyAdmin configuration file: ${PMA_MAIN_CONFIG}"
fi
fi
if [ -e ${PMA_HTACCESS} ]; then
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
echo "phpMyAdmin .htaccess file: ${PMA_HTACCESS}"
fi
fi
if [ -e ${PMA_USER_INI} ]; then
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
echo "phpMyAdmin .user.ini file: ${PMA_USER_INI}"
fi
fi
if [ -e ${SQUIRREL_CONFIG} ]; then
if [ "${SQUIRRELMAIL_OPT}" = "yes" ]; then
echo "SquirrelMail configuration file: ${SQUIRREL_CONFIG}"
fi
fi
if [ -e ${ROUNDCUBE_CONFIG} ]; then
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
echo "RoundCube webmail configuration file: ${ROUNDCUBE_CONFIG}"
fi
fi
if [ -e ${ROUNDCUBE_CONFIG_DB} ]; then
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
echo "RoundCube webmail database configuration file: ${ROUNDCUBE_CONFIG_DB}"
fi
fi
if [ -e ${ROUNDCUBE_HTACCESS} ]; then
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
echo "RoundCube .htaccess file: ${ROUNDCUBE_HTACCESS}"
fi
fi
if [ -e ${ROUNDCUBE_COMPOSER} ]; then
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
echo "RoundCube composer.json file: ${ROUNDCUBE_COMPOSER}"
fi
fi
if [ -d ${ROUNDCUBE_PLUGINS} ]; then
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
echo "RoundCube webmail plugins overwrite directory: ${ROUNDCUBE_PLUGINS}"
fi
fi
if [ -d ${ROUNDCUBE_SKINS} ]; then
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
echo "RoundCube webmail skins overwrite directory: ${ROUNDCUBE_SKINS}"
fi
fi
if [ -d ${ROUNDCUBE_VENDOR} ]; then
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
echo "RoundCube webmail vendor overwrite directory: ${ROUNDCUBE_VENDOR}"
fi
fi
if [ -d ${ROUNDCUBE_PROGRAM} ]; then
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
echo "RoundCube webmail program overwrite directory: ${ROUNDCUBE_PROGRAM}"
fi
fi
}
####################################################
init_customize_write() {
PLUGIN_PATH=/usr/local/directadmin/plugins/custombuild/configure
CUSTOMIZE_AP2_WRITE=${PLUGIN_PATH}/ap2/configure.apache
CUSTOMIZE_NGINX_WRITE=${PLUGIN_PATH}/nginx/configure.nginx
CUSTOMIZE_NGINX_REVERSE_WRITE=${PLUGIN_PATH}/nginx_reverse/configure.nginx
CUSTOMIZE_PROFTPD_WRITE=${PLUGIN_PATH}/proftpd/configure.proftpd
CUSTOMIZE_PUREFTPD_WRITE=${PLUGIN_PATH}/pureftpd/configure.pureftpd
CUSTOMIZE_CLAMAV_WRITE=${PLUGIN_PATH}/clamav/configure.clamav
CUSTOMIZE_SUPHP_WRITE=${PLUGIN_PATH}/suphp/configure.suphp
CUSTOMIZE_DOVECOT_WRITE=${PLUGIN_PATH}/dovecot/configure.dovecot
}
set_versions() {
if [ "$1" = "show" ]; then
if [ -e ${VERSIONS_FILE} ]; then
if [ -e ${VERSIONS_FILE_LITESPEED} ] && [ -e ${VERSIONS_FILE_CL} ] && [ -e ${VERSIONS_FILE_CWAF} ]; then
cat ${VERSIONS_FILE_LITESPEED} ${VERSIONS_FILE_CL} ${VERSIONS_FILE_CWAF} ${VERSIONS_FILE}
elif [ -e ${VERSIONS_FILE_LITESPEED} ] && [ -e ${VERSIONS_FILE_CL} ] && [ ! -e ${VERSIONS_FILE_CWAF} ]; then
cat ${VERSIONS_FILE_LITESPEED} ${VERSIONS_FILE_CL} ${VERSIONS_FILE}
elif [ ! -e ${VERSIONS_FILE_LITESPEED} ] && [ -e ${VERSIONS_FILE_CL} ] && [ -e ${VERSIONS_FILE_CWAF} ]; then
cat ${VERSIONS_FILE_CL} ${VERSIONS_FILE_CWAF} ${VERSIONS_FILE}
elif [ -e ${VERSIONS_FILE_LITESPEED} ] && [ ! -e ${VERSIONS_FILE_CL} ] && [ -e ${VERSIONS_FILE_CWAF} ]; then
cat ${VERSIONS_FILE_LITESPEED} ${VERSIONS_FILE_CWAF} ${VERSIONS_FILE}
elif [ -e ${VERSIONS_FILE_LITESPEED} ] && [ ! -e ${VERSIONS_FILE_CL} ] && [ ! -e ${VERSIONS_FILE_CWAF} ]; then
cat ${VERSIONS_FILE_LITESPEED} ${VERSIONS_FILE}
elif [ ! -e ${VERSIONS_FILE_LITESPEED} ] && [ ! -e ${VERSIONS_FILE_CL} ] && [ -e ${VERSIONS_FILE_CWAF} ]; then
cat ${VERSIONS_FILE_CWAF} ${VERSIONS_FILE}
elif [ ! -e ${VERSIONS_FILE_LITESPEED} ] && [ -e ${VERSIONS_FILE_CL} ] && [ ! -e ${VERSIONS_FILE_CWAF} ]; then
cat ${VERSIONS_FILE_CL} ${VERSIONS_FILE}
else
cat ${VERSIONS_FILE}
fi
fi
elif [ "$1" = "show_customized" ]; then
if [ -e ${VERSIONS_FILE_CUSTOM} ]; then
cat ${VERSIONS_FILE_CUSTOM}
fi
elif [ "$1" = "remove_customized" ]; then
if [ -e ${VERSIONS_FILE_CUSTOM} ]; then
rm -f ${VERSIONS_FILE_CUSTOM}
fi
else
if [ -e /usr/local/directadmin/plugins/custombuild/configure/versions.txt ]; then
cat /usr/local/directadmin/plugins/custombuild/configure/versions.txt > ${VERSIONS_FILE_CUSTOM}
else
echo "/usr/local/directadmin/plugins/custombuild/configure/versions.txt does not exist."
fi
fi
}
customize_config() {
if [ "${1}" = "" ]; then
do_exit 1 "First argument (component) is needed for the function to work."
fi
init_customize_write
ARGUMENT=$1
if [ "${ARGUMENT}" = "ap2" ]; then
COMPONENT=${ARGUMENT}
CONF_PATH=${WORKDIR}/custom/${COMPONENT}
CONF_FILE=${CONF_PATH}/configure.apache
if [ ! -s ${CONF_FILE} ]; then
mkdir -p ${CONF_PATH}
touch ${CONF_FILE}
fi
cat ${CUSTOMIZE_AP2_WRITE} > ${CONF_FILE}
chmod 700 ${CONF_FILE}
fi
if [ "${ARGUMENT}" = "nginx" ]; then
COMPONENT=${ARGUMENT}
CONF_PATH=${WORKDIR}/custom/${COMPONENT}
CONF_FILE=${CONF_PATH}/configure.nginx
if [ ! -s ${CONF_FILE} ]; then
mkdir -p ${CONF_PATH}
touch ${CONF_FILE}
fi
cat ${CUSTOMIZE_NGINX_WRITE} > ${CONF_FILE}
chmod 700 ${CONF_FILE}
fi
if [ "${ARGUMENT}" = "nginx_reverse" ]; then
COMPONENT=${ARGUMENT}
CONF_PATH=${WORKDIR}/custom/${COMPONENT}
CONF_FILE=${CONF_PATH}/configure.nginx
if [ ! -s ${CONF_FILE} ]; then
mkdir -p ${CONF_PATH}
touch ${CONF_FILE}
fi
cat ${CUSTOMIZE_NGINX_REVERSE_WRITE} > ${CONF_FILE}
chmod 700 ${CONF_FILE}
fi
if [ "${ARGUMENT}" = "proftpd" ]; then
COMPONENT=${ARGUMENT}
CONF_PATH=${WORKDIR}/custom/${COMPONENT}
CONF_FILE=${CONF_PATH}/configure.proftpd
if [ ! -s ${CONF_FILE} ]; then
mkdir -p ${CONF_PATH}
touch ${CONF_FILE}
fi
cat ${CUSTOMIZE_PROFTPD_WRITE} > ${CONF_FILE}
chmod 700 ${CONF_FILE}
fi
if [ "${ARGUMENT}" = "clamav" ]; then
COMPONENT=${ARGUMENT}
CONF_PATH=${WORKDIR}/custom/${COMPONENT}
CONF_FILE=${CONF_PATH}/configure.clamav
if [ ! -s ${CONF_FILE} ]; then
mkdir -p ${CONF_PATH}
touch ${CONF_FILE}
fi
cat ${CUSTOMIZE_CLAMAV_WRITE} > ${CONF_FILE}
chmod 700 ${CONF_FILE}
fi
if [ "${ARGUMENT}" = "pureftpd" ]; then
COMPONENT=${ARGUMENT}
CONF_PATH=${WORKDIR}/custom/${COMPONENT}
CONF_FILE=${CONF_PATH}/configure.pureftpd
if [ ! -s ${CONF_FILE} ]; then
mkdir -p ${CONF_PATH}
touch ${CONF_FILE}
fi
cat ${CUSTOMIZE_PUREFTPD_WRITE} > ${CONF_FILE}
chmod 700 ${CONF_FILE}
fi
if [ "${ARGUMENT}" = "suphp" ]; then
COMPONENT=${ARGUMENT}
CONF_PATH=${WORKDIR}/custom/${COMPONENT}
CONF_FILE=${CONF_PATH}/configure.suphp
if [ ! -s ${CONF_FILE} ]; then
mkdir -p ${CONF_PATH}
touch ${CONF_FILE}
fi
cat ${CUSTOMIZE_SUPHP_WRITE} > ${CONF_FILE}
chmod 700 ${CONF_FILE}
fi
if [ "${ARGUMENT}" = "dovecot" ]; then
COMPONENT=${ARGUMENT}
CONF_PATH=${WORKDIR}/custom/${COMPONENT}
CONF_FILE=${CONF_PATH}/configure.dovecot
if [ ! -s ${CONF_FILE} ]; then
mkdir -p ${CONF_PATH}
touch ${CONF_FILE}
fi
cat ${CUSTOMIZE_DOVECOT_WRITE} > ${CONF_FILE}
chmod 700 ${CONF_FILE}
fi
if [ `echo ${ARGUMENT} | grep -c '^php[0-9][0-9]$'` -eq 1 ]; then
CONF_PATH=${WORKDIR}/custom/php
CONF_FILE=${CONF_PATH}/configure.${ARGUMENT}
if [ ! -s ${CONF_FILE} ]; then
mkdir -p ${CONF_PATH}
touch ${CONF_FILE}
fi
cat ${PLUGIN_PATH}/php/configure.${ARGUMENT} > ${CONF_FILE}
chmod 700 ${CONF_FILE}
fi
}
####################################################
initConfigsJSON() {
NUM_OF_SECTIONS=0
AVAIL_CONFIGS=" "
PLUGIN_PATH=/usr/local/directadmin/plugins/custombuild/configure
PHP_CONFIGURE_ENDING="_CONFIGURE"
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}ap2 "
CUSTOMIZE_AP2_DESC="Apache configuration file"
CUSTOMIZE_AP2_READ="${WORKDIR}/${APACHE2_CONFIGURE}"
fi
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}nginx "
CUSTOMIZE_NGINX_DESC="Nginx configuration file"
CUSTOMIZE_NGINX_READ="${WORKDIR}/${NGINX_CONFIGURE}"
fi
if [ "${WEBSERVER_OPT}" = "nginx_reverse" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}nginx_reverse "
CUSTOMIZE_NGINX_REVERSE_DESC="Nginx (reverse proxy) configuration file"
CUSTOMIZE_NGINX_REVERSE_READ="${WORKDIR}/${NGINX_CONFIGURE}"
fi
if [ "${DOVECOT_OPT}" = "yes" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}dovecot "
CUSTOMIZE_DOVECOT_DESC="Dovecot configuration file"
CUSTOMIZE_DOVECOT_READ="${WORKDIR}/${DOVECOT_CONFIGURE}"
fi
if [ "${FTPD_OPT}" = "proftpd" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}proftpd "
CUSTOMIZE_PROFTPD_DESC="ProFTPd configuration file"
CUSTOMIZE_PROFTPD_READ="${WORKDIR}/${PROFTPD_CONFIGURE}"
elif [ "${FTPD_OPT}" = "pureftpd" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}pureftpd "
CUSTOMIZE_PUREFTPD_DESC="Pure-FTPd configuration file"
CUSTOMIZE_PUREFTPD_READ="${WORKDIR}/${PUREFTPD_CONFIGURE}"
fi
if [ "${IMAGICK}" = "yes" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}imagemagick "
CUSTOMIZE_IMAGEMAGICK_DESC="ImageMagick configuration file"
CUSTOMIZE_IMAGEMAGICK_READ="${WORKDIR}/${IMAGEMAGICK_CONFIGURE}"
fi
if [ "${CLAMAV_OPT}" = "yes" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}clamav "
CUSTOMIZE_CLAMAV_DESC="ClamAV configuration file"
CUSTOMIZE_CLAMAV_READ="${WORKDIR}/${CLAMAV_CONFIGURE}"
fi
#cURL
AVAIL_CONFIGS="${AVAIL_CONFIGS}curl "
CUSTOMIZE_CURL_DESC="cURL configuration file"
CUSTOMIZE_CURL_READ="${WORKDIR}/${CURL_CONFIGURE}"
#PHP1
AVAIL_CONFIGS="${AVAIL_CONFIGS}php${PHP1_SHORTRELEASE} "
eval `echo "CUSTOMIZE_PHP${PHP1_SHORTRELEASE}_DESC=\"PHP ${PHP1_RELEASE_OPT} as ${PHP1_MODE_OPT} (default) configuration file\""`
READ_VAR="PHP${PHP1_SHORTRELEASE}${PHP_CONFIGURE_ENDING}"
eval `echo "CUSTOMIZE_PHP${PHP1_SHORTRELEASE}_READ=\"${WORKDIR}/$(eval_var ${READ_VAR})\""`
PLUGIN_WRITE=`echo $(eval_var ${READ_VAR}) | perl -0p -e 's|^custom/||' | perl -0p -e 's|^configure/||'`
eval `echo "CUSTOMIZE_PHP${PHP1_SHORTRELEASE}_WRITE=\"${PLUGIN_PATH}/${PLUGIN_WRITE}\""`
#PHP2
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}php${PHP2_SHORTRELEASE} "
eval `echo "CUSTOMIZE_PHP${PHP2_SHORTRELEASE}_DESC=\"PHP ${PHP2_RELEASE_OPT} as ${PHP2_MODE_OPT} (additional) configuration file\""`
READ_VAR="PHP${PHP2_SHORTRELEASE}${PHP_CONFIGURE_ENDING}"
eval `echo "CUSTOMIZE_PHP${PHP2_SHORTRELEASE}_READ=\"${WORKDIR}/$(eval_var ${READ_VAR})\""`
PLUGIN_WRITE=`echo $(eval_var ${READ_VAR}) | perl -0p -e 's|^custom/||' | perl -0p -e 's|^configure/||'`
eval `echo "CUSTOMIZE_PHP${PHP2_SHORTRELEASE}_WRITE=\"${PLUGIN_PATH}/${PLUGIN_WRITE}\""`
fi
#PHP3
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}php${PHP3_SHORTRELEASE} "
eval `echo "CUSTOMIZE_PHP${PHP3_SHORTRELEASE}_DESC=\"PHP ${PHP3_RELEASE_OPT} as ${PHP3_MODE_OPT} (additional) configuration file\""`
READ_VAR="PHP${PHP2_SHORTRELEASE}${PHP_CONFIGURE_ENDING}"
eval `echo "CUSTOMIZE_PHP${PHP3_SHORTRELEASE}_READ=\"${WORKDIR}/$(eval_var ${READ_VAR})\""`
PLUGIN_WRITE=`echo $(eval_var ${READ_VAR}) | perl -0p -e 's|^custom/||' | perl -0p -e 's|^configure/||'`
eval `echo "CUSTOMIZE_PHP${PHP3_SHORTRELEASE}_WRITE=\"${PLUGIN_PATH}/${PLUGIN_WRITE}\""`
fi
#PHP4
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
AVAIL_CONFIGS="${AVAIL_CONFIGS}php${PHP4_SHORTRELEASE} "
eval `echo "CUSTOMIZE_PHP${PHP4_SHORTRELEASE}_DESC=\"PHP ${PHP4_RELEASE_OPT} as ${PHP4_MODE_OPT} (additional) configuration file\""`
READ_VAR="PHP${PHP4_SHORTRELEASE}${PHP_CONFIGURE_ENDING}"
eval `echo "CUSTOMIZE_PHP${PHP4_SHORTRELEASE}_READ=\"${WORKDIR}/$(eval_var ${READ_VAR})\""`
PLUGIN_WRITE=`echo $(eval_var ${READ_VAR}) | perl -0p -e 's|^custom/||' | perl -0p -e 's|^configure/||'`
eval `echo "CUSTOMIZE_PHP${PHP4_SHORTRELEASE}_WRITE=\"${PLUGIN_PATH}/${PLUGIN_WRITE}\""`
fi
}
####################################################
listConfigsJSON() {
initConfigsJSON
init_customize_write
echo "{"
NUM_OF_SECTIONS=`echo ${AVAIL_CONFIGS} | wc -w`
CUR_SECTION=0
for section in ${AVAIL_CONFIGS}; do
CUR_SECTION=`expr ${CUR_SECTION} + 1`
UPPERCASE_SECTION=`echo $section | tr "[a-z]" "[A-Z]"`
SECTION_DESC=CUSTOMIZE_${UPPERCASE_SECTION}_DESC
SECTION_READ=CUSTOMIZE_${UPPERCASE_SECTION}_READ
SECTION_WRITE=CUSTOMIZE_${UPPERCASE_SECTION}_WRITE
FULL_WRITE_PATH="$(eval_var ${SECTION_WRITE})"
DIR_OF_THE_PATH="`dirname ${FULL_WRITE_PATH}`"
if [ ! -d ${DIR_OF_THE_PATH} ]; then
mkdir -p ${DIR_OF_THE_PATH}
fi
printf "\t\"${section}\": {\n"
printf "\t\t\"description\": \"$(eval_var ${SECTION_DESC})\",\n"
printf "\t\t\"read\": \"$(eval_var ${SECTION_READ})\",\n"
printf "\t\t\"write\": \"${FULL_WRITE_PATH}\"\n"
if [ ${CUR_SECTION} -ne ${NUM_OF_SECTIONS} ]; then
printf "\t},\n"
else
printf "\t}\n"
fi
done
echo "}"
if [ "`grep -c cb_plugin /etc/passwd`" = "0" ]; then
chown -R admin:admin /usr/local/directadmin/plugins/custombuild/configure
else
chown -R cb_plugin:cb_plugin /usr/local/directadmin/plugins/custombuild/configure
fi
chmod -R 700 /usr/local/directadmin/plugins/custombuild/configure
}
####################################################
showFile() {
if [ "$1" = "options" ]; then
cat ${WORKDIR}/options.conf
elif [ "$1" = "php_extensions" ]; then
cat ${WORKDIR}/php_extensions.conf
elif [ "$1" = "lockfile" ]; then
if [ -e ${WORKDIR}/.custombuild ]; then
cat ${WORKDIR}/.custombuild
else
echo "0"
fi
fi
}
####################################################
showComponentConfig() {
initConfigsJSON
if [ -z $1 ]; then
echo "Unable to find component config, because of no argument given."
return
fi
UPPERCASE_SECTION=`echo $1 | tr "[a-z]" "[A-Z]"`
SECTION_READ=CUSTOMIZE_${UPPERCASE_SECTION}_READ
cat $(eval_var ${SECTION_READ})
}
####################################################
removeComponentConfig() {
initConfigsJSON
if [ -z $1 ]; then
echo "Unable to find component config, because of no argument given."
return
fi
UPPERCASE_SECTION=`echo $1 | tr "[a-z]" "[A-Z]"`
SECTION_READ=CUSTOMIZE_${UPPERCASE_SECTION}_READ
PATH_TO_THE_FILE="$(eval_var ${SECTION_READ})"
if echo ${PATH_TO_THE_FILE} | grep -q "${WORKDIR}/custom/"; then
rm -f ${PATH_TO_THE_FILE}
else
echo "File ${PATH_TO_THE_FILE} is not a customized configuration file."
fi
}
####################################################
addToAccess() {
if [ -z $1 ]; then
return
fi
# Check for nginx user in access group
if grep -m1 -q "^access" /etc/group; then
if ! grep -m1 "^access" /etc/group | grep -q $1; then
usermod -G access $1
fi
fi
}
####################################################
fpmCheck() {
ARG=$1
CHANGED=0
COUNT=`grep -m1 -c nginx /usr/local/php${ARG}/etc/php-fpm.conf`
CHOWN_USER=${WEBSERVER_OPT}
if [ "${CHOWN_USER}" = "nginx_apache" ]; then
CHOWN_USER=apache
fi
chown ${CHOWN_USER}:${CHOWN_USER} /usr/local/php${ARG}/sockets
FPM_SOCK_CHMOD=710
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
FPM_SOCK_CHMOD=711
fi
chmod ${FPM_SOCK_CHMOD} /usr/local/php${ARG}/sockets
if [ "${WEBSERVER_OPT}" = "nginx" ] && [ "${COUNT}" -eq 0 ]; then
perl -pi -e 's/apache/nginx/' /usr/local/php${ARG}/etc/php-fpm.conf
CHANGED=1
elif [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ "${COUNT}" -gt 0 ]; then
perl -pi -e 's/nginx/apache/' /usr/local/php${ARG}/etc/php-fpm.conf
CHANGED=1
fi
fi
if [ -d /usr/local/php${ARG}/sockets ]; then
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
chgrp -R nginx /usr/local/php${ARG}/sockets
elif [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
chgrp -R apache /usr/local/php${ARG}/sockets
fi
fi
if [ ${CHANGED} -eq 1 ]; then
control_service php-fpm${ARG} restart
fi
}
fpmChecks() {
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
EVAL_CHECK_VAR=HAVE_FPM${php_shortrelease}_CGI
EVAL_COPY_VAR=PHP${php_shortrelease}_FPM_CONF
if [ "$(eval_var ${EVAL_CHECK_VAR})" = "yes" ] && [ -d /usr/local/php${php_shortrelease}/sockets ]; then
cp -f $(eval_var ${EVAL_COPY_VAR}) /usr/local/php${php_shortrelease}/etc/php-fpm.conf
fpmCheck ${php_shortrelease}
fi
done
if [ "${HAVE_FPM_CGI}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
perl -pi -e 's/apache/nginx/' /usr/local/directadmin/data/templates/php-fpm.conf
elif [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
perl -pi -e 's/nginx/apache/' /usr/local/directadmin/data/templates/php-fpm.conf
fi
#update the webapps_settings.conf
#swap "fastcgi_pass unix:/usr/local/php54/sockets/webapps.sock;" if needed
#might be a better way to do this, other checks. Close enough for now.
if [ -e /etc/nginx/webapps_settings.conf ]; then
PHP_REPLACE_STRING="`grep -m1 '^fastcgi_pass unix:/usr/local/php../sockets/webapps.sock;' /etc/nginx/webapps_settings.conf | cut -d/ -f4`"
if [ "${PHP_REPLACE_STRING}" = "" ]; then
PHP_REPLACE_STRING=php54
fi
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
perl -pi -e "s#${PHP_REPLACE_STRING}#php${PHP1_SHORTRELEASE}#" /etc/nginx/webapps_settings.conf
fi
fi
if [ -e /etc/nginx/nginx-vhosts.conf ]; then
PHP_REPLACE_STRING="`grep -m1 '^fastcgi_pass unix:/usr/local/php../sockets/webapps.sock;' /etc/nginx/nginx-vhosts.conf | cut -d/ -f4`"
if [ "${PHP_REPLACE_STRING}" = "" ]; then
PHP_REPLACE_STRING=php54
fi
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
perl -pi -e "s#${PHP_REPLACE_STRING}#php${PHP1_SHORTRELEASE}#" /etc/nginx/nginx-vhosts.conf
fi
fi
if [ -e /etc/nginx/nginx-userdir.conf ]; then
PHP_REPLACE_STRING="`grep -m1 '^fastcgi_pass unix:/usr/local/php../sockets/webapps.sock;' /etc/nginx/nginx-userdir.conf | cut -d/ -f4`"
if [ "${PHP_REPLACE_STRING}" = "" ]; then
PHP_REPLACE_STRING=php54
fi
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
perl -pi -e "s#${PHP_REPLACE_STRING}#php${PHP1_SHORTRELEASE}#" /etc/nginx/nginx-userdir.conf
fi
fi
fi
}
dovecotChecks() {
if [ -e ${DOVECOT_CONFIG} ]; then
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
if grep -m1 -q '/etc/httpd/conf/' ${DOVECOT_CONFIG}; then
perl -pi -e 's#/etc/httpd/conf/#/etc/nginx/#' ${DOVECOT_CONFIG}
control_service dovecot restart
elif grep -m1 -q '/usr/local/lsws/conf/' ${DOVECOT_CONFIG}; then
perl -pi -e 's#/usr/local/lsws/conf/#/etc/nginx/#' ${DOVECOT_CONFIG}
control_service dovecot restart
fi
elif [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
if grep -m1 -q '/etc/httpd/conf/' ${DOVECOT_CONFIG}; then
perl -pi -e 's#/etc/httpd/conf/#/usr/local/lsws/conf/#' ${DOVECOT_CONFIG}
control_service dovecot restart
elif grep -m1 -q '/etc/nginx/' ${DOVECOT_CONFIG}; then
perl -pi -e 's#/etc/nginx/#/usr/local/lsws/conf/#' ${DOVECOT_CONFIG}
control_service dovecot restart
fi
elif [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if grep -m1 -q '/etc/nginx/' ${DOVECOT_CONFIG}; then
perl -pi -e 's#/etc/nginx/#/etc/httpd/conf/#' ${DOVECOT_CONFIG}
control_service dovecot restart
elif grep -m1 -q '/usr/local/lsws/conf/' ${DOVECOT_CONFIG}; then
perl -pi -e 's#/usr/local/lsws/conf/#/etc/httpd/conf/#' ${DOVECOT_CONFIG}
control_service dovecot restart
fi
fi
fi
}
####################################################
SKIP_WEBAPPS_SECTION=0
skip_webapps_toggle() {
SKIP_WEBAPPS_SECTION=1
}
case "$1" in
"") skip_webapps_toggle ;;
opt_help) skip_webapps_toggle ;;
set) skip_webapps_toggle ;;
set_php) skip_webapps_toggle ;;
get_versions_txt) skip_webapps_toggle ;;
update_script) skip_webapps_toggle ;;
version) skip_webapps_toggle ;;
set_fastest) skip_webapps_toggle ;;
set_fastest_quiet) skip_webapps_toggle ;;
kill) skip_webapps_toggle ;;
update_da) skip_webapps_toggle ;;
list_configs_json) skip_webapps_toggle ;;
settings_json) skip_webapps_toggle ;;
get_timezone) skip_webapps_toggle ;;
custom_config) skip_webapps_toggle ;;
set_versions_txt) skip_webapps_toggle ;;
show_component_config) skip_webapps_toggle ;;
remove_customized_config) skip_webapps_toggle ;;
show_file) skip_webapps_toggle ;;
check_options) skip_webapps_toggle ;;
update) skip_webapps_toggle ;;
update_data) skip_webapps_toggle ;;
gen_help_json) skip_webapps_toggle ;;
versions_json) skip_webapps_toggle ;;
versions_ajax) skip_webapps_toggle ;;
versions_nobold) skip_webapps_toggle ;;
versions) skip_webapps_toggle ;;
gen_help) skip_webapps_toggle ;;
list_removals) skip_webapps_toggle ;;
list_removals_json) skip_webapps_toggle ;;
remove_items) skip_webapps_toggle ;;
esac
if [ "${SKIP_WEBAPPS_SECTION}" = "0" ]; then
# Check for webapps user
if [ `grep -c -m1 -e "^${APPUSER}:" /etc/passwd` = "0" ]; then
if [ -e /etc/debian_version ]; then
/usr/sbin/adduser --system --group --firstuid 100 --home ${WWWDIR} --no-create-home --disabled-login --force-badname ${APPUSER}
else
/usr/sbin/useradd -d ${WWWDIR} -s /bin/false ${APPUSER} 2> /dev/null
fi
fi
####################################################
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
# Do we have httpd-phpmodules.conf line?
NEWCONFIGS=1
if [ -e ${HTTPD_CONF} ]; then
if [ "`grep -m1 -c -e '/etc/httpd/conf/extra/httpd-phpmodules.conf' ${HTTPD_CONF}`" = "0" ]; then
NEWCONFIGS=0
fi
fi
fi
fi
####################################################
logrotate_ver() {
LOGROTATE_BIN=/usr/sbin/logrotate
if [ ! -x ${LOGROTATE_BIN} ]; then
echo "0.0.0"
fi
${LOGROTATE_BIN} -v 2>&1 | head -n1 | cut -d\ -f2
}
ensure_webapps_logrotate() {
cd ${CWD}
WL=/etc/logrotate.d/webapps
if [ ! -s ${WL} ]; then
getFile webapps.logrotate webapps_logrotate
CWL=${CWD}/webapps.logrotate
if [ ! -s ${CWL} ]; then
echo "Download of $CWL failed"
return
fi
cp -f ${CWL} ${WL}
chmod 644 ${WL}
fi
if grep -q 'su apache webapps' ${WL}; then
perl -pi -e 's/su apache webapps/su webapps webapps/' ${WL}
fi
if [ "${PHP1_MODE_OPT}" = "mod_php" ] && [ "${MOD_RUID2_OPT}" = "no" ]; then
#new logrotate and php as 'apache' shoud use su apache apache.
perl -pi -e 's/su webapps webapps/su apache apache/' ${WL}
else
#backup in case mod_php was used before
perl -pi -e 's/su apache apache/su webapps webapps/' ${WL}
fi
#this should comment out the su regardless of the php type. eg: breaks logrotate if su is present for old logrotate and php-fpm
LR_V=`logrotate_ver`
if [ "`version_cmp ${LR_V} 3.8.0 'logrotate version check'`" -ge 0 ]; then
perl -pi -e 's/#su /su /' ${WL}
else
perl -pi -e 's/\tsu /\t#su /' ${WL}
fi
}
####################################################
ensure_webapps_php_ini() {
WEBAPPS_INI=/usr/local/php${PHP1_SHORTRELEASE}/lib/php.conf.d/50-webapps.ini
mkdir -p /usr/local/php${PHP1_SHORTRELEASE}/lib/php.conf.d
if [ -e ${PHP_CUSTOM_PHP_CONF_D_INI_PATH}/50-webapps.ini ]; then
echo "Using custom ${PHP_CUSTOM_PHP_CONF_D_INI_PATH}/50-webapps.ini for ${WEBAPPS_INI}"
cp -f ${PHP_CUSTOM_PHP_CONF_D_INI_PATH}/50-webapps.ini ${WEBAPPS_INI}
else
echo "[PATH=${WWWDIR}]" > ${WEBAPPS_INI}
echo "session.save_path=${APP_TMP}" >> ${WEBAPPS_INI}
echo "upload_tmp_dir=${APP_TMP}" >> ${WEBAPPS_INI}
echo "disable_functions=exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname" >> ${WEBAPPS_INI}
fi
}
ensure_webapps_tmp() {
if [ ! -d ${APP_TMP} ]; then
mkdir -p ${APP_TMP}
fi
chmod 770 ${APP_TMP}
chown ${APPUSER}:${APPGROUP} ${APP_TMP}
ensure_webapps_php_ini
}
####################################################
dophpMyAdmin() {
if [ "${PHPMYADMIN_OPT}" != "yes" ]; then
do_exit 1 "You cannot install phpMyAdmin, because you do not have it set in options.conf file."
fi
if [ "`version_cmp ${PHPMYADMIN_VER} 4.7.0 'pma ver check for PHPMYADMIN_REMOTE_PATCH'`" -ge 0 ]; then
PHPMYADMIN_REMOTE_PATCH=pma_auth_logging-4.7.patch
fi
ensure_webapps_logrotate
cd ${CWD}
if [ ! -d ${WWWDIR} ]; then
echo "${WWWDIR} does not exist."
do_exit 0
fi
initMySQL
PMA_45_PHP_55_DROP=4.4.15-all-languages
PMA_52_PHP_71_DROP=5.1.3-all-languages
if [ ! -s "$MYSQL_BIN" ]; then
echo "${boldon}phpMyAdmin requires mysqld. Cannot find $MYSQL_BIN${boldoff}"
return
fi
if [ "`version_cmp ${PHPMYADMIN_VER} 4.5.0 'pma4.5 ver check'`" -ge 0 ]; then
#also requires mYSQL 5.5, but the above check handles that, and would have already lowered the PMA_V.
if [ "`version_cmp ${PHP1_RELEASE_OPT} 5.5 'pma4.5 php check'`" -lt 0 ]; then
echo "${boldon}phpMyAdmin ${PHPMYADMIN_VER} requires PHP 5.5+, but ${PHP1_RELEASE_OPT} is installed${boldoff}"
echo "${boldon}Dropping phpMyAdmin version down to ${PMA_45_PHP_55_DROP}${boldoff}"
PHPMYADMIN_VER=${PMA_45_PHP_55_DROP}
PHPMYADMIN_VER_OPT=old
PHPMYADMIN_REMOTE_PATCH=pma_auth_logging.patch
fi
fi
if [ "`version_cmp ${PHPMYADMIN_VER} 5.2.0 'pma5.2 ver check'`" -ge 0 ]; then
#also requires mYSQL 5.5, but the above check handles that, and would have already lowered the PMA_V.
if [ "`version_cmp ${PHP1_RELEASE_OPT} 7.2 'pma5.2 php check'`" -lt 0 ]; then
echo "${boldon}phpMyAdmin ${PHPMYADMIN_VER} requires PHP 7.2+, but ${PHP1_RELEASE_OPT} is installed${boldoff}"
echo "${boldon}Dropping phpMyAdmin version down to ${PMA_52_PHP_71_DROP}${boldoff}"
PHPMYADMIN_VER=${PMA_52_PHP_71_DROP}
PHPMYADMIN_VER_OPT=old
PHPMYADMIN_REMOTE_PATCH=pma_auth_logging.patch
fi
fi
if [ "`version_cmp ${PHPMYADMIN_VER} 5.0.0 'pma5.0 ver check'`" -ge 0 ]; then
#also requires mYSQL 5.5, but the above check handles that, and would have already lowered the PMA_V.
if [ "`version_cmp ${PHP1_RELEASE_OPT} 7.1 'pma5.0 php check'`" -lt 0 ]; then
echo "${boldon}phpMyAdmin ${PHPMYADMIN_VER} requires PHP 7.1+, but ${PHP1_RELEASE_OPT} is installed${boldoff}"
PHPMYADMIN_VER=`getVer phpmyadmin4`
echo "${boldon}Dropping phpMyAdmin version down to ${PHPMYADMIN_VER}${boldoff}"
PHPMYADMIN_VER_OPT=old
PHPMYADMIN_REMOTE_PATCH=pma_auth_logging.patch
fi
fi
TARFILE=${WORKDIR}/phpMyAdmin-${PHPMYADMIN_VER}.tar.gz
REALPATH=${WWWDIR}/phpMyAdmin-${PHPMYADMIN_VER}
ALIASPATH=${WWWDIR}/phpMyAdmin
CONFIG=${REALPATH}/config.inc.php
WEBFILE=${WEBPATH_SERVICES}/all/phpMyAdmin/phpMyAdmin-${PHPMYADMIN_VER}.tar.gz
PMA_NAME="phpmyadmin${PHPMYADMIN_VER_OPT}"
getFile phpMyAdmin/phpMyAdmin-${PHPMYADMIN_VER}.tar.gz ${PMA_NAME} phpMyAdmin-${PHPMYADMIN_VER}.tar.gz
if [ ! -s ${TARFILE} ]; then
echo "The phpMyAdmin package cannot be found. Please ensure that the paths are correct"
do_exit 0
fi
tar xzf ${TARFILE} --no-same-owner -C ${WWWDIR}
PHPMYADMIN_AUTOLOGIN=0
#SSO plugin
if [ -x ${DA_BIN} ] && [ -s ${DACONF_FILE} ]; then
if ${DA_BIN} c | grep -m1 -q '^one_click_pma_login=1$'; then
PMA_DIRECT_LOGIN_VER=`getVer pma_direct_login`
PMA_DIRECT_LOGIN="phpMyAdmin_direct_login-${PMA_DIRECT_LOGIN_VER}.tar.gz"
cd ${REALPATH}
safeDownloadWithMove "${REALPATH}/${PMA_DIRECT_LOGIN}" "${WEBPATH_SERVICES}/all/auto_login/phpMyAdmin/${PMA_DIRECT_LOGIN}"
tar xzf ${PMA_DIRECT_LOGIN}
chown -R webapps:webapps direct_login
chmod 711 direct_login
chmod 700 direct_login/tokens
if [ "${MYSQLHOST}" != "localhost" ]; then
perl -pi -e "s#host = 'localhost'#host = '${MYSQLHOST}'#" direct_login/index.php
fi
cd ${CWD}
PHPMYADMIN_AUTOLOGIN=1
elif [ -d ${REALPATH}/direct_login ]; then
rm -rf ${REALPATH}/direct_login
fi
fi
if [ -s ${PMA_MAIN_CONFIG} ]; then
PMA_CONF_MD5=`/usr/bin/md5sum ${PMA_MAIN_CONFIG} | cut -d\ -f1`
if [ "${PMA_CONF_MD5}" = "1289b44793c91dfa7f6b6512ec94d600" ]; then
echo "Deleting ${PMA_MAIN_CONFIG}";
rm -f ${PMA_MAIN_CONFIG}
fi
fi
if [ "${PMA_CUSTOM_CONFIG}" != "" ] && [ -e ${PMA_CUSTOM_CONFIG} ]; then
echo "Installing custom PhpMyAdmin Config: ${PMA_CUSTOM_CONFIG}"
cp -f ${PMA_CUSTOM_CONFIG} ${REALPATH}/config.inc.php
else
cp -f ${PMA_MAIN_CONFIG} ${REALPATH}/config.inc.php
BLOWFISH_SECRET="`tr -cd 'a-zA-Z0-9' < /dev/urandom 2>/dev/null | head -c32`"
perl -pi -e "s|^\\\$cfg\['blowfish_secret'\] \= ''|\\\$cfg['blowfish_secret'] = '${BLOWFISH_SECRET}'|g" ${REALPATH}/config.inc.php
if [ "${PHPMYADMIN_AUTOLOGIN}" = "0" ]; then
perl -pi -e "s#\['auth_type'\] = 'cookie'#\['auth_type'\] = 'http'#" ${REALPATH}/config.inc.php
else
if [ "${PHPMYADMIN_PUBLIC_OPT}" = "no" ]; then
if [ "${PHP1_RELEASE_OPT}" = "5.3" ]; then
APPEND=""
else
APPEND="http_response_code\(403\)\;\n\t"
fi
perl -pi -e "s#\\\$cfg\['Servers'\]\[\\\$i\]\['auth_type'\] = 'cookie'#${APPEND}die(\"Access to phpMyAdmin is only allowed from control panel.\"\)#" ${REALPATH}/config.inc.php
fi
fi
perl -pi -e "s#\['extension'\] = 'mysql'#\['extension'\] = 'mysqli'#" ${REALPATH}/config.inc.php
fi
perl -pi -e "s#\['host'\] = 'localhost'#\['host'\] = '${MYSQLHOST}'#" ${REALPATH}/config.inc.php
perl -pi -e "s#\['host'\] = ''#\['host'\] = '${MYSQLHOST}'#" ${REALPATH}/config.inc.php
if [ "`version_cmp ${PHPMYADMIN_VER} 4.8.0 'pma4.8 ver check'`" -ge 0 ]; then
C=`grep -c AuthLog ${REALPATH}/config.inc.php`
if [ "${C}" = "0" ]; then
#add AuthLog to the config.
echo "Adding AuthLog to ${REALPATH}/config.inc.php"
echo "\$cfg['AuthLog'] = '/var/www/html/phpMyAdmin/log/auth.log';" >> ${REALPATH}/config.inc.php
fi
#and check the brute_filter.list for phpmyadmin3. pma4 comes with DA 1.53.1, so no need to add it.
BFL=/usr/local/directadmin/data/templates/brute_filter.list
C=`grep -c ^phpmyadmin3= ${BFL}`
if [ "${C}" = "0" ]; then
echo "Adding phpmyadmin3 to ${BFL}"
echo "phpmyadmin3=ip_after=%20from%20'&ip_until='&text=phpmyadmin:%20user%20denied:%20&user_after=user%20denied:%20'&user_until='%20(mysql-denied)" >> ${BFL}
fi
if ! grep -m1 -q 'PmaNoRelation_DisableWarning' ${REALPATH}/config.inc.php; then
#add PmaNoRelation_DisableWarning to the config.
echo "Adding PmaNoRelation_DisableWarning to ${REALPATH}/config.inc.php"
echo "\$cfg['PmaNoRelation_DisableWarning'] = true;" >> ${REALPATH}/config.inc.php
fi
fi
if [ -e ${PMA_HTACCESS} ]; then
echo "Installing custom PhpMyAdmin .htaccess: ${PMA_HTACCESS}"
cp -f ${PMA_HTACCESS} ${REALPATH}/.htaccess
fi
if [ -e ${PMA_USER_INI} ]; then
echo "Installing custom PhpMyAdmin .user.ini: ${PMA_USER_INI}"
cp -f ${PMA_USER_INI} ${REALPATH}/.user.ini
fi
if [ -d ${PMA_THEMES} ]; then
echo "Installing custom PhpMyAdmin themes: ${PMA_THEMES}"
cp -Rf ${PMA_THEMES} ${REALPATH}
fi
rm -f ${ALIASPATH} >/dev/null 2>&1
ln -s ${REALPATH} ${ALIASPATH}
if [ ! -d ${REALPATH}/log ]; then
mkdir -p ${REALPATH}/log
fi
chown -f -R ${APPUSER}:${APPUSER} ${REALPATH}
chown -h ${APPUSER}:${APPUSER} ${ALIASPATH}
chmod -f 755 ${REALPATH}
if [ -d ${REALPATH}/log ]; then
chmod 710 ${REALPATH}/log
fi
if [ -d ${REALPATH}/scripts ]; then
chmod 000 ${REALPATH}/scripts
fi
if [ -d ${REALPATH}/setup ]; then
chmod 000 ${REALPATH}/setup
fi
#secure configuration file
if [ -s ${REALPATH}/config.inc.php ]; then
chmod 440 ${REALPATH}/config.inc.php
chown ${APPUSER}:${APPGROUP} ${REALPATH}/config.inc.php
fi
if [ "`version_cmp ${PHPMYADMIN_VER} 4.9.3 'pma9.3 ver check'`" -lt 0 ]; then
getFile patches/${PHPMYADMIN_REMOTE_PATCH} ${PHPMYADMIN_REMOTE_PATCH} patches/${PHPMYADMIN_REMOTE_PATCH} hexan
if [ -e patches/${PHPMYADMIN_REMOTE_PATCH} ]; then
echo "Patching phpMyAdmin to log failed authentications for BFM..."
cd ${REALPATH}
patch -p0 < ${WORKDIR}/patches/${PHPMYADMIN_REMOTE_PATCH}
fi
fi
PMAHTA=${REALPATH}/log/.htaccess
if [ ! -s ${PMAHTA} ]; then
echo '<ifModule mod_authz_core.c>' > ${PMAHTA}
echo ' Require all denied' >> ${PMAHTA}
echo '</ifModule>' >> ${PMAHTA}
echo '<ifModule !mod_authz_core.c>' >> ${PMAHTA}
echo ' Deny from all' >> ${PMAHTA}
echo '</ifModule>' >> ${PMAHTA}
fi
if [ -d ${REALPATH}/log ]; then
if [ "${PHP1_MODE_OPT}" = "mod_php" ] && [ "${MOD_RUID2_OPT}" = "no" ]; then
chown -R apache:apache ${REALPATH}/log
fi
fi
ensure_webapps_tmp
echo "phpMyAdmin ${PHPMYADMIN_VER} installation is done."
writeLog "dophpMyAdmin: installed version ${PHPMYADMIN_VER}"
cd ${CWD}
}
####################################################
doRemovephpMyAdmin() {
if [ "${PHPMYADMIN_OPT}" != "no" ]; then
do_exit 1 "Cannot remove phpMyAdmin, because it is enabled in options.conf file."
fi
remove_file /var/www/html/phpmyadmin
remove_file /var/www/html/phpMyAdmin
echo "Removing all phpMyAdmin directories from /var/www/html..."
find /var/www/html -maxdepth 1 -name 'phpMyAdmin-*' -print -exec rm -rf {} \;
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "phpMyAdmin has been successfully removed."
writeLog "doRemovephpMyAdmin: phpMyAdmin removed"
}
####################################################
doSquirrelmail() {
if [ "${SQUIRRELMAIL_OPT}" != "yes" ]; then
do_exit 1 "You cannot install Squirrelmail, because you do not have it set in options.conf file."
fi
ensure_webapps_logrotate
cd ${CWD}
if [ ! -d ${WWWDIR} ]; then
echo "${WWWDIR} does not exist."
do_exit 0
fi
TARFILE=${WORKDIR}/squirrelmail-${SQUIRRELMAIL_VER}.tar.gz
LOCALEFILE=${WORKDIR}/all_locales-${SQUIRRELMAIL_LOCALE_VER}.tar.gz
LOGGERFILE=${WORKDIR}/squirrel_logger-${SQUIRRELMAIL_LOGGER_VER}.tar.gz
REALPATH=${WWWDIR}/squirrelmail-${SQUIRRELMAIL_VER}
ALIASPATH=${WWWDIR}/squirrelmail
CONFIG=${REALPATH}/config/config.php
if [ ! -s ${TARFILE} ]; then
safeDownloadWithMove "${TARFILE}" "${WEBPATH_SERVICES}/all/squirrelmail-${SQUIRRELMAIL_VER}.tar.gz"
fi
if [ ! -s ${TARFILE} ]; then
echo "The squirrelmail package cannot be found. Please ensure that the paths are correct"
do_exit 0
fi
if [ ! -s ${LOCALEFILE} ]; then
safeDownloadWithMove "${LOCALEFILE}" "${WEBPATH_SERVICES}/all/squirrelmail/locales/all_locales-${SQUIRRELMAIL_LOCALE_VER}.tar.gz"
fi
if [ ! -s ${LOGGERFILE} ]; then
safeDownloadWithMove "${LOGGERFILE}" "${WEBPATH_SERVICES}/all/squirrelmail/squirrel_logger/squirrel_logger-${SQUIRRELMAIL_LOGGER_VER}.tar.gz"
fi
#Extract the file
tar xzf ${TARFILE} --no-same-owner -C ${WWWDIR}
#install locales
tar xzf ${LOCALEFILE} --no-same-owner -C ${REALPATH}
#install logger
tar xzf ${LOGGERFILE} --no-same-owner -C ${REALPATH}/plugins
#this bit is to copy all of the preious setup to the new setup
if [ -e ${ALIASPATH} ]; then
cp -fR ${ALIASPATH}/data ${REALPATH}
fi
#link it from a fake path:
/bin/rm -f ${ALIASPATH}
/bin/ln -sf squirrelmail-${SQUIRRELMAIL_VER} ${ALIASPATH}
chown -h ${APPUSER}:${APPUSER} ${ALIASPATH}
if [ -d ${REALPATH}/plugins/squirrel_logger ]; then
if [ ! -e ${REALPATH}/plugins/squirrel_logger/config.php ] && [ -e ${REALPATH}/plugins/squirrel_logger/config_example.php ]; then
echo "Setting up SquirrelMail logger configuration file"
cp -fp ${REALPATH}/plugins/squirrel_logger/config_example.php ${REALPATH}/plugins/squirrel_logger/config.php
fi
fi
#install the proper config:
if [ -e ${SQUIRREL_CONFIG} ]; then
echo "Installing custom SquirrelMail Config: ${SQUIRREL_CONFIG}"
/bin/cp -f ${SQUIRREL_CONFIG} ${CONFIG}
else
echo "Setting up SquirrelMail Config"
/bin/cp -f ${REALPATH}/config/config_default.php ${CONFIG}
#IMAP folders
if [ "${WEBAPPS_INBOX_PREFIX_OPT}" = "no" ]; then
/usr/bin/perl -pi -e "s/\$trash_folder = 'INBOX.Trash'/\$trash_folder = 'Trash'/" ${CONFIG}
/usr/bin/perl -pi -e "s/\$sent_folder = 'INBOX.Sent'/\$sent_folder = 'Sent'/" ${CONFIG}
/usr/bin/perl -pi -e "s/\$draft_folder = 'INBOX.Drafts'/\$draft_folder = 'Drafts'/" ${CONFIG}
fi
/usr/bin/perl -pi -e 's/\$force_username_lowercase = false/\$force_username_lowercase = true/' ${CONFIG}
/usr/bin/perl -pi -e "s/\'example.com\';/\\$\_SERVER\[\'HTTP_HOST\'\];\nwhile \(sizeof\(explode\(\'\.\', \\$\domain\)\) \> 2) {\n\t\\$\domain = substr(\\$\domain, strpos\(\\$\domain, \'\.\'\) \+ 1\);\n\}/" ${CONFIG}
/usr/bin/perl -pi -e 's/\$show_contain_subfolders_option = false/\$show_contain_subfolders_option = true/' ${CONFIG}
/usr/bin/perl -pi -e 's/\$allow_thread_sort = false/\$allow_thread_sort = true/' ${CONFIG}
/usr/bin/perl -pi -e 's/\$allow_server_sort = false/\$allow_server_sort = true/' ${CONFIG}
/usr/bin/perl -pi -e 's#/var/local/squirrelmail/data/#/var/www/html/squirrelmail/data/#' ${CONFIG}
/usr/bin/perl -pi -e 's#/var/local/squirrelmail/attach/#/var/www/html/squirrelmail/data/#' ${CONFIG}
#we want it to use port 587 and use smtp auth.
/usr/bin/perl -pi -e 's/\$smtpPort = 25/\$smtpPort = 587/' ${CONFIG}
/usr/bin/perl -pi -e "s#\$smtp_auth_mech = \'none\'#\$smtp_auth_mech = \'login\'#" ${CONFIG}
#enable the plugins
/usr/bin/perl -pi -e "s/Add list of enabled plugins here/Add list of enabled plugins here\n\\$\plugins\[0\] = \'spamcop\';\n\\$\plugins\[1\] = \'filters\';\n\\$\plugins\[2\] = \'squirrel_logger\';\n\\$\plugins\[3\] = \'squirrelspell\';/" ${CONFIG}
fi
/usr/bin/perl -pi -e 's/\$allow_charset_search = true;/\$allow_charset_search = false;/' ${CONFIG}
#set the permissions:
/bin/chmod -R 755 ${REALPATH}
chown -R ${APPUSER}:${APPUSER} ${REALPATH}
/bin/chmod -R 770 ${REALPATH}/data
if [ "${PHP1_MODE_OPT}" = "mod_php" ] && [ "${MOD_RUID2_OPT}" = "no" ]; then
chown -R apache:${APPUSER} ${REALPATH}/data
fi
ensure_webapps_tmp
echo "SquirrelMail ${SQUIRRELMAIL_VER} installation is done."
writeLog "squirrelmail ${SQUIRRELMAIL_VER} installed"
}
####################################################
doRemoveSquirrelmail() {
if [ "${SQUIRRELMAIL_OPT}" != "no" ]; then
do_exit 1 "Cannot remove SquirrelMail webmail, because it is enabled in options.conf file."
fi
remove_file /var/www/html/squirrelmail
echo "Removing all squirrelmail directories from /var/www/html..."
find /var/www/html -maxdepth 1 -name 'squirrelmail-*' -print -exec rm -rf {} \;
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "SquirrelMail has been successfully removed."
writeLog "squirrelmail removed"
}
####################################################
have_sql_user() {
SQL_USER=$1
SQL_HOST=$2
mysql --defaults-extra-file=${DA_MY_CNF} -sse "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = '$SQL_USER' AND host = '$SQL_HOST');" --host=${MYSQLHOST} 2>&1
}
ensure_sql_user() {
SQL_USER=$1
SQL_HOST=$2
SQL_PASS=$3
SQL_DB=$4
HAVE_SQL_USER=`have_sql_user "$SQL_USER" "$SQL_HOST"`
MYSQLV=`mysql_main`
echo "Found MySQL version $MYSQLV"
USE_NEW_SET_PASSWORD=1
INDENTIFIED_WITH_STRING="IDENTIFIED"
#for MySQL 8.0, SET PASSWORD doesn't specify PASSWORD()
if [ "${MYSQLV}" = "5.5" ] || [ "${MYSQLV}" = "5.6" ]; then
USE_NEW_SET_PASSWORD=0
INDENTIFIED_WITH_STRING="IDENTIFIED"
elif [ "${MYSQLV}" = "5.7" ]; then
INDENTIFIED_WITH_STRING="IDENTIFIED"
elif [ "`has_mariadb`" = "1" ]; then
if [ "${MYSQLV}" != "10.3" ] && [ "${MYSQLV}" != "10.4" ] && [ "${MYSQLV}" != "10.5" ] && [ "${MYSQLV}" != "10.6" ]; then
USE_NEW_SET_PASSWORD=0
fi
INDENTIFIED_WITH_STRING="IDENTIFIED"
else
INDENTIFIED_WITH_STRING="IDENTIFIED WITH mysql_native_password"
fi
if [ "${HAVE_SQL_USER}" != "1" ]; then
echo "Creating User: CREATE USER '${SQL_USER}'@'${SQL_HOST}' ${INDENTIFIED_WITH_STRING} BY '${SQL_PASS}';"
mysql --defaults-extra-file=${DA_MY_CNF} -e "CREATE USER '${SQL_USER}'@'${SQL_HOST}' ${INDENTIFIED_WITH_STRING} BY '${SQL_PASS}';" --host=${MYSQLHOST} 2>&1
fi
echo "Granting access: GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER,LOCK TABLES,INDEX,REFERENCES ON ${SQL_DB}.* TO '${SQL_USER}'@'${SQL_HOST}';"
mysql --defaults-extra-file=${DA_MY_CNF} -e "GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,ALTER,LOCK TABLES,INDEX,REFERENCES ON ${SQL_DB}.* TO '${SQL_USER}'@'${SQL_HOST}';" --host=${MYSQLHOST} 2>&1
if [ "${USE_NEW_SET_PASSWORD}" = "1" ]; then
echo "Setting password: ALTER USER '${SQL_USER}'@'${SQL_HOST}' ${INDENTIFIED_WITH_STRING} BY '${SQL_PASS}';"
mysql --defaults-extra-file=${DA_MY_CNF} -e "ALTER USER '${SQL_USER}'@'${SQL_HOST}' ${INDENTIFIED_WITH_STRING} BY '${SQL_PASS}';" --host=${MYSQLHOST} 2>&1
else
echo "Setting password: SET PASSWORD FOR '${SQL_USER}'@'${SQL_HOST}' = PASSWORD('${SQL_PASS}');"
mysql --defaults-extra-file=${DA_MY_CNF} -e "SET PASSWORD FOR '${SQL_USER}'@'${SQL_HOST}' = PASSWORD('${SQL_PASS}');" --host=${MYSQLHOST} 2>&1
fi
}
doCustombuildPlugin() {
if [ "${CUSTOMBUILD_PLUGIN_OPT}" != "yes" ]; then
do_exit 1 "You cannot install CustomBuild plugin, because you do not have it set in options.conf file."
fi
cd ${CWD}
mkdir -p /usr/local/directadmin/plugins/custombuild
chown diradmin:diradmin /usr/local/directadmin/plugins
chmod 711 /usr/local/directadmin/plugins
chown diradmin:diradmin /usr/local/directadmin/plugins/custombuild
safeDownloadWithMove "${CWD}/custombuild_plugin.tar.gz" "${WEBPATH}/plugin/custombuild.tar.gz"
tar xzf custombuild_plugin.tar.gz -C /usr/local/directadmin/plugins/custombuild
/usr/local/directadmin/plugins/custombuild/scripts/install.sh
rm -f custombuild_plugin.tar.gz
}
doroundcube() {
if [ "${ROUNDCUBE_OPT}" != "yes" ]; then
do_exit 1 "You cannot install RoundCube webmail, because you do not have it set in options.conf file."
fi
MYSQLV="`mysql_main`"
OLD_MYSQL=false
if [ "`version_cmp ${ROUNDCUBE_VER} 1.5.0 'RC 1.5.0 MySQL cersion check'`" -ge 0 ]; then
if [ "`has_mariadb`" = "1" ]; then
if [ "${MYSQLV}" = "5.5" ] || [ "${MYSQLV}" = "10.0" ] || [ "${MYSQLV}" = "10.1" ]; then
OLD_MYSQL=true
fi
elif [ "${MYSQLV}" = "5.5" ] || [ "${MYSQLV}" = "5.6" ]; then
OLD_MYSQL=true
fi
fi
if ${OLD_MYSQL}; then
if ! grep -m1 -q 'innodb_file_format=Barracuda' /etc/my.cnf 2>/dev/null; then
echo "${boldon}RoundCube ${ROUNDCUBE_VER} requires newer version of ${MYSQLNAME} than ${MYSQLV}, alternatively, the following my.cnf configuration can be set:${boldoff}"
echo "innodb_large_prefix=1"
echo "innodb_file_per_table=1"
echo "innodb_file_format=Barracuda"
exit 1
fi
fi
ensure_webapps_logrotate
initMySQL
if [ "`version_cmp ${ROUNDCUBE_VER} 1.3.0 'RC 1.3.0 php 5.3 check'`" -ge 0 ]; then
#RC 1.3.0+ will not run on php 5.3 or older.
if [ "${PHP1_RELEASE_OPT}" = "5.3" ]; then
echo "${boldon}RoundCube ${ROUNDCUBE_VER} cannot run on php 5.3 or older. Downgrading RC to 1.2.5${boldoff}";
ROUNDCUBE_VER=1.2.5
fi
fi
if [ "`version_cmp ${ROUNDCUBE_VER} 1.5.3 'RC 1.5.3 php 5.6 check'`" -ge 0 ]; then
#RC 1.5.3+ will not run on php 5.5 or older.
if [ "${PHP1_RELEASE_OPT}" = "5.4" ] || [ "${PHP1_RELEASE_OPT}" = "5.5" ]; then
echo "${boldon}RoundCube ${ROUNDCUBE_VER} cannot run on php 5.5 or older. Downgrading RC to 1.5.2${boldoff}";
ROUNDCUBE_VER=1.5.2
fi
fi
if [ "`version_cmp ${ROUNDCUBE_VER} 1.6.0 'RC 1.6.0 php 7.3 check'`" -ge 0 ]; then
#RC 1.6.0+ will not run on php 7.3 or older.
if [ "${PHP1_RELEASE_OPT}" = "5.6" ] || [ "${PHP1_RELEASE_OPT}" = "7.0" ] || [ "${PHP1_RELEASE_OPT}" = "7.1" ] || [ "${PHP1_RELEASE_OPT}" = "7.2" ]; then
echo "${boldon}RoundCube ${ROUNDCUBE_VER} cannot run on php 7.3 or older. Downgrading RC to 1.5.3${boldoff}";
ROUNDCUBE_VER=1.5.3
fi
fi
cd ${CWD}
TARFILE=${WORKDIR}/roundcubemail-${ROUNDCUBE_VER}.tar.gz
REALPATH=${WWWDIR}/roundcubemail-${ROUNDCUBE_VER}
ALIASPATH=${WWWDIR}/roundcube
if [ "${ROUNDCUBE_MAJOR_VER}" != "0" ]; then
if [ -s ${ROUNDCUBE_CONFIG_OLD} ] || [ -s ${ROUNDCUBE_CONFIG_DB_OLD} ]; then
echo "Please remove RoundCube 0.x custom configuration files if you would like to upgrade it. The following files should not be used anymore: ${ROUNDCUBE_CONFIG_OLD}, ${ROUNDCUBE_CONFIG_DB_OLD}. Please use config.inc.php as a new custom RoundCube configuration file."
return
fi
fi
HTTPPATH=${WEBPATH_SERVICES}/all/roundcube
# variables for the database:
ROUNDCUBE_DB=da_roundcube
ROUNDCUBE_DB_USER=da_roundcube
ROUNDCUBE_DB_PASS=`random_pass`
ROUNDCUBE_DES_KEY=`random_pass 24`
ROUNDCUBE_MY_CNF=${REALPATH}/config/my.cnf
getFile all/roundcube/roundcubemail-${ROUNDCUBE_VER}.tar.gz "" roundcubemail-${ROUNDCUBE_VER}.tar.gz
if [ ! -s ${TARFILE} ]; then
echo "Cannot download roundcubemail-${ROUNDCUBE_VER}"
do_exit 0
fi
#Extract the file
tar xzf ${TARFILE} --no-same-owner -C ${WWWDIR}
if [ ! -e ${REALPATH} ]; then
do_exit 1 "Directory ${REALPATH} does not exist"
fi
if [ -e ${ALIASPATH} ]; then
if [ -d ${ALIASPATH}/logs ]; then
cp -fR ${ALIASPATH}/logs ${REALPATH} >/dev/null 2>&1
fi
if [ -d ${ALIASPATH}/temp ]; then
cp -fR ${ALIASPATH}/temp ${REALPATH} >/dev/null 2>&1
fi
fi
#link it from a fake path:
/bin/rm -f ${ALIASPATH}
/bin/ln -sf roundcubemail-${ROUNDCUBE_VER} ${ALIASPATH}
chown -h ${APPUSER}:${APPUSER} ${ALIASPATH}
cd ${REALPATH}
if [ -d logs ]; then
chmod 710 logs
fi
if [ ${ROUNDCUBE_MAJOR_VER} -eq 0 ]; then
EDIT_CONFIG=main.inc.php
CONFIG_DIST=main.inc.php.dist
EDIT_DB=db.inc.php
DB_DIST=db.inc.php.dist
else
EDIT_CONFIG=config.inc.php
CONFIG_DIST=config.inc.php.sample
EDIT_DB=${EDIT_CONFIG}
DB_DIST=${CONFIG_DIST}
fi
MYSQLSHOW=/usr/bin/mysqlshow
if [ ! -e ${MYSQLSHOW} ]; then
MYSQLSHOW=/usr/local/mysql/bin/mysqlshow
fi
#insert data to mysql and create database/user for roundcube:
if ! ${MYSQLSHOW} --defaults-extra-file=${DA_MY_CNF} --host=${MYSQLHOST} | grep -m1 -q ' da_roundcube '; then
if [ -d SQL ]; then
echo "Inserting data to mysql and creating database/user for roundcube..."
mysql --defaults-extra-file=${DA_MY_CNF} -e "CREATE DATABASE ${ROUNDCUBE_DB};" --host=${MYSQLHOST} 2>&1
ensure_sql_user "${ROUNDCUBE_DB_USER}" "${MYSQL_ACCESS_HOST}" "${ROUNDCUBE_DB_PASS}" "${ROUNDCUBE_DB}"
if [ "${MYSQLHOST}" != "localhost" ]; then
for access_host_ip in `grep '^access_host.*=' ${DA_MYSQL} | cut -d= -f2`; do {
ensure_sql_user "${ROUNDCUBE_DB_USER}" "${access_host_ip}" "${ROUNDCUBE_DB_PASS}" "${ROUNDCUBE_DB}"
}; done
fi
rm -f ${ROUNDCUBE_MY_CNF}
ensure_my_cnf ${ROUNDCUBE_MY_CNF} "${ROUNDCUBE_DB_USER}" "${ROUNDCUBE_DB_PASS}"
mysql --defaults-extra-file=${ROUNDCUBE_MY_CNF} -e "use ${ROUNDCUBE_DB}; source SQL/mysql.initial.sql;" --host=${MYSQLHOST} 2>&1
echo "Database created, ${ROUNDCUBE_DB_USER} password is ${ROUNDCUBE_DB_PASS}"
else
echo "Cannot find SQL directory in roundcubemail-${ROUNDCUBE_VER}"
do_exit 0
fi
else
if [ -e ${ROUNDCUBE_CONFIG_DB} ]; then
COUNT_MYSQL=`grep -m1 -c 'mysql://' ${ROUNDCUBE_CONFIG_DB}`
if [ ${COUNT_MYSQL} -gt 0 ]; then
PART1="`grep -m1 "\$config\['db_dsnw'\]" ${ROUNDCUBE_CONFIG_DB} | awk '{print $3}' | cut -d\@ -f1 | cut -d'/' -f3`"
ROUNDCUBE_DB_USER="`echo ${PART1} | cut -d\: -f1`"
ROUNDCUBE_DB_PASS="`echo ${PART1} | cut -d\: -f2`"
PART2="`grep -m1 "\$config\['db_dsnw'\]" ${ROUNDCUBE_CONFIG_DB} | awk '{print $3}' | cut -d\@ -f2 | cut -d\' -f1`"
MYSQL_ACCESS_HOST="`echo ${PART2} | cut -d'/' -f1`"
ROUNDCUBE_DB="`echo ${PART2} | cut -d'/' -f2`"
fi
fi
ensure_sql_user "${ROUNDCUBE_DB_USER}" "${MYSQL_ACCESS_HOST}" "${ROUNDCUBE_DB_PASS}" "${ROUNDCUBE_DB}"
if [ "${MYSQLHOST}" != "localhost" ]; then
for access_host_ip in `grep '^access_host.*=' ${DA_MYSQL} | cut -d= -f2`; do {
ensure_sql_user "${ROUNDCUBE_DB_USER}" "${access_host_ip}" "${ROUNDCUBE_DB_PASS}" "${ROUNDCUBE_DB}"
}; done
fi
#in case anyone uses it for backups
rm -f ${ROUNDCUBE_MY_CNF}
ensure_my_cnf ${ROUNDCUBE_MY_CNF} "${ROUNDCUBE_DB_USER}" "${ROUNDCUBE_DB_PASS}"
fi
#password plugin pre-configuration
if [ -e ${REALPATH}/plugins/password ]; then
cd ${REALPATH}/plugins/password
if [ ! -e config.inc.php ]; then
cp config.inc.php.dist config.inc.php
fi
/usr/bin/perl -pi -e "s|\['password_driver'] = 'sql'|\['password_driver'] = 'directadmin'|" config.inc.php > /dev/null
if [ -e /usr/local/directadmin/directadmin ]; then
DAPORT=`/usr/local/directadmin/directadmin c | grep -m1 -e '^port=' | cut -d= -f2`
if [ "${DAPORT}" != "" ]; then
/usr/bin/perl -pi -e "s|\['password_directadmin_port'] = .*$|\['password_directadmin_port'] = ${DAPORT};|" config.inc.php > /dev/null
fi
DASSL=`/usr/local/directadmin/directadmin c | grep -m1 -e '^ssl=' | cut -d= -f2`
DAHOST=`/usr/local/directadmin/directadmin c | grep -m1 -e '^force_hostname=' | cut -d= -f2`
if [ -z "${DAHOST}" ]; then
DAHOST="localhost"
fi
if [ "$DASSL" -eq 1 ]; then
/usr/bin/perl -pi -e "s|\['password_directadmin_host'] = 'tcp://localhost'|\['password_directadmin_host'] = 'ssl://${DAHOST}'|" config.inc.php > /dev/null
elif [ "${DAHOST}" != "localhost" ]; then
/usr/bin/perl -pi -e "s|\['password_directadmin_host'] = 'tcp://localhost'|\['password_directadmin_host'] = 'tcp://${DAHOST}'|" config.inc.php > /dev/null
fi
fi
cd ${REALPATH}
fi
#pigeonhole plugin pre-configuration
if [ "${PIGEONHOLE_OPT}" = "yes" ]; then
if [ -d ${REALPATH}/plugins/managesieve ]; then
cd ${REALPATH}/plugins/managesieve
if [ ! -e config.inc.php ]; then
cp config.inc.php.dist config.inc.php
fi
/usr/bin/perl -pi -e "s|\['managesieve_port'] = null|\['managesieve_port'] = 4190|" config.inc.php > /dev/null
/usr/bin/perl -pi -e "s|\['managesieve_vacation'\] = 0|\['managesieve_vacation'\] = 1|g" config.inc.php > /dev/null
cd ${REALPATH}
fi
fi
#Cleanup config
rm -f ${REALPATH}/config/${EDIT_CONFIG}
#install the proper config:
if [ -d ../roundcube ]; then
echo "Editing roundcube configuration..."
cd ${REALPATH}/config
if [ -e ${ROUNDCUBE_CONFIG} ]; then
echo "Installing custom RoundCube Config: ${ROUNDCUBE_CONFIG}"
cp -f ${ROUNDCUBE_CONFIG} ${EDIT_CONFIG}
fi
if [ -e ${ROUNDCUBE_CONFIG_DB} ]; then
if [ ! -e ${EDIT_DB} ]; then
/bin/cp -f ${ROUNDCUBE_CONFIG_DB} ${EDIT_DB}
fi
COUNT_MYSQL=`grep -m1 -c 'mysql://' ${ROUNDCUBE_CONFIG_DB}`
if [ ${COUNT_MYSQL} -eq 0 ]; then
echo "\$config['db_dsnw'] = 'mysql://${ROUNDCUBE_DB_USER}:${ROUNDCUBE_DB_PASS}@${MYSQLHOST}/${ROUNDCUBE_DB}';" >> ${EDIT_DB}
fi
else
if [ ! -e ${EDIT_DB} ]; then
/bin/cp -f ${DB_DIST} ${EDIT_DB}
/usr/bin/perl -pi -e "s|mysql://roundcube:pass\@localhost/roundcubemail|mysql://${ROUNDCUBE_DB_USER}:\\Q${ROUNDCUBE_DB_PASS}\\E\@${MYSQLHOST}/${ROUNDCUBE_DB}|" ${EDIT_DB} > /dev/null
/usr/bin/perl -pi -e "s/\'mdb2\'/\'db\'/" ${EDIT_DB} > /dev/null
fi
fi
SPAM_INBOX_PREFIX_OPT=`getDA_Opt spam_inbox_prefix 1`
SPAM_FOLDER="INBOX.spam"
if [ "${SPAM_INBOX_PREFIX_OPT}" = "0" ]; then
SPAM_FOLDER="Junk"
fi
/usr/bin/perl -pi -e "s|rcmail-\!24ByteDESkey\*Str|\\Q${ROUNDCUBE_DES_KEY}\\E|" ${EDIT_CONFIG}
if [ ! -e ${ROUNDCUBE_CONFIG} ]; then
if [ ${ROUNDCUBE_MAJOR_VER} -eq 0 ]; then
/usr/bin/perl -pi -e "s|\['default_host'] = ''|\['default_host'] = 'localhost'|" ${EDIT_CONFIG} > /dev/null
#IMAP folders
if [ "${WEBAPPS_INBOX_PREFIX_OPT}" = "yes" ]; then
/usr/bin/perl -pi -e "s|\['drafts_mbox'] = 'Drafts'|\['drafts_mbox'] = 'INBOX.Drafts'|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['sent_mbox'] = 'Sent'|\['sent_mbox'] = 'INBOX.Sent'|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['trash_mbox'] = 'Trash'|\['trash_mbox'] = 'INBOX.Trash'|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['default_imap_folders'] = array\('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash'\)|\['default_imap_folders'] = array\('INBOX', 'INBOX.Drafts', 'INBOX.Sent', '${SPAM_FOLDER}', 'INBOX.Trash'\)|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['default_folders'] = array\('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash'\)|\['default_folders'] = array\('INBOX', 'INBOX.Drafts', 'INBOX.Sent', '${SPAM_FOLDER}', 'INBOX.Trash'\)|" ${EDIT_CONFIG} > /dev/null
else
/usr/bin/perl -pi -e "s|\['default_imap_folders'] = array\('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash'\)|\['default_imap_folders'] = array\('INBOX', 'Drafts', 'Sent', '${SPAM_FOLDER}', 'Trash'\)|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['default_folders'] = array\('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash'\)|\['default_folders'] = array\('INBOX', 'Drafts', 'Sent', '${SPAM_FOLDER}', 'Trash'\)|" ${EDIT_CONFIG} > /dev/null
fi
if [ "${SPAM_INBOX_PREFIX_OPT}" = "1" ]; then
/usr/bin/perl -pi -e "s|\['junk_mbox'] = 'Junk'|\['junk_mbox'] = 'INBOX.spam'|" ${EDIT_CONFIG} > /dev/null
fi
#smtp stuff
/usr/bin/perl -pi -e "s|\['smtp_port'] = 25|\['smtp_port'] = 587|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['smtp_server'] = ''|\['smtp_server'] = 'localhost'|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['smtp_user'] = ''|\['smtp_user'] = '%u'|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['smtp_pass'] = ''|\['smtp_pass'] = '%p'|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['smtp_auth_type'] = ''|\['smtp_auth_type'] = 'LOGIN'|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['create_default_folders'] = .*;|\['create_default_folders'] = true;|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['login_lc'] = 0;|\['login_lc'] = 2;|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['login_autocomplete'] = 0;|\['login_autocomplete'] = 2;|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['quota_zero_as_unlimited'] = false;|\['quota_zero_as_unlimited'] = true;|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['enable_spellcheck'] = true;|\['enable_spellcheck'] = false;|" ${EDIT_CONFIG} > /dev/null
else
#default_host is set to localhost by default in RC 1.0.0, so we don't echo it to the file
#These ones are already in config.inc.php.sample file, so we just use perl-regex to change them
/usr/bin/perl -pi -e "s|\['smtp_port'] = 25|\['smtp_port'] = 587|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['smtp_server'] = ''|\['smtp_server'] = 'localhost'|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['smtp_user'] = ''|\['smtp_user'] = '%u'|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['smtp_pass'] = ''|\['smtp_pass'] = '%p'|" ${EDIT_CONFIG} > /dev/null
#Changing default options, that are set in defaults.inc.php
#IMAP folders
if [ "${WEBAPPS_INBOX_PREFIX_OPT}" = "yes" ]; then
echo "\$config['drafts_mbox'] = 'INBOX.Drafts';" >> ${EDIT_CONFIG}
echo "\$config['junk_mbox'] = '${SPAM_FOLDER}';" >> ${EDIT_CONFIG}
echo "\$config['sent_mbox'] = 'INBOX.Sent';" >> ${EDIT_CONFIG}
echo "\$config['trash_mbox'] = 'INBOX.Trash';" >> ${EDIT_CONFIG}
echo "\$config['default_folders'] = array('INBOX', 'INBOX.Drafts', 'INBOX.Sent', '${SPAM_FOLDER}', 'INBOX.Trash');" >> ${EDIT_CONFIG}
else
echo "\$config['junk_mbox'] = '${SPAM_FOLDER}';" >> ${EDIT_CONFIG}
echo "\$config['default_folders'] = array('INBOX', 'Drafts', 'Sent', '${SPAM_FOLDER}', 'Trash');" >> ${EDIT_CONFIG}
fi
HN_T=${HOSTNAME}
echo "\$config['smtp_helo_host'] = '${HN_T}';" >> ${EDIT_CONFIG}
echo "\$config['smtp_auth_type'] = 'LOGIN';" >> ${EDIT_CONFIG}
echo "\$config['create_default_folders'] = true;" >> ${EDIT_CONFIG}
echo "\$config['protect_default_folders'] = true;" >> ${EDIT_CONFIG}
echo "\$config['login_autocomplete'] = 2;" >> ${EDIT_CONFIG}
echo "\$config['quota_zero_as_unlimited'] = true;" >> ${EDIT_CONFIG}
echo "\$config['enable_spellcheck'] = false;" >> ${EDIT_CONFIG}
echo "\$config['email_dns_check'] = true;" >> ${EDIT_CONFIG}
if grep -q '^recipients_max' /etc/exim.conf; then
RECIPIENTS_MAX="`grep -m1 '^recipients_max' /etc/exim.conf | cut -d= -f2 | tr -d ' '`"
echo "\$config['max_recipients'] = ${RECIPIENTS_MAX};" >> ${EDIT_CONFIG}
echo "\$config['max_group_members'] = ${RECIPIENTS_MAX};" >> ${EDIT_CONFIG}
fi
if [ ! -s mime.types ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -s /etc/httpd/conf/mime.types ]; then
if grep -m1 -q 'application/java-archive' /etc/httpd/conf/mime.types; then
cp -f /etc/httpd/conf/mime.types ./mime.types
fi
fi
fi
fi
if [ ! -s mime.types ]; then
safeDownloadWithMove "${ALIASPATH}/config/mime.types" "https://svn.apache.org/repos/asf/httpd/httpd/trunk/docs/conf/mime.types"
fi
echo "\$config['mime_types'] = '${ALIASPATH}/config/mime.types';" >> ${EDIT_CONFIG}
fi
#password plugin
if [ -e ${REALPATH}/plugins/password ]; then
if [ ${ROUNDCUBE_MAJOR_VER} -eq 0 ]; then
/usr/bin/perl -pi -e "s|\['plugins'] = array\(\);|\['plugins'] = array\('password'\);|" ${EDIT_CONFIG} > /dev/null
else
/usr/bin/perl -pi -e "s|\['plugins'] = array\(\n|\['plugins'] = array\(\n 'password',\n|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['plugins'] = \[\n|\['plugins'] = \[\n 'password',\n|" ${EDIT_CONFIG} > /dev/null
fi
cd ${REALPATH}/config
fi
#pigeonhole plugin
if [ "${PIGEONHOLE_OPT}" = "yes" ]; then
if [ -d ${REALPATH}/plugins/managesieve ]; then
if [ ${ROUNDCUBE_MAJOR_VER} -eq 0 ]; then
/usr/bin/perl -pi -e "s|\['plugins'] = array\('password'\);|\['plugins'] = array\('password','managesieve'\);|" ${EDIT_CONFIG} > /dev/null
else
if [ `grep -m1 -c "'managesieve'" ${EDIT_CONFIG}` -eq 0 ]; then
/usr/bin/perl -pi -e "s|\['plugins'] = array\(\n|\['plugins'] = array\(\n 'managesieve',\n|" ${EDIT_CONFIG} > /dev/null
/usr/bin/perl -pi -e "s|\['plugins'] = \[\n|\['plugins'] = \[\n 'managesieve',\n|" ${EDIT_CONFIG} > /dev/null
fi
fi
cd ${REALPATH}/config
fi
fi
fi
#SSO plugin
if [ -x ${DA_BIN} ] && [ -s ${DACONF_FILE} ]; then
if ${DA_BIN} c | grep -m1 -q '^one_click_webmail_login=1$'; then
ROUNDCUBE_DIRECT_LOGIN_VER=`getVer rc_direct_login`
ROUNDCUBE_DIRECT_LOGIN="roundcube_direct_login-${ROUNDCUBE_DIRECT_LOGIN_VER}.tar.gz"
cd ${REALPATH}
safeDownloadWithMove "${REALPATH}/${ROUNDCUBE_DIRECT_LOGIN}" "${WEBPATH_SERVICES}/all/auto_login/roundcube/${ROUNDCUBE_DIRECT_LOGIN}"
tar xzf ${ROUNDCUBE_DIRECT_LOGIN}
chown -R webapps:webapps direct_login
chmod 711 direct_login
chmod 700 direct_login/tokens
chmod 644 direct_login/index.php
cd ${REALPATH}/config
elif [ -d ${REALPATH}/direct_login ]; then
rm -rf ${REALPATH}/direct_login
fi
fi
if echo "${PHP1_RELEASE_OPT}" | grep -m1 -q '^7'; then
if grep -m1 -q 'mod_php5' ${REALPATH}/.htaccess && ! grep -m1 -q 'mod_php7' ${REALPATH}/.htaccess; then
echo "Replacing mod_php5 with mod_php7 in .htaccess"
perl -pi -e 's|mod_php5|mod_php7|g' ${REALPATH}/.htaccess
fi
elif echo "${PHP1_RELEASE_OPT}" | grep -m1 -q '^8'; then
if grep -m1 -q 'mod_php5' ${REALPATH}/.htaccess && ! grep -m1 -q 'mod_php8' ${REALPATH}/.htaccess; then
echo "Replacing mod_php5 with mod_php8 in .htaccess"
perl -pi -e 's|mod_php5|mod_php8|g' ${REALPATH}/.htaccess
fi
fi
if [ -d ${ROUNDCUBE_PLUGINS} ]; then
echo "Copying files from ${ROUNDCUBE_PLUGINS} to ${REALPATH}/plugins"
cp -Rpf ${ROUNDCUBE_PLUGINS}/* ${REALPATH}/plugins
fi
if [ -d ${ROUNDCUBE_SKINS} ]; then
echo "Copying files from ${ROUNDCUBE_SKINS} to ${REALPATH}/skins"
cp -Rpf ${ROUNDCUBE_SKINS}/* ${REALPATH}/skins
fi
if [ -d ${ROUNDCUBE_VENDOR} ]; then
echo "Copying files from ${ROUNDCUBE_VENDOR} to ${REALPATH}/vendor"
cp -Rpf ${ROUNDCUBE_VENDOR}/* ${REALPATH}/vendor
fi
if [ -d ${ROUNDCUBE_PROGRAM} ]; then
echo "Copying files from ${ROUNDCUBE_PROGRAM} to ${REALPATH}/program"
cp -Rpf ${ROUNDCUBE_PROGRAM}/* ${REALPATH}/program
fi
if [ -e ${ROUNDCUBE_COMPOSER} ]; then
echo "Copying composer.json file from ${ROUNDCUBE_COMPOSER} to ${REALPATH}/composer.json"
cp -Rpf ${ROUNDCUBE_COMPOSER} ${REALPATH}/composer.json
fi
if [ -e ${ROUNDCUBE_HTACCESS} ]; then
echo "Copying .htaccess file from ${ROUNDCUBE_HTACCESS} to ${REALPATH}/.htaccess"
cp -pf ${ROUNDCUBE_HTACCESS} ${REALPATH}/.htaccess
fi
echo "Roundcube ${ROUNDCUBE_VER} has been installed successfully."
writeLog "RoundCube ${ROUNDCUBE_VER} installed"
fi
#systems with "system()" in disable_functions need to use no php.ini:
if [ "`have_php_system`" = "0" ]; then
perl -pi -e 's#^\#\!/usr/bin/env php#\#\!/usr/local/bin/php \-n#' ${REALPATH}/bin/update.sh
fi
#systems with suhosin cannot have PHP memory_limit set to -1, we need not to load suhosin for RoundCube .sh scripts
if [ "${SUHOSIN_OPT}" = "yes" ]; then
perl -pi -e 's#^\#\!/usr/bin/env php#\#\!/usr/local/bin/php \-n#' ${REALPATH}/bin/msgimport.sh
perl -pi -e 's#^\#\!/usr/bin/env php#\#\!/usr/local/bin/php \-n#' ${REALPATH}/bin/indexcontacts.sh
perl -pi -e 's#^\#\!/usr/bin/env php#\#\!/usr/local/bin/php \-n#' ${REALPATH}/bin/msgexport.sh
fi
#set the permissions:
chown -R ${APPUSER}:${APPUSER} ${REALPATH}
#update if needed
${REALPATH}/bin/update.sh '--version=?'
#drop alias column if it's still there
if mysql --defaults-extra-file=${DA_MY_CNF} da_roundcube -e "SHOW COLUMNS FROM da_roundcube.users LIKE 'alias';" --host=${MYSQLHOST} -sss 2>&1 | grep -m1 -q '^alias'; then
mysql --defaults-extra-file=${DA_MY_CNF} da_roundcube -e "ALTER TABLE da_roundcube.users DROP COLUMN da_roundcube.users.alias;"--host=${MYSQLHOST} -sss 2>&1
fi
#cleanup
rm -rf ${ALIASPATH}/installer
#bugfix for suPHP as RC 1.3.9 has index.php 664 and ${REALPATH} 775
/bin/chmod 755 ${REALPATH}
/bin/chmod 644 ${REALPATH}/index.php
if [ "${APPGROUP}" = "apache" ]; then
chown -R apache ${REALPATH}/temp ${REALPATH}/logs
/bin/chmod -R 770 ${REALPATH}/temp
/bin/chmod -R 770 ${REALPATH}/logs
fi
#secure configuration file
if [ -s ${EDIT_DB} ]; then
chmod 440 ${EDIT_DB}
if [ "${APPGROUP}" = "apache" ]; then
echo "**********************************************************************"
echo "* "
echo "* ${boldon}SECURITY: ${REALPATH}/config/${EDIT_DB} is readable by apache.${boldoff}"
echo "* Recommended: use a php type that runs php scripts as the User, then re-install roundcube."
echo "*"
echo "**********************************************************************"
fi
chown ${APPUSER}:${APPGROUP} ${EDIT_DB}
if [ "${APPGROUP}" = "apache" ]; then
ls -la ${REALPATH}/config/${EDIT_DB}
sleep 5
fi
fi
RC_HTACCESS=${REALPATH}/.htaccess
if [ -s "${RC_HTACCESS}" ]; then
if grep -m1 -q upload_max_filesize ${RC_HTACCESS}; then
perl -pi -e 's/^php_value upload_max_filesize/#php_value upload_max_filesize/' ${RC_HTACCESS}
perl -pi -e 's/^php_value post_max_size/#php_value post_max_size/' ${RC_HTACCESS}
perl -pi -e 's/^php_value memory_limit/#php_value memory_limit/' ${RC_HTACCESS}
fi
perl -pi -e 's/FollowSymLinks/SymLinksIfOwnerMatch/' ${RC_HTACCESS}
fi
ensure_webapps_tmp
if [ "${OPCACHE_OPT}" = "yes" ]; then
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
echo "Reloading php-fpm${PHP1_SHORTRELEASE}."
control_service php-fpm${PHP1_SHORTRELEASE} reload
elif [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "Reloading apache."
control_service httpd reload
elif [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
echo "Reloading litespeed."
control_service litespeed reload
fi
fi
cd ${CWD}
}
####################################################
doRemoveRoundcube() {
if [ "${ROUNDCUBE_OPT}" != "no" ]; then
do_exit 1 "Cannot remove RoundCube webmail, because it is enabled in options.conf file."
fi
initMySQL
# variables for the database:
ROUNDCUBE_DB=da_roundcube
ROUNDCUBE_DB_USER=da_roundcube
#Removing RoundCube database and database user
if [ -d $MYSQL_DATA/${ROUNDCUBE_DB} ]; then
echo "Dropping database ${ROUNDCUBE_DB} and database user ${ROUNDCUBE_DB_USER}..."
mysql --defaults-extra-file=${DA_MY_CNF} -e "DROP DATABASE ${ROUNDCUBE_DB};" --host=${MYSQLHOST} 2>/dev/null
mysql --defaults-extra-file=${DA_MY_CNF} -e "DROP USER '${ROUNDCUBE_DB_USER}'@'${MYSQL_ACCESS_HOST}';" --host=${MYSQLHOST} 2>/dev/null
if [ "${MYSQLHOST}" != "localhost" ]; then
for access_host_ip in `grep '^access_host.*=' ${DA_MYSQL} | cut -d= -f2`; do {
mysql --defaults-extra-file=${DA_MY_CNF} -e "DROP USER '${ROUNDCUBE_DB_USER}'@'${ROUNDCUBE_DB_USER}'@'${access_host_ip}';" --host=${MYSQLHOST} 2>&1
}; done
fi
fi
remove_file /var/www/html/roundcube
echo "Removing all roundcubemail directories from /var/www/html..."
find /var/www/html -maxdepth 1 -name 'roundcubemail-*' -print -exec rm -rf {} \;
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "RoundCube webmail has been successfully removed."
writeLog "RoundCube removed"
}
ensurepopb4smtp(){
#pop before smtp
if [ ! -s /etc/systemd/system/da-popb4smtp.service ]; then
cp -f ${CWD}/configure/systemd/da-popb4smtp.service /etc/systemd/system/da-popb4smtp.service
systemctl daemon-reload
systemctl enable da-popb4smtp.service
systemctl start da-popb4smtp.service
fi
set_service da-popb4smtp ON
}
doLua(){
getFile lua/lua-${LUA_VER}.tar.gz lua lua-${LUA_VER}.tar.gz
getFile patches/liblua_so.patch liblua_so.patch patches/liblua_so.patch hexan
if [ ! -e /usr/include/readline/readline.h ] && [ ! -e /usr/local/include/readline/readline.h ]; then
echo "Cannot find /usr/include/readline/readline.h, installing..."
if [ -e /etc/debian_version ]; then
apt-get -y install libreadline-dev
else
yum -y install readline-devel
fi
fi
quitIfLocked doLua
if [ -d lua-${LUA_VER} ]; then
rm -rf lua-${LUA_VER}
fi
cd ${CWD}
FILE=${CWD}/lua-${LUA_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd lua-${LUA_VER}
#To generate dynamic library of liblua
patch -p0 < ${WORKDIR}/patches/liblua_so.patch
while echo "Installing lua..."; do
make linux install
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The install has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "lua ${LUA_VER} Installed."
writeLog "lua ${LUA_VER} installed"
removeLockfile
cd ${CWD}
rm -rf lua-${LUA_VER}
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
checkDebianPackage(){
RETURN_CODE=0
if [ -x /usr/bin/dpkg ]; then
/usr/bin/dpkg -s ${1} >/dev/null 2>&1
if [ $? -ne 0 ]; then
RETURN_CODE=1
fi
fi
echo ${RETURN_CODE}
}
checkRPMPackage(){
RETURN_CODE=0
if [ -x /usr/bin/rpm ]; then
/usr/bin/rpm -q ${1} >/dev/null 2>&1
if [ $? -ne 0 ]; then
RETURN_CODE=1
fi
fi
echo ${RETURN_CODE}
}
doSnail(){
set_sendmail_link
getFile s-nail/s-nail-${S_NAIL_VER}.tar.gz s-nail s-nail-${S_NAIL_VER}.tar.gz
quitIfLocked doSnail
cd ${CWD}
FILE=${CWD}/s-nail-${S_NAIL_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd s-nail-${S_NAIL_VER}
OV=`openssl_version`
#OpenSSL 1.1.0 fails with s-nail-14.9.15/src/mx/xtls.c:248:18: error: 'SSL_OP_NO_TLSv1_3' undeclared here (not in a function)
if echo "${OV}" | grep -m1 -q '1\.1\.0'; then
sed -i '/{"TLSv1.3\\0", SSL_OP_NO_TLSv1_3,/d' src/mx/xtls.c
perl -pi -e 's|{"TLSv1.2", SSL_OP_NO_TLSv1_2,|{"TLSv1.2\\0", SSL_OP_NO_TLSv1_2,|g' src/mx/xtls.c
fi
while echo "Making s-nail..."; do
make CONFIG=MAXIMAL all
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
while echo "Installing s-nail..."; do
make install
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The install has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
if [ -x /usr/local/bin/s-nail ] && [ ! -e /usr/local/bin/mail ]; then
echo "Symlinking /usr/local/bin/s-nail -> /usr/local/bin/mail."
ln -s /usr/local/bin/s-nail /usr/local/bin/mail
fi
echo "s-nail ${S_NAIL_VER} Installed."
writeLog "s-nail ${S_NAIL_VER} installed"
removeLockfile
cd ${CWD}
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
doMsmtp(){
getFile msmtp/msmtp-${MSMTP_VER}.tar.xz msmtp msmtp-${MSMTP_VER}.tar.xz
quitIfLocked doMsmtp
cd ${CWD}
FILE=${CWD}/msmtp-${MSMTP_VER}.tar.xz
checkFile ${FILE}
echo "Extracting ..."
tar xJf ${FILE} --no-same-owner
echo "Done."
cd msmtp-${MSMTP_VER}
./configure
while echo "Making msmtp..."; do
make -j${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
while echo "Installing msmtp..."; do
make install
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The install has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
/sbin/ldconfig
removeLockfile
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "msmtp installation complete."
writeLog "msmtp ${MSMTP_VER} installed"
}
createEtcVirtual(){
addUserGroup mail mail 12 12
addToAccess mail
VIRTUAL="/etc/virtual"
if [ ! -d ${VIRTUAL} ]; then
mkdir -p ${VIRTUAL}
fi
chown -f mail ${VIRTUAL}
chgrp -f mail ${VIRTUAL}
chmod 711 ${VIRTUAL}
if ! grep -q "^${HOSTNAME}$" ${VIRTUAL}/domains; then
echo "${HOSTNAME}" >> ${VIRTUAL}/domains
fi
if [ ! -s ${VIRTUAL}/limit ]; then
echo "1000" > ${VIRTUAL}/limit
chmod 644 ${VIRTUAL}/limit
chown -f mail:mail ${VIRTUAL}/limit
fi
if [ ! -s ${VIRTUAL}/limit_unknown ]; then
echo "0" > ${VIRTUAL}/limit_unknown
chmod 644 ${VIRTUAL}/limit_unknown
chown -f mail:mail ${VIRTUAL}/limit_unknown
fi
if [ ! -s ${VIRTUAL}/user_limit ]; then
echo "200" > ${VIRTUAL}/user_limit
chmod 644 ${VIRTUAL}/user_limit
chown -f mail:mail ${VIRTUAL}/user_limit
fi
if [ ! -d ${VIRTUAL}/usage ]; then
mkdir -p ${VIRTUAL}/usage
fi
chmod 750 ${VIRTUAL}/usage
chown -f mail:mail ${VIRTUAL}/usage
for i in domains domainowners pophosts blacklist_domains whitelist_from use_rbl_domains bad_sender_hosts bad_sender_hosts_ip blacklist_senders whitelist_domains whitelist_hosts whitelist_hosts_ip whitelist_senders skip_av_domains skip_rbl_domains; do
if [ ! -e ${VIRTUAL}/$i ]; then
touch ${VIRTUAL}/$i
fi
chmod 640 ${VIRTUAL}/$i
chown -f mail:mail ${VIRTUAL}/$i
done
}
doExim() {
if [ "${EXIM_OPT}" != "yes" ]; then
do_exit 1 "You cannot update Exim, because you do not have it set in options.conf file."
fi
if [ ! -e /usr/include/db.h ]; then
echo "Cannot find /usr/include/db.h. Please install db.h"
if [ -e /etc/debian_version ]; then
echo "apt-get install libdb4.8-dev libperl-dev"
else
echo "yum install db4-devel perl-ExtUtils-Embed"
fi
do_exit 0
fi
if [ ! -e /usr/include/pcre2.h ] && [ ! -e /usr/local/include/pcre2.h ]; then
echo "Cannot find pcre2, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install libpcre2-dev
else
yum -y install pcre2-devel
fi
fi
createEtcVirtual
V_U_RBL_D=${VIRTUAL}/use_rbl_domains
if [ -f ${V_U_RBL_D} ] && [ ! -s ${V_U_RBL_D} ]; then
rm -f ${V_U_RBL_D}
ln -s domains ${V_U_RBL_D}
chown -h mail:mail ${V_U_RBL_D}
fi
getFile exim-${EXIM_VER}.tar.gz exim
ensurepopb4smtp
killall sendmail 2> /dev/null
if [ -s /etc/inetd.conf ]; then
if grep -m1 -q '^pop' /etc/inetd.conf; then
perl -pi -e 's/^pop/\#pop/' /etc/inetd.conf
killall -HUP inetd
fi
fi
if [ -e /etc/debian_version ]; then
if [ `checkDebianPackage da_exim` -ne 0 ] && [ `checkDebianPackage da-exim` -ne 0 ]; then
if [ `checkDebianPackage equivs` -ne 0 ]; then
apt-get update
apt-get -y install equivs
fi
if [ -x /usr/bin/equivs-build ]; then
echo 'Package: da-exim' > da-exim.equivs
echo 'Maintainer: JBMC Software <no-reply@directadmin.com>' >> da-exim.equivs
echo 'Architecture: any' >> da-exim.equivs
echo 'Provides: mail-transport-agent' >> da-exim.equivs
echo 'Replaces: mail-transport-agent, exim4-base' >> da-exim.equivs
echo 'Description: Dummy package to replace dependencies' >> da-exim.equivs
/usr/bin/equivs-build da-exim.equivs >/dev/null 2>&1
fi
fi
if [ -s da-exim_1.0_amd64.deb ]; then
dpkg -r --force-all exim exim4 exim4-base exim4-config exim4-daemon-light exim4-config-2 exim4-daemon-heavy rmail sendmail-bin sendmail mail-transport-agent postfix ssmtp courier-authdaemon courier-authlib courier-authlib-userdb courier-base courier-imap courier-imap-ssl courier-maildrop courier-pop courier-pop-ssl courier-ssl dovecot-core dovecot-imapd 2> /dev/null
dpkg -P exim exim4 exim4-base exim4-config exim4-daemon-light exim4-config-2 exim4-daemon-heavy rmail sendmail-bin sendmail mail-transport-agent postfix ssmtp courier-authdaemon courier-authlib courier-authlib-userdb courier-base courier-imap courier-imap-ssl courier-maildrop courier-pop courier-pop-ssl courier-ssl dovecot-core dovecot-imapd 2> /dev/null
dpkg -i da-exim_1.0_amd64.deb 2>/dev/null
if [ -s da-exim.equivs ]; then
rm -f da-exim.equivs
fi
rm -f da-exim_1.0_amd64.deb 2> /dev/null
fi
else
rpm -e --nodeps sendmail 2> /dev/null
rpm -e --nodeps postfix 2> /dev/null
rpm -e --nodeps dovecot 2> /dev/null
rpm -e --nodeps courier-imap 2> /dev/null
fi
if [ ! -e /usr/include/spf2/spf.h ]; then
echo "Cannot find /usr/include/spf2/spf.h, installing..."
if [ -e /etc/debian_version ]; then
apt-get -y install libspf2-dev
else
yum -y install libspf2-devel --enablerepo=${EPEL_REPO_NAME}
fi
fi
quitIfLocked doExim
if [ ! -d /var/log/exim ]; then
mkdir /var/log/exim
chmod 700 /var/log/exim
fi
chown mail:mail /var/log/exim
if [ -d /var/spool/exim ] && [ ! -e /usr/sbin/exim ]; then
chown -R mail:mail /var/spool/exim
fi
cd ${CWD}
FILE=${CWD}/exim-${EXIM_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd exim-${EXIM_VER}
if [ -x /usr/sbin/opendmarc ] && [ -s ./src/dmarc.c ]; then
if /usr/sbin/opendmarc -V | head -n1 | grep -q 'v1\.4'; then
perl -pi -e 's| dkim_result, US""\);| sig->selector, dkim_result, US"");|g' ./src/dmarc.c
fi
fi
# libnsl is only used for NIS and NIS+ lookups, compilation fails on CentOS8 due to no libnsl in glibc anymore
perl -pi -e 's/-lnsl//g' ./OS/Makefile-Linux
if [ "${EXIM_MAKEFILE}" != "" ]; then
echo "${boldon}Custom ${EXIM_MAKEFILE} being used${boldoff}"
cp -f ${EXIM_MAKEFILE} Local/Makefile
else
cd ${CWD}
getFile Makefile '' exim-${EXIM_VER}/Local/Makefile
cd exim-${EXIM_VER}
perl -pi -e 's/^CFLAGS=(.*)$/CFLAGS=$1 -std=gnu99/' Local/Makefile
echo "USE_OPENSSL=yes" >> Local/Makefile
if [ -e /usr/include/pcre2.h ] || [ -e /usr/local/include/pcre2.h ]; then
echo "Making Makefile changes for 4.96+"
perl -pi -e 's/^PCRE_LIBS=-lpcre$/PCRE_LIBS=-lpcre2-8/' Local/Makefile
fi
fi
# Solve on CentOS8/9: /usr/bin/ld: acl.o: relocation R_X86_64_32 against `.rodata.str1.1' can not be used when making a PIE object; recompile with -fPIC
if [ "${OS_CENTOS_VER}" = "8" ] || [ "${OS_CENTOS_VER}" = "9" ]; then
if ! grep -m1 -q CFLAGS.*fPIC Local/Makefile; then
perl -pi -e 's|CFLAGS\=|CFLAGS\=-fPIC |g' Local/Makefile
fi
fi
if [ -e /usr/include/spf2/spf.h ] || [ -e /usr/local/include/spf2/spf.h ]; then
echo "SUPPORT_SPF=yes" >> Local/Makefile
if [ -e /usr/local/include/spf2/spf.h ]; then
echo "CFLAGS += -DSPF -I/usr/local/include" >> Local/Makefile
else
echo "CFLAGS += -DSPF" >> Local/Makefile
fi
echo "LDFLAGS += -lspf2" >> Local/Makefile
fi
#Reported issue in https://forum.directadmin.com/showthread.php?t=55603&page=2&p=285310#post285310
echo "CFLAGS += `getGccOptions`" >> Local/Makefile
if ! grep -q ^SUPPORT_SRS Local/Makefile; then
echo "SUPPORT_SRS=yes " >> Local/Makefile
fi
while echo "Trying to make exim..."; do
C_INCLUDE_PATH=/usr/kerberos/include make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
echo -n -e "\n*** The make has failed, would you like to try to make again? (y,n): "
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make Complete"
while echo "Installing exim..."; do
make install
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The install has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Moving exim binary."
EXIM_BINARY=`ls -t /usr/sbin/exim-${EXIM_VER}-* | head -n1`
if [ "${EXIM_BINARY}" = "" ]; then
#4.86.2 shows up as /usr/sbin/exim-4.86_2-2
#assume newest binary is the winner.
echo "Cannot find the ${EXIM_VER} formatted binary. Trying a wildcard instead..."
EXIM_BINARY=`ls -t /usr/sbin/exim-*-* | head -n1`
echo "Found: '$EXIM_BINARY'"
fi
mv -f ${EXIM_BINARY} /usr/sbin/exim
chmod 4755 /usr/sbin/exim
if [ ! -e /etc/exim.cert ] && [ ! -e /etc/exim.key ]; then
getFile da_exim-cert-config
/usr/bin/openssl req -x509 -newkey rsa:2048 -keyout /etc/exim.key -out /etc/exim.cert -days 9999 -nodes -config ${WORKDIR}/da_exim-cert-config
fi
chmod 600 /etc/exim.cert /etc/exim.key
chown mail:mail /etc/exim.cert /etc/exim.key
if [ ! -e /etc/exim.conf ]; then
safeDownloadWithMove "/etc/exim.conf" "${WEBPATH}/exim.conf"
safeDownloadWithMove "/etc/exim.pl" "${WEBPATH}/exim.pl"
chmod 755 /etc/exim.pl
fi
if [ ! -e /etc/system_filter.exim ]; then
if [ -e ${CWD}/custom/exim/system_filter.exim ]; then
cp -f ${CWD}/custom/exim/system_filter.exim /etc/system_filter.exim
else
safeDownloadWithMove "/etc/system_filter.exim" "${WEBPATH}/system_filter.exim"
fi
fi
chmod 644 /etc/system_filter.exim
if [ "${EXIMCONF_OPT}" = "yes" ]; then
doEximConf
fi
if [ "${IPV6}" = "0" ]; then
perl -pi -e 's|disable_ipv6=false|disable_ipv6=true|' /etc/exim.conf
if [ -e /etc/exim.variables.conf.default ]; then
perl -pi -e 's|disable_ipv6=false|disable_ipv6=true|' /etc/exim.variables.conf.default
fi
else
perl -pi -e 's|disable_ipv6=true|disable_ipv6=false|' /etc/exim.conf
if [ -e /etc/exim.variables.conf.default ]; then
perl -pi -e 's|disable_ipv6=true|disable_ipv6=false|' /etc/exim.variables.conf.default
fi
fi
echo "Enabling exim in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/exim.service ]; then
cp -f ${CB_CUST_SYSTEMD}/exim.service ${SYSTEMDDIR}/exim.service
else
cp -f ${CB_SYSTEMD}/exim.service ${SYSTEMDDIR}/exim.service
fi
chmod 644 ${SYSTEMDDIR}/exim.service
systemctl daemon-reload
systemctl enable exim.service
if [ -d /etc/logrotate.d ]; then
EXIM_LOGROTATE=/etc/logrotate.d/exim
if [ -s ${EXIM_LOGROTATE} ]; then
if [ "`/usr/bin/stat -c "%a" ${EXIM_LOGROTATE}`" = "755" ]; then
echo "${EXIM_LOGROTATE} was set to 755. Changed to 644"
chmod 644 ${EXIM_LOGROTATE}
fi
else
echo '/var/log/exim/mainlog /var/log/exim/processlog /var/log/exim/rejectlog /var/log/exim/paniclog {' > ${EXIM_LOGROTATE}
echo 'missingok' >> ${EXIM_LOGROTATE}
echo 'sharedscripts' >> ${EXIM_LOGROTATE}
echo '}' >> ${EXIM_LOGROTATE}
chmod 644 ${EXIM_LOGROTATE}
fi
fi
echo "Exim ${EXIM_VER} Installed."
writeLog "Exim ${EXIM_VER} installed"
if [ "${SPAMD_OPT}" = "no" ]; then
if [ -e ${SYSTEMDDIR}/spamassassin.service ]; then
echo "Disabling spamassassin in systemd..."
systemctl stop spamassassin.service
systemctl disable spamassassin.service
systemctl daemon-reload
rm -f ${SYSTEMDDIR}/spamassassin.service
fi
if [ -e ${SYSTEMDDIR}/rspamd.service ]; then
echo "Disabling rspamd in systemd..."
systemctl stop rspamd.service
systemctl disable rspamd.service
systemctl daemon-reload
rm -f ${SYSTEMDDIR}/rspamd.service
fi
fi
removeLockfile
cd ${CWD}
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "Restarting exim."
control_service exim restart
set_service exim ON
if [ -x /usr/sbin/alternatives ]; then
if ! /usr/sbin/alternatives --list | grep -m1 -q '^mta.*/usr/sbin/exim$'; then
/usr/sbin/alternatives --install /usr/sbin/sendmail mta /usr/sbin/exim 100
fi
if [ "`readlink /etc/alternatives/mta`" = "/usr/sbin/exim" ]; then
/usr/sbin/alternatives --set mta /usr/sbin/exim
fi
fi
if [ ! -x /bin/mail ] && [ ! -x /usr/bin/mail ] && [ ! -x /usr/local/bin/mail ]; then
doSnail
fi
if [ -x /usr/sbin/exim ] && [ -d /usr/bin ]; then
if [ ! -e /usr/bin/newaliases ]; then
ln -s /usr/sbin/exim /usr/bin/newaliases
fi
fi
}
####################################################
doBlockCracking() {
if [ "${BLOCKCRACKING_OPT}" != "yes" ] || [ "${EXIMCONF_OPT}" != "yes" ]; then
do_exit 1 "You cannot enable BlockCracking, because you do not have it set in options.conf file (blockcracking/eximconf options)."
fi
if [ ! -d ${WORKDIR}/blockcracking ]; then
mkdir -p ${WORKDIR}/blockcracking
chmod 700 ${WORKDIR}/blockcracking
fi
cd ${WORKDIR}
echo "Enabling BlockCracking..."
getFile blockcracking/exim.blockcracking-${BLOCKCRACKING_VER}.tar.gz blockcracking exim.blockcracking-${BLOCKCRACKING_VER}.tar.gz
mkdir -p /etc/exim.blockcracking
tar xzf exim.blockcracking-${BLOCKCRACKING_VER}.tar.gz -C /etc/exim.blockcracking
BC_DP_SRC=/etc/exim.blockcracking/script.denied_paths.default.txt
if [ -e /etc/exim.blockcracking/script.denied_paths.custom.txt ]; then
echo "Using custom BC script.denied_paths.custom.txt"
BC_DP_SRC=/etc/exim.blockcracking/script.denied_paths.custom.txt
fi
cp -fp ${BC_DP_SRC} /etc/exim.blockcracking/script.denied_paths.txt
if [ "$1" != "norestart" ]; then
echo "Restarting exim."
control_service exim restart
fi
echo "BlockCracking is now enabled."
writeLog "BlockCracking ${BLOCKCRACKING_VER} installed"
}
####################################################
doRemoveBlockCracking() {
if [ "${BLOCKCRACKING_OPT}" != "no" ]; then
do_exit 1 "You cannot remove BlockCracking, because you have enabled in options.conf file."
fi
cd ${WORKDIR}
echo "Removing BlockCracking..."
rm -rf /etc/exim.blockcracking
if [ "$1" != "norestart" ]; then
echo "Restarting exim."
control_service exim restart
fi
echo "BlockCracking is now removed."
writeLog "BlockCracking removed"
}
####################################################
doEasySpamFighter() {
if [ "${EASY_SPAM_FIGHTER_OPT}" != "yes" ] || [ "${EXIMCONF_OPT}" != "yes" ]; then
do_exit 1 "You cannot enable Easy Spam Fighter, because you do not have it set in options.conf file (easy_spam_fighter/eximconf options)."
fi
EXIM_SPF_SUPPORT="`/usr/sbin/exim --version | grep -m1 -c SPF`"
EXIM_SRS_SUPPORT="`/usr/sbin/exim --version | grep -m1 -c SRS`"
if [ "${EXIM_SPF_SUPPORT}" = "0" ]; then
do_exit 1 "Your version of Exim does not support SPF, which is needed for Easy Spam Fighter. Please update exim using the CustomBuild script: ./build exim."
fi
if [ "${EXIM_SRS_SUPPORT}" = "0" ]; then
do_exit 1 "Your version of Exim does not support SRS, which is needed for Easy Spam Fighter. Please update exim using the CustomBuild script: ./build exim."
fi
if [ ! -d ${WORKDIR}/easy_spam_fighter ]; then
mkdir -p ${WORKDIR}/easy_spam_fighter
chmod 700 ${WORKDIR}/easy_spam_fighter
fi
cd ${WORKDIR}
echo "Enabling Easy Spam Fighter..."
getFile easy_spam_fighter/exim.easy_spam_fighter-${EASY_SPAM_FIGHTER_VER}.tar.gz easy_spam_figther exim.easy_spam_fighter-${EASY_SPAM_FIGHTER_VER}.tar.gz
mkdir -p /etc/exim.easy_spam_fighter
tar xzf exim.easy_spam_fighter-${EASY_SPAM_FIGHTER_VER}.tar.gz -C /etc/exim.easy_spam_fighter
if [ -s /etc/virtual/esf_skip_ip ] && [ ! -s /etc/virtual/esf_skip_ips ]; then
mv -f /etc/virtual/esf_skip_ip /etc/virtual/esf_skip_ips
fi
if [ "$1" != "norestart" ]; then
echo "Restarting exim."
control_service exim restart
fi
echo "Easy Spam Fighter is now enabled."
writeLog "EasySpamFighter ${EASY_SPAM_FIGHTER_VER} installed"
}
####################################################
doRemoveEasySpamFighter() {
if [ "${EASY_SPAM_FIGHTER_OPT}" != "no" ]; then
do_exit 1 "You cannot remove Easy Spam Fighter, because you have enabled in options.conf file."
fi
cd ${WORKDIR}
echo "Removing Easy Spam Fighter..."
rm -rf /etc/exim.easy_spam_fighter
if [ "$1" != "norestart" ]; then
echo "Restarting exim."
control_service exim restart
fi
echo "Easy Spam Fighter is now removed."
writeLog "EasySpamFigther removed"
}
####################################################
do_rspamd_conf() {
if [ "${SPAMD_OPT}" != "rspamd" ]; then
do_exit 1 "spamd=rspamd is not set in options.conf."
fi
cd ${WORKDIR}
echo "Enabling Rspamd Config..."
RSDGZ=rspamd_conf-${RSPAMD_CONF_VER}.tar.gz
getFile easy_spam_fighter/rspamd/${RSPAMD_CONF_VER}/${RSDGZ} rspamd_conf ${RSDGZ}
mkdir -p /etc/exim/rspamd
tar xzf ${RSDGZ} -C /etc/exim/rspamd
if [ "$1" != "norestart" ]; then
echo "Restarting exim."
control_service exim restart
fi
echo "Rspamd config is now enabled."
writeLog "rspamd_config ${RSPAMD_CONF_VER} installed"
}
do_remove_rspamd_conf() {
if [ "${SPAMD_OPT}" = "rspamd" ]; then
do_exit 1 "You cannot remove rspamd_config, because you have enabled in options.conf file."
fi
cd ${WORKDIR}
echo "Removing Rspamd Config..."
remove_directory /etc/exim/rspamd
if [ "$1" != "norestart" ]; then
echo "Restarting exim."
control_service exim restart
fi
echo "Rspamd Config is now removed."
writeLog "rspamd_config removed"
}
doGrubConf() {
GRUB_CONF_LOCATIONS=`ls /boot/grub2/grub.cfg /boot/efi/EFI/redhat/grub.cfg /boot/efi/EFI/centos/grub.cfg /boot/efi/EFI/rocky/grub.cfg /boot/grub/grub.cfg 2>/dev/null`
GRUB_CONF_MODIFIED=false
HAS_XFS_ROOT=false
if mount | grep ' / ' | grep -m1 -q ' xfs '; then
HAS_XFS_ROOT=true
fi
if [ -x /usr/sbin/grub2-mkconfig ]; then
GRUB_MKCONFIG=/usr/sbin/grub2-mkconfig
elif [ -x /usr/sbin/grub-mkconfig ]; then
GRUB_MKCONFIG=/usr/sbin/grub-mkconfig
fi
if [ ! -d /sys/fs/cgroup/user.slice ] && [ -s /etc/default/grub ] && [ "${OS_CENTOS_VER}" != "7" ] && [ "${CLOUDLINUX_OPT}" = "no" ]; then
if [ ! -z "${GRUB_MKCONFIG}" ]; then
if [ -d /etc/default/grub.d ]; then
if ! grep -m1 -q 'systemd.unified_cgroup_hierarchy' /etc/default/grub; then
if ! grep -m1 -q 'systemd.unified_cgroup_hierarchy' /etc/default/grub.d/99-directadmin.cfg 2>/dev/null; then
if ! ${HAS_XFS_ROOT}; then
echo 'GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT} systemd.unified_cgroup_hierarchy=1 psi=1"' > /etc/default/grub.d/99-directadmin.cfg
elif ! grep -m1 -q 'rootflags' /etc/default/grub; then
echo 'GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT} rootflags=uquota,pquota systemd.unified_cgroup_hierarchy=1 psi=1"' > /etc/default/grub.d/99-directadmin.cfg
else
echo 'GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT} systemd.unified_cgroup_hierarchy=1 psi=1"' > /etc/default/grub.d/99-directadmin.cfg
fi
GRUB_CONF_MODIFIED=true
fi
fi
if ${GRUB_CONF_MODIFIED}; then
find /boot -name 'grub.cfg' -exec ${GRUB_MKCONFIG} -o {} \;
fi
else
if ! grep -m1 -q 'systemd.unified_cgroup_hierarchy' /etc/default/grub; then
if ! ${HAS_XFS_ROOT}; then
echo 'GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT} systemd.unified_cgroup_hierarchy=1 psi=1"' >> /etc/default/grub
elif ! grep -m1 -q 'rootflags' /etc/default/grub; then
echo 'GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT} rootflags=uquota,pquota systemd.unified_cgroup_hierarchy=1 psi=1"' >> /etc/default/grub
else
echo 'GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT} systemd.unified_cgroup_hierarchy=1 psi=1"' >> /etc/default/grub
fi
GRUB_CONF_MODIFIED=true
fi
if ${GRUB_CONF_MODIFIED}; then
find /boot -name 'grub.cfg' -exec ${GRUB_MKCONFIG} -o {} \;
fi
fi
fi
fi
if [ -s /etc/default/grub ] && ${HAS_XFS_ROOT}; then
if ! grep -m1 -q 'rootflags=uquota,pquota' /etc/default/grub; then
if [ ! -z "${GRUB_MKCONFIG}" ]; then
for grub_config in "${GRUB_CONF_LOCATIONS}"; do {
if ! grep -m1 -q 'rootflags' /etc/default/grub; then
if ${HAS_XFS_ROOT}; then
echo 'GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT} rootflags=uquota,pquota"' >> /etc/default/grub
fi
GRUB_CONF_MODIFIED=true
find /boot -name 'grub.cfg' -exec ${GRUB_MKCONFIG} -o {} \;
fi
}
done
fi
fi
fi
if ${GRUB_CONF_MODIFIED}; then
echo "Grub configuration re-generated. Please reboot the box."
else
echo "No grub changes needed."
fi
}
####################################################
doEnsureEximFile() {
if [ "$1" != "" ]; then
if [ ! -e $1 ]; then
echo "Creating file $1..."
touch $1
chown mail:mail $1
chmod 600 $1
fi
fi
}
####################################################
doEximConf() {
if [ "${EXIMCONF_OPT}" != "yes" ]; then
do_exit 1 "You cannot update Exim configuration files, because you do not have it set in options.conf file."
fi
EXIMV=`exim_version`
EXIMV_MINORV=`echo "${EXIMV}" | cut -d'.' -f2`
set_sendmail_link
safeDownloadWithMove "/etc/exim.conf" "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/SpamBlocker/${EXIM_CONF_VER}/exim.conf-SpamBlockerTechnology-v${EXIM_CONF_VER}.txt"
chown root:root /etc/exim.conf
#used to determine if we need to remove some variables from the exim.conf or exim.variables.conf.
EXIMV="`exim_version`"
# Update system_filter.exim
if [ -e ${CWD}/custom/exim/system_filter.exim ]; then
cp -f ${CWD}/custom/exim/system_filter.exim /etc/system_filter.exim
else
safeDownloadWithMove "/etc/system_filter.exim" "${WEBPATH}/system_filter.exim"
fi
chmod 644 /etc/system_filter.exim
#Download additional files for exim.conf
EXIM_CONF_MERGED=/etc/exim.variables.conf.merged
EXIM_CONF_DEFAULT=/etc/exim.variables.conf.default
EXIM_CONF_CUSTOM=/etc/exim.variables.conf.custom
safeDownloadWithMove "/etc/exim.strings.conf" "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/SpamBlocker/${EXIM_CONF_VER}/exim.strings.conf"
safeDownloadWithMove "${EXIM_CONF_DEFAULT}" "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/SpamBlocker/${EXIM_CONF_VER}/exim.variables.conf.default"
chmod 644 /etc/exim.strings.conf
chmod 644 "${EXIM_CONF_DEFAULT}"
if [ -s "${EXIM_CONF_DEFAULT}" ]; then
#Make dovecot listen on port 10025 if dovecot_proxy is enabled
DOVECOT_PROXY=`getDA_Opt dovecot_proxy 0`
if [ ${DOVECOT_PROXY} -ne 0 ]; then
if ! grep -m1 -q '^daemon_smtp_ports.*10025' ${EXIM_CONF_DEFAULT}; then
perl -pi -e 's|^daemon_smtp_ports=25 : 587 : 465|daemon_smtp_ports=25 : 587 : 465 : 10025|g' ${EXIM_CONF_DEFAULT}
fi
fi
fi
if [ -s ${EXIM_CONF_DEFAULT} ]; then
if [ ${CPU_CORES} -gt 5 ]; then
perl -pi -e "s|^queue_run_max=5$|queue_run_max=${CPU_CORES}|g" ${EXIM_CONF_DEFAULT}
fi
if [ "${IPV6}" = "0" ]; then
perl -pi -e 's|disable_ipv6=false|disable_ipv6=true|' ${EXIM_CONF_DEFAULT}
else
perl -pi -e 's|disable_ipv6=true|disable_ipv6=false|' ${EXIM_CONF_DEFAULT}
fi
else
echo "";
echo "${boldon}*** ${EXIM_CONF_DEFAULT} does not exist or is empty ***${boldoff}";
echo "";
fi
doSslConfigurationEmail
if [ ! -s /etc/exim.variables.conf ] && [ -s ${EXIM_CONF_DEFAULT} ]; then
/bin/cp -f ${EXIM_CONF_DEFAULT} /etc/exim.variables.conf
fi
########################################
#need to do a merge here with exim.variables.conf.default and exim.variables.conf.custom, and save to exim.variables.conf
echo '#Do not edit this file directly' > ${EXIM_CONF_MERGED}
echo "#edit ${EXIM_CONF_CUSTOM}" >> ${EXIM_CONF_MERGED}
#because anything from custom, include extras (not in default), will always go in.
if [ -s ${EXIM_CONF_CUSTOM} ]; then
cat ${EXIM_CONF_CUSTOM} >> ${EXIM_CONF_MERGED}
fi
while read line; do
i=`echo $line | cut -d= -f1 | xargs`
if [ -e ${EXIM_CONF_CUSTOM} ]; then
if [ "`grep -m1 -c "^${i}[ ]*=" ${EXIM_CONF_CUSTOM}`" = "1" ]; then
continue
fi
fi
VALUE="`grep -m1 "^${i}[ ]*=" ${EXIM_CONF_DEFAULT} | cut -d= -f2 | xargs`"
if [ ! -z "${i}" ]; then
echo "${i}=${VALUE}" >> ${EXIM_CONF_MERGED}
fi
done < $EXIM_CONF_DEFAULT
mv -f ${EXIM_CONF_MERGED} /etc/exim.variables.conf
MAIL_SNI_OPT=`getDA_Opt mail_sni 1`
if [ "${MAIL_SNI_OPT}" -ge 1 ]; then
REPLACE_EXIM_TLS=false
if grep -m1 -q '^tls_certificate *= */etc/exim.\cert' /etc/exim.variables.conf; then
EXIM_TLS_FILE=/etc/exim.variables.conf
REPLACE_EXIM_TLS=true
elif grep -m1 -q '^tls_certificate *= */etc/exim.\cert' /etc/exim.conf; then
EXIM_TLS_FILE=/etc/exim.conf
REPLACE_EXIM_TLS=true
fi
if ${REPLACE_EXIM_TLS}; then
perl -pi -e 's|^tls_certificate *\= */etc/exim\.cert|tls_certificate=\$\{if exists\{/etc/virtual/snidomains\}\{\$\{lookup\{\$tls_in_sni\}nwildlsearch\{/etc/virtual/snidomains\}\{\$\{if exists\{/usr/local/directadmin/data/users/\$\{extract\{1\}\{:\}\{\$value\}\}/domains/\$\{extract\{2\}\{:\}\{\$value\}\}.cert.combined\}\{/usr/local/directadmin/data/users/\$\{extract\{1\}\{:\}\{\$value\}\}/domains/\$\{extract\{2\}\{:\}\{\$value\}\}.cert.combined\}\{/etc/exim.cert\}\}\}\{/etc/exim.cert\}\}\}\{/etc/exim.cert\}\}|' ${EXIM_TLS_FILE}
perl -pi -e 's|^tls_privatekey *\= */etc/exim\.key|tls_privatekey=\$\{if exists\{/etc/virtual/snidomains\}\{\$\{lookup\{\$tls_in_sni\}nwildlsearch\{/etc/virtual/snidomains\}\{\$\{if exists\{/usr/local/directadmin/data/users/\$\{extract\{1\}\{:\}\{\$value\}\}/domains/\$\{extract\{2\}\{:\}\{\$value\}\}.key\}\{/usr/local/directadmin/data/users/\$\{extract\{1\}\{:\}\{\$value\}\}/domains/\$\{extract\{2\}\{:\}\{\$value\}\}.key\}\{/etc/exim.key\}\}\}\{/etc/exim.key\}\}\}\{/etc/exim.key\}\}|' ${EXIM_TLS_FILE}
fi
fi
if ! grep -m1 -q '^tls_dhparam' /etc/exim.variables.conf; then
if [ ! -s /etc/exim_dh.pem ]; then
ensure_dhparam /etc/exim_dh.pem
chown mail:mail /etc/exim_dh.pem
chmod 400 /etc/exim_dh.pem
fi
if [ -s /etc/exim_dh.pem ]; then
echo 'tls_dhparam = /etc/exim_dh.pem' >> /etc/exim.variables.conf
echo 'tls_dh_max_bits = 4096' >> /etc/exim.variables.conf
fi
fi
EXIM_SRS_CONF=/etc/exim.srs.conf
if ! grep -q '^SRS_SECRET' ${EXIM_SRS_CONF} 2>/dev/null; then
echo -n "SRS_SECRET = " > ${EXIM_SRS_CONF}
/usr/bin/openssl rand -base64 48 >> ${EXIM_SRS_CONF}
fi
safeDownloadWithMove "/etc/exim.pl" "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/exim.pl.${EXIM_PL_VER}"
chmod 755 /etc/exim.pl
if [ ! -e /etc/virtual/limit ]; then
echo "/etc/virtual/limit not found. Creating with a value of 0..."
echo "0" > /etc/virtual/limit
chown mail:mail /etc/virtual/limit
fi
if [ ! -d /etc/virtual/usage ]; then
echo "/etc/virtual/usage not found. Creating..."
mkdir -p /etc/virtual/usage
chown mail:mail /etc/virtual/usage
fi
doEnsureEximFile /etc/virtual/bad_sender_hosts
doEnsureEximFile /etc/virtual/bad_sender_hosts_ip
doEnsureEximFile /etc/virtual/blacklist_domains
doEnsureEximFile /etc/virtual/blacklist_senders
doEnsureEximFile /etc/virtual/whitelist_domains
doEnsureEximFile /etc/virtual/whitelist_hosts
doEnsureEximFile /etc/virtual/whitelist_hosts_ip
doEnsureEximFile /etc/virtual/whitelist_senders
doEnsureEximFile /etc/virtual/use_rbl_domains
doEnsureEximFile /etc/virtual/skip_av_domains
doEnsureEximFile /etc/virtual/skip_rbl_domains
if [ "${PIGEONHOLE_OPT}" = "yes" ]; then
cd ${WORKDIR}
perl -pi -e 's#transport = virtual_localdelivery#transport = dovecot_lmtp_udp#' /etc/exim.conf
fi
if [ "${BLOCKCRACKING_OPT}" = "yes" ]; then
doBlockCracking norestart
else
rm -rf /etc/exim.blockcracking
fi
if [ "${EASY_SPAM_FIGHTER_OPT}" = "yes" ]; then
doEasySpamFighter norestart
else
rm -rf /etc/exim.easy_spam_fighter
fi
if [ "${CAGEFS_OPT}" = "yes" ]; then
echo "force_command" > /etc/exim.cagefs.pipe.conf
echo 'command = /bin/cagefs_enter $address_pipe' >> /etc/exim.cagefs.pipe.conf
chmod 644 /etc/exim.cagefs.pipe.conf
else
rm -f /etc/exim.cagefs.pipe.conf
fi
if [ "${SPAMD_OPT}" = "no" ]; then
rm -f /etc/exim.spamassassin.conf
rm -f /etc/exim.spamd.conf
rm -f /etc/exim.spamd.load.conf
if [ -d /etc/exim/rspamd ]; then
if [ ! -d /etc/exim/rspamd_disabled ]; then
echo "Renaming /etc/exim/rspamd to /etc/exim/rspamd_disabled..."
mv /etc/exim/rspamd /etc/exim/rspamd_disabled
else
echo "Removing old /etc/exim/rspamd directory..."
rm -rf /etc/exim/rspamd
fi
fi
elif [ "${SPAMD_OPT}" = "rspamd" ]; then
# we don't need the below as the spamd_address is in /etc/exim/rspamd/variables.conf.
# echo "Enabling rspamd in /etc/exim.spamd.load.conf..."
# echo 'spamd_address = 127.0.0.1 11333 retry=20s variant=rspamd' > /etc/exim.spamd.load.conf
# cp -fv ${SPAMD_CONF} /etc/exim.spamd.conf
do_rspamd_conf norestart
elif [ "${SPAMD_OPT}" = "spamassassin" ]; then
if [ "`version_cmp ${EXIMCONF_RELEASE_OPT} 4.6 'exim.conf ver check for ACL spam check'`" -lt 0 ]; then
perl -pi -e 's|#.include_if_exists /etc/exim.spamassassin.conf|.include_if_exists /etc/exim.spamassassin.conf|' /etc/exim.conf
if [ ! -s /etc/exim.spamassassin.conf ]; then
safeDownloadWithMove "/etc/exim.spamassassin.conf" "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/exim.spamassassin.conf"
chmod 644 /etc/exim.spamassassin.conf
fi
rm -f /etc/exim.spamd.conf
else
echo "Enabling SpamAssassin in /etc/exim.spamd.load.conf..."
echo 'spamd_address = 127.0.0.1 783 retry=20s' > /etc/exim.spamd.load.conf
cp -fv ${SPAMD_CONF} /etc/exim.spamd.conf
fi
if [ -d /etc/exim/rspamd ]; then
if [ ! -d /etc/exim/rspamd_disabled ]; then
echo "Renaming /etc/exim/rspamd to /etc/exim/rspamd_disabled..."
mv /etc/exim/rspamd /etc/exim/rspamd_disabled
else
echo "Removing old /etc/exim/rspamd directory..."
rm -rf /etc/exim/rspamd
fi
fi
fi
if [ ! -s ${DACONF_FILE} ]; then
DKIM_ENABLED=true
elif /usr/local/directadmin/directadmin c | grep -m1 -q '^dkim=0$'; then
DKIM_ENABLED=false
else
DKIM_ENABLED=true
fi
if ${DKIM_ENABLED}; then
DKIM_SELECTOR="x"
if /usr/local/directadmin/directadmin c | grep -m1 -q '^dkim_selector='; then
DKIM_SELECTOR="`/usr/local/directadmin/directadmin c | grep -m1 '^dkim_selector=' | cut -d'=' -f2`"
fi
if [ "${DKIM_SELECTOR}" = "" ]; then
DKIM_SELECTOR="x"
fi
GET_EXIM_DKIM_CONF=0
if [ ! -s /etc/exim.dkim.conf ]; then
GET_EXIM_DKIM_CONF=1
else
#older versions of exim do not support ret=key in lsearch
EXIMV=`exim_version`
LATEST_DKIM_VER=`getVer exim_dkim_conf`
LIVE_DKIM_VER=`exim_dkim_conf_version`
#if [ "`version_cmp ${LIVE_DKIM_VER} ${LATEST_DKIM_VER} 'exim.dkim.conf version check'`" -lt 0 ]; then
if [ "${LIVE_DKIM_VER}" != "${LATEST_DKIM_VER}" ]; then
GET_EXIM_DKIM_CONF=1
fi
fi
if [ "$GET_EXIM_DKIM_CONF" = "1" ]; then
CUST_EXIM_DKIM_CONF=${CWD}/custom/exim/exim.dkim.conf
if [ -e ${CUST_EXIM_DKIM_CONF} ]; then
echo "${boldon}Copying custom ${CUST_EXIM_DKIM_CONF} to /etc/exim.dkim.conf${boldoff}"
/bin/cp -f ${CUST_EXIM_DKIM_CONF} /etc/exim.dkim.conf
else
safeDownloadWithMove "/etc/exim.dkim.conf" "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/exim.dkim.conf"
fi
fi
chmod 644 /etc/exim.dkim.conf
perl -pi -e "s|dkim_selector \= .*|dkim_selector = ${DKIM_SELECTOR}|g" /etc/exim.dkim.conf
else
rm -f /etc/exim.dkim.conf
fi
if [ "${CLAMAV_EXIM_OPT}" = "yes" ] && [ "${CLAMAV_OPT}" = "yes" ]; then
perl -pi -e 's|#.include_if_exists /etc/exim.clamav.load.conf|.include_if_exists /etc/exim.clamav.load.conf|' /etc/exim.conf
perl -pi -e 's|#.include_if_exists /etc/exim.clamav.conf|.include_if_exists /etc/exim.clamav.conf|' /etc/exim.conf
if [ "${CLAMAV_EXIM_OPT}" = "yes" ]; then
if [ ! -s /etc/exim.clamav.load.conf ]; then
safeDownloadWithMove "/etc/exim.clamav.load.conf" "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/exim.clamav.load.conf"
fi
chmod 644 /etc/exim.clamav.load.conf
if [ ! -s /etc/exim.clamav.conf ]; then
safeDownloadWithMove "/etc/exim.clamav.conf" "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/exim.clamav.conf"
fi
chmod 644 /etc/exim.clamav.conf
fi
else
rm -f /etc/exim.clamav.load.conf
rm -f /etc/exim.clamav.conf
fi
#include magicspam
if [ -x /usr/share/magicspam/bin/activate_module ]; then
/usr/share/magicspam/bin/activate_module
fi
if [ "${SPAMD_OPT}" = "spamassassin" ]; then
set_service spamd ON
elif [ "${SPAMD_OPT}" != "spamassassin" ]; then
set_service spamd delete
fi
if [ "${SPAMD_OPT}" = "rspamd" ]; then
set_service rspamd ON
else
set_service rspamd delete
fi
echo "Restarting exim."
control_service exim restart
COUNT_LMTP=0
if [ -e /etc/exim.conf ]; then
COUNT_LMTP=`grep -c 'transport = dovecot_lmtp_udp' /etc/exim.conf`
fi
if [ ! -e /etc/dovecot/conf/lmtp.conf ] && [ "${COUNT_LMTP}" = "1" ] && [ -e /etc/dovecot/dovecot.conf ]; then
if ! grep -q 'protocol lmtp' /etc/dovecot/dovecot.conf; then
echo "${boldon}WARNING:${boldoff} make sure you have LMTP enabled in dovecot.conf, './build dovecot_conf' should fix it."
fi
fi
writeLog "exim.conf installed"
}
####################################################
compile_mysql_binary() {
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
MYSQLURL=${WEBPATH_SERVICES}/all/mariadb/${MARIADB_OPT}/${MARIADB_VER}
MYSQLSRC=mariadb-${MARIADB_VER}
getFile mariadb/${MARIADB_OPT}/${MARIADB_VER}/${MYSQLSRC}.tar.gz mariadb${MARIADB_OPT} ${MYSQLSRC}.tar.gz
else
MYSQLURL=${WEBPATH_SERVICES}/all/mysql/${MYSQL_OPT}/${MYSQL_VER}
MYSQLSRC=mysql-${MYSQL_VER}
getFile mysql/${MYSQL_OPT}/${MYSQL_VER}/${MYSQLSRC}.tar.gz mysql${MYSQL_OPT} ${MYSQLSRC}.tar.gz
fi
if [ -e ${MYSQLSRC} ]; then
echo "Found old ${MYSQLSRC}, removing ..."
rm -rf ${MYSQLSRC}
fi
echo "Extracting ${MYSQLSRC}.tar.gz ... "
tar xzf ${MYSQLSRC}.tar.gz --no-same-owner
if [ $? -ne 0 ]; then
do_exit 1 "Failed to extract: ${MYSQLSRC}.tar.gz. Exiting..."
fi
cd ${MYSQLSRC}
CFLAGS=-DHAVE_BROKEN_REALPATH
if [ ! -e /usr/lib/libaio.so.1 ] && [ ! -e /lib64/libaio.so.1 ] && [ ! -e /lib/libaio.so.1 ] && [ ! -e /lib/x86_64-linux-gnu/libaio.so.1 ] && [ ! -e /usr/lib/aarch64-linux-gnu/libz.so.1 ] && [ ! -e /lib/i386-linux-gnu/libaio.so.1 ]; then
echo "Cannot find libaio.so.1. Please install libaio"
if [ -e /etc/debian_version ]; then
echo "apt-get install libaio1 libaio-dev"
else
echo "yum install libaio"
fi
return
fi
if [ -e /etc/debian_version ]; then
if [ ! -e /usr/local/cmake ] && [ ! -e /usr/local/bin/cmake ] && [ ! -e /usr/bin/cmake ]; then
echo "Cannot find cmake, please install it."
echo "apt-get install cmake"
echo "If your package manager is not working, see: https://help.directadmin.com/item.php?id=494"
return
fi
fi
if [ -e ${WORKDIR}/custom/mysql/cmake.mysql ]; then
${WORKDIR}/custom/mysql/cmake.mysql
else
CMAKE_APPEND=""
if [ "${MYSQL_OPT}" = "5.7" ] || [ "${MYSQL_OPT}" = "8.0" ]; then
CMAKE_APPEND=" -DDOWNLOAD_BOOST=ON -DWITH_BOOST=/usr/local/boost_mysql -DFORCE_INSOURCE_BUILD=1"
fi
cmake . -DCMAKE_INSTALL_PREFIX=/usr/local/mysql -DWITH_INNOBASE_STORAGE_ENGINE=1 \
-DWITH_FEDERATED_STORAGE_ENGINE=1 -DWITH_SYSTEMD=yes -DWITH_UNIT_TESTS=OFF -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,PERFSCHEMA,SPIDER,SPHINX}=NO -DWITH_SAFEMALLOC=OFF -DMYSQL_MAINTAINER_MODE=OFF \
-DWITH_ZLIB=system -DWITH_EXTRA_CHARSETS=all${CMAKE_APPEND} -G Ninja
fi
echo "Done. Making ${MYSQLSRC}..."
while echo "Trying to make ${MYSQLSRC}..."; do
cmake --build . -- -j${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Packaging ${MYSQLSRC}..."
./scripts/make_binary_distribution
echo "Moving ${MYSQLSRC}-*.tar.gz to ${WORKDIR} ..."
mv -f ${MYSQLSRC}-*.tar.gz ..
cd ..
echo "Done."
writeLog "${MYSQLSRC}.tar.gz compiled"
}
all_databases() {
if [ "$MYSQLUSER" = "" ] || [ "$MYSQLPASSWORD" = "" ]; then
do_exit 1 "all_databases: user or password is blank"
fi
if [ -d ${MYSQL_DATA} ]; then
initMySQL
#Assumes that MYSQLUSER and MYSQLPASSWORD are already set.
CMD="echo 'SHOW DATABASES' | $MYSQL_BIN --defaults-extra-file=${DA_MY_CNF}"
eval $CMD | grep -v '^Database$' | grep -v '^information_schema$' | grep -v '^performance_schema$'
fi
}
doMySQLback() {
if [ "${MYSQL_BACKUP_OPT}" = "yes" ] && [ -d ${MYSQL_DATA} ]; then
initMySQL
MYSQLDUMP=/usr/local/mysql/bin/mysqldump
if [ ! -e $MYSQLDUMP ]; then
MYSQLDUMP=/usr/bin/mysqldump
fi
if [ ! -e $MYSQLDUMP ]; then
if [ -d "${MYSQL_DATA}" ]; then
echo "Cannot find $MYSQLDUMP"
fi
return
fi
if [ ! -d ${MYSQL_BACKUP_DIR_OPT} ]; then
mkdir -p ${MYSQL_BACKUP_DIR_OPT}
fi
chmod 700 ${MYSQL_BACKUP_DIR_OPT}
EXTRA_MYSQLDUMP_OPTIONS=""
if /usr/local/directadmin/directadmin c | grep -m1 -q '^extra_mysqldump_options='; then
EXTRA_MYSQLDUMP_OPTIONS="`/usr/local/directadmin/directadmin c | grep -m1 '^extra_mysqldump_options=' | cut -d'=' -f2-`"
fi
# sysbk code
if [ -d ${MYSQL_DATA} ]; then
cd ${MYSQL_DATA}
for i in `all_databases`; do
printf "\tDumping database $i \n"
printf "\tDumping database $i \n" >> ${WORKDIR}/mysql_backups.log
if [ "${MYSQL_BACKUP_GZIP_OPT}" = "yes" ]; then
$MYSQLDUMP --defaults-extra-file=${DA_MY_CNF} --add-drop-database --databases --routines -f ${EXTRA_MYSQLDUMP_OPTIONS} -l $i | gzip > ${MYSQL_BACKUP_DIR_OPT}/$i.sql.gz
if [ $? -ne 0 ]; then
echo "BACKUP OF ${i} FAILED!"
fi
chmod 660 ${MYSQL_BACKUP_DIR_OPT}/$i.sql.gz
else
$MYSQLDUMP --defaults-extra-file=${DA_MY_CNF} --add-drop-database --databases --routines -f ${EXTRA_MYSQLDUMP_OPTIONS} -l $i > ${MYSQL_BACKUP_DIR_OPT}/$i.sql
if [ $? -ne 0 ]; then
echo "BACKUP OF ${i} FAILED!"
fi
chmod 660 ${MYSQL_BACKUP_DIR_OPT}/$i.sql
fi
done
else
echo "${MYSQL_DATA} directory does not exist, nothing to backup"
fi
fi
}
backup_libmysqlclient() {
if [ ! -e /etc/debian_version ]; then
return
fi
LDD=/usr/bin/ldd
LIB_PATH=/usr/local/mysql/lib
if ${LDD} ${DA_BIN} 2>/dev/null | grep -m1 -q libmysqlclient.so; then
LIB_NAME=`${LDD} ${DA_BIN} 2>/dev/null | grep -m1 'libmysqlclient.so' | awk '{ print $1; }'`
CLIENT_LIB=`${LDD} ${DA_BIN} 2>/dev/null | grep -m1 'libmysqlclient.so' | awk '{ print $3; }'`
if [ -s "${CLIENT_LIB}" ]; then
echo "Backing up ${CLIENT_LIB} to ${WORKDIR}/${LIB_NAME}"
cp -fp ${CLIENT_LIB} ${WORKDIR}/${LIB_NAME}
fi
fi
}
restore_libmysqlclient() {
if [ ! -e /etc/debian_version ]; then
return
fi
LDD=/usr/bin/ldd
LIB_PATH=/usr/local/mysql/lib
if ${LDD} ${DA_BIN} 2>/dev/null | grep -m1 -q 'libmysqlclient.so'; then
LIB_NAME=`${LDD} ${DA_BIN} 2>/dev/null | grep -m1 'libmysqlclient.so' | awk '{ print $1; }'`
CLIENT_LIB=${LIB_PATH}/${LIB_NAME}
if [ ! -s "${CLIENT_LIB}" ]; then
if [ ! -s ${WORKDIR}/${LIB_NAME} ]; then
echo "Cannot find ${WORKDIR}/${LIB_NAME} to restore."
echo "DirectAdmin might crash. If needed, see this guide:"
echo "https://help.directadmin.com/item.php?id=236"
return
fi
cp -fp ${WORKDIR}/${LIB_NAME} ${CLIENT_LIB}
fi
fi
}
#To make sure local-infile is disabled
setup_my_cnf() {
echo "Ensuring local-infile is disabled for security reasons in MySQL configuration file..."
MY_CNF_FILE=/etc/my.cnf
if [ -e ${MY_CNF_FILE} ]; then
if grep -m1 -q -F 'includedir /etc/my.cnf.d' ${MY_CNF_FILE}; then
if [ -e /etc/my.cnf.d/server.cnf ]; then
MY_CNF_FILE=/etc/my.cnf.d/server.cnf
fi
fi
if grep -m1 -q '[mysqld]' ${MY_CNF_FILE}; then
if ! grep -m1 -q 'local-infile' ${MY_CNF_FILE}; then
perl -pi -e 's#\[mysqld\]#[mysqld]\nlocal-infile = 0#' ${MY_CNF_FILE}
fi
else
if ! grep -m1 -q 'local-infile' ${MY_CNF_FILE}; then
echo '[mysqld]' >> ${MY_CNF_FILE}
echo 'local-infile = 0' >> ${MY_CNF_FILE}
fi
fi
if ! grep -m1 -q 'max_allowed_packet' ${MY_CNF_FILE}; then
if ! grep -m1 -q 'max-allowed-packet' ${MY_CNF_FILE}; then
perl -pi -e 's#\[mysqld\]#[mysqld]\nmax_allowed_packet=64M#' ${MY_CNF_FILE}
fi
fi
if [ "${OS_CENTOS_VER}" = "9" ]; then
if ! grep -q '\[client\]' ${MY_CNF_FILE}; then
echo "" >> ${MY_CNF_FILE}
echo "[client]" >> ${MY_CNF_FILE}
echo "socket=/var/lib/mysql/mysql.sock" >> ${MY_CNF_FILE}
elif grep -q '\[client\]' ${MY_CNF_FILE}; then
if ! grep -q '^socket=' ${MY_CNF_FILE}; then
perl -pi -e 's#\[client\]#[client]\nsocket=/var/lib/mysql/mysql.sock#' ${MY_CNF_FILE}
fi
fi
fi
fi
}
ensure_cmake() {
if [ -e /etc/debian_version ]; then
CMAKE_NAME="cmake"
elif [ "${OS_CENTOS_VER}" = "7" ]; then
CMAKE_NAME="cmake3"
else
CMAKE_NAME="cmake"
fi
if [ "${CMAKE_NAME}" = "cmake" ]; then
if [ ! -e /usr/local/cmake ] && [ ! -e /usr/local/bin/cmake ] && [ ! -e /usr/bin/cmake ] && [ ! -e /usr/bin/cmake3 ]; then
echo "Cannot find ${CMAKE_NAME}, installing it..."
if [ -e /etc/debian_version ]; then
echo "apt-get -y install ${CMAKE_NAME}"
else
yum -y install ${CMAKE_NAME}
fi
fi
elif [ ! -e /usr/bin/cmake3 ]; then
yum -y install ${CMAKE_NAME} --enablerepo=${EPEL_REPO_NAME}
fi
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage ninja-build` -ne 0 ]; then
if [ "${OS_CENTOS_VER}" = "9" ]; then
yum -y install ninja-build --enablerepo=crb
elif [ "${OS_CENTOS_VER}" = "8" ]; then
yum -y install ninja-build --enablerepo=${POWERTOOLS}
else
yum -y install ninja-build
fi
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage ninja-build` -ne 0 ]; then
apt-get -y install ninja-build
ldconfig
fi
fi
}
ensure_libnuma() {
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage numactl-devel` -ne 0 ]; then
yum -y install numactl-devel
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage libnuma-dev` -ne 0 ]; then
apt-get -y install libnuma-dev libnuma1
ldconfig
fi
fi
}
ensure_libtirpc() {
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage libtirpc-devel` -ne 0 ]; then
if [ "${OS_CENTOS_VER}" = "9" ]; then
yum -y install libtirpc-devel --enablerepo=crb
else
yum -y install libtirpc-devel
fi
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage libtirpc-dev` -ne 0 ]; then
apt-get -y install libtirpc-dev
ldconfig
fi
fi
}
ensure_rpcgen() {
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage rpcgen` -ne 0 ]; then
if [ "${OS_CENTOS_VER}" = "9" ]; then
yum -y install rpcgen --enablerepo=crb
elif [ "${OS_CENTOS_VER}" = "8" ]; then
yum -y install rpcgen --enablerepo=${POWERTOOLS}
fi
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage rpcsvc-proto` -ne 0 ]; then
apt-get -y install rpcsvc-proto
ldconfig
fi
fi
}
ensure_libpmem() {
if [ ! -e /usr/lib/libpmem.so.1 ] && [ ! -e /usr/lib/i386-linux-gnu/libpmem.so.1 ] && [ ! -e /usr/lib64/libpmem.so.1 ] && [ ! -e /lib64/libpmem.so.1 ] && [ ! -e /lib/libpmem.so.1 ] && [ ! -e /lib/i386-linux-gnu/libpmem.so.1 ] && [ ! -e /usr/lib/x86_64-linux-gnu/libpmem.so.1 ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libpmem.so.1, installing using apt-get..."
apt-get -y install libpmem-dev libpmem1
else
echo "Cannot find libpmem.so.1, installing using yum..."
yum -y install libpmem
fi
fi
}
setup_mysql_root_user() {
cd ${CWD}
if [ "${MYSQLPASSWORD}" = "nothing" ]; then
MYSQLPASSWORD="`random_pass`"
if [ -s ${DA_MYSQL} ]; then
perl -pi -e "s|\=nothing$|=${MYSQLPASSWORD}|g" ${DA_MYSQL}
perl -pi -e "s|\=\"nothing\"$|=\"${MYSQLPASSWORD}\"|g" ${DA_MYSQL}
else
echo "user=da_admin" > ${DA_MYSQL}
echo "passwd=${MYSQLPASSWORD}" >> ${DA_MYSQL}
chown -f diradmin:diradmin ${DA_MYSQL}
chmod -f 400 ${DA_MYSQL}
fi
if [ -s ${DA_MY_CNF} ]; then
perl -pi -e "s|\=\"nothing\"$|=\"${MYSQLPASSWORD}\"|g" ${DA_MY_CNF}
fi
if [ -s /usr/local/directadmin/scripts/setup.txt ]; then
if grep -q '^mysql\=' /usr/local/directadmin/scripts/setup.txt; then
perl -pi -e "s|^mysql\=.*$|mysql=${MYSQLPASSWORD}|g" /usr/local/directadmin/scripts/setup.txt
else
echo "mysql=${MYSQLPASSWORD}" >> /usr/local/directadmin/scripts/setup.txt
fi
fi
fi
if [ -z "${SQL_PATH_IS_SETUP}" ]; then
if ${SQL_PATH_IS_EMPTY}; then
MYSQL_ROOT_PASS=""
ROOT_PASS_SET=true
if [ ! -d ${MYSQL_DATA}/mysql ]; then
echo "${MYSQL_DATA}/mysql does not exist, running clean mysql data installation..."
# Clean /root/.mysql_secret up
echo -n '' > /root/.mysql_secret
mkdir -p ${MYSQL_DATA}
chown mysql:mysql ${MYSQL_DATA}
chmod 711 ${MYSQL_DATA}
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
FORCE_APPEND="--force"
elif [ "${MYSQL_INST_OPT}" = "mysql" ] && [ "${MYSQL_VER_OPT}" = "5.6" ]; then
FORCE_APPEND="--random-password-file=/root/.mysql_secret"
else
FORCE_APPEND=""
fi
if [ -s /etc/debian_version ] || [ "${MYSQL_FORCE_COMPILE_OPT}" = "yes" ] || [ "${OS_CENTOS_VER}" = "9" ]; then
MYSQL_BASEDIR_PATH="/usr/local/mysql"
else
MYSQL_BASEDIR_PATH="/usr"
fi
if [ "${MYSQL_INST_OPT}" = "mysql" ] && [ "${MYSQL_OPT}" != "5.5" ] && [ "${MYSQL_OPT}" != "5.6" ]; then
if [ -x /usr/sbin/mysqld ]; then
MYSQL_ROOT_PASS=`/usr/sbin/mysqld --initialize --user=mysql --basedir=${MYSQL_BASEDIR_PATH} --datadir=${MYSQL_DATA} 2>&1 | grep 'temporary password' | tail -n1 | grep -o 'root@localhost: .*' | awk '{print $2}'`
else
MYSQL_ROOT_PASS=`/usr/local/mysql/bin/mysqld --initialize --user=mysql --basedir=${MYSQL_BASEDIR_PATH} --datadir=${MYSQL_DATA} 2>&1 | grep 'temporary password' | tail -n1 | grep -o 'root@localhost: .*' | awk '{print $2}'`
fi
elif [ -x ${MYSQL_BIN}_install_db ]; then
${MYSQL_BIN}_install_db --user=mysql --basedir=${MYSQL_BASEDIR_PATH} --datadir=${MYSQL_DATA} ${FORCE_APPEND}
elif [ -x /usr/local/mysql/scripts/mysql_install_db ]; then
/usr/local/mysql/scripts/mysql_install_db --user=mysql --basedir=${MYSQL_BASEDIR_PATH} --datadir=${MYSQL_DATA} ${FORCE_APPEND}
fi
if [ -s /root/.mysql_secret ]; then
ROOT_PASS_SET=true
elif [ "${MYSQL_INST_OPT}" = "mysql" ] && [ "${MYSQL_OPT}" = "8.0" ]; then
ROOT_PASS_SET=true
elif [ "${MYSQL_INST_OPT}" = "mysql" ] && [ "${MYSQL_OPT}" = "5.7" ]; then
ROOT_PASS_SET=true
else
ROOT_PASS_SET=false
fi
fi
control_service mysqld start
sleep 5
if [ -z "${MYSQL_ROOT_PASS}" ]; then
if ${ROOT_PASS_SET} && [ -s /root/.mysql_secret ] && [ "${MYSQL_OPT}" != "8.0" ]; then
if find /root/.mysql_secret -mmin -5 -type f 2>/dev/null | grep -m1 -q '/root/.mysql_secret'; then
MYSQL_ROOT_PASS="`grep -o ': .*$' /root/.mysql_secret | cut -d ' ' -f2 | tail -n1`"
if [ "${MYSQL_ROOT_PASS}" = "" ]; then
MYSQL_ROOT_PASS="`tail -n1 /root/.mysql_secret`"
fi
fi
fi
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
if [ "${MYSQL_OPT}" = "5.7" ] || [ "${MYSQL_OPT}" = "8.0" ]; then
if [ -x /bin/journalctl ]; then
MYSQL_ROOT_PASS=`journalctl -xe -u mysqld |grep 'temporary password' | tail -n1 | grep -o 'root@localhost: .*' | awk '{print $2}'`
fi
if [ -s /var/log/mysqld.log ] && [ -z "${MYSQL_ROOT_PASS}" ]; then
MYSQL_ROOT_PASS=`grep 'temporary password' /var/log/mysqld.log | tail -n1 | grep -o 'root@localhost: .*' | awk '{print $2}'`
fi
fi
fi
fi
USE_NEW_SET_PASSWORD=1
MYSQLV=`mysql_main`
INDENTIFIED_WITH_STRING="IDENTIFIED"
#for MySQL 8.0, SET PASSWORD doesn't specify PASSWORD()
if [ "${MYSQLV}" = "5.5" ] || [ "${MYSQLV}" = "5.6" ]; then
USE_NEW_SET_PASSWORD=0
INDENTIFIED_WITH_STRING="IDENTIFIED"
elif [ "${MYSQLV}" = "5.7" ]; then
INDENTIFIED_WITH_STRING="IDENTIFIED"
elif [ "`has_mariadb`" = "1" ]; then
if [ "${MYSQLV}" != "10.3" ] && [ "${MYSQLV}" != "10.4" ] && [ "${MYSQLV}" != "10.5" ] && [ "${MYSQLV}" != "10.6" ]; then
USE_NEW_SET_PASSWORD=0
fi
INDENTIFIED_WITH_STRING="IDENTIFIED"
else
INDENTIFIED_WITH_STRING="IDENTIFIED WITH mysql_native_password"
fi
${MYSQL_BIN}admin --user=root --password="${MYSQL_ROOT_PASS}" password "${MYSQLPASSWORD}" 2>&1 >/dev/null
if [ "$?" != "0" ]; then
echo "Error setting root pass using ${MYSQL_BIN}admin. Trying SET PASSWORD."
if [ "${USE_NEW_SET_PASSWORD}" = "1" ]; then
echo "Setting password: ALTER USER 'root'@'localhost' ${INDENTIFIED_WITH_STRING} BY '${MYSQLPASSWORD}';"
${MYSQL_BIN} --user=root --password="${MYSQL_ROOT_PASS}" -e "ALTER USER 'root'@'localhost' ${INDENTIFIED_WITH_STRING} BY '${MYSQLPASSWORD}';" --host=${MYSQLHOST} >/dev/null 2>&1
else
echo "Setting password: SET PASSWORD FOR 'root'@'localhost' = PASSWORD('${MYSQLPASSWORD}');"
${MYSQL_BIN} --user=root --password="${MYSQL_ROOT_PASS}" -e "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('${MYSQLPASSWORD}');" --host=${MYSQLHOST} >/dev/null 2>&1
fi
if [ "$?" = "0" ]; then
echo "That worked! Root password should be set."
else
echo "*********************************"
echo ""
echo "We seem to have an error when trying to SET PASSWORD FOR 'root'@'localhost'";
echo ""
do_exit 1 "*********************************"
fi
fi
${MYSQL_BIN} --user=root --password='' -e "quit" >/dev/null 2>&1
if [ "$?" = "0" ]; then
echo "MySQL root password seems to be unset, setting using MySQL queries..."
if [ "${USE_NEW_SET_PASSWORD}" = "1" ]; then
echo "Setting password: ALTER USER 'root'@'localhost' ${INDENTIFIED_WITH_STRING} BY '${MYSQLPASSWORD}';"
${MYSQL_BIN} --user=root --password="${MYSQL_ROOT_PASS}" -e "ALTER USER 'root'@'localhost' ${INDENTIFIED_WITH_STRING} BY '${MYSQLPASSWORD}';" --host=${MYSQLHOST} >/dev/null 2>&1
else
echo "Setting password: SET PASSWORD FOR 'root'@'localhost' = PASSWORD('${MYSQLPASSWORD}');"
${MYSQL_BIN} --user=root --password="${MYSQL_ROOT_PASS}" -e "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('${MYSQLPASSWORD}');" --host=${MYSQLHOST} 2>&1 >/dev/null
fi
fi
${MYSQL_BIN} --user=root --password="${MYSQLPASSWORD}" -e "quit" >/dev/null 2>&1
if [ "$?" != "0" ]; then
do_exit 1 "Unable to login using root MySQL credentials. Aborting installation..."
fi
#Creating da_admin user
${MYSQL_BIN} --user=root --password="${MYSQLPASSWORD}" -e "CREATE USER 'da_admin'@'localhost' ${INDENTIFIED_WITH_STRING} BY '${MYSQLPASSWORD}';" 2>&1 >/dev/null
if [ "${USE_NEW_SET_PASSWORD}" = "1" ]; then
${MYSQL_BIN} --user=root --password="${MYSQL_ROOT_PASS}" -e "ALTER USER 'root'@'localhost' ${INDENTIFIED_WITH_STRING} BY '${MYSQLPASSWORD}';" --host=${MYSQLHOST} >/dev/null 2>&1
else
${MYSQL_BIN} --user=root --password="${MYSQL_ROOT_PASS}" -e "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('${MYSQLPASSWORD}');" --host=${MYSQLHOST} >/dev/null 2>&1
fi
${MYSQL_BIN} --user=root --password="${MYSQLPASSWORD}" -e "GRANT ALL PRIVILEGES ON *.* TO 'da_admin'@'localhost' WITH GRANT OPTION;" 2>&1 >/dev/null
#Dropping MySQL test databases
${MYSQL_BIN} --user=root --password="${MYSQLPASSWORD}" -e "DROP DATABASE IF EXISTS test;" 2>&1 >/dev/null
${MYSQL_BIN} --user=root --password="${MYSQLPASSWORD}" -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';" 2>&1 >/dev/null
if [ "${MARIADB_OPT}" != "10.4" ] && [ "${MARIADB_OPT}" != "10.5" ] && [ "${MARIADB_OPT}" != "10.6" ] && [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
${MYSQL_BIN} --user=root --password="${MYSQLPASSWORD}" -e "DELETE FROM mysql.user WHERE User='';" 2>&1 >/dev/null
${MYSQL_BIN} --user=root --password="${MYSQLPASSWORD}" -e "DELETE FROM mysql.user WHERE User='root' AND Host!='localhost';" 2>&1 >/dev/null
${MYSQL_BIN} --user=root --password="${MYSQLPASSWORD}" -e "FLUSH PRIVILEGES;" 2>&1 >/dev/null
fi
SQL_PATH_IS_SETUP="yes"
initMySQL
fi
fi
}
doMySQL() {
if [ "${MYSQL_INST_OPT}" != "yes" ] && [ "${MYSQL_INST_OPT}" != "mariadb" ] && [ "${MYSQL_INST_OPT}" != "mysql" ]; then
do_exit 1 "You cannot install ${MYSQLNAME}, because you do not have it set in options.conf file."
fi
if [ "${MYSQL_INST_OPT}" = "mysql" ] && [ "`has_mariadb`" = "1" ] && [ -e ${MYSQL_BIN} ] && [ -d ${MYSQL_DATA}/mysql ]; then
MYSQL_MAIN="`mysql_main`"
if [ "${MYSQL_MAIN}" != "5.5" ] && [ "${MYSQL_OPT}" != "5.5" ]; then
echo "mysql_inst=mysql is set in the options.conf, but MariaDB is currently installed"
do_exit 1 "If you wish to use MySQL, please install MySQL 5.5 first, and then you'd be able to upgrade to a newer version of it. Please note that MariaDB 10.x migration to MySQL is considered a downgrade and might not work."
fi
fi
if [ "${MYSQL_INST_OPT}" = "mysql" ] && [ -e ${MYSQL_BIN} ] && [ -d ${MYSQL_DATA}/mysql ]; then
MYSQL_MAIN="`mysql_main`"
if [ "${MYSQL_MAIN}" != "${MYSQL_OPT}" ]; then
if ! echo "5.1 ${MYSQL_SET}" | grep -m1 -q "${MYSQL_MAIN} ${MYSQL_OPT}"; then
echo "MySQL ${MYSQL_MAIN} cannot be directly upgraded to ${MYSQL_OPT}"
do_exit 1 "If you wish to upgrade MySQL to ${MYSQL_OPT}, do it in increments, upgrading ${MYSQL_MAIN} to the next version released, and going up until you reach ${MYSQL_OPT}."
fi
fi
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ] && [ -e ${MYSQL_BIN} ] && [ -d ${MYSQL_DATA}/mysql ]; then
MYSQL_MAIN="`mysql_main`"
UPGRADE_TEXT="MySQL ${MYSQL_MAIN} cannot be directly upgraded to MariaDB ${MARIADB_OPT}, as this is considered a downgrade. More info: https://help.directadmin.com/item.php?id=563"
if [ "${MYSQL_MAIN}" = "8.0" ]; then
do_exit 1 "${UPGRADE_TEXT}"
elif [ "${MYSQL_MAIN}" = "5.7" ] && [ "${MYSQL_OPT}" = "5.5" ]; then
do_exit 1 "${UPGRADE_TEXT}"
elif [ "${MYSQL_MAIN}" = "5.7" ] && [ "${MYSQL_OPT}" = "10.0" ]; then
do_exit 1 "${UPGRADE_TEXT}"
elif [ "${MYSQL_MAIN}" = "5.7" ] && [ "${MYSQL_OPT}" = "10.1" ]; then
do_exit 1 "${UPGRADE_TEXT}"
fi
fi
if ! grep -m1 -q 'mysql' /etc/group; then
addUserGroup mysql mysql
fi
if [ ! -d /var/run/mysqld ]; then
mkdir -p /var/run/mysqld
chown -R mysql:mysql /var/run/mysqld
chmod 700 /var/run/mysqld
fi
doMySQLback
if [ ! -e /root/.skip_mysql_install ]; then
#setup a basic my.cnf file.
MYCNF=/etc/my.cnf
if [ ! -e $MYCNF ]; then
echo "[mysqld]" > $MYCNF
echo "local-infile=0" >> $MYCNF
echo "innodb_file_per_table" >> $MYCNF
#we don't want conflicts
if [ -e /etc/debian_version ]; then
echo "" >> $MYCNF
echo "[client]" >> $MYCNF
echo "socket=/usr/local/mysql/data/mysql.sock" >> $MYCNF
if [ -d /etc/mysql ]; then
mv /etc/mysql /etc/mysql.moved
fi
fi
if [ "${OS_CENTOS_VER}" = "9" ]; then
echo "" >> $MYCNF
echo "[client]" >> $MYCNF
echo "socket=/var/lib/mysql/mysql.sock" >> $MYCNF
fi
fi
fi
cd ${CWD}
SQL_PATH=${CWD}/mysql
mkdir -p ${SQL_PATH}
set_service mysqld OFF
initMySQL
NEW_MYSQLCHECK_ARGS=false
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
if [ "${MYSQL_OPT}" = "5.7" ] || [ "${MYSQL_OPT}" = "8.0" ]; then
NEW_MYSQLCHECK_ARGS=true
fi
fi
if ${NEW_MYSQLCHECK_ARGS}; then
MYSQLCHECK_ARGS="-A"
else
MYSQLCHECK_ARGS="--fix-db-names --fix-table-names -A"
fi
MYSQL_DETECT_CORRECT_METHODS=`getDA_Opt mysql_detect_correct_methods 1`
if [ "${MYSQL_DETECT_CORRECT_METHODS}" = "0" ]; then
echo "Setting mysql_detect_correct_methods=1 in directadmin.conf."
setVal mysql_detect_correct_methods 1 ${DACONF_TEMPLATE_FILE}
setVal mysql_detect_correct_methods 1 ${DACONF_FILE}
doRestartDA
fi
if [ -e /etc/debian_version ] || [ "${MYSQL_FORCE_COMPILE_OPT}" = "yes" ] || [ "${OS_CENTOS_VER}" = "9" ]; then
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
#libsystemd-daemon0 and /lib/x86_64-linux-gnu/libsystemd-daemon.so.0
#LINUX_STR=linux-systemd
LINUX_STR=linux-systemd
MACHINE=i686
if [ "${B64}" = "1" ]; then
MACHINE=x86_64
elif [ "${B64}" = "2" ]; then
MACHINE=aarch64
fi
MYSQLURL=${WEBPATH_SERVICES}/all/mariadb/${MARIADB_OPT}/${MARIADB_VER}
MYSQLPACK=mariadb-${MARIADB_VER}-${LINUX_STR}-${MACHINE}
else
LINUX_STR=linux
MACHINE=i686
MYSQLURL=${WEBPATH_SERVICES}/all/mysql/${MYSQL_OPT}/${MYSQL_VER}
LINUX_STR=linux-glibc2.12
if [ "${B64}" = "1" ]; then
MYSQLURL=${MYSQLURL}/64-bit
MACHINE=x86_64
elif [ "${B64}" = "1" ] && [ "${MYSQL_OPT}" = "8.0" ]; then
MYSQLURL=${MYSQLURL}/32-bit
elif [ "${B64}" = "1" ] && [ "${MYSQL_OPT}" = "5.7" ]; then
MYSQLURL=${MYSQLURL}/32-bit
elif [ "${B64}" = "1" ] && [ "${MYSQL_OPT}" = "5.6" ]; then
MYSQLURL=${MYSQLURL}/32-bit
elif [ "${B64}" = "1" ] && [ "${MYSQL_OPT}" = "5.5" ]; then
MYSQLURL=${MYSQLURL}/32-bit
fi
MYSQLPACK=mysql-${MYSQL_VER}-${LINUX_STR}-${MACHINE}
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ] && [ "${MARIADB_OPT}" = "10.6" ]; then
ensure_libpmem
fi
#debian needs libnuma1 now, as well: libnuma-dev libnuma1
ensure_libnuma
ensure_libtirpc
ensure_rpcgen
cd /usr/local
if [ "${MYSQL_OPT}" = "8.0" ] && [ "${MYSQL_INST_OPT}" = "mysql" ]; then
MYSQL_PACK_EXT="tar.xz"
MYSQL_EXTRACT_OPT="xJf"
MYSQL_CONTENT_OPT="tJf"
else
MYSQL_PACK_EXT="tar.gz"
MYSQL_EXTRACT_OPT="xzf"
MYSQL_CONTENT_OPT="tzf"
fi
if [ "${MYSQL_FORCE_COMPILE_OPT}" != "yes" ]; then
if [ ! -s ${MYSQLPACK}.${MYSQL_PACK_EXT} ]; then
safeDownloadWithMove "/usr/local/${MYSQLPACK}.${MYSQL_PACK_EXT}" "${MYSQLURL}/${MYSQLPACK}.${MYSQL_PACK_EXT}"
fi
fi
if [ ! -s "/usr/local/${MYSQLPACK}.${MYSQL_PACK_EXT}" ]; then
MYSQL_FORCE_COMPILE_OPT=yes
fi
if [ "${MYSQL_FORCE_COMPILE_OPT}" = "yes" ]; then
ensure_cmake
if [ ! -e /usr/include/curses.h ] && [ ! -e /usr/local/include/curses.h ]; then
echo "Cannot find ncurses, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install libncurses-dev
else
yum -y install ncurses-devel
fi
fi
echo "Attempting to compile a package from source..."
cd ${CWD}
compile_mysql_binary
cd ${CWD}
if [ ! -s ${MYSQLPACK}.${MYSQL_PACK_EXT} ]; then
#sometimes it's linux, sometimes it's linux2.6.. sometimes it's just linux.
#Debian 6 was kernel 2.6, but when 5.6 is compiled, is linux. 5.5 is linux. Consistent? no.
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
PACK_PRE=mariadb-${MARIADB_VER}
else
PACK_PRE=mysql-${MYSQL_VER}
fi
BINPACK=`ls ${PACK_PRE}-*aarch64.${MYSQL_PACK_EXT} ${PACK_PRE}-*i386.${MYSQL_PACK_EXT} ${PACK_PRE}-*i686.${MYSQL_PACK_EXT} ${PACK_PRE}-*i486.${MYSQL_PACK_EXT} ${PACK_PRE}-*x86_64.${MYSQL_PACK_EXT} 2>/dev/null | head -n 1`
if [ "$BINPACK" = "" ]; then
do_exit 1 "Cannot find ${MYSQLPACK} package for installation"
fi
echo "Found created package: $BINPACK"
GLIBC14_BINPACK=`echo $BINPACK | grep -c 'linux-glibc_214'`
if [ ${GLIBC14_BINPACK} -gt 0 ]; then
LINUX_STR=`echo $BINPACK | cut -d- -f3,4`
MACHINE=`echo $BINPACK | cut -d- -f5 | cut -d. -f1`
else
LINUX_STR=`echo $BINPACK | cut -d- -f3`
MACHINE=`echo $BINPACK | cut -d- -f4 | cut -d. -f1`
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
MYSQLPACK=mariadb-${MARIADB_VER}-${LINUX_STR}-${MACHINE}
else
MYSQLPACK=mysql-${MYSQL_VER}-${LINUX_STR}-${MACHINE}
fi
fi
mv -f ${MYSQLPACK}.${MYSQL_PACK_EXT} /usr/local 2>/dev/null
fi
cd /usr/local
#we need the non tar.gz form .. but its not basic, it differs from tar.gz
#since we know the name of the file, we can get its contents which will tell us.
MYSQLPACK_REALNAME=`tar ${MYSQL_CONTENT_OPT} ${MYSQLPACK}.${MYSQL_PACK_EXT} | head -n 1 | cut -d/ -f1`
if [ "${MYSQLPACK_REALNAME}" = "" ]; then
do_exit 1 "MYSQLPACK_REALNAME is invalid: ${MYSQLPACK_REALNAME}. Exiting..."
fi
echo "Stopping mysqld ..."
control_service mysqld stop
if systemctl is-active --quiet mysqld; then
echo "Service didn't get stopped, sleeping for 20 secs and re-trying ..."
sleep 20
echo "Stopping mysqld ..."
control_service mysqld stop
fi
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
if [ "${MYSQL_OPT}" = "5.7" ]; then
MYSQL_SYSTEMD=${CB_SYSTEMD}/mysqld57.service.binary
if [ -e ${CB_CUST_SYSTEMD}/mysqld57.service.binary ]; then
MYSQL_SYSTEMD=${CB_CUST_SYSTEMD}/mysqld57.service.binary
fi
else
MYSQL_SYSTEMD=${CB_SYSTEMD}/mysqld.service.binary
if [ -e ${CB_CUST_SYSTEMD}/mysqld.service.binary ]; then
MYSQL_SYSTEMD=${CB_CUST_SYSTEMD}/mysqld.service.binary
fi
fi
if [ -e /etc/debian_version ] && [ -e ${CB_CUST_SYSTEMD}/mysqld.service.debian ]; then
MYSQL_SYSTEMD=${CB_CUST_SYSTEMD}/mysqld.service.debian
fi
else
MYSQL_SYSTEMD=${CB_SYSTEMD}/mariadb.service.binary
if [ -e ${CB_CUST_SYSTEMD}/mariadb.service.binary ]; then
MYSQL_SYSTEMD=${CB_CUST_SYSTEMD}/mariadb.service.binary
fi
fi
cp -pf ${MYSQL_SYSTEMD} ${SYSTEMDDIR}/mysqld.service
if [ -L ${SYSTEMDDIR}/mariadb.service ]; then
rm -f ${SYSTEMDDIR}/mariadb.service
fi
DISABLE_PRIVATETMP=false
if [ -e /proc/1/environ ]; then
if cat /proc/1/environ | tr '\0' '\n' | grep -q ^container=lxc; then
DISABLE_PRIVATETMP=true
fi
fi
if ${DISABLE_PRIVATETMP}; then
echo "LXC detected. Disabling PrivateTmp feature in mysqld.service for MySQL."
perl -pi -e 's#PrivateTmp\=true#PrivateTmp=false#' ${SYSTEMDDIR}/mysqld.service
fi
if [ "${MYSQL_DATA}" != "/var/lib/mysql" ] && [ ! -e /var/lib/mysql ]; then
ln -s "${MYSQL_DATA}" /var/lib/mysql
fi
if [ -d "/home/mysql" ]; then
perl -pi -e 's#ProtectHome\=true#ProtectHome=false#' ${SYSTEMDDIR}/mysqld.service
fi
if [ -e ${SYSTEMDDIR}/mysql.service ]; then
systemctl disable mysql.service
mv -f ${SYSTEMDDIR}/mysql.service ${SYSTEMDDIR}/mysqld.service
systemctl daemon-reload
systemctl enable mysqld.service
fi
systemctl daemon-reload
systemctl enable mysqld.service
backup_libmysqlclient
tar ${MYSQL_EXTRACT_OPT} ${MYSQLPACK}.${MYSQL_PACK_EXT} --no-same-owner --exclude="${MYSQLPACK}/data"
if [ $? -ne 0 ]; then
do_exit 1 "Failed to extract: ${MYSQLPACK}.${MYSQL_PACK_EXT}. Exiting..."
fi
rm -f mysql ${MYSQLPACK}.${MYSQL_PACK_EXT}
ln -s ${MYSQLPACK_REALNAME} mysql
cd mysql
chown -R mysql:mysql /usr/local/mysql
chown -R mysql:mysql /usr/local/${MYSQLPACK_REALNAME}
if [ -e my.cnf ]; then
mv -f my.cnf my.cnf.orig
fi
if [ -d data ]; then
rm -rf data
fi
ln -s ${MYSQL_DATA} ./data 2>/dev/null
for i in `ls /usr/local/mysql/bin`; do {
if [ ! -e /usr/local/bin/${i} ]; then
echo "Linking /usr/local/mysql/bin/${i} -> /usr/local/bin/${i}..."
ln -s /usr/local/mysql/bin/${i} /usr/local/bin/${i}
chown -h mysql. /usr/local/bin/${i}
fi
};
done
if [ -d ${MYSQL_DATA} ]; then
chown -R mysql:mysql ${MYSQL_DATA}
fi
MYSQLPATH="`echo ${PATH} | grep /usr/local/mysql/bin | wc -l`"
if [ "${MYSQLPATH}" -eq 0 ]; then
export PATH=${PATH}:/usr/local/mysql/bin
fi
if [ -d /etc/mysql ]; then
if [ ! -L /etc/mysql/my.cnf ]; then
mv -f /etc/mysql/my.cnf /etc/mysql/my.cnf.back
ln -s /etc/my.cnf /etc/mysql/my.cnf
fi
fi
if [ "${OS_CENTOS_VER}" = "9" ]; then
if [ ! -e /usr/lib64/libncurses.so.5 ] && [ -e /usr/lib64/libncurses.so.6 ]; then
#no libncurses-compat-libs there, symlinking .6 to .5 does the trick
ln -sf /usr/lib64/libncurses.so.6 /usr/lib64/libncurses.so.5
fi
if [ ! -e /usr/lib64/libtinfo.so.5 ] && [ -e /usr/lib64/libtinfo.so.6 ]; then
#no libncurses-compat-libs there, symlinking .6 to .5 does the trick
ln -sf /usr/lib64/libtinfo.so.6 /usr/lib64/libtinfo.so.5
fi
fi
setup_my_cnf
if ! ${SQL_PATH_IS_EMPTY}; then
control_service mysqld start
echo "Giving mysqld a few seconds to start up..."
sleep 5
if ! /usr/local/mysql/bin/mysql --defaults-extra-file=${DA_MY_CNF} -e "select 1" >/dev/null 2>&1; then
echo "Giving mysqld a another few seconds to start up..."
sleep 10
fi
if ! /usr/local/mysql/bin/mysql --defaults-extra-file=${DA_MY_CNF} -e "select 1" >/dev/null 2>&1; then
echo "Giving mysqld last 20 seconds to start up..."
sleep 20
fi
if [ -e /usr/local/mysql/bin/mysql_upgrade ]; then
if ! ${SKIP_MYSQL_UPGRADE}; then
MARIADB_SKIP_VERSION_CHECK=
if [ "`/usr/local/mysql/bin/mysql_upgrade --help | grep -c skip-version-check`" -gt 0 ]; then
MARIADB_SKIP_VERSION_CHECK=--skip-version-check
fi
/usr/local/mysql/bin/mysql_upgrade --defaults-extra-file=${DA_MY_CNF} ${MARIADB_SKIP_VERSION_CHECK}
if [ "$?" -ne 0 ]; then #Ticket 23399
echo "${boldon}Error running '/usr/local/mysql/bin/mysql_upgrade --defaults-extra-file=${DA_MY_CNF} ${MARIADB_SKIP_VERSION_CHECK}'${boldoff}"
sleep 10
fi
fi
elif [ -e /usr/local/mysql/bin/mysql_fix_privilege_tables ]; then
/usr/local/mysql/bin/mysql_fix_privilege_tables --defaults-extra-file=${DA_MY_CNF}
fi
fi
restore_libmysqlclient
#mysql 5.5.11 changed to libmysqlclient.so.18 from libmysqlclient.so.16
if [ "${MYSQL_INST_OPT}" != "mariadb" ]; then
if [ "${MYSQL_OPT}" = "5.5" ] || [ "${MYSQL_OPT}" = "5.6" ]; then
if [ -e /usr/local/directadmin/directadmin ]; then
if ldd /usr/local/directadmin/directadmin | grep -m1 -q 'libmysqlclient.so.16'; then
if [ ! -e /usr/local/mysql/lib/libmysqlclient.so.16 ] && [ -e /usr/local/mysql/lib/libmysqlclient.so.18 ]; then
echo "*** Linking libmysqlclient.so.16 to libmysqlclient.so.18"
ln -s libmysqlclient.so.18 /usr/local/mysql/lib/libmysqlclient.so.16
ldconfig
fi
fi
if ldd /usr/local/directadmin/directadmin | grep -m1 -q 'libmysqlclient.so.18'; then
if [ ! -e /usr/local/mysql/lib/libmysqlclient.so.18 ] && [ -e /usr/local/mysql/lib/libmysqlclient.so.16 ]; then
echo "*** Linking libmysqlclient.so.18 to libmysqlclient.so.16"
ln -s libmysqlclient.so.16 /usr/local/mysql/lib/libmysqlclient.so.18
ldconfig
fi
fi
fi
fi
fi
if ${SQL_PATH_IS_EMPTY}; then
setup_mysql_root_user
fi
set_service mysqld ON
writeLog "${MYSQLPACK} installed"
else
if [ "${MYSQL_OPT}" = "5.5" ] || [ "${MYSQL_OPT}" = "5.6" ] || [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
if [ ! -e /usr/lib/libaio.so.1 ] && [ ! -e /usr/lib64/libaio.so.1 ] && [ ! -e /lib64/libaio.so.1 ] && [ ! -e /lib/libaio.so.1 ] && [ ! -e /lib/i386-linux-gnu/libaio.so.1 ]; then
echo "Cannot find libaio.so.1, installing using yum..."
yum -y install libaio
fi
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ] && [ "${MARIADB_OPT}" = "10.6" ]; then
ensure_libpmem
fi
ensure_libnuma
ensure_libtirpc
ensure_rpcgen
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
MYSQL_NAME=MySQL
if [ "${OS_CENTOS_VER}" = "7" ]; then
MYSQL_EXT_OS=el7
elif [ "${OS_CENTOS_VER}" = "8" ]; then
MYSQL_EXT_OS=el8
fi
MYSQLURL=all/mysql/${MYSQL_OPT}/${MYSQL_VER}/64-bit
MYSQL_EXT=${MYSQL_EXT_OS}.x86_64
if [ "${MYSQL_OPT}" != "5.5" ] && [ "${MYSQL_OPT}" != "5.6" ]; then
MYSQL_NAME=mysql-community
fi
MYSQLCLIENT=${MYSQL_NAME}-client-${MYSQL_VER}-1.$MYSQL_EXT.rpm
MYSQLDEVEL=${MYSQL_NAME}-devel-${MYSQL_VER}-1.$MYSQL_EXT.rpm
MYSQLSERVER=${MYSQL_NAME}-server-${MYSQL_VER}-1.$MYSQL_EXT.rpm
MYSQLSHARED=${MYSQL_NAME}-shared-${MYSQL_VER}-1.$MYSQL_EXT.rpm
if [ "${MYSQL_OPT}" = "5.7" ] || [ "${MYSQL_OPT}" = "8.0" ]; then
MYSQLLIBS=${MYSQL_NAME}-libs-${MYSQL_VER}-1.$MYSQL_EXT.rpm
if [ "${OS_CENTOS_VER}" = "7" ]; then
MYSQLLIBSCOMPAT=${MYSQL_NAME}-libs-compat-${MYSQL_VER}-1.$MYSQL_EXT.rpm
fi
MYSQLCOMMON=${MYSQL_NAME}-common-${MYSQL_VER}-1.$MYSQL_EXT.rpm
fi
else
MYSQLURL=all/mariadb/${MARIADB_OPT}/${MARIADB_VER}
if [ "${OS_CENTOS_VER}" = "7" ]; then
RPM_FILE_LIST="centos7-64.txt"
else
RPM_FILE_LIST="centos8-64.txt"
fi
if [ ! -s mysql/${RPM_FILE_LIST} ]; then
getFile ${MYSQLURL}/${RPM_FILE_LIST} "" mysql/${RPM_FILE_LIST}
fi
if ! grep -m1 -q "MariaDB-${MARIADB_VER}-" mysql/${RPM_FILE_LIST}; then
rm -f mysql/${RPM_FILE_LIST}
getFile ${MYSQLURL}/${RPM_FILE_LIST} "" mysql/${RPM_FILE_LIST}
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
if [ "${MARIADB_OPT}" != "5.5" ] && [ "${MARIADB_OPT}" != "10.0" ]; then
GALERA_VER=`getVer galera_versions`
if [ "${OS_CENTOS_VER}" = "7" ]; then
LIBJEMALLOC_VER=`getVer jemalloc_versions`
LIBJEMALLOC_FILE=jemalloc-${LIBJEMALLOC_VER}-1.el7.x86_64.rpm
LIBJEMALLOC_DEV_FILE=jemalloc-devel-${LIBJEMALLOC_VER}-1.el7.x86_64.rpm
GALERA_FILE=galera-4-${GALERA_VER}-1.el7.centos.x86_64.rpm
else
GALERA_FILE=galera-4-${GALERA_VER}-1.el8.x86_64.rpm
fi
fi
fi
MYSQLCLIENT=`get_line_from_file "MariaDB-.*client.*.rpm" mysql/${RPM_FILE_LIST}`
MYSQLDEVEL=`get_line_from_file "MariaDB-.*devel.*.rpm" mysql/${RPM_FILE_LIST}`
MYSQLSERVER=`get_line_from_file "MariaDB-.*server.*.rpm" mysql/${RPM_FILE_LIST}`
MYSQLSHARED=`get_line_from_file "MariaDB-.*shared.*.rpm" mysql/${RPM_FILE_LIST}`
MYSQLCOMMON=`get_line_from_file "MariaDB-.*common.*.rpm" mysql/${RPM_FILE_LIST}`
MYSQLBACKUP=`get_line_from_file "MariaDB-.*backup.*.rpm" mysql/${RPM_FILE_LIST}`
if [ "${OS_CENTOS_VER}" = "7" ]; then
MYSQLCOMPAT=`get_line_from_file "MariaDB-.*compat.*.rpm" mysql/${RPM_FILE_LIST}`
HAS_MYSQLCOMPAT=true
else
MYSQLCOMPAT=""
HAS_MYSQLCOMPAT=false
fi
if [ "${MYSQLCLIENT}" = "" ] || [ "${MYSQLCLIENT}" = "" ] || [ "${MYSQLCLIENT}" = "" ] || [ "${MYSQLCLIENT}" = "" ] || [ "${MYSQLCLIENT}" = "" ]; then
do_exit 1 "RPM package set is incomplete. Unable to find names in mysql/${RPM_FILE_LIST}."
fi
fi
cd ${SQL_PATH}
MYSQL57_8x_SET=false
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
if [ "${MYSQL_OPT}" = "5.7" ] || [ "${MYSQL_OPT}" = "8.0" ]; then
MYSQL57_8x_SET=true
fi
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
if [ "${MARIADB_OPT}" != "5.5" ] && [ "${MARIADB_OPT}" != "10.0" ]; then
if [ "${OS_CENTOS_VER}" = "7" ]; then
if [ ! -s ${SQL_PATH}/${LIBJEMALLOC_FILE} ]; then
getFile all/mariadb/jemalloc/${LIBJEMALLOC_VER}/${LIBJEMALLOC_FILE} "" mysql/${LIBJEMALLOC_FILE}
fi
if [ ! -s ${SQL_PATH}/${LIBJEMALLOC_DEV_FILE} ]; then
getFile all/mariadb/jemalloc/${LIBJEMALLOC_VER}/${LIBJEMALLOC_DEV_FILE} "" mysql/${LIBJEMALLOC_DEV_FILE}
fi
fi
if [ ! -s ${SQL_PATH}/${GALERA_FILE} ]; then
getFile all/mariadb/galera/${GALERA_VER}/${GALERA_FILE} "" mysql/${GALERA_FILE}
fi
if [ ! -s ${SQL_PATH}/${MYSQLBACKUP} ]; then
getFile ${MYSQLURL}/${MYSQLBACKUP} "" mysql/${MYSQLBACKUP}
fi
fi
fi
if [ ! -s ${SQL_PATH}/${MYSQLCLIENT} ]; then
getFile ${MYSQLURL}/${MYSQLCLIENT} "" mysql/${MYSQLCLIENT}
fi
if [ ! -s ${SQL_PATH}/${MYSQLDEVEL} ]; then
getFile ${MYSQLURL}/${MYSQLDEVEL} "" mysql/${MYSQLDEVEL}
fi
if [ ! -s ${SQL_PATH}/${MYSQLSERVER} ]; then
getFile ${MYSQLURL}/${MYSQLSERVER} "" mysql/${MYSQLSERVER}
fi
if [ ! -s ${SQL_PATH}/${MYSQLSHARED} ]; then
if ! ${MYSQL57_8x_SET}; then
getFile ${MYSQLURL}/${MYSQLSHARED} "" mysql/${MYSQLSHARED}
fi
fi
ADD_MYSQL_LIBS=""
if ${MYSQL57_8x_SET}; then
if [ ! -s ${SQL_PATH}/${MYSQLLIBS} ]; then
getFile ${MYSQLURL}/${MYSQLLIBS} "" mysql/${MYSQLLIBS}
fi
if [ ! -s ${SQL_PATH}/${MYSQLCOMMON} ]; then
getFile ${MYSQLURL}/${MYSQLCOMMON} "" mysql/${MYSQLCOMMON}
fi
if [ "${OS_CENTOS_VER}" = "7" ]; then
if [ ! -s ${SQL_PATH}/${MYSQLLIBSCOMPAT} ]; then
getFile ${MYSQLURL}/${MYSQLLIBSCOMPAT} "" mysql/${MYSQLLIBSCOMPAT}
fi
ADD_MYSQL_LIBS="${MYSQLLIBS} ${MYSQLLIBSCOMPAT} ${MYSQLCOMMON}"
else
ADD_MYSQL_LIBS="${MYSQLLIBS} ${MYSQLCOMMON}"
fi
else
ADD_MYSQL_LIBS=${MYSQLSHARED}
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ] || [ "`has_mariadb`" != "0" ]; then
if [ ! -s ${SQL_PATH}/${MYSQLCOMMON} ]; then
getFile ${MYSQLURL}/${MYSQLCOMMON} "" mysql/${MYSQLCOMMON}
fi
if ${HAS_MYSQLCOMPAT}; then
if [ ! -s ${SQL_PATH}/${MYSQLCOMPAT} ]; then
getFile ${MYSQLURL}/${MYSQLCOMPAT} "" mysql/${MYSQLCOMPAT}
fi
fi
fi
cd ${SQL_PATH}
FILE1=${SQL_PATH}/${MYSQLCLIENT}
FILE2=${SQL_PATH}/${MYSQLDEVEL}
FILE3=${SQL_PATH}/${MYSQLSERVER}
FILE4=${SQL_PATH}/${MYSQLSHARED}
if [ "${MYSQL_INST_OPT}" = "mariadb" ] || [ "`has_mariadb`" != "0" ]; then
FILE5=${SQL_PATH}/${MYSQLCOMMON}
if ${HAS_MYSQLCOMPAT}; then
FILE6=${SQL_PATH}/${MYSQLCOMPAT}
fi
if [ "${MARIADB_OPT}" = "10.1" ] || [ "${MARIADB_OPT}" = "10.2" ] || [ "${MARIADB_OPT}" = "10.3" ] || [ "${MARIADB_OPT}" = "10.4" ] || [ "${MARIADB_OPT}" = "10.5" ] || [ "${MARIADB_OPT}" = "10.6" ]; then
FILE10=${SQL_PATH}/${MYSQLBACKUP}
fi
fi
if ${MYSQL57_8x_SET}; then
FILE7=${SQL_PATH}/${MYSQLLIBS}
if [ "${OS_CENTOS_VER}" = "7" ]; then
FILE8=${SQL_PATH}/${MYSQLLIBSCOMPAT}
fi
FILE9=${SQL_PATH}/${MYSQLCOMMON}
fi
checkFile ${FILE1}
checkFile ${FILE2}
checkFile ${FILE3}
if ! ${MYSQL57_8x_SET}; then
checkFile ${FILE4}
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ] ; then
checkFile ${FILE5}
if ${HAS_MYSQLCOMPAT}; then
checkFile ${FILE6}
fi
if [ "${MARIADB_OPT}" = "10.1" ] || [ "${MARIADB_OPT}" = "10.2" ] || [ "${MARIADB_OPT}" = "10.3" ] || [ "${MARIADB_OPT}" = "10.4" ] || [ "${MARIADB_OPT}" = "10.5" ] || [ "${MARIADB_OPT}" = "10.6" ]; then
checkFile ${FILE10}
fi
echo "Installing dependencies..."
if [ "${OS_CENTOS_VER}" = "7" ] || [ "${OS_CENTOS_VER}" = "8" ]; then
CENTOS7_DEPS="boost-program-options perl-Compress-Raw-Bzip2 perl-Compress-Raw-Zlib perl-Compress-Raw-Zlib perl-DBI perl-Data-Dumper perl-IO-Compress perl-Net-Daemon perl-PlRPC lsof nmap rsync pcre2 socat"
if ! rpm -q --quiet ${CENTOS7_DEPS}; then
yum -y install ${CENTOS7_DEPS}
fi
fi
fi
if ${MYSQL57_8x_SET}; then
checkFile ${FILE7}
if [ "${OS_CENTOS_VER}" = "7" ]; then
checkFile ${FILE8}
fi
checkFile ${FILE9}
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
if [ "${MARIADB_OPT}" = "10.1" ] || [ "${MARIADB_OPT}" = "10.2" ] || [ "${MARIADB_OPT}" = "10.3" ] || [ "${MARIADB_OPT}" = "10.4" ] || [ "${MARIADB_OPT}" = "10.5" ] || [ "${MARIADB_OPT}" = "10.6" ]; then
if [ "${OS_CENTOS_VER}" = "7" ]; then
echo "Installing libjemalloc..."
checkFile ${SQL_PATH}/${LIBJEMALLOC_FILE}
checkFile ${SQL_PATH}/${LIBJEMALLOC_DEV_FILE}
rpm -Uhv --nodeps --force ${SQL_PATH}/${LIBJEMALLOC_FILE} ${SQL_PATH}/${LIBJEMALLOC_DEV_FILE}
fi
echo "Installing galera..."
checkFile ${SQL_PATH}/${GALERA_FILE}
rpm -Uhv --nodeps --force ${SQL_PATH}/${GALERA_FILE}
fi
fi
echo "Stopping mysqld ..."
control_service mysqld stop
if systemctl is-active --quiet mysqld; then
echo "Service didn't get stopped, sleeping for 20 secs and re-trying ..."
sleep 20
echo "Stopping mysqld ..."
control_service mysqld stop
fi
#MariaDB renames my.cnf to rpmsave when removing RPMs, if we detect rpmsave before installation, we rename the file: https://mariadb.atlassian.net/browse/MDEV-4954
if [ -e /etc/my.cnf.rpmsave ]; then
mv -f /etc/my.cnf.rpmsave /etc/my.cnf.rpmsave.custombuild
fi
if [ -e /etc/logrotate.d/mysql.rpmsave ]; then
mv -f /etc/logrotate.d/mysql.rpmsave /etc/logrotate.d/mysql.rpmsave.custombuild
fi
if [ -e /etc/logrotate.d/mysql ]; then
mv -f /etc/logrotate.d/mysql /etc/logrotate.d/mysql.rpmsave
fi
if [ -e /etc/my.cnf.d/mysql-clients.cnf.rpmsave ]; then
mv -f /etc/my.cnf.d/mysql-clients.cnf.rpmsave /etc/my.cnf.d/mysql-clients.cnf.rpmsave.custombuild
fi
if [ -e /etc/my.cnf.d/server.cnf.rpmsave ]; then
mv -f /etc/my.cnf.d/server.cnf.rpmsave /etc/my.cnf.d/server.cnf.rpmsave.custombuild
fi
if [ -e /usr/bin/mysql ]; then
MYSQL_MAIN="`mysql_main`"
MYSQL_V="`/usr/bin/mysql --version | grep -m1 -o '[0-9]*\.[0-9]*\.[0-9]*'`"
MYSQL_UPGRADE="`/usr/bin/mysql --version | grep -c MariaDB`"
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
MYSQL_UPGRADE_VER=${MARIADB_OPT}
else
MYSQL_UPGRADE_VER=${MYSQL_OPT}
fi
#Switch from MySQL to MariaDB
if [ "${MYSQL_INST_OPT}" = "mariadb" ] && [ "${MYSQL_UPGRADE}" = "0" ]; then
echo "Upgrading MySQL ${MYSQL_MAIN} to MariaDB ${MARIADB_OPT}"
for i in `rpm -qa | grep -i "^mysql" | grep -v "MySQL-python"`; do
rpm -ev --noscripts $i --nodeps
done
for i in `rpm -qa | grep -i "^mariadb"`; do
rpm -ev --noscripts $i --nodeps
done
if [ "${MARIADB_OPT}" = "10.1" ] || [ "${MARIADB_OPT}" = "10.2" ] || [ "${MARIADB_OPT}" = "10.3" ] || [ "${MARIADB_OPT}" = "10.4" ] || [ "${MARIADB_OPT}" = "10.5" ] || [ "${MARIADB_OPT}" = "10.6" ]; then
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${MYSQLSHARED} ${MYSQLCOMMON} ${MYSQLCOMPAT} ${MYSQLBACKUP}
else
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${MYSQLSHARED} ${MYSQLCOMMON} ${MYSQLCOMPAT}
fi
#Switch from MariaDB to MySQL
elif [ "${MYSQL_INST_OPT}" = "mysql" ] && [ "${MYSQL_UPGRADE}" = "1" ]; then
echo "Upgrading MariaDB ${MYSQL_MAIN} to MySQL ${MYSQL_OPT}"
for i in `rpm -qa | grep -i "^mysql" | grep -v "MySQL-python"`; do
rpm -ev --noscripts $i --nodeps
done
for i in `rpm -qa | grep -i "^mariadb"`; do
rpm -ev --noscripts $i --nodeps
done
if ${MYSQL57_8x_SET}; then
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${ADD_MYSQL_LIBS}
else
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${MYSQLSHARED} ${MYSQLCOMMON} ${MYSQLCOMPAT}
fi
elif [ "${MYSQL_MAIN}" != "${MYSQL_UPGRADE_VER}" ]; then
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
echo "Upgrading ${MYSQLNAME} ${MYSQL_V} to ${MYSQL_VER}"
for i in `rpm -qa | grep -i "^mysql" | grep -v "MySQL-python"`; do
rpm -ev --noscripts $i --nodeps
done
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${ADD_MYSQL_LIBS}
else
echo "Upgrading ${MYSQLNAME} ${MYSQL_V} to ${MARIADB_VER}"
for i in `rpm -qa | grep -i "^mysql" | grep -v "MySQL-python"`; do
rpm -ev --noscripts $i --nodeps
done
for i in `rpm -qa | grep -i "^mariadb"`; do
rpm -ev --noscripts $i --nodeps
done
if [ "${MARIADB_OPT}" = "10.1" ] || [ "${MARIADB_OPT}" = "10.2" ] || [ "${MARIADB_OPT}" = "10.3" ] || [ "${MARIADB_OPT}" = "10.4" ] || [ "${MARIADB_OPT}" = "10.5" ] || [ "${MARIADB_OPT}" = "10.6" ]; then
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${MYSQLSHARED} ${MYSQLCOMMON} ${MYSQLCOMPAT} ${MYSQLBACKUP}
else
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${MYSQLSHARED} ${MYSQLCOMMON} ${MYSQLCOMPAT}
fi
fi
else
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
echo "Updating ${MYSQLNAME} ${MYSQL_V} to ${MYSQL_VER}"
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${ADD_MYSQL_LIBS}
else
#In case mysql=5.5 & mariadb=5.5
for i in `rpm -qa | grep -i "^mysql" | grep -v "MySQL-python"`; do
rpm -ev --noscripts $i --nodeps
done
echo "Updating ${MYSQLNAME} ${MYSQL_V} to ${MARIADB_VER}"
if [ "${MARIADB_OPT}" = "10.1" ] || [ "${MARIADB_OPT}" = "10.2" ] || [ "${MARIADB_OPT}" = "10.3" ] || [ "${MARIADB_OPT}" = "10.4" ] || [ "${MARIADB_OPT}" = "10.5" ] || [ "${MARIADB_OPT}" = "10.6" ]; then
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${MYSQLSHARED} ${MYSQLCOMMON} ${MYSQLCOMPAT} ${MYSQLBACKUP}
else
rpm -Uhv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${MYSQLSHARED} ${MYSQLCOMMON} ${MYSQLCOMPAT}
fi
fi
fi
else
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
echo "Cannot find /usr/bin/mysql, installing MySQL"
rpm -ihv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${ADD_MYSQL_LIBS}
else
echo "Cannot find /usr/bin/mysql, installing MariaDB"
if [ "${MARIADB_OPT}" = "10.1" ] || [ "${MARIADB_OPT}" = "10.2" ] || [ "${MARIADB_OPT}" = "10.3" ] || [ "${MARIADB_OPT}" = "10.4" ] || [ "${MARIADB_OPT}" = "10.5" ] || [ "${MARIADB_OPT}" = "10.6" ]; then
rpm -ihv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${MYSQLSHARED} ${MYSQLCOMMON} ${MYSQLCOMPAT} ${MYSQLBACKUP}
else
rpm -ihv --nodeps --force ${MYSQLCLIENT} ${MYSQLDEVEL} ${MYSQLSERVER} ${MYSQLSHARED} ${MYSQLCOMMON} ${MYSQLCOMPAT}
fi
fi
fi
#Move rpmsave file back to original one: https://mariadb.atlassian.net/browse/MDEV-4954
if [ -e /etc/my.cnf.rpmsave ]; then
if [ -e /etc/my.cnf ]; then
mv -f /etc/my.cnf /etc/my.cnf.rpmnew
fi
mv -f /etc/my.cnf.rpmsave /etc/my.cnf
fi
if [ -e /etc/my.cnf.d/server.cnf.rpmsave ]; then
if [ -e /etc/my.cnf.d/server.cnf ]; then
mv -f /etc/my.cnf.d/server.cnf /etc/my.cnf.d/server.cnf.rpmnew
fi
mv -f /etc/my.cnf.d/server.cnf.rpmsave /etc/my.cnf.d/server.cnf
fi
if [ -e /etc/my.cnf.d/mysql-clients.cnf.rpmsave ]; then
if [ -e /etc/my.cnf.d/mysql-clients.cnf ]; then
mv -f /etc/my.cnf.d/mysql-clients.cnf /etc/my.cnf.d/mysql-clients.cnf.rpmnew
fi
mv -f /etc/my.cnf.d/mysql-clients.cnf.rpmsave /etc/my.cnf.d/mysql-clients.cnf
fi
#Move logrotate file back to original one
if [ -e /etc/logrotate.d/mysql.rpmsave ]; then
if [ -e /etc/logrotate.d/mysql ]; then
mv -f /etc/logrotate.d/mysql /etc/logrotate.d/mysql.rpmnew
fi
mv -f /etc/logrotate.d/mysql.rpmsave /etc/logrotate.d/mysql
fi
MYSQL_SYSTEMD=${CB_SYSTEMD}/mysqld.service
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
MYSQL_SYSTEMD_NAME=mysqld.service
if [ "${MYSQL_OPT}" = "5.7" ] || [ "${MYSQL_OPT}" = "8.0" ]; then
MYSQL_SYSTEMD=${CB_SYSTEMD}/mysqld57.service
if [ ! -s "${MYSQL_SYSTEMD}" ] && [ -s /usr/lib/systemd/system/mysqld.service ]; then
MYSQL_SYSTEMD=/usr/lib/systemd/system/mysqld.service
echo "Using ${MYSQL_SYSTEMD}"
fi
fi
fi
if [ -e ${CB_CUST_SYSTEMD}/mysqld.service ]; then
MYSQL_SYSTEMD=${CB_CUST_SYSTEMD}/mysqld.service
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
MYSQL_SYSTEMD_NAME=mariadb.service
if [ "${MARIADB_OPT}" = "10.1" ] || [ "${MARIADB_OPT}" = "10.2" ] || [ "${MARIADB_OPT}" = "10.3" ] || [ "${MARIADB_OPT}" = "10.4" ] || [ "${MARIADB_OPT}" = "10.5" ] || [ "${MARIADB_OPT}" = "10.6" ]; then
MYSQL_SYSTEMD=${CB_SYSTEMD}/mariadb.service
if [ -e ${CB_CUST_SYSTEMD}/mariadb.service ]; then
MYSQL_SYSTEMD=${CB_CUST_SYSTEMD}/mariadb.service
fi
else
MYSQL_SYSTEMD=${CB_SYSTEMD}/mariadb55.service
if [ -e ${CB_CUST_SYSTEMD}/mariadb55.service ]; then
MYSQL_SYSTEMD=${CB_CUST_SYSTEMD}/mariadb55.service
fi
fi
fi
if [ -e ${SYSTEMDDIR}/mysqld.service ] || [ -L ${SYSTEMDDIR}/mysqld.service ]; then
rm -f ${SYSTEMDDIR}/mysqld.service
fi
if [ -e ${SYSTEMDDIR}/mariadb.service ] || [ -L ${SYSTEMDDIR}/mariadb.service ]; then
rm -f ${SYSTEMDDIR}/mariadb.service
fi
if [ -e ${SYSTEMDDIR}/mysql.service ] || [ -L ${SYSTEMDDIR}/mysql.service ]; then
rm -f ${SYSTEMDDIR}/mysql.service
fi
cp -pf ${MYSQL_SYSTEMD} ${SYSTEMDDIR}/${MYSQL_SYSTEMD_NAME}
MYSQL_SYSTEMD_WAIT=${CB_SYSTEMD}/scripts/mysql-wait-ready
if [ -e ${CB_CUST_SYSTEMD}/scripts/mysql-wait-ready ]; then
MYSQL_SYSTEMD_WAIT=${CB_CUST_SYSTEMD}/scripts/mysql-wait-ready
fi
if [ -d /usr/libexec ]; then
cp -f ${MYSQL_SYSTEMD_WAIT} /usr/libexec/mysql-wait-ready
fi
DISABLE_PRIVATETMP=false
if [ -e /proc/1/environ ]; then
if cat /proc/1/environ | tr '\0' '\n' | grep -q ^container=lxc; then
DISABLE_PRIVATETMP=true
fi
fi
if ${DISABLE_PRIVATETMP}; then
echo "LXC detected. Disabling PrivateTmp feature in mysqld.service for MySQL."
perl -pi -e 's#PrivateTmp \= true#PrivateTmp = false#' ${SYSTEMDDIR}/${MYSQL_SYSTEMD_NAME}
fi
systemctl daemon-reload
systemctl enable ${MYSQL_SYSTEMD_NAME}
setup_my_cnf
if ! ${SQL_PATH_IS_EMPTY}; then
control_service mysqld start
echo "Giving mysqld a few seconds to start up..."
sleep 5
if ! /usr/bin/mysql --defaults-extra-file=${DA_MY_CNF} -e "select 1" >/dev/null 2>&1; then
echo "Giving mysqld a another few seconds to start up..."
sleep 10
fi
if ! /usr/bin/mysql --defaults-extra-file=${DA_MY_CNF} -e "select 1" >/dev/null 2>&1; then
echo "Giving mysqld last 20 seconds to start up..."
sleep 20
fi
if ! ${SKIP_MYSQL_UPGRADE}; then
if [ -e /usr/bin/mysql_upgrade ]; then
/usr/bin/mysql_upgrade --defaults-extra-file=${DA_MY_CNF}
elif [ -e /usr/bin/mysql_fix_privilege_tables ]; then
/usr/bin/mysql_fix_privilege_tables --defaults-extra-file=${DA_MY_CNF}
fi
fi
if [ -e /usr/bin/mysqlcheck ]; then
/usr/bin/mysqlcheck --defaults-extra-file=${DA_MY_CNF} ${MYSQLCHECK_ARGS}
fi
# Fixing "gcc: /usr/lib/mysql/libmysqlclient.so: No such file or directory"
if [ -d /usr/lib/mysql ] && [ -s /usr/lib/libmysqlclient.so ] && [ -d /usr/lib/mysql/ ]; then
cp -f /usr/lib/libmysqlclient.* /usr/lib/mysql/
fi
fi
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
writeLog "${MYSQL_INST_OPT} ${MARIADB_VER} installed"
else
writeLog "${MYSQL_INST_OPT} ${MYSQL_VER} installed"
fi
fi
if [ -e /etc/my.cnf ] && [ ! -h /etc/mysql/my.cnf ] && [ -d /etc/mysql ]; then
mv /etc/mysql/my.cnf /etc/mysql/my.cnf.backup
ln -sf /etc/my.cnf /etc/mysql/my.cnf
fi
if ${SQL_PATH_IS_EMPTY}; then
setup_mysql_root_user
fi
set_service mysqld ON
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "Restarting MySQL."
control_service mysqld restart
if [ "${MYSQL_INST_OPT}" = "mariadb" ]; then
if [ "${MARIADB_OPT}" = "5.5" ] || [ "${MARIADB_OPT}" = "5.6" ] || [ "${MARIADB_OPT}" = "10.1" ] || [ "${MARIADB_OPT}" = "10.2" ] || [ "${MARIADB_OPT}" = "10.3" ]; then
MAX_USERNAME_LENGTH=`${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} -e "select CHARACTER_MAXIMUM_LENGTH from information_schema.columns where table_schema = 'mysql' AND table_name = 'user' AND COLUMN_NAME = 'User';" -sss 2>/dev/null`
if [ "${MAX_USERNAME_LENGTH}" = "16" ]; then
echo "Increasing Max Username Length from 16 to 80..."
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.user MODIFY User CHAR(80) BINARY NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.db MODIFY User CHAR(80) BINARY NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.tables_priv MODIFY User CHAR(80) BINARY NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.columns_priv MODIFY User CHAR(80) BINARY NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.procs_priv MODIFY User CHAR(80) BINARY NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.proc MODIFY definer CHAR(141) COLLATE utf8_bin NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.event MODIFY definer CHAR(141) COLLATE utf8_bin NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.proxies_priv MODIFY User CHAR(80) COLLATE utf8_bin NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.proxies_priv MODIFY Proxied_user CHAR(80) COLLATE utf8_bin NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.proxies_priv MODIFY Grantor CHAR(141) COLLATE utf8_bin NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.servers MODIFY Username CHAR(80) NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.procs_priv MODIFY Grantor CHAR(141) COLLATE utf8_bin NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "ALTER TABLE mysql.tables_priv MODIFY Grantor CHAR(141) COLLATE utf8_bin NOT NULL DEFAULT '';"
${MYSQL_BIN} --defaults-extra-file=${DA_MY_CNF} mysql -e "FLUSH PRIVILEGES;"
fi
fi
fi
echo "Installation completed."
cd ${CWD}
}
####################################################
doPhpIni() {
if [ "${PHP_INI_OPT}" = "no" ]; then
do_exit 1 "Cannot install php.ini because it is not set in options.conf."
fi
getFile php-${PHP1_RELEASE_VER}.tar.gz php${PHP1_SHORTRELEASE}
FILE=${CWD}/php-${PHP1_RELEASE_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
cd php-${PHP1_RELEASE_VER}
if [ $? -ne 0 ]; then
do_exit 1 "Failed to change directory to: php-${PHP1_RELEASE_VER}. Exiting..."
fi
COUNT=`grep -m1 -c '^date.timezone' php.ini-${PHP_INI_TYPE_OPT}`
COUNT2=`grep -m1 -c ';date.timezone' php.ini-${PHP_INI_TYPE_OPT}`
if [ "$COUNT" -eq 0 ] && [ "$COUNT2" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to php.ini, please change it by yourself to fit your own needs.${boldoff}"
echo "date.timezone = \"${PHP_TIMEZONE_OPT}\"" >> php.ini-${PHP_INI_TYPE_OPT}
elif [ "$COUNT" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to php.ini, please change it by yourself to fit your own needs.${boldoff}"
perl -pi -e "s#;date.timezone.*#date.timezone = \"${PHP_TIMEZONE_OPT}\"#" php.ini-${PHP_INI_TYPE_OPT}
fi
/usr/bin/perl -pi -e 's/upload_max_filesize = 2M/upload_max_filesize = 64M/' php.ini-${PHP_INI_TYPE_OPT}
/usr/bin/perl -pi -e 's/post_max_size = 8M/post_max_size = 64M/' php.ini-${PHP_INI_TYPE_OPT}
#short_open_tag: https://help.directadmin.com/item.php?id=438
perl -pi -e 's/^short_open_tag = Off/short_open_tag = On/' php.ini-${PHP_INI_TYPE_OPT}
if [ "${X_MAIL_HEADER_OPT}" = "yes" ]; then
echo "Enabling mail.add_x_header option in php.ini"
/usr/bin/perl -pi -e 's/mail.add_x_header = Off/mail.add_x_header = On/' php.ini-${PHP_INI_TYPE_OPT}
/usr/bin/perl -pi -e 's/mail.add_x_header = 0/mail.add_x_header = On/' php.ini-${PHP_INI_TYPE_OPT}
if ! grep -m1 -q '^mail.add_x_header' php.ini-${PHP_INI_TYPE_OPT}; then
echo "mail.add_x_header = On" >> php.ini-${PHP_INI_TYPE_OPT}
fi
else
echo "Disabling mail.add_x_header option in php.ini"
/usr/bin/perl -pi -e 's/^mail.add_x_header =/;mail.add_x_header =/' php.ini-${PHP_INI_TYPE_OPT}
fi
PHP_INI_VAR=PHP_INI_FPM${PHP1_SHORTRELEASE}
cp -f php.ini-${PHP_INI_TYPE_OPT} $(eval_var ${PHP_INI_VAR})
writeLog "$(eval_var ${PHP_INI_VAR}) installed"
echo "Done for php1_release."
cd ${WORKDIR}
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
PHP_VERSION2_EVAL_VAR=PHP${PHP2_SHORTRELEASE}_VER
PHP_VERSION2_VAR=$(eval_var ${PHP_VERSION2_EVAL_VAR})
getFile php-${PHP2_RELEASE_VER}.tar.gz php${PHP2_SHORTRELEASE}
FILE=${CWD}/php-${PHP2_RELEASE_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
cd php-${PHP2_RELEASE_VER}
COUNT=`grep -m1 -c '^date.timezone' php.ini-${PHP_INI_TYPE_OPT}`
COUNT2=`grep -m1 -c ';date.timezone' php.ini-${PHP_INI_TYPE_OPT}`
if [ "$COUNT" -eq 0 ] && [ "$COUNT2" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to php.ini, please change it by yourself to fit your own needs.${boldoff}"
echo "date.timezone = \"${PHP_TIMEZONE_OPT}\"" >> php.ini-${PHP_INI_TYPE_OPT}
elif [ "$COUNT" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to php.ini, please change it by yourself to fit your own needs.${boldoff}"
perl -pi -e "s#;date.timezone.*#date.timezone = \"${PHP_TIMEZONE_OPT}\"#" php.ini-${PHP_INI_TYPE_OPT}
fi
/usr/bin/perl -pi -e 's/upload_max_filesize = 2M/upload_max_filesize = 64M/' php.ini-${PHP_INI_TYPE_OPT}
/usr/bin/perl -pi -e 's/post_max_size = 8M/post_max_size = 64M/' php.ini-${PHP_INI_TYPE_OPT}
#short_open_tag: https://help.directadmin.com/item.php?id=438
/usr/bin/perl -pi -e 's/^short_open_tag = Off/short_open_tag = On/' php.ini-${PHP_INI_TYPE_OPT}
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
PHP_INI_VAR=PHP_INI_FPM${PHP2_SHORTRELEASE}
cp -f php.ini-${PHP_INI_TYPE_OPT} $(eval_var ${PHP_INI_VAR})
writeLog "$(eval_var ${PHP_INI_VAR}) installed"
fi
echo "Done for php2_release"
fi
cd ${WORKDIR}
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
PHP_VERSION3_EVAL_VAR=PHP${PHP3_SHORTRELEASE}_VER
PHP_VERSION3_VAR=$(eval_var ${PHP_VERSION3_EVAL_VAR})
getFile php-${PHP3_RELEASE_VER}.tar.gz php${PHP3_SHORTRELEASE}
FILE=${CWD}/php-${PHP3_RELEASE_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
cd php-${PHP3_RELEASE_VER}
COUNT=`grep -m1 -c '^date.timezone' php.ini-${PHP_INI_TYPE_OPT}`
COUNT2=`grep -m1 -c ';date.timezone' php.ini-${PHP_INI_TYPE_OPT}`
if [ "$COUNT" -eq 0 ] && [ "$COUNT2" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to php.ini, please change it by yourself to fit your own needs.${boldoff}"
echo "date.timezone = \"${PHP_TIMEZONE_OPT}\"" >> php.ini-${PHP_INI_TYPE_OPT}
elif [ "$COUNT" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to php.ini, please change it by yourself to fit your own needs.${boldoff}"
perl -pi -e "s#;date.timezone.*#date.timezone = \"${PHP_TIMEZONE_OPT}\"#" php.ini-${PHP_INI_TYPE_OPT}
fi
/usr/bin/perl -pi -e 's/upload_max_filesize = 2M/upload_max_filesize = 64M/' php.ini-${PHP_INI_TYPE_OPT}
/usr/bin/perl -pi -e 's/post_max_size = 8M/post_max_size = 64M/' php.ini-${PHP_INI_TYPE_OPT}
#short_open_tag: https://help.directadmin.com/item.php?id=438
/usr/bin/perl -pi -e 's/^short_open_tag = Off/short_open_tag = On/' php.ini-${PHP_INI_TYPE_OPT}
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
PHP_INI_VAR=PHP_INI_FPM${PHP3_SHORTRELEASE}
cp -f php.ini-${PHP_INI_TYPE_OPT} $(eval_var ${PHP_INI_VAR})
writeLog "$(eval_var ${PHP_INI_VAR}) installed"
fi
echo "Done for php3_release"
fi
cd ${WORKDIR}
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
PHP_VERSION4_EVAL_VAR=PHP${PHP4_SHORTRELEASE}_VER
PHP_VERSION4_VAR=$(eval_var ${PHP_VERSION4_EVAL_VAR})
getFile php-${PHP4_RELEASE_VER}.tar.gz php${PHP4_SHORTRELEASE}
FILE=${CWD}/php-${PHP4_RELEASE_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
cd php-${PHP4_RELEASE_VER}
COUNT=`grep -m1 -c '^date.timezone' php.ini-${PHP_INI_TYPE_OPT}`
COUNT2=`grep -m1 -c ';date.timezone' php.ini-${PHP_INI_TYPE_OPT}`
if [ "$COUNT" -eq 0 ] && [ "$COUNT2" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to php.ini, please change it by yourself to fit your own needs.${boldoff}"
echo "date.timezone = \"${PHP_TIMEZONE_OPT}\"" >> php.ini-${PHP_INI_TYPE_OPT}
elif [ "$COUNT" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to php.ini, please change it by yourself to fit your own needs.${boldoff}"
perl -pi -e "s#;date.timezone.*#date.timezone = \"${PHP_TIMEZONE_OPT}\"#" php.ini-${PHP_INI_TYPE_OPT}
fi
/usr/bin/perl -pi -e 's/upload_max_filesize = 2M/upload_max_filesize = 64M/' php.ini-${PHP_INI_TYPE_OPT}
/usr/bin/perl -pi -e 's/post_max_size = 8M/post_max_size = 64M/' php.ini-${PHP_INI_TYPE_OPT}
#short_open_tag: https://help.directadmin.com/item.php?id=438
/usr/bin/perl -pi -e 's/^short_open_tag = Off/short_open_tag = On/' php.ini-${PHP_INI_TYPE_OPT}
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
PHP_INI_VAR=PHP_INI_FPM${PHP4_SHORTRELEASE}
cp -f php.ini-${PHP_INI_TYPE_OPT} $(eval_var ${PHP_INI_VAR})
writeLog "$(eval_var ${PHP_INI_VAR}) installed"
fi
echo "Done for php4_release"
fi
cd ${WORKDIR}
}
####################################################
disable_asm_atomic() {
# for this error:
# /usr/include/mysql/my_global.h:361:24: error: asm/atomic.h: No such file or directory
MY_GLOBAL=/usr/include/mysql/my_global.h
if [ -e /etc/debian_version ]; then
MY_GLOBAL=/usr/local/mysql/include/my_global.h
fi
if [ "${PHP1_RELEASE_OPT}" = "5.3" ] || [ "${PHP2_RELEASE_OPT}" = "5.3" ] || [ "${PHP3_RELEASE_OPT}" = "5.3" ] || [ "${PHP4_RELEASE_OPT}" = "5.3" ]; then
if [ -e ${MY_GLOBAL} ]; then
echo "Disabling asm/atomic in ${MY_GLOBAL}"
perl -pi -e 's#\#include <asm/atomic.h>#//\#include <asm/atomic.h>#' ${MY_GLOBAL}
fi
fi
}
####################################################
doSuPhp() {
getFile suphp-${SUPHP_VER}.tar.gz suphp_current
getFile patches/suphp_calling_user.patch suphp_calling_user.patch patches/suphp_calling_user.patch hexan
getFile patches/suphp_script_name.patch suphp_script_name.patch patches/suphp_script_name.patch hexan
getFile patches/suphp_attachment.patch suphp_attachment.patch patches/suphp_attachment.patch hexan
quitIfLocked doSuPhp
cd ${CWD}
FILE=${CWD}/suphp-${SUPHP_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
mkdir -p /usr/local/suphp/etc
cd suphp-${SUPHP_VER}
patch -p1 < ../patches/suphp_calling_user.patch
patch -p1 < ../patches/suphp_script_name.patch
patch -p1 < ../patches/suphp_attachment.patch
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
patch -p1 < ../suphp-0.7.2-cagefs.am.patch
fi
if [ "${SUPHP_VER}" != "0.7.1" ]; then
echo "re-configuring suphp configure..."
echo "calling aclocal:"
perl -pi -e 's/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/' configure.ac
aclocal
echo "calling libtoolize:"
libtoolize --force
echo "calling automake:"
automake --add-missing
echo "calling autoreconf:"
autoreconf
fi
perl -pi -e 's#"\$major_version" = "2.2"#"\$major_version" = "2.4"#' ./configure
echo "Configuring suphp-${SUPHP_VER}..."
CONF_FILE=${CWD}/${SUPHP_CONFIGURE}
${CONF_FILE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure suPHP. Check the ${SUPHP_CONFIGURE} file\n"
do_exit 1
fi
echo "Done Configuration."
while echo "Trying to make suPHP..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
echo -n -e "\n*** The make has failed, would you like to try to make again? (y,n): "
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make Complete"
if [ -e /usr/lib/apache/mod_suphp.so ]; then
rm -f /usr/lib/apache/mod_suphp.so
fi
while echo "Installing suPHP..."; do
make install
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The install has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
touch /var/log/suphp.log
echo "suPHP ${SUPHP_VER} Installed."
writeLog "suPHP ${SUPHP_VER} installed"
removeLockfile
cd ${CWD}
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
doRemoveSuPhp() {
REMOVED_SUPHP=0
if [ -d /usr/local/suphp ]; then
REMOVED_SUPHP=1
fi
remove_directory /usr/local/suphp
remove_file /var/log/suphp.log
if [ "${REMOVED_SUPHP}" = "1" ]; then
echo "suPHP has been successfully removed."
writeLog "suPHP removed"
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
fi
}
####################################################
set_sendmail_link() {
ln -sfn /usr/sbin/exim /usr/sbin/sendmail
}
####################################################
doExtensions_build() {
EXTENSION_INT_RELEASE=$1
EXTENSION_INT_MODE=$2
EXTENSION_NAME=$3
EXTENSION_SHORT_RELEASE=`echo ${EXTENSION_INT_RELEASE} | tr -d '.'`
if [ "${EXTENSION_NAME}" = "" ]; then
EXTENSION_NAME="all"
fi
OS_EXT=lin
if [ "${EXTENSION_INT_MODE}" = "no" ]; then
do_exit 1 "Cannot build PHP extensions for mode ${EXTENSION_INT_MODE}."
else
SUHOSIN_UPLOADSCAN_FILENAME=/usr/local/php${EXTENSION_SHORT_RELEASE}/bin/php_uploadscan.sh
if [ -d /usr/local/php${EXTENSION_SHORT_RELEASE} ]; then
mkdir -p /usr/local/php${EXTENSION_SHORT_RELEASE}/lib/php.conf.d
fi
EXTENSION_INT_EXT_DIR=`/usr/local/php${EXTENSION_SHORT_RELEASE}/bin/php-config --extension-dir`
EXTENSION_INT_PHP_INI=/usr/local/php${EXTENSION_SHORT_RELEASE}/lib/php.ini
EXTENSION_INT_EXT_INI=/usr/local/php${EXTENSION_SHORT_RELEASE}/lib/php.conf.d/10-directadmin.ini
fi
#Make extensions file empty
echo -n '' > ${EXTENSION_INT_EXT_INI}
#We do comment out ioncube/zend from the old php.ini file only, because old configs cannot exist
if [ -e ${EXTENSION_INT_PHP_INI} ]; then
if [ "${HTSCANNER_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=htscanner.so|;extension=htscanner.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${SUHOSIN_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=suhosin.so|;extension=suhosin.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_GMP_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=gmp.so|;extension=gmp.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_IGBINARY_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=igbinary.so|;extension=igbinary.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${IMAGICK_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=imagick.so|;extension=imagick.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_LDAP_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=ldap.so|;extension=ldap.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_PHALCON_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=phalcon.so|;extension=phalcon.so|' ${EXTENSION_INT_PHP_INI}
perl -pi -e 's|^extension=psr.so|;extension=psr.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_READLINE_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=readline.so|;extension=readline.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_REDIS_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=redis.so|;extension=redis.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_SNUFFLEUPAGUS_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=snuffleupagus.so|;extension=snuffleupagus.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_BZ2_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=bz2.so|;extension=bz2.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_IMAP_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=imap.so|;extension=imap.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${PHP_XMLRPC_OPT}" = "yes" ]; then
perl -pi -e 's|^extension=xmlrpc.so|;extension=xmlrpc.so|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${OPCACHE_OPT}" = "yes" ]; then
perl -pi -e "s|^zend_extension=${EXTENSION_INT_EXT_DIR}/opcache.so|;zend_extension=${EXTENSION_INT_EXT_DIR}/opcache.so|" ${EXTENSION_INT_PHP_INI}
fi
if [ "${IONCUBE_OPT}" = "yes" ]; then
perl -pi -e 's|^zend_extension=/usr/local/lib/ioncube|;zend_extension=/usr/local/lib/ioncube|' ${EXTENSION_INT_PHP_INI}
fi
if [ "${ZEND_OPT}" = "yes" ]; then
perl -pi -e 's|^zend_extension=/usr/local/lib/ZendGuardLoader.so|;zend_extension=/usr/local/lib/ZendGuardLoader.so|' ${EXTENSION_INT_PHP_INI}
perl -pi -e 's|^zend_extension=/usr/local/lib/ZendOptimizer_|;zend_extension=/usr/local/lib/ZendOptimizer_|' ${EXTENSION_INT_PHP_INI}
fi
#Make extensions file empty
echo -n '' > ${EXTENSION_INT_EXT_INI}
if [ -e ${EXTENSION_INT_EXT_INI} ]; then
echo "extension_dir=${EXTENSION_INT_EXT_DIR}" >> ${EXTENSION_INT_EXT_INI}
if [ "${SUHOSIN_OPT}" = "yes" ] && [ "${EXTENSION_INT_RELEASE}" != "5.3" ] && [ "${EXTENSION_INT_RELEASE}" != "7.0" ] && [ "${EXTENSION_INT_RELEASE}" != "7.1" ] && [ "${EXTENSION_INT_RELEASE}" != "7.2" ] && [ "${EXTENSION_INT_RELEASE}" != "7.3" ] && [ "${EXTENSION_INT_RELEASE}" != "7.4" ] && [ "${EXTENSION_INT_RELEASE}" != "8.0" ] && [ "${EXTENSION_INT_RELEASE}" != "8.1" ] && [ "${EXTENSION_INT_RELEASE}" != "8.2" ]; then
echo "extension=suhosin.so" >> ${EXTENSION_INT_EXT_INI}
if [ "${SUHOSIN_PHP_UPLOADSCAN_OPT}" = "yes" ] && [ -e /usr/local/bin/clamdscan ]; then
cp -f ${SUHOSIN_PHP_UPLOADSCAN_SCRIPT} ${SUHOSIN_UPLOADSCAN_FILENAME}
chmod 755 ${SUHOSIN_UPLOADSCAN_FILENAME}
echo "suhosin.upload.verification_script=\"${SUHOSIN_UPLOADSCAN_FILENAME}\"" >> ${EXTENSION_INT_EXT_INI}
elif [ "${SUHOSIN_PHP_UPLOADSCAN_OPT}" = "yes" ] && [ ! -e /usr/local/bin/clamdscan ]; then
if [ "${EXTENSION_NAME}" = "suhosin" ] || [ "${EXTENSION_NAME}" = "all" ]; then
echo "Cannot enable suhosin upload verification script (suhosin_php_uploadscan option), because /usr/local/bin/clamdscan does not exist on the system."
fi
fi
if [ -e ${WORKDIR}/${SUHOSIN_INI} ]; then
cat ${WORKDIR}/${SUHOSIN_INI} >> ${EXTENSION_INT_EXT_INI}
echo "" >> ${EXTENSION_INT_EXT_INI}
fi
if [ "${EXTENSION_NAME}" = "suhosin" ] || [ "${EXTENSION_NAME}" = "all" ]; then
echo "suhosin ${SUHOSIN_VER} is now installed for PHP ${EXTENSION_INT_RELEASE}."
fi
fi
if [ "${HTSCANNER_OPT}" = "yes" ] && [ "${EXTENSION_INT_MODE}" != "mod_php" ] && [ "${EXTENSION_INT_MODE}" != "lsphp" ] && [ "${EXTENSION_INT_RELEASE}" != "8.0" ] && [ "${EXTENSION_INT_RELEASE}" != "8.1" ] && [ "${EXTENSION_INT_RELEASE}" != "8.2" ]; then
if [ "${HAVE_CLI}" = "no" ]; then
echo "extension=htscanner.so" >> ${EXTENSION_INT_EXT_INI}
if [ "${EXTENSION_NAME}" = "htscanner" ] || [ "${EXTENSION_NAME}" = "all" ]; then
echo "htscanner ${HTSCANNER_VER} is now installed for PHP ${EXTENSION_INT_RELEASE}."
fi
fi
fi
if [ "${PHP_IGBINARY_OPT}" = "yes" ]; then
if [ "${EXTENSION_INT_RELEASE}" != "5.3" ] && [ "${EXTENSION_INT_RELEASE}" != "5.4" ] && [ "${EXTENSION_INT_RELEASE}" != "5.5" ] && [ "${EXTENSION_INT_RELEASE}" != "5.6" ]; then
echo "extension=igbinary.so" >> ${EXTENSION_INT_EXT_INI}
else
echo "There is no igbinary available for PHP ${EXTENSION_INT_RELEASE}."
fi
fi
if [ "${IONCUBE_OPT}" = "yes" ]; then
if [ "${EXTENSION_INT_RELEASE}" != "8.0" ] && [ "${EXTENSION_INT_RELEASE}" != "8.2" ]; then
echo "zend_extension=/usr/local/lib/ioncube/ioncube_loader_${OS_EXT}_${EXTENSION_INT_RELEASE}.so" >> ${EXTENSION_INT_EXT_INI}
if [ "${EXTENSION_NAME}" = "ioncube" ] || [ "${EXTENSION_NAME}" = "all" ]; then
echo "ionCube loader ${IONCUBE_VER} is now installed for PHP ${EXTENSION_INT_RELEASE}."
fi
else
echo "There is no ionCube loader available for PHP ${EXTENSION_INT_RELEASE}."
fi
fi
if [ "${PHP_PHALCON_OPT}" = "yes" ]; then
if [ "${EXTENSION_INT_RELEASE}" = "7.2" ] || [ "${EXTENSION_INT_RELEASE}" = "7.3" ] || [ "${EXTENSION_INT_RELEASE}" = "7.4" ]; then
echo "extension=psr.so" >> ${EXTENSION_INT_EXT_INI}
echo "extension=phalcon.so" >> ${EXTENSION_INT_EXT_INI}
else
echo "There is no phalcon available for PHP ${EXTENSION_INT_RELEASE}."
fi
fi
if [ "${PHP_SNUFFLEUPAGUS_OPT}" = "yes" ]; then
if [ "${EXTENSION_INT_RELEASE}" != "5.3" ] && [ "${EXTENSION_INT_RELEASE}" != "5.4" ] && [ "${EXTENSION_INT_RELEASE}" != "5.5" ] && [ "${EXTENSION_INT_RELEASE}" != "5.6" ]; then
echo "extension=snuffleupagus.so" >> ${EXTENSION_INT_EXT_INI}
echo "sp.configuration_file=/usr/local/php${EXTENSION_SHORT_RELEASE}/lib/php.conf.d/snuffleupagus.rules" >> ${EXTENSION_INT_EXT_INI}
if [ ! -e /usr/local/php${EXTENSION_SHORT_RELEASE}/lib/php.conf.d/snuffleupagus.rules ]; then
touch /usr/local/php${EXTENSION_SHORT_RELEASE}/lib/php.conf.d/snuffleupagus.rules
fi
else
echo "There is no snuffleupagus available for PHP ${EXTENSION_INT_RELEASE}."
fi
fi
if [ "${PHP_BZ2_OPT}" = "yes" ]; then
echo "extension=bz2.so" >> ${EXTENSION_INT_EXT_INI}
fi
if [ "${PHP_GMP_OPT}" = "yes" ]; then
echo "extension=gmp.so" >> ${EXTENSION_INT_EXT_INI}
fi
if [ "${PHP_READLINE_OPT}" = "yes" ]; then
echo "extension=readline.so" >> ${EXTENSION_INT_EXT_INI}
fi
if [ "${PHP_REDIS_OPT}" = "yes" ]; then
if [ "${EXTENSION_INT_RELEASE}" != "5.3" ] && [ "${EXTENSION_INT_RELEASE}" != "5.4" ] && [ "${EXTENSION_INT_RELEASE}" != "5.5" ] && [ "${EXTENSION_INT_RELEASE}" != "5.6" ]; then
echo "extension=redis.so" >> ${EXTENSION_INT_EXT_INI}
fi
fi
if [ "${IMAGICK_OPT}" = "yes" ]; then
echo "extension=imagick.so" >> ${EXTENSION_INT_EXT_INI}
fi
if [ "${PHP_IMAP_OPT}" = "yes" ]; then
echo "extension=imap.so" >> ${EXTENSION_INT_EXT_INI}
fi
if [ "${PHP_LDAP_OPT}" = "yes" ]; then
echo "extension=ldap.so" >> ${EXTENSION_INT_EXT_INI}
fi
if [ "${PHP_XMLRPC_OPT}" = "yes" ]; then
echo "extension=xmlrpc.so" >> ${EXTENSION_INT_EXT_INI}
fi
if [ "${ZEND_OPT}" = "yes" ]; then
# Only supported by PHP5
if echo "${EXTENSION_INT_RELEASE}" | grep -m1 -q '^5'; then
echo "zend_extension=/usr/local/lib/ZendGuardLoader${EXTENSION_INT_RELEASE}.so" >> ${EXTENSION_INT_EXT_INI}
if [ "${EXTENSION_NAME}" = "zend" ] || [ "${EXTENSION_NAME}" = "all" ]; then
echo "Zend Guard loader is now installed for PHP ${EXTENSION_INT_RELEASE}."
fi
elif [ "${EXTENSION_NAME}" = "zend" ] || [ "${EXTENSION_NAME}" = "all" ]; then
echo "There is no Zend Guard loader available for PHP ${EXTENSION_INT_RELEASE}."
fi
fi
if [ "${OPCACHE_OPT}" = "yes" ]; then
echo "zend_extension=${EXTENSION_INT_EXT_DIR}/opcache.so" >> ${EXTENSION_INT_EXT_INI}
if [ -e ${WORKDIR}/${OPCACHE_INI} ]; then
cat ${WORKDIR}/${OPCACHE_INI} >> ${EXTENSION_INT_EXT_INI}
echo "" >> ${EXTENSION_INT_EXT_INI}
fi
if [ "${EXTENSION_INT_RELEASE}" = "5.4" ] || [ "${EXTENSION_INT_RELEASE}" = "5.4" ]; then
SHOW_EXT_VERSION=" ${OPCACHE_VER}"
else
SHOW_EXT_VERSION=""
fi
if [ "${EXTENSION_NAME}" = "opcache" ] || [ "${EXTENSION_NAME}" = "all" ]; then
echo "opCache${SHOW_EXT_VERSION} is now installed for PHP ${EXTENSION_INT_RELEASE}."
fi
fi
fi
fi
}
doExtensions() {
DO_EXT_SKIP_RESTART=0
if [ "$1" = "1" ]; then
DO_EXT_SKIP_RESTART=1
fi
PHP_VERSION="${2}"
if [ "${PHP_VERSION}" = "" ]; then
PHP_VERSION="all"
fi
doExtensions_build ${PHP1_RELEASE_OPT} ${PHP1_MODE_OPT} ${PHP_VERSION}
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
doExtensions_build ${PHP2_RELEASE_OPT} ${PHP2_MODE_OPT} ${PHP_VERSION}
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
doExtensions_build ${PHP3_RELEASE_OPT} ${PHP3_MODE_OPT} ${PHP_VERSION}
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
doExtensions_build ${PHP4_RELEASE_OPT} ${PHP4_MODE_OPT} ${PHP_VERSION}
fi
SKIP_WEBSERVER_RESTART=0
if [ "${DO_EXT_SKIP_RESTART}" = "0" ]; then
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
if [ "${PHP2_MODE_OPT}" = "php-fpm" ] || [ "${PHP2_RELEASE_OPT}" = "no" ]; then
SKIP_WEBSERVER_RESTART=1
fi
if [ "${PHP3_MODE_OPT}" = "php-fpm" ] || [ "${PHP3_RELEASE_OPT}" = "no" ]; then
SKIP_WEBSERVER_RESTART=1
fi
if [ "${PHP4_MODE_OPT}" = "php-fpm" ] || [ "${PHP4_RELEASE_OPT}" = "no" ]; then
SKIP_WEBSERVER_RESTART=1
fi
fi
if [ "${SKIP_WEBSERVER_RESTART}" = "0" ]; then
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service nginx stop >/dev/null 2>&1
control_service nginx start
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service httpd restart
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
control_service litespeed reload
fi
fi
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
echo "Restarting php-fpm${PHP1_SHORTRELEASE}."
control_service php-fpm${PHP1_SHORTRELEASE} restart
fi
if [ "${PHP2_MODE_OPT}" = "php-fpm" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
echo "Restarting php-fpm${PHP2_SHORTRELEASE}."
control_service php-fpm${PHP2_SHORTRELEASE} restart
fi
if [ "${PHP3_MODE_OPT}" = "php-fpm" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
echo "Restarting php-fpm${PHP3_SHORTRELEASE}."
control_service php-fpm${PHP3_SHORTRELEASE} restart
fi
if [ "${PHP4_MODE_OPT}" = "php-fpm" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
echo "Restarting php-fpm${PHP4_SHORTRELEASE}."
control_service php-fpm${PHP4_SHORTRELEASE} restart
fi
fi
}
####################################################
doPHPHtscanner() {
if [ "${HAVE_CLI}" = "no" ]; then
HTSCANNER_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
cd ${CWD}
if [ "${HTSCANNER_OPT}" = "no" ]; then
do_exit 1 "Cannot build htscanner, because you do not have it set in php_extensions.conf file."
fi
if [ -z $1 ] || [ "$1" = "no" ]; then
return
fi
if [ -z $2 ]; then
SKIP_RESTART=0
else
SKIP_RESTART=$2
fi
getFile htscanner-${HTSCANNER_VER}.tgz htscanner
FILE=${CWD}/htscanner-${HTSCANNER_VER}.tgz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE}
cd htscanner-${HTSCANNER_VER}
echo "Installing htscanner2-${HTSCANNER_VER} PHP extension for PHP $1..."
/usr/local/php${HTSCANNER_INT_SHORTRELEASE}/bin/phpize
./configure --enable-htscanner --with-php-config=/usr/local/php${HTSCANNER_INT_SHORTRELEASE}/bin/php-config
while echo "Trying to make htscanner2-${HTSCANNER_VER} PHP extension..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 0
fi
else
break
fi
done
echo "Make complete"
echo "Installing htscanner2-${HTSCANNER_VER} PHP extension..."
make install
make clean
doExtensions_build $1 php-fpm htscanner
echo "htscanner2 PHP extension has been installed successfully."
cd ${CWD}
fi
}
####################################################
doZend_build() {
cd ${CWD}
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
do_exit 1 "Missing parameters for doZend call. Exiting..."
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
ZEND_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
if [ "$1" = "5.3" ]; then
ZEND_INT_FILENAME=${ZENDFILE_GUARD53}
ZEND_INT_ZENDNAME=${ZENDNAME_PHP53}
ZEND_INT_LONGVER="$1"
ZEND_TARBALL_FORMAT=1
elif [ "$1" = "5.4" ]; then
ZEND_INT_FILENAME=${ZENDFILE_GUARD54}
ZEND_INT_ZENDNAME=${ZENDNAME_PHP54}
ZEND_INT_LONGVER="$1"
ZEND_TARBALL_FORMAT=1
elif [ "$1" = "5.5" ]; then
ZEND_INT_FILENAME=${ZENDFILE_GUARD55}
ZEND_INT_ZENDNAME=${ZENDNAME_PHP55}
ZEND_INT_LONGVER="$1"
ZEND_TARBALL_FORMAT=0
elif [ "$1" = "5.6" ]; then
ZEND_INT_FILENAME=${ZENDFILE_GUARD56}
ZEND_INT_ZENDNAME=${ZENDNAME_PHP56}
ZEND_INT_LONGVER="$1"
ZEND_TARBALL_FORMAT=0
elif [ ! -z "$1" ]; then
echo "Zend guard loader not supported for PHP version ($1) set in configuration file"
return
fi
getFile ${ZEND_INT_FILENAME} ""
if [ "${ZEND_OPT}" != "yes" ]; then
do_exit 1 "You cannot install Zend Guard Loader, because you do not have it set in the options.conf file."
fi
cd ${CWD}
tar xzf ${ZEND_INT_FILENAME} --no-same-owner
if [ ${ZEND_TARBALL_FORMAT} -eq 1 ]; then
cp -fp ${ZEND_INT_ZENDNAME}/php-${ZEND_INT_LONGVER}.x/ZendGuardLoader.so /usr/local/lib/ZendGuardLoader${ZEND_INT_LONGVER}.so
else
OPCACHE_EXTENSION_DIR_SHORT_RELEASE=`echo ${ZEND_INT_LONGVER} | tr -d '.'`
OPCACHE_EXT_DIR=`/usr/local/php${OPCACHE_EXTENSION_DIR_SHORT_RELEASE}/bin/php-config --extension-dir`
cp -fp ${ZEND_INT_ZENDNAME}/ZendGuardLoader.so /usr/local/lib/ZendGuardLoader${ZEND_INT_LONGVER}.so
fi
chmod 755 /usr/local/lib/ZendGuardLoader${ZEND_INT_LONGVER}.so
chown root:${ROOT_GRP} /usr/local/lib/ZendGuardLoader${ZEND_INT_LONGVER}.so
doExtensions_build ${ZEND_INT_LONGVER} ${2} zend
}
####################################################
doZend() {
cd ${CWD}
doZend_build ${PHP1_RELEASE_OPT} ${PHP1_MODE_OPT} 1
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
doZend_build ${PHP2_RELEASE_OPT} ${PHP2_MODE_OPT} 1
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
doZend_build ${PHP3_RELEASE_OPT} ${PHP3_MODE_OPT} 1
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
doZend_build ${PHP4_RELEASE_OPT} ${PHP4_MODE_OPT} 1
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
SKIP_WEBSERVER_RESTART=0
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
if [ "${PHP2_MODE_OPT}" = "php-fpm" ] || [ "${PHP2_RELEASE_OPT}" = "no" ]; then
SKIP_WEBSERVER_RESTART=1
fi
if [ "${PHP3_MODE_OPT}" = "php-fpm" ] || [ "${PHP3_RELEASE_OPT}" = "no" ]; then
SKIP_WEBSERVER_RESTART=1
fi
if [ "${PHP4_MODE_OPT}" = "php-fpm" ] || [ "${PHP4_RELEASE_OPT}" = "no" ]; then
SKIP_WEBSERVER_RESTART=1
fi
fi
if [ "${SKIP_WEBSERVER_RESTART}" = "0" ]; then
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service nginx stop >/dev/null 2>&1
control_service nginx start
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service httpd restart
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
control_service litespeed reload
fi
fi
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
echo "Restarting php-fpm${PHP1_SHORTRELEASE}."
control_service php-fpm${PHP1_SHORTRELEASE} restart
fi
if [ "${PHP2_MODE_OPT}" = "php-fpm" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
echo "Restarting php-fpm${PHP2_SHORTRELEASE}."
control_service php-fpm${PHP2_SHORTRELEASE} restart
fi
if [ "${PHP3_MODE_OPT}" = "php-fpm" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
echo "Restarting php-fpm${PHP3_SHORTRELEASE}."
control_service php-fpm${PHP3_SHORTRELEASE} restart
fi
if [ "${PHP4_MODE_OPT}" = "php-fpm" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
echo "Restarting php-fpm${PHP4_SHORTRELEASE}."
control_service php-fpm${PHP4_SHORTRELEASE} restart
fi
writeLog "zend installed"
}
####################################################
doIoncube() {
cd ${CWD}
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
IONCUBE_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
rm -f ${IONCUBEFILE}
getFile ioncube_${IONCUBE_VER}/${IONCUBEFILE} ${IONCUBENAME} ${IONCUBEFILE}
if [ "${IONCUBE_OPT}" != "yes" ]; then
do_exit 1 "You cannot install ionCube loader, because you do not have it set in php_extensions.conf file."
fi
tar xzf ${IONCUBEFILE} --no-same-owner
if [ -d ioncube ]; then
chown -R root:${ROOT_GRP} ioncube
fi
if [ -d /usr/local/lib/ioncube ]; then
rm -rf /usr/local/lib/ioncube
fi
mv -f ioncube /usr/local/lib/
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ioncube
else
doExtensions_build ${1} ${2} ioncube
fi
writeLog "Ioncube ${IONCUBE_VER} installed"
}
####################################################
installSuhosin() {
if [ -z $1 ] || [ "$1" = "no" ]; then
return
fi
echo "Installing suhosin-${SUHOSIN_VER} PHP extension for PHP $1..."
/usr/local/php$1/bin/phpize
./configure --with-php-config=/usr/local/php$1/bin/php-config
while echo "Trying to make suhosin-${SUHOSIN_VER} PHP extension..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
make install
make clean
}
doSuhosin() {
cd ${CWD}
if [ "${SUHOSIN_OPT}" = "no" ]; then
do_exit 1 "Cannot build suhosin, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
SUHOSIN_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
getFile suhosin-${SUHOSIN_VER}.tar.gz suhosin
FILE=${CWD}/suhosin-${SUHOSIN_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE}
cd suhosin-${SUHOSIN_VER}
if [ "${FOR_ALL}" = "no" ]; then
if [ "${SUHOSIN_INT_SHORTRELEASE}" != "53" ] && [ "${SUHOSIN_INT_SHORTRELEASE}" != "70" ] && [ "${SUHOSIN_INT_SHORTRELEASE}" != "71" ] && [ "${SUHOSIN_INT_SHORTRELEASE}" != "72" ] && [ "${SUHOSIN_INT_SHORTRELEASE}" != "73" ] && [ "${SUHOSIN_INT_SHORTRELEASE}" != "74" ]; then
installSuhosin ${SUHOSIN_INT_SHORTRELEASE} $2
fi
else
if [ "${PHP1_SHORTRELEASE}" != "53" ] && [ "${PHP1_SHORTRELEASE}" != "70" ] && [ "${PHP1_SHORTRELEASE}" != "71" ] && [ "${PHP1_SHORTRELEASE}" != "72" ] && [ "${PHP1_SHORTRELEASE}" != "73" ] && [ "${PHP1_SHORTRELEASE}" != "74" ]; then
installSuhosin ${PHP1_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ] && [ "${PHP2_SHORTRELEASE}" != "53" ] && [ "${PHP2_SHORTRELEASE}" != "70" ] && [ "${PHP2_SHORTRELEASE}" != "71" ] && [ "${PHP2_SHORTRELEASE}" != "72" ] && [ "${PHP2_SHORTRELEASE}" != "73" ] && [ "${PHP2_SHORTRELEASE}" != "74" ]; then
installSuhosin ${PHP2_SHORTRELEASE} ${PHP2_MODE_OPT}
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ] && [ "${PHP3_SHORTRELEASE}" != "53" ] && [ "${PHP3_SHORTRELEASE}" != "70" ] && [ "${PHP3_SHORTRELEASE}" != "71" ] && [ "${PHP3_SHORTRELEASE}" != "72" ] && [ "${PHP3_SHORTRELEASE}" != "73" ] && [ "${PHP3_SHORTRELEASE}" != "74" ]; then
installSuhosin ${PHP3_SHORTRELEASE} ${PHP3_MODE_OPT}
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ] && [ "${PHP4_SHORTRELEASE}" != "53" ] && [ "${PHP4_SHORTRELEASE}" != "70" ] && [ "${PHP4_SHORTRELEASE}" != "71" ] && [ "${PHP4_SHORTRELEASE}" != "72" ] && [ "${PHP4_SHORTRELEASE}" != "73" ] && [ "${PHP4_SHORTRELEASE}" != "74" ]; then
installSuhosin ${PHP4_SHORTRELEASE} ${PHP4_MODE_OPT}
fi
fi
if [ "${SUHOSIN_PHP_UPLOADSCAN_OPT}" = "yes" ] && [ ! -e /usr/local/bin/clamdscan ]; then
if [ "${CLAMAV_OPT}" = "no" ]; then
do_exit 1 "Cannot install suhosin with PHP upload scan using ClamAV, because /usr/local/bin/clamdscan does not exist on the system and clamav=no is set in the options.conf file."
fi
removeLockfile
doclamav
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} suhosin
else
doExtensions_build ${1} ${2} suhosin
fi
echo "suhosin ${SUHOSIN_VER} PHP extension has been installed successfully."
writeLog "suhosin ${SUHOSIN_VER} installed"
cd ${CWD}
}
installOpcache() {
if [ -z $1 ] || [ "$1" = "no" ]; then
return
fi
echo "Installing zendopcache-${OPCACHE_VER} PHP extension for PHP $1..."
if [ "$1" = "53" ] || [ "$1" = "54" ]; then
/usr/local/php$1/bin/phpize
./configure --with-php-config=/usr/local/php$1/bin/php-config
while echo "Trying to make zendopcache-${OPCACHE_VER} PHP extension..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 0
fi
else
break
fi
done
echo "Make complete"
make install
make clean
echo "opCache ${OPCACHE_VER} PHP extension has been installed successfully for PHP$1."
writeLog "opCache ${OPCACHE_VER} installed for PHP$1"
fi
}
doOpcache() {
cd ${CWD}
if [ "${OPCACHE_OPT}" = "no" ]; then
do_exit 1 "Cannot build opCache, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
OPCACHE_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
fi
SKIP_RESTART=1
if [ "$1" != "1" ]; then
SKIP_RESTART=0
fi
if [ "${PHP1_RELEASE_OPT}" = "5.3" ] || [ "${PHP1_RELEASE_OPT}" = "5.4" ] || [ "${PHP2_RELEASE_OPT}" = "5.3" ] || [ "${PHP2_RELEASE_OPT}" = "5.4" ] || [ "${PHP3_RELEASE_OPT}" = "5.3" ] || [ "${PHP3_RELEASE_OPT}" = "5.4" ] || [ "${PHP4_RELEASE_OPT}" = "5.3" ] || [ "${PHP4_RELEASE_OPT}" = "5.4" ]; then
getFile zendopcache-${OPCACHE_VER}.tgz zendopcache
FILE=${CWD}/zendopcache-${OPCACHE_VER}.tgz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE}
cd zendopcache-${OPCACHE_VER}
if [ "${FOR_ALL}" = "no" ]; then
installOpcache ${OPCACHE_INT_SHORTRELEASE} $2
else
installOpcache ${PHP1_SHORTRELEASE} ${PHP1_MODE_OPT}
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
installOpcache ${PHP2_SHORTRELEASE} ${PHP2_MODE_OPT}
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
installOpcache ${PHP3_SHORTRELEASE} ${PHP3_MODE_OPT}
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
installOpcache ${PHP4_SHORTRELEASE} ${PHP4_MODE_OPT}
fi
fi
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} opcache
else
doExtensions_build ${1} ${2} opcache
fi
cd ${CWD}
}
####################################################
doModLsapi() {
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${PHP1_MODE_OPT}" = "lsphp" ] && [ $(is_cloudlinux_solo) -eq 1 ]; then
do_exit 1 "lsphp PHP1_MODE is not supported on CloudLinux Solo Edition."
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${PHP1_MODE_OPT}" = "lsphp" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if ! grep -m1 -q 'exclude=.*liblsapi' /etc/yum.conf; then
perl -pi -e 's|exclude\=|exclude=liblsapi* |g' /etc/yum.conf
fi
if [ -e /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp ]; then
cp -pf /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp /usr/local/bin/lsphp
elif [ -e /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp${PHP1_SHORTRELEASE} ]; then
cp -pf /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp${PHP1_SHORTRELEASE} /usr/local/bin/lsphp
fi
if rpm -q --quiet mod_lsapi; then
rpm -e mod_lsapi >/dev/null 2>&1
fi
cd ${CWD}
getFileCL mod_lsapi-${MOD_LSAPI_VER}.tar.gz mod_lsapi
LSAPI_MODDIR="`tar tzf mod_lsapi-${MOD_LSAPI_VER}.tar.gz | head -n 1 | cut -d/ -f1`"
LSAPI_RELEASE="stable"
if [ "${CLOUDLINUX_BETA_OPT}" = "yes" ]; then
LSAPI_RELEASE="beta"
fi
tar xzf mod_lsapi-${MOD_LSAPI_VER}.tar.gz
cd ${LSAPI_MODDIR}
sh ./install/da_cb_install ${LSAPI_RELEASE} ${MOD_LSAPI_VER}
if [ -e /usr/include/criu/criu.h ];then
cmake -DWITH_CRIU:BOOLEAN=TRUE CMakeLists.txt
else
cmake CMakeLists.txt
fi
make install
if [ ! -e /etc/httpd/conf/extra/mod_lsapi.conf ]; then
cd conf
cat mod_lsapi.conf | sed 's/#AddType application\/x-httpd-lsphp/AddType application\/x-httpd-lsphp/g' > mod_lsapi.conf.tmp
cp -f mod_lsapi.conf.tmp /etc/httpd/conf/extra/mod_lsapi.conf
perl -pi -e 's#/etc/httpd/modules/mod_lsapi.so#/usr/lib/apache/mod_lsapi.so#' /etc/httpd/conf/extra/mod_lsapi.conf
fi
#Inserting mod_lsapi to apache config
if ! grep -m1 -q -e "mod_lsapi.conf" /etc/httpd/conf/extra/httpd-includes.conf; then
echo "Adding mod_lsapi to apache configuration (extra/httpd-includes.conf)."
#if file is missing new line and the end of the file - add it
if [ ! -z "`tail -c 1 /etc/httpd/conf/extra/httpd-includes.conf`" ]; then
echo "" >> /etc/httpd/conf/extra/httpd-includes.conf
fi
echo "#For mod_lsphp settings" >> /etc/httpd/conf/extra/httpd-includes.conf
echo "Include /etc/httpd/conf/extra/mod_lsapi.conf" >> /etc/httpd/conf/extra/httpd-includes.conf
else
perl -pi -e 's|^#Include /etc/httpd/conf/extra/mod_lsapi.conf|Include /etc/httpd/conf/extra/mod_lsapi.conf|' /etc/httpd/conf/extra/httpd-includes.conf
fi
cd ${CWD}
rm -rf ${LSAPI_MODDIR}
if [ "$1" != "0" ]; then
control_service httpd restart
fi
fi
else
if [ -e /etc/httpd/conf/extra/httpd-includes.conf ]; then
#Removing mod_lsapi from apache config
if grep -m1 -q -e '^Include /etc/httpd/conf/extra/mod_lsapi.conf' /etc/httpd/conf/extra/httpd-includes.conf; then
echo "Removing mod_lsapi from apache configuration (extra/httpd-includes.conf)."
perl -pi -e 's|^Include /etc/httpd/conf/extra/mod_lsapi.conf|#Include /etc/httpd/conf/extra/mod_lsapi.conf|' /etc/httpd/conf/extra/httpd-includes.conf
if [ "$1" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service httpd restart
fi
fi
fi
fi
fi
}
####################################################
doModHostingLimits() {
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ $(is_cloudlinux_solo) -eq 0 ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ ! -e /usr/bin/cmake ]; then
yum -y install cmake
fi
if [ ! -e /usr/include/lve/lve-ctl.h ]; then
yum -y install liblve-devel
fi
cd ${CWD}
getFileCL mod_hostinglimits-${MOD_HOSTINGLIMITS_VER}.tar.gz mod_hostinglimits
CL_MODDIR="mod_hostinglimits-${MOD_HOSTINGLIMITS_VER}"
tar xzf mod_hostinglimits-${MOD_HOSTINGLIMITS_VER}.tar.gz
cd ${CL_MODDIR}
if [ -e ./install/da_cb_install ]; then
sh ./install/da_cb_install ${MOD_HOSTINGLIMITS_VER}
fi
cmake CMakeLists.txt
make install
if [ ! -s /etc/httpd/conf/extra/modhostinglimits.conf ]; then
safeDownloadWithMove "/etc/httpd/conf/extra/modhostinglimits.conf" "https://repo.cloudlinux.com/cloudlinux/confs/modhostinglimits.conf"
perl -pi -e 's#/etc/httpd/modules/mod_hostinglimits.so#/usr/lib/apache/mod_hostinglimits.so#' /etc/httpd/conf/extra/modhostinglimits.conf
fi
#Inserting mod_hostinglimits to apache config
if ! grep -m1 -q -e "modhostinglimits.conf" /etc/httpd/conf/extra/httpd-includes.conf; then
echo "Adding mod_hostinglimits to apache configuration (extra/httpd-includes.conf)."
if [ ! -z "`tail -c 1 /etc/httpd/conf/extra/httpd-includes.conf`" ]; then
echo "" >> /etc/httpd/conf/extra/httpd-includes.conf
fi
echo "#For LVE settings" >> /etc/httpd/conf/extra/httpd-includes.conf
echo "Include /etc/httpd/conf/extra/modhostinglimits.conf" >> /etc/httpd/conf/extra/httpd-includes.conf
else
perl -pi -e 's|^#Include /etc/httpd/conf/extra/modhostinglimits.conf|Include /etc/httpd/conf/extra/modhostinglimits.conf|' /etc/httpd/conf/extra/httpd-includes.conf
fi
cd ${CWD}
rm -rf ${CL_MODDIR}
if [ "$1" != "0" ]; then
control_service httpd restart
fi
fi
else
#Removing mod_hostinglimits from apache config
if grep -m1 -q -e '^Include /etc/httpd/conf/extra/modhostinglimits.conf' /etc/httpd/conf/extra/httpd-includes.conf; then
echo "Removing mod_hostinglimits from apache configuration (extra/httpd-includes.conf)."
perl -pi -e 's|^Include /etc/httpd/conf/extra/modhostinglimits.conf|#Include /etc/httpd/conf/extra/modhostinglimits.conf|' /etc/httpd/conf/extra/httpd-includes.conf
if [ "$1" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service httpd restart
fi
fi
fi
fi
}
####################################################
doModProctitle() {
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ ! -e /usr/bin/cmake ]; then
yum -y install cmake
fi
cd ${CWD}
getFileCL mod_proctitle-${MOD_PROCTITLE_VER}.tar.gz mod_proctitle
CL_MODDIR="mod_proctitle-${MOD_PROCTITLE_VER}"
tar xzf mod_proctitle-${MOD_PROCTITLE_VER}.tar.gz
cd ${CL_MODDIR}
cmake CMakeLists.txt
make install
if [ ! -s /etc/httpd/conf/extra/modproctitle.conf ]; then
cp -f conf/modproctitle.conf /etc/httpd/conf/extra/modproctitle.conf
fi
#Inserting mod_proctitle to apache config
if ! grep -m1 -q -e "modproctitle.conf" /etc/httpd/conf/extra/httpd-includes.conf; then
echo "Adding mod_proctitle to apache configuration (extra/httpd-includes.conf)."
if [ ! -z "`tail -c 1 /etc/httpd/conf/extra/httpd-includes.conf`" ]; then
echo "" >> /etc/httpd/conf/extra/httpd-includes.conf
fi
echo "#For mod_proctitle settings" >> /etc/httpd/conf/extra/httpd-includes.conf
echo "Include /etc/httpd/conf/extra/modproctitle.conf" >> /etc/httpd/conf/extra/httpd-includes.conf
else
perl -pi -e 's|^#Include /etc/httpd/conf/extra/modproctitle.conf|Include /etc/httpd/conf/extra/modproctitle.conf|' /etc/httpd/conf/extra/httpd-includes.conf
fi
cd ${CWD}
rm -rf ${CL_MODDIR}
if [ "$1" != "0" ]; then
control_service httpd restart
fi
fi
else
#Removing mod_proctitle from apache config
if grep -m1 -q -e '^Include /etc/httpd/conf/extra/modproctitle.conf' /etc/httpd/conf/extra/httpd-includes.conf; then
echo "Removing mod_proctitle from apache configuration (extra/httpd-includes.conf)."
perl -pi -e 's|^Include /etc/httpd/conf/extra/modproctitle.conf|#Include /etc/httpd/conf/extra/modproctitle.conf|' /etc/httpd/conf/extra/httpd-includes.conf
if [ "$1" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service httpd restart
fi
fi
fi
fi
}
####################################################
doSetupFcgidSh() {
if [ ! -d /usr/local/safe-bin ]; then
mkdir -p /usr/local/safe-bin
chmod 511 /usr/local/safe-bin
chown apache:apache /usr/local/safe-bin
fi
FCGID_SCRIPT_NAME="fcgid"
cp -f ${CWD}/configure/fastcgi/${FCGID_SCRIPT_NAME}.sh /usr/local/safe-bin/fcgid${1}.sh
if [ -e ${CWD}/custom/fastcgi/fcgid${1}.sh ]; then
cp -f ${CWD}/custom/fastcgi/fcgid${1}.sh /usr/local/safe-bin/fcgid${1}.sh
elif [ -e ${CWD}/custom/fastcgi/${FCGID_SCRIPT_NAME}.sh ]; then
cp -f ${CWD}/custom/fastcgi/${FCGID_SCRIPT_NAME}.sh /usr/local/safe-bin/fcgid${1}.sh
fi
chown apache:apache /usr/local/safe-bin/fcgid${1}.sh
chmod 555 /usr/local/safe-bin/fcgid${1}.sh
}
doPhp_build() {
#We want pkg-config to report
export PKG_CONFIG_PATH=/usr/local/icu/lib/pkgconfig:/usr/local/lib64/pkgconfig:/usr/local/lib/pkgconfig:/usr/lib/x86_64-linux-gnu/pkgconfig
#$1 is PHP release
#$2 is PHP mode
INT_RELEASE=$1
INT_MODE=$2
SHORT_RELEASE=`echo ${INT_RELEASE} | tr -d '.'`
PHP_VERSION_EVAL_VAR=PHP${SHORT_RELEASE}_VER
PHP_VER=$(eval_var ${PHP_VERSION_EVAL_VAR})
if [ -d /usr/local/lib/php.conf.d ] && [ ! -d /usr/local/php${SHORT_RELEASE}/lib/php.conf.d ] && [ ! -L /usr/local/lib/php.conf.d ]; then
mkdir -p /usr/local/php${SHORT_RELEASE}/lib
mv -v /usr/local/lib/php.conf.d /usr/local/php${SHORT_RELEASE}/lib/php.conf.d
ln -sf /usr/local/php${SHORT_RELEASE}/lib/php.conf.d /usr/local/lib/php.conf.d
fi
if [ -d /usr/local/lib/php ] && [ ! -d /usr/local/php${SHORT_RELEASE}/lib/php ] && [ ! -L /usr/local/lib/php ]; then
mkdir -p /usr/local/php${SHORT_RELEASE}/lib
mv -v /usr/local/lib/php /usr/local/php${SHORT_RELEASE}/lib/php
ln -sf /usr/local/php${SHORT_RELEASE}/lib/php /usr/local/lib/php
fi
if [ -s /usr/local/lib/php.ini ] && [ ! -s /usr/local/php${SHORT_RELEASE}/lib/php.ini ] && [ ! -L /usr/local/lib/php.ini ]; then
mkdir -p /usr/local/php${SHORT_RELEASE}/lib
mv -v /usr/local/lib/php.ini /usr/local/php${SHORT_RELEASE}/lib/php.ini
ln -sf /usr/local/php${SHORT_RELEASE}/lib/php.ini /usr/local/lib/php.ini
fi
INT_MAIN_VERSION=false
if [ "${PHP1_RELEASE_OPT}" = "${INT_RELEASE}" ] && [ "${PHP1_MODE_OPT}" = "${INT_MODE}" ]; then
INT_MAIN_VERSION=true
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ ! -d /etc/httpd/conf/extra ]; then
doApache2
fi
fi
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ ! -d ${NGINXCONF} ]; then
doNginx
fi
fi
YUM_PKG_INSTALL_LIST=""
APT_PKG_INSTALL_LIST=""
#sqlite, libzip and oniguruma are needed by PHP >=8
if [ ! -e /usr/include/png.h ] && [ ! -e /usr/local/include/png.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libpng, installing using apt-get..."
APT_PKG_INSTALL_LIST="${APT_PKG_INSTALL_LIST}libpng-dev "
else
echo "Cannot find libpng, installing using yum..."
YUM_PKG_INSTALL_LIST="${YUM_PKG_INSTALL_LIST}libpng-devel "
fi
fi
if [ ! -e /usr/local/include/freetype2/ft2build.h ] && [ ! -e /usr/include/freetype2/ft2build.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find freetype, installing using apt-get..."
APT_PKG_INSTALL_LIST="${APT_PKG_INSTALL_LIST}libfreetype6-dev "
else
echo "Cannot find freetype, installing using yum..."
YUM_PKG_INSTALL_LIST="${YUM_PKG_INSTALL_LIST}freetype-devel "
fi
fi
#needed for PHP <7.4
if [ -e /etc/debian_version ] && [ ! -e /usr/local/include/freetype2/ft2build.h ] && [ ! -s /usr/bin/freetype-config ]; then
if [ "${OS_DEBIAN_VER}" != "9" ]; then
safeDownloadWithMove "/usr/bin/freetype-config" "${WEBPATH}/freetype-config"
chmod +x /usr/bin/freetype-config
fi
fi
#libwebp is compiled-in as of PHP 7.0
if [ ! -e /usr/local/include/webp/types.h ] && [ ! -e /usr/include/webp/types.h ]; then
if [ "${INT_RELEASE}" != "5.3" ] && [ "${INT_RELEASE}" != "5.4" ] && [ "${INT_RELEASE}" != "5.5" ] && [ "${INT_RELEASE}" != "5.6" ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libwebp, installing using apt-get..."
APT_PKG_INSTALL_LIST="${APT_PKG_INSTALL_LIST}libwebp-dev "
else
echo "Cannot find libwebp, installing using yum..."
YUM_PKG_INSTALL_LIST="${YUM_PKG_INSTALL_LIST}libwebp-devel "
fi
fi
fi
if [ ! -e /usr/include/jpeglib.h ] && [ ! -e /usr/local/include/jpeglib.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libjpeg, installing using apt-get..."
APT_PKG_INSTALL_LIST="${APT_PKG_INSTALL_LIST}libjpeg-dev "
else
echo "Cannot find libjpeg, installing using yum..."
YUM_PKG_INSTALL_LIST="${YUM_PKG_INSTALL_LIST}libjpeg-devel "
fi
fi
if [ ! -e /usr/include/libxslt/xslt.h ] && [ ! -e /usr/local/include/libxslt/xslt.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libxslt, installing using apt-get..."
APT_PKG_INSTALL_LIST="${APT_PKG_INSTALL_LIST}libxslt-dev "
else
echo "Cannot find libxslt, installing using yum..."
YUM_PKG_INSTALL_LIST="${YUM_PKG_INSTALL_LIST}libxslt-devel "
fi
fi
if [ ! -e /usr/include/x86_64-linux-gnu/sodium.h ] && [ ! -e /usr/include/aarch64-linux-gnu/sodium.h ] && [ ! -e /usr/local/include/sodium.h ] && [ ! -e /usr/include/sodium.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libsodium, installing using apt-get..."
apt-get -y install libsodium-dev
else
yum -y install libsodium-devel --enablerepo=${EPEL_REPO_NAME}
fi
fi
if [ ! -e /usr/include/x86_64-linux-gnu/unicode/icudataver.h ] && [ ! -e /usr/include/aarch64-linux-gnu/unicode/icudataver.h ] && [ ! -e /usr/local/icu/include/unicode/icudataver.h ] && [ ! -e /usr/include/unicode/icudataver.h ] && [ ! -e /usr/local/include/unicode/icudataver.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libicu, installing using apt-get..."
APT_PKG_INSTALL_LIST="${APT_PKG_INSTALL_LIST}libicu-dev "
else
echo "Cannot find libicu, installing using yum..."
YUM_PKG_INSTALL_LIST="${YUM_PKG_INSTALL_LIST}libicu-devel "
fi
fi
if [ -e /etc/debian_version ] && [ ! -d /usr/local/icu ]; then
if [ "${OS_DEBIAN_VER}" != "9" ]; then
safeDownloadWithMove "/usr/bin/icu-config" "${WEBPATH}/icu-config"
chmod +x /usr/bin/icu-config
fi
fi
if [ "${INT_RELEASE}" = "5.3" ] || [ "${INT_RELEASE}" = "5.4" ] || [ "${INT_RELEASE}" = "5.5" ] || [ "${INT_RELEASE}" = "5.6" ] || [ "${INT_RELEASE}" = "7.0" ] || [ "${INT_RELEASE}" = "7.1" ]; then
if [ ! -e /usr/include/mcrypt.h ] && [ ! -e /usr/local/include/mcrypt.h ]; then
if [ -e ${DEBIAN_VERSION} ]; then
apt-get -y install libmcrypt-dev
else
yum -y install libmcrypt-devel --enablerepo=${EPEL_REPO_NAME}
fi
fi
fi
if [ "${INT_RELEASE}" != "5.3" ] && [ "${INT_RELEASE}" != "5.4" ] && [ "${INT_RELEASE}" != "5.5" ] && [ "${INT_RELEASE}" != "5.6" ] && [ "${INT_RELEASE}" != "7.0" ] && [ "${INT_RELEASE}" != "7.1" ] && [ "${INT_RELEASE}" != "7.2" ] && [ "${INT_RELEASE}" != "7.3" ]; then
COMPILE_LIBZIP=false
if [ -e /etc/debian_version ]; then
COMPILE_LIBZIP=false
elif [ "${OS_CENTOS_VER}" = "7" ]; then
COMPILE_LIBZIP=true
fi
if [ ! -e /usr/local/lib/libzip.so ] && [ ! -e /usr/local/lib64/libzip.so ] && [ "${LIBZIP_VER}" != "0" ] && ${COMPILE_LIBZIP}; then
doLibzip
fi
if ! ${COMPILE_LIBZIP} && [ ! -e /usr/lib/libzip.so ] && [ ! -e /usr/lib64/libzip.so ] && [ ! -e /usr/lib/x86_64-linux-gnu/libzip.so ] && [ ! -e /usr/lib/aarch64-linux-gnu/libzip.so ] && [ ! -e /usr/local/lib/libzip.so ] && [ ! -e /usr/local/lib64/libzip.so ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libzip, installing using apt-get..."
APT_PKG_INSTALL_LIST="${APT_PKG_INSTALL_LIST}libzip-dev "
else
echo "Cannot find libzip, installing using yum..."
YUM_PKG_INSTALL_LIST="${YUM_PKG_INSTALL_LIST}libzip-devel "
fi
fi
if [ ! -e /usr/include/sqlite3.h ] && [ ! -e /usr/local/include/sqlite3.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find /usr/include/sqlite3.h, installing using apt-get..."
APT_PKG_INSTALL_LIST="${APT_PKG_INSTALL_LIST}libsqlite3-dev "
else
echo "Cannot find /usr/include/sqlite3.h, installing using yum..."
YUM_PKG_INSTALL_LIST="${YUM_PKG_INSTALL_LIST}sqlite-devel "
fi
fi
if [ ! -e /usr/include/oniguruma.h ] && [ ! -e /usr/local/include/oniguruma.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find /usr/include/oniguruma.h, installing using apt-get..."
APT_PKG_INSTALL_LIST="${APT_PKG_INSTALL_LIST}libonig-dev "
else
echo "Cannot find /usr/include/oniguruma.h, installing using yum..."
if [ "${OS_CENTOS_VER}" = "8" ]; then
yum -y install oniguruma-devel --enablerepo=${POWERTOOLS}
elif [ "${OS_CENTOS_VER}" = "9" ]; then
yum -y install oniguruma-devel --enablerepo=crb
else
YUM_PKG_INSTALL_LIST="${YUM_PKG_INSTALL_LIST}oniguruma-devel "
fi
fi
fi
fi
if [ -e /etc/debian_version ] && [ ! -z "${APT_PKG_INSTALL_LIST}" ]; then
apt-get -y install ${APT_PKG_INSTALL_LIST}
elif [ ! -z "${YUM_PKG_INSTALL_LIST}" ]; then
if [ "${OS_CENTOS_VER}" = "9" ]; then
yum -y install ${YUM_PKG_INSTALL_LIST} --enablerepo=crb
else
yum -y install ${YUM_PKG_INSTALL_LIST}
fi
fi
if ${INT_MAIN_VERSION}; then
doRewriteCLPhpHandler
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] && [ "${MODSECURITY_OPT}" = "yes" ] && [ ! -e /usr/lib/apache/mod_security2.so ]; then
doModSecurity
fi
if [ "${MOD_RUID2_OPT}" = "yes" ] && [ ! -e /usr/lib/apache/mod_ruid2.so ] && [ "${WEBSERVER_OPT}" != "litespeed" ]; then
doModRuid2
fi
if [ "${HAVE_FCGID}" = "yes" ]; then
if [ ! -s /usr/lib/apache/mod_fcgid.so ]; then
doModFCGID
fi
fi
if [ "${HAVE_FCGID}" = "yes" ] || [ "${HAVE_FPM_CGI}" = "yes" ] || [ "${HAVE_SUPHP_CGI}" = "yes" ]; then
if [ "${HTSCANNER_OPT}" = "yes" ] && [ ! -e /usr/lib/apache/mod_htscanner2.so ]; then
doModHtscanner
fi
fi
if [ "${NEWCONFIGS}" = "1" ] && ${INT_MAIN_VERSION}; then
if grep -m1 -q '^LoadModule mod_php' /etc/httpd/conf/httpd.conf; then
perl -pi -e 's/^LoadModule mod_php/\#LoadModule mod_php/' /etc/httpd/conf/httpd.conf
fi
if grep -m1 -q '^LoadModule php' /etc/httpd/conf/httpd.conf; then
perl -pi -e 's/^LoadModule php/\#LoadModule php/' /etc/httpd/conf/httpd.conf
fi
fi
fi
if [ "${HAVE_FPM_CGI}" = "yes" ] && [ ! -s /etc/logrotate.d/php-fpm ]; then
safeDownloadWithMove "/etc/logrotate.d/php-fpm" "${WEBPATH}/php-fpm.logrotate"
fi
if [ "${INT_MODE}" = "suphp" ]; then
mkdir -p /usr/local/php${SHORT_RELEASE}/lib
if [ ! -s ${SUPHP_SO} ]; then
doSuPhp
fi
fi
#just double check the location of libmysqlclient.so
if [ -e /usr/lib64 ]; then
if [ ! -e /usr/lib64/mysql/libmysqlclient.so ] && [ -e /usr/lib64/libmysqlclient.so ]; then
ln -s ../libmysqlclient.so /usr/lib64/mysql/libmysqlclient.so
fi
fi
if [ -e /usr/lib/libmysqlclient.so ] && [ ! -e /usr/lib/mysql/libmysqlclient.so ] && [ -d /usr/lib/mysql ]; then
ln -s /usr/lib/libmysqlclient.so /usr/lib/mysql/libmysqlclient.so
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
doApacheCheck
fi
if [ "${HAVE_CLI}" = "yes" ] && [ -e ${PHPMODULES} ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if grep -m1 -q 'LoadModule mpm_event_module /usr/lib/apache/mod_mpm_event.so' ${PHPMODULES}; then
echo "Switching Apache Event MPM to Prefork, because of mod_php used..."
perl -pi -e 's#LoadModule mpm_event_module /usr/lib/apache/mod_mpm_event.so#LoadModule mpm_prefork_module /usr/lib/apache/mod_mpm_prefork.so#' ${PHPMODULES}
control_service httpd restart
fi
if grep -m1 -q 'LoadModule mpm_worker_module /usr/lib/apache/mod_mpm_worker.so' ${PHPMODULES}; then
echo "Switching Apache Worker MPM to Prefork, because of mod_php used..."
perl -pi -e 's#LoadModule mpm_worker_module /usr/lib/apache/mod_mpm_worker.so#LoadModule mpm_prefork_module /usr/lib/apache/mod_mpm_prefork.so#' ${PHPMODULES}
control_service httpd restart
fi
fi
fi
cd ${CWD}
ldconfig
INT_EXT_DIR="no"
if [ -e /usr/local/php${SHORT_RELEASE}/bin/php-config ]; then
INT_EXT_DIR=`/usr/local/php${SHORT_RELEASE}/bin/php-config --extension-dir`
fi
getFile php-${PHP_VER}.tar.gz php${SHORT_RELEASE}
quitIfLocked doPhp
cd ${CWD}
FILE=${CWD}/php-${PHP_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
disable_asm_atomic
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
getFileCL cl-apache-patches.tar.gz cl-apache-patches
tar xzf cl-apache-patches.tar.gz --no-same-owner
fi
if [ "${INT_RELEASE}" = "5.3" ]; then
getFile patches/php-5.3.28_apache-2.4.10-fpm.patch php-5.3.28_apache-2.4.10-fpm.patch patches/php-5.3.28_apache-2.4.10-fpm.patch hexan
getFile patches/multi-sapi-5.3.29.patch multi-sapi-5.3.29.patch patches/multi-sapi-5.3.29.patch hexan
fi
if [ "${INT_RELEASE}" = "5.3" ] || [ "${INT_RELEASE}" = "5.4" ]; then
getFile patches/Another_fix_for_mod_proxy_fcgi_v2.patch Another_fix_for_mod_proxy_fcgi_v2.patch patches/Another_fix_for_mod_proxy_fcgi_v2.patch hexan
if [ -e /lib/x86_64-linux-gnu/libsystemd-daemon.so.0 ] && [ ! -e /lib/x86_64-linux-gnu/libsystemd-daemon.so ]; then
ln -s /lib/x86_64-linux-gnu/libsystemd-daemon.so.0 /lib/x86_64-linux-gnu/libsystemd-daemon.so
ldconfig
fi
fi
if [ "${INT_RELEASE}" = "7.1" ] || [ "${INT_RELEASE}" = "7.2" ]; then
getFile patches/fpm_scoreboard_proc_oob_fix_v4.patch fpm_scoreboard_proc_oob_fix_v4.patch patches/fpm_scoreboard_proc_oob_fix_v4.patch hexan
fi
if [ "${INT_RELEASE}" = "7.0" ]; then
getFile patches/fpm_scoreboard_proc_oob_fix_v4_7.0.patch fpm_scoreboard_proc_oob_fix_v4_7.0.patch patches/fpm_scoreboard_proc_oob_fix_v4_7.0.patch hexan
fi
if [ "${INT_RELEASE}" = "5.6" ]; then
getFile patches/fpm_scoreboard_proc_oob_fix_v4_5.6.patch fpm_scoreboard_proc_oob_fix_v4_5.6.patch patches/fpm_scoreboard_proc_oob_fix_v4_5.6.patch hexan
fi
if [ "${INT_RELEASE}" = "7.3" ]; then
getFile patches/php_mysqlnd_sha2_auth.patch php_mysqlnd_sha2_auth.patch patches/php_mysqlnd_sha2_auth.patch hexan
fi
if [ "${HAVE_FPM_CGI}" = "yes" ]; then
getFile patches/fpm-quota-chown.patch fpm-quota-chown.patch patches/fpm-quota-chown.patch hexan
fi
getFile patches/fpm_children_cgroup.patch fpm_children_cgroup.patch patches/fpm_children_cgroup.patch hexan
OV=`openssl_version | cut -d. -f1,2`
OPENSSL_11_OR_HIGHER=false
if [ "${OV}" != "" ] && [ "`version_cmp ${OV} 1.1 'php 5.x vs openssl 1.1.0 ver check'`" -ge 0 ]; then
OPENSSL_11_OR_HIGHER=true
fi
if ${OPENSSL_11_OR_HIGHER}; then
if [ "${INT_RELEASE}" = "5.6" ]; then
getFile patches/php-5.6-libssl-1.1.patch php-5.6-libssl-1.1.patch patches/php-5.6-libssl-1.1.patch hexan
fi
fi
cd php-${PHP_VER}
#Don't build ZTS version of PHP, we load MPM dynamically, always default to prefork if mod_php is there
if [ -s sapi/apache2handler/config.m4 ]; then
perl -pi -e 's|PHP_BUILD_THREAD_SAFE|PHP_BUILD_NOT_THREAD_SAFE|g' sapi/apache2handler/config.m4
fi
if [ -s sapi/apache2filter/config.m4 ]; then
perl -pi -e 's|PHP_BUILD_THREAD_SAFE|PHP_BUILD_NOT_THREAD_SAFE|g' sapi/apache2filter/config.m4
fi
#To be fail-proof with non-ZTS version (as the check in sapi/apache2handler/config.m4 is for loaded MPM), we switch MPM to prefork temporarily
if [ -s ${PHPMODULES} ]; then
if [ "${PHP1_RELEASE_OPT}" = "${INT_RELEASE}" ] && [ "${PHP1_MODE_OPT}" = "mod_php" ]; then
if ! grep -m1 -q 'mpm_prefork_module' ${PHPMODULES}; then
if grep -m1 -q 'LoadModule mpm_[a-z]*_module /usr/lib/apache/mod_mpm_[a-z]*.so' ${PHPMODULES}; then
perl -pi -e 's#LoadModule mpm_[a-z]*_module /usr/lib/apache/mod_mpm_[a-z]*.so#LoadModule mpm_prefork_module /usr/lib/apache/mod_mpm_prefork.so#' ${PHPMODULES}
fi
fi
fi
fi
perl -pi -e 's|\(\(_libiconv_version >> 8\) & 0x0f\), \(_libiconv_version & 0x0f\)\)|_libiconv_version >> 8, _libiconv_version & 0xff\)|' ext/iconv/iconv.c
perl -pi -e 's|"html_errors=0\\n"|"html_errors=0\\n"\n\t"disable_functions=\\n"|g' ./sapi/cli/php_cli.c
if [ "${INT_MODE}" = "lsphp" ] && [ "${WEBSERVER_OPT}" != "apache" ] && [ "${WEBSERVER_OPT}" != "nginx_apache" ]; then
PHP_LSAPI_VER="`curl -k -L --silent --fail https://update.litespeedtech.com/ws/latest.php | grep 'PHP-LSAPI' | cut -d= -f2`"
# If we were unable to get the version from external source - set some default one
if ! echo "${PHP_LSAPI_VER}" | grep -m1 -q '^[0-9]*\.[0-9]*'; then
PHP_LSAPI_VER=8.0
elif [ "${PHP_LSAPI_VER}" = "7.9" ]; then
#PHP 8.1 is not compatible with 7.9, and 8.0 is not yet in latest.php on update.litespeedtech.com
PHP_LSAPI_VER=8.0
fi
safeDownloadWithMove "${CWD}/php-${PHP_VER}/php-litespeed-${PHP_LSAPI_VER}.tgz" "https://www.litespeedtech.com/packages/lsapi/php-litespeed-${PHP_LSAPI_VER}.tgz"
cd sapi
mv litespeed litespeed_orig
tar xzf ../php-litespeed-${PHP_LSAPI_VER}.tgz --no-same-owner
if [ -d litespeed ]; then
mv -f litespeed/*.h litespeed_orig/
mv -f litespeed/*.c litespeed_orig/
rm -rf litespeed
elif [ -d litespeed-${PHP_LSAPI_VER} ]; then
mv -f litespeed-${PHP_LSAPI_VER}/*.h litespeed_orig/
mv -f litespeed-${PHP_LSAPI_VER}/*.c litespeed_orig/
rm -rf litespeed-${PHP_LSAPI_VER}
fi
mv litespeed_orig litespeed
cd ../
elif [ "${INT_MODE}" = "lsphp" ] && [ "${CLOUDLINUX_OPT}" = "yes" ]; then
safeDownloadWithMove "${CWD}/php-litespeed-${CL_PHP_LSAPI_VER}.tgz" "https://repo.cloudlinux.com/cloudlinux/sources/da/php-litespeed-${CL_PHP_LSAPI_VER}.tgz"
cd sapi
mv litespeed litespeed_orig
tar xzf ../php-litespeed-${CL_PHP_LSAPI_VER}.tgz --no-same-owner
if [ -d litespeed ]; then
mv -f litespeed/*.h litespeed_orig/
mv -f litespeed/*.c litespeed_orig/
rm -rf litespeed
elif [ -d litespeed-${CL_PHP_LSAPI_VER} ]; then
mv -f litespeed-${CL_PHP_LSAPI_VER}/*.h litespeed_orig/
mv -f litespeed-${CL_PHP_LSAPI_VER}/*.c litespeed_orig/
rm -rf litespeed-${CL_PHP_LSAPI_VER}
fi
mv litespeed_orig litespeed
cd ../
fi
#make sure we have the sendmail link
set_sendmail_link
#some reports of missing -lltdl, problem found to be simple missing link
if [ ! -e /usr/lib/libltdl.so ]; then
ln -sf libltdl.so.3 /usr/lib/libltdl.so
fi
echo "Configuring php-${PHP_VER}..."
PHP_INI_INT=${PHP_INI}
PHP_EXT_INT=${PHP_EXT}
AUTOCONF213="/usr/bin/autoconf-2.13"
if [ "${INT_RELEASE}" = "5.3" ]; then
if [ ! -e ${AUTOCONF213} ]; then
if [ -e ${DEBIAN_VERSION} ]; then
apt-get -y install autoconf2.13
else
if [ "${OS_CENTOS_VER}" = "8" ]; then
yum -y install autoconf213 --enablerepo=${POWERTOOLS}
else
yum -y install autoconf213
fi
fi
fi
if [ -e ${AUTOCONF213} ]; then
touch ac*
${AUTOCONF213}
fi
fi
if [ "${INT_RELEASE}" = "7.1" ] || [ "${INT_RELEASE}" = "7.2" ]; then
patch -p1 --fuzz=1 < ../patches/fpm_scoreboard_proc_oob_fix_v4.patch
perl -pi -e 's|php_info_print_table_row\(2, "Configuration File \(php.ini\) Path"|php_info_print_table_row(2, "PHP-FPM security patch", "yes");\n\t\tphp_info_print_table_row(2, "Configuration File (php.ini) Path"|g' ./ext/standard/info.c
fi
if [ "${INT_RELEASE}" = "7.0" ]; then
patch -p1 --fuzz=1 < ../patches/fpm_scoreboard_proc_oob_fix_v4_7.0.patch
perl -pi -e 's|php_info_print_table_row\(2, "Configuration File \(php.ini\) Path"|php_info_print_table_row(2, "PHP-FPM security patch", "yes");\n\t\tphp_info_print_table_row(2, "Configuration File (php.ini) Path"|g' ./ext/standard/info.c
fi
if [ "${INT_RELEASE}" = "5.6" ]; then
patch -p1 --fuzz=1 < ../patches/fpm_scoreboard_proc_oob_fix_v4_5.6.patch
perl -pi -e 's|php_info_print_table_row\(2, "Configuration File \(php.ini\) Path"|php_info_print_table_row(2, "PHP-FPM security patch", "yes");\n\t\tphp_info_print_table_row(2, "Configuration File (php.ini) Path"|g' ./ext/standard/info.c
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
if [ -e ../fpm-lve-php${INT_RELEASE}_autoconf.patch ]; then
patch -p1 --fuzz=1 < ../fpm-lve-php${INT_RELEASE}_autoconf.patch
elif [ -e ../fpm-lve-php7.0_autoconf.dl.v2.patch.patch ] && [ "${INT_RELEASE}" = "7.0" ]; then
patch -p1 --fuzz=1 < ../fpm-lve-php7.0_autoconf.dl.v2.patch.patch
elif [ -e ../php-fpm.7.1.dl.v3.patch ] && [ "${INT_RELEASE}" = "7.1" ]; then
patch -p1 --fuzz=1 < ../php-fpm.7.1.dl.v3.patch
elif [ -e ../php-fpm.7.2.dl.v2.patch ] && [ "${INT_RELEASE}" = "7.2" ]; then
patch -p1 --fuzz=1 < ../php-fpm.7.2.dl.v2.patch
elif [ -e ../php-fpm.7.3.dl.v1.patch ] && [ "${INT_RELEASE}" = "7.3" ]; then
patch -p1 --fuzz=1 < ../php-fpm.7.3.dl.v1.patch
elif [ -e ../php-fpm.7.4.dl.v1.patch ] && [ "${INT_RELEASE}" = "7.4" ]; then
patch -p1 --fuzz=1 < ../php-fpm.7.4.dl.v1.patch
elif [ -e php-fpm.8.0.dl.v1.patch ]; then
patch -p1 --fuzz=1 < ../php-fpm.8.0.dl.v1.patch
elif [ -e php-fpm.8.1.dl.v1.patch ]; then
patch -p1 --fuzz=1 < ../php-fpm.8.1.dl.v1.patch
elif [ -e php-fpm.8.2.dl.v1.patch ]; then
patch -p1 --fuzz=1 < ../php-fpm.8.2.dl.v1.patch
fi
if [ "${INT_RELEASE}" = "5.3" ] && [ -e ${AUTOCONF213} ]; then
touch ac*
${AUTOCONF213}
else
touch ac*
autoconf
fi
fi
if [ "${INT_RELEASE}" = "5.3" ] && [ "${PHP53_VER}" != "5.2.17" ]; then
echo "Patching PHP to fix bug #67541."
patch -p1 < ../patches/php-5.3.28_apache-2.4.10-fpm.patch
echo "Patching PHP to fix bug #52419."
patch -p1 < ../patches/multi-sapi-5.3.29.patch
if [ -e ${AUTOCONF213} ]; then
touch ac*
${AUTOCONF213} >/dev/null 2>&1
else
touch ac*
autoconf >/dev/null
fi
fi
if ${OPENSSL_11_OR_HIGHER}; then
if [ "${INT_RELEASE}" = "5.6" ]; then
echo "Patching PHP to fix OpenSSL >=1.1 compatibility."
patch -p1 < ../patches/php-5.6-libssl-1.1.patch
fi
fi
if [ "${INT_RELEASE}" = "5.3" ] || [ "${INT_RELEASE}" = "5.4" ]; then
if [ "${PHP53_VER}" != "5.2.17" ]; then
#Still pathcing for #67541
patch -p0 < ../patches/Another_fix_for_mod_proxy_fcgi_v2.patch
echo "Patching is done."
fi
fi
if [ "${INT_RELEASE}" = "7.3" ]; then
patch -p1 < ../patches/php_mysqlnd_sha2_auth.patch
echo "Patching MySQLnd to support SHA2 auth is done."
fi
if [ -s sapi/fpm/fpm/fpm_children.c ]; then
echo "Patching php-fpm for per-user process grouping"
if [ ! -s ../patches/fpm_children_cgroup.patch ]; then
echo "${boldon}ERROR downloading patches/fpm_children_cgroup.patch${boldoff}"
else
patch -p0 < ../patches/fpm_children_cgroup.patch
fi
fi
if [ -s sapi/fpm/fpm/fpm_unix.c ]; then
#Ticket 21336: [pool user] failed to chown() the socket '/usr/local/php56/sockets/user.sock': Disk quota exceeded (122)
echo "Patching php-fpm to not fail on startup if User quota maxed out on socket chown"
if [ ! -s ../patches/fpm-quota-chown.patch ]; then
echo "${boldon}ERROR downloading patches/fpm-quota-chown.patch${boldoff}"
else
patch -p0 < ../patches/fpm-quota-chown.patch
fi
fi
CONFIGURE_FILE_VAR=PHP${SHORT_RELEASE}_CONFIGURE
PHP_INI_INT_VAR=PHP_INI_FPM${SHORT_RELEASE}
PHP_INI_INT=$(eval_var ${PHP_INI_INT_VAR})
PHP_EXT_INT_VAR=PHP_EXT_FPM${SHORT_RELEASE}
PHP_EXT_INT=$(eval_var ${PHP_EXT_INT_VAR})
if [ "${INT_MODE}" = "php-fpm" ]; then
CONFIGURE_FILE_VAR=PHP${SHORT_RELEASE}_CONFIGURE_FPM
elif [ "${INT_MODE}" = "suphp" ]; then
CONFIGURE_FILE_VAR=PHP${SHORT_RELEASE}_CONFIGURE_SUPHP
elif [ "${INT_MODE}" = "fastcgi" ]; then
CONFIGURE_FILE_VAR=PHP${SHORT_RELEASE}_CONFIGURE_FCGI
elif [ "${INT_MODE}" = "lsphp" ]; then
CONFIGURE_FILE_VAR=PHP${SHORT_RELEASE}_CONFIGURE_LSPHP
fi
CONF_FILE=${CWD}/$(eval_var ${CONFIGURE_FILE_VAR})
# Compile mod_phpX.so only if that's php1_release and mode is mod_php
if [ "${PHP1_RELEASE_OPT}" = "${INT_RELEASE}" ] && [ "${PHP1_MODE_OPT}" = "mod_php" ] && [ "${UNIT_OPT}" = "no" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if ! grep -q -m1 'with-apxs2' ${CONF_FILE}; then
perl -pi -e 's#./configure --enable-embed #./configure --with-apxs2 #' ${CONF_FILE}
if ! grep -q -m1 'with-apxs2' ${CONF_FILE}; then
perl -pi -e 's#./configure #./configure --with-apxs2 #' ${CONF_FILE}
fi
fi
elif grep -q -m1 'with-apxs2' ${CONF_FILE}; then
perl -pi -e 's#./configure --with-apxs2 #./configure --enable-embed #' ${CONF_FILE}
elif ! grep -q -m1 'enable-embed' ${CONF_FILE}; then
perl -pi -e 's#./configure #./configure --enable-embed #' ${CONF_FILE}
fi
elif grep -q -m1 'with-apxs2' ${CONF_FILE}; then
perl -pi -e 's#./configure --with-apxs2 #./configure --enable-embed #' ${CONF_FILE}
elif ! grep -q -m1 'enable-embed' ${CONF_FILE}; then
perl -pi -e 's#./configure #./configure --enable-embed #' ${CONF_FILE}
fi
#we need to make sure that the mysql path is set.
MYSQL_H=""
if [ -d /usr/local/mysql/include ]; then
MYSQL_H=/usr/local/mysql
fi
if [ "${MYSQL_H}" = "" ]; then
if [ -e /usr/include/mysql/mysql.h ]; then
MYSQL_H=/usr
fi
fi
if [ "${MYSQL_H}" != "" ]; then
STR="perl -pi -e 's#with-mysql\s#with-mysql=${MYSQL_H} #' ${CONF_FILE}"
eval ${STR}
STR="perl -pi -e 's#with-mysql\"#with-mysql=${MYSQL_H}\"#' ${CONF_FILE}"
eval ${STR}
STR="perl -pi -e 's#with-pdo-mysql\"#with-pdo-mysql=${MYSQL_H}\"#' ${CONF_FILE}"
eval ${STR}
STR="perl -pi -e 's#with-pdo-mysql\s#with-pdo-mysql=${MYSQL_H} #' ${CONF_FILE}"
eval ${STR}
fi
if [ "${INT_RELEASE}" != "5.3" ] && [ "${INT_RELEASE}" != "5.4" ] && [ "${INT_RELEASE}" != "5.5" ] && [ "${INT_RELEASE}" != "5.6" ] && [ "${INT_RELEASE}" != "7.0" ] && [ "${INT_RELEASE}" != "7.1" ] && [ "${INT_RELEASE}" != "7.2" ]; then
if [ ! -e /usr/local/bin/pcre2-config ] && [ -e /usr/bin/pcre2-config ]; then
if grep -m1 -q 'with-pcre-regex=/usr/local' ${CONF_FILE}; then
perl -pi -e 's#with-pcre-regex=/usr/local#with-pcre-regex=/usr#g' ${CONF_FILE}
fi
fi
fi
if [ ! -e /usr/local/bin/pcre-config ] && [ -e /usr/bin/pcre-config ]; then
if grep -m1 -q 'with-pcre-regex=/usr/local' ${CONF_FILE}; then
perl -pi -e 's#with-pcre-regex=/usr/local#with-pcre-regex=/usr#g' ${CONF_FILE}
if [ -e /usr/lib64/libpcre.so ] && [ ! -e /usr/lib/libpcre.so ]; then
ln -s /usr/lib64/libpcre.so /usr/lib/libpcre.so
fi
if [ -e /usr/lib/x86_64-linux-gnu/libpcre.so ] && [ ! -e /usr/lib/libpcre.so ]; then
ln -s /usr/lib/x86_64-linux-gnu/libpcre.so /usr/lib/libpcre.so
fi
if [ -e /usr/lib/aarch64-linux-gnu/libpcre.so ] && [ ! -e /usr/lib/libpcre.so ]; then
ln -s /usr/lib/aarch64-linux-gnu/libpcre.so /usr/lib/libpcre.so
fi
if [ -e /usr/lib/x86_64-linux-gnu/libpcre.a ] && [ ! -e /usr/lib/libpcre.a ]; then
ln -s /usr/lib/x86_64-linux-gnu/libpcre.a /usr/lib/libpcre.a
fi
if [ -e /usr/lib/aarch64-linux-gnu/libpcre.a ] && [ ! -e /usr/lib/libpcre.a ]; then
ln -s /usr/lib/aarch64-linux-gnu/libpcre.a /usr/lib/libpcre.a
fi
fi
fi
#needed for PHP-versions <7.3
if [ -e /usr/include/x86_64-linux-gnu/curl/easy.h ] && [ ! -e /usr/include/curl/easy.h ] && [ ! -d /usr/local/include/curl/easy.h ]; then
ln -sf /usr/include/x86_64-linux-gnu/curl /usr/include/curl
fi
if [ ! -e /usr/local/lib/libpng.so ]; then
if [ -e /usr/lib64/libpng.so ]; then
LIBPNG_DIR="/usr/lib64"
elif [ -e /usr/lib/x86_64-linux-gnu/libpng.so ]; then
LIBPNG_DIR="/usr/lib/x86_64-linux-gnu"
elif [ -e /usr/lib/aarch64-linux-gnu/libpng.so ]; then
LIBPNG_DIR="/usr/lib/aarch64-linux-gnu"
else
LIBPNG_DIR="/usr/lib"
fi
if grep -m1 -q 'with-png-dir=/usr/local/lib' ${CONF_FILE}; then
perl -pi -e "s#with-png-dir=/usr/local/lib#with-png-dir=${LIBPNG_DIR}#g" ${CONF_FILE}
fi
fi
if [ ! -e /usr/local/lib/libjpeg.so ]; then
if [ -e /usr/lib64/libjpeg.so ]; then
LIBJPEG_DIR="/usr/lib64"
elif [ -e /usr/lib/x86_64-linux-gnu/libjpeg.so ]; then
LIBJPEG_DIR="/usr/lib/x86_64-linux-gnu"
elif [ -e /usr/lib/aarch64-linux-gnu/libjpeg.so ]; then
LIBJPEG_DIR="/usr/lib/aarch64-linux-gnu"
else
LIBJPEG_DIR="/usr/lib"
fi
if grep -m1 -q 'with-jpeg-dir=/usr/local/lib' ${CONF_FILE}; then
perl -pi -e "s#with-jpeg-dir=/usr/local/lib#with-jpeg-dir=${LIBJPEG_DIR}#g" ${CONF_FILE}
fi
fi
if [ ! -e /usr/local/lib/libwebp.so ]; then
if [ -e /usr/lib64/libwebp.so ]; then
LIBWEBP_DIR="/usr/lib64"
elif [ -e /usr/lib/x86_64-linux-gnu/libwebp.so ]; then
LIBWEBP_DIR="/usr/lib/x86_64-linux-gnu"
elif [ -e /usr/lib/aarch64-linux-gnu/libwebp.so ]; then
LIBWEBP_DIR="/usr/lib/x86_64-linux-gnu"
else
LIBWEBP_DIR="/usr/lib"
fi
if grep -m1 -q 'with-webp-dir=/usr/local/lib' ${CONF_FILE}; then
perl -pi -e "s#with-webp-dir=/usr/local/lib#with-webp-dir=${LIBWEBP_DIR}#g" ${CONF_FILE}
fi
fi
if [ ! -e /usr/local/lib/libfreetype.so ]; then
if [ -e /usr/lib64/libfreetype.so ]; then
LIBFREETYPE_DIR="/usr/lib64"
elif [ -e /usr/lib/x86_64-linux-gnu/libfreetype.so ]; then
LIBFREETYPE_DIR="/usr/lib/x86_64-linux-gnu"
elif [ -e /usr/lib/aarch64-linux-gnu/libfreetype.so ]; then
LIBFREETYPE_DIR="/usr/lib/aarch64-linux-gnu"
else
LIBFREETYPE_DIR="/usr/lib"
fi
if grep -m1 -q 'with-freetype-dir=/usr/local/lib' ${CONF_FILE}; then
perl -pi -e "s#with-freetype-dir=/usr/local/lib#with-freetype-dir=${LIBFREETYPE_DIR}#g" ${CONF_FILE}
fi
fi
if [ ! -e /usr/local/bin/iconv ]; then
LIBICONV_DIR="/usr"
if grep -m1 -q 'with-iconv=/usr/local' ${CONF_FILE}; then
perl -pi -e "s#with-iconv=/usr/local#with-iconv-dir=${LIBICONV_DIR}#g" ${CONF_FILE}
fi
elif [ "${INT_RELEASE}" = "8.0" ] || [ "${INT_RELEASE}" = "8.1" ] || [ "${INT_RELEASE}" = "8.2" ]; then
if ! grep -m1 -q 'with-iconv' ${CONF_FILE}; then
perl -pi -e 's#./configure #./configure --with-iconv=/usr/local #' ${CONF_FILE}
fi
fi
if [ ! -e /usr/local/icu/lib/libicudata.so ]; then
LIBICU_DIR="/usr"
if grep -m1 -q 'with-icu-dir=/usr/local/icu' ${CONF_FILE}; then
perl -pi -e "s#with-icu-dir=/usr/local/icu#with-icu-dir=${LIBICU_DIR}#g" ${CONF_FILE}
fi
fi
#we need to make sure that the mysqli path is set.
MYSQLI_BIN=""
if [ -e /usr/local/bin/mysql_config ]; then
MYSQLI_BIN=/usr/local/bin/mysql_config
fi
if [ "${MYSQLI_BIN}" = "" ]; then
if [ -e /usr/mysql/bin/mysql_config ]; then
MYSQLI_BIN=/usr/mysql/bin/mysql_config
fi
fi
if [ "${MYSQLI_BIN}" = "" ]; then
if [ -e /usr/local/mysql/bin/mysql_config ]; then
MYSQLI_BIN=/usr/local/mysql/bin/mysql_config
fi
fi
if [ "${MYSQLI_BIN}" = "" ]; then
if [ -e /usr/bin/mysql_config ]; then
MYSQLI_BIN=/usr/bin/mysql_config
fi
fi
if [ "${MYSQLI_BIN}" != "" ]; then
STR="perl -pi -e 's#with-mysqli\s#with-mysqli=${MYSQLI_BIN} #' ${CONF_FILE}"
eval ${STR}
STR="perl -pi -e 's#with-mysqli\"#with-mysqli=${MYSQLI_BIN}\"#' ${CONF_FILE}"
eval ${STR}
fi
MYSQL_SOCK='/var/lib/mysql/mysql.sock'
if [ ! -e ${MYSQL_SOCK} ]; then
if [ -x "${MYSQLI_BIN}" ]; then
MYSQL_SOCK_NEW="`${MYSQLI_BIN} --socket`"
fi
if [ "${MYSQL_SOCK_NEW}" != "" ]; then
MYSQL_SOCK="${MYSQL_SOCK_NEW}"
fi
fi
if [ "${MYSQL_SOCK}" = "/tmp/mysql.sock" ] && [ -e ${DEBIAN_VERSION} ]; then
MYSQL_SOCK=/usr/local/mysql/data/mysql.sock
fi
perl -pi -e "s#/var/lib/mysql/mysql.sock#${MYSQL_SOCK}#" ${CONF_FILE}
#if this is a 64bit system,make sure libmysqlclient is correct.
if [ -e /usr/lib64/libmysqlclient.so ] && [ ! -e /usr/lib/libmysqlclient.so ]; then
if [ "${MYSQL_OPT}" = "5.7" ] || [ "${MYSQL_OPT}" = "8.0" ]; then
ln -s /usr/lib64/mysql/libmysqlclient.so /usr/lib/libmysqlclient.so
else
ln -s /usr/lib64/libmysqlclient.so /usr/lib/libmysqlclient.so
fi
fi
#Reported a problem in ticket ID 9605
#CFLAGS="`getGccOptions`" ${CONF_FILE}
# ICU 61+ compatibility with PHP 5.x
if [ "${INT_RELEASE}" = "5.3" ] || [ "${INT_RELEASE}" = "5.4" ] || [ "${INT_RELEASE}" = "5.5" ] || [ "${INT_RELEASE}" = "5.6" ] || [ "${INT_RELEASE}" = "7.0" ]; then
CXXFLAGS="-std=c++11 -DU_USING_ICU_NAMESPACE=1" ${CONF_FILE}
else
${CONF_FILE}
fi
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure php. Check the configure file\n"
do_exit 1
fi
echo "Done Configuration."
perl -pi -e 's|$(PHP_RPATHS)|$(NATIVE_RPATHS) $(PHP_RPATHS)|g' Makefile
#A fix for "ext/intl/msgformat/msgformat_helpers.o: undefined reference"
if [ "${INT_RELEASE}" = "5.3" ]; then
sed -i '/EXTRA_LIBS = /s|$| -lstdc++|' Makefile
perl -pi -e 's| \@\$\(INSTALL\)|\t\@\$\(INSTALL\)|g' Makefile
fi
while echo "Trying to make php..."; do
C_INCLUDE_PATH=/usr/kerberos/include make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
echo -n -e "\n*** The make has failed, would you like to try to make again? (y,n): "
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make Complete"
#change the pear settings to remove the -n option.
#the default memory limit was messing this up.
/usr/bin/perl -pi -e 's/PEAR_INSTALL_FLAGS = .*/PEAR_INSTALL_FLAGS = -dshort_open_tag=0 -dsafe_mode=0/' Makefile
#Remove symlink if exists
if [ -h /usr/local/php${SHORT_RELEASE}/sbin/php-fpm${SHORT_RELEASE} ]; then
rm -f /usr/local/php${SHORT_RELEASE}/sbin/php-fpm${SHORT_RELEASE}
fi
if [ -e ${PHP_INI_INT} ]; then
#short_open_tag: https://help.directadmin.com/item.php?id=438
perl -pi -e 's/^short_open_tag = Off/short_open_tag = On/' ${PHP_INI_INT}
if [ "${INT_RELEASE}" != "5.3" ]; then
echo "Making PHP ${INT_RELEASE} installation compatible with php.ini file"
/usr/bin/perl -pi -e 's/^register_long_arrays/;register_long_arrays/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^magic_quotes_gpc/;magic_quotes_gpc/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^safe_mode/;safe_mode/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^register_globals/;register_globals/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^register_long_arrays/;register_long_arrays/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^allow_call_time_pass_reference/;allow_call_time_pass_reference/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^define_syslog_variables/;define_syslog_variables/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^highlight.bg/;highlight.bg/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^session.bug_compat_42/;session.bug_compat_42/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^session.bug_compat_warn/;session.bug_compat_warn/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^y2k_compliance/;y2k_compliance/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^magic_quotes_runtime/;magic_quotes_runtime/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/^magic_quotes_sybase/;magic_quotes_sybase/' ${PHP_INI_INT}
fi
fi
PHP_EXT_INT_OLD="`echo ${PHP_EXT_INT} | perl -p0 -e 's|10-directadmin.ini|directadmin.ini|'`"
if [ -e ${PHP_EXT_INT_OLD} ]; then
rm -f ${PHP_EXT_INT_OLD}
fi
if [ -e ${PHP_EXT_INT} ]; then
echo "Temporary disabling extensions..."
mv -f ${PHP_EXT_INT} ${PHP_EXT_INT}.cb_backup
fi
if [ ! -d /usr/local/php${SHORT_RELEASE}/bin ]; then
mkdir -p /usr/local/php${SHORT_RELEASE}/bin
fi
while echo "Installing php..."; do
make install
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The install has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
if [ -e ${PHP_EXT_INT}.cb_backup ]; then
echo "Enabling temporary disabled extensions..."
mv -f ${PHP_EXT_INT}.cb_backup ${PHP_EXT_INT}
fi
#############################################################
#we need to have this piece of code here, because without installation we do not have /usr/local/php53(54)/lib available, so we cannot copy php.ini there
#old note: this was moved here, again for pear (before make install)
echo "Copying php.ini.."
if [ ! -e ${PHP_INI_INT} ]; then
cp php.ini-${PHP_INI_TYPE_OPT} ${PHP_INI_INT}
else
echo "${PHP_INI_INT} already exists, skipping."
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if ${INT_MAIN_VERSION}; then
rewrite_phpmodules
fi
fi
COUNT=`grep -m1 -c '^date.timezone' ${PHP_INI_INT}`
COUNT2=`grep -m1 -c ';date.timezone' ${PHP_INI_INT}`
if [ "$COUNT" -eq 0 ] && [ "$COUNT2" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to ${PHP_INI_INT}, please change it by yourself to fit your own needs.${boldoff}"
echo "date.timezone = \"${PHP_TIMEZONE_OPT}\"" >> ${PHP_INI_INT}
elif [ "$COUNT" -eq 0 ]; then
echo "${boldon}Adding date.timezone = \"${PHP_TIMEZONE_OPT}\" to ${PHP_INI_INT}, please change it by yourself to fit your own needs.${boldoff}"
perl -pi -e "s#;date.timezone.*#date.timezone = \"${PHP_TIMEZONE_OPT}\"#" ${PHP_INI_INT}
fi
/usr/bin/perl -pi -e 's/upload_max_filesize = 2M/upload_max_filesize = 64M/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/post_max_size = 8M/post_max_size = 64M/' ${PHP_INI_INT}
if [ "${X_MAIL_HEADER_OPT}" = "yes" ]; then
echo "Enabling mail.add_x_header option in ${PHP_INI_INT}"
/usr/bin/perl -pi -e 's/mail.add_x_header = Off/mail.add_x_header = On/' ${PHP_INI_INT}
/usr/bin/perl -pi -e 's/mail.add_x_header = 0/mail.add_x_header = On/' ${PHP_INI_INT}
COUNT=`grep -m1 -c '^mail.add_x_header' ${PHP_INI_INT}`
if [ ${COUNT} -eq 0 ]; then
echo "mail.add_x_header = On" >> ${PHP_INI_INT}
fi
else
echo "Disabling mail.add_x_header option in ${PHP_INI_INT}"
/usr/bin/perl -pi -e 's/^mail.add_x_header =/;mail.add_x_header =/' ${PHP_INI_INT}
fi
if [ -e /usr/local/php${SHORT_RELEASE}/bin/php${SHORT_RELEASE} ]; then
echo "Creating symlink for /usr/local/php${SHORT_RELEASE}/bin/php${SHORT_RELEASE}..."
ln -sf /usr/local/php${SHORT_RELEASE}/bin/php${SHORT_RELEASE} /usr/local/php${SHORT_RELEASE}/bin/php
fi
if [ -e /usr/local/php${SHORT_RELEASE}/bin/lsphp${SHORT_RELEASE} ]; then
echo "Creating symlink for /usr/local/php${SHORT_RELEASE}/bin/lsphp${SHORT_RELEASE}..."
ln -sf /usr/local/php${SHORT_RELEASE}/bin/lsphp${SHORT_RELEASE} /usr/local/php${SHORT_RELEASE}/bin/lsphp
fi
if [ -e /usr/local/php${SHORT_RELEASE}/bin/php-cgi${SHORT_RELEASE} ]; then
echo "Creating symlink for /usr/local/php${SHORT_RELEASE}/bin/php-cgi${SHORT_RELEASE}..."
ln -sf /usr/local/php${SHORT_RELEASE}/bin/php-cgi${SHORT_RELEASE} /usr/local/php${SHORT_RELEASE}/bin/php-cgi
fi
if [ -e /usr/local/php${SHORT_RELEASE}/bin/php-config${SHORT_RELEASE} ]; then
echo "Creating symlink for /usr/local/php${SHORT_RELEASE}/bin/php-config${SHORT_RELEASE}..."
ln -sf /usr/local/php${SHORT_RELEASE}/bin/php-config${SHORT_RELEASE} /usr/local/php${SHORT_RELEASE}/bin/php-config
fi
if [ -e /usr/local/php${SHORT_RELEASE}/bin/phpize${SHORT_RELEASE} ]; then
echo "Creating symlink for /usr/local/php${SHORT_RELEASE}/bin/phpize${SHORT_RELEASE}..."
ln -sf /usr/local/php${SHORT_RELEASE}/bin/phpize${SHORT_RELEASE} /usr/local/php${SHORT_RELEASE}/bin/phpize
fi
if ${INT_MAIN_VERSION} && [ -e /usr/local/php${SHORT_RELEASE}/bin/php${SHORT_RELEASE} ]; then
ln -sf /usr/local/php${SHORT_RELEASE}/bin/php${SHORT_RELEASE} /usr/local/bin/php
ln -sf /usr/local/php${SHORT_RELEASE}/bin/pear /usr/local/bin/pear
ln -sf /usr/local/php${SHORT_RELEASE}/bin/pecl /usr/local/bin/pecl
ln -sf /usr/local/php${SHORT_RELEASE}/bin/phar /usr/local/bin/phar
ln -sf /usr/local/php${SHORT_RELEASE}/bin/phpize /usr/local/bin/phpize
ln -sf /usr/local/php${SHORT_RELEASE}/bin/php-config /usr/local/bin/php-config
if [ -e /usr/local/php${SHORT_RELEASE}/bin/lsphp ]; then
cp -pf /usr/local/php${SHORT_RELEASE}/bin/lsphp /usr/local/bin/lsphp
elif [ -e /usr/local/php${SHORT_RELEASE}/bin/lsphp${SHORT_RELEASE} ]; then
cp -pf /usr/local/php${SHORT_RELEASE}/bin/lsphp${SHORT_RELEASE} /usr/local/bin/lsphp
fi
fi
doPhpConf
#############################################################
#PHP Extensions
if [ "${PHP_PHALCON_OPT}" = "yes" ]; then
#Phalcon5 will be installable as a composer package, not as an extension anymore
if [ "${EXTENSION_INT_RELEASE}" = "7.2" ] || [ "${EXTENSION_INT_RELEASE}" = "7.3" ] || [ "${EXTENSION_INT_RELEASE}" = "7.4" ]; then
doPhalcon ${INT_RELEASE} ${INT_MODE} 1
fi
fi
if [ "${PHP_SNUFFLEUPAGUS_OPT}" = "yes" ]; then
if [ "${EXTENSION_INT_RELEASE}" != "5.3" ] && [ "${EXTENSION_INT_RELEASE}" != "5.4" ] && [ "${EXTENSION_INT_RELEASE}" != "5.5" ] && [ "${EXTENSION_INT_RELEASE}" != "5.6" ]; then
doSnuffleupagus ${INT_RELEASE} ${INT_MODE} 1
fi
fi
if [ "${PHP_IGBINARY_OPT}" = "yes" ]; then
if [ "${EXTENSION_INT_RELEASE}" != "5.3" ] && [ "${EXTENSION_INT_RELEASE}" != "5.4" ] && [ "${EXTENSION_INT_RELEASE}" != "5.5" ] && [ "${EXTENSION_INT_RELEASE}" != "5.6" ]; then
doIgbinary ${INT_RELEASE} ${INT_MODE} 1
fi
fi
if [ "${PHP_REDIS_OPT}" = "yes" ]; then
if [ "${EXTENSION_INT_RELEASE}" != "5.3" ] && [ "${EXTENSION_INT_RELEASE}" != "5.4" ] && [ "${EXTENSION_INT_RELEASE}" != "5.5" ] && [ "${EXTENSION_INT_RELEASE}" != "5.6" ]; then
doPHPRedis ${INT_RELEASE} ${INT_MODE} 1
fi
fi
if [ "${PHP_GMP_OPT}" = "yes" ]; then
doPHPGmp ${INT_RELEASE} ${INT_MODE} 1
fi
if [ "${PHP_READLINE_OPT}" = "yes" ]; then
doPHPReadline ${INT_RELEASE} ${INT_MODE} 1
fi
if [ "${PHP_XMLRPC_OPT}" = "yes" ]; then
doPHPXmlrpc ${INT_RELEASE} ${INT_MODE} 1
fi
if [ "${PHP_IMAP_OPT}" = "yes" ]; then
doPHPImap ${INT_RELEASE} ${INT_MODE} 1
fi
if [ "${PHP_BZ2_OPT}" = "yes" ]; then
doPHPBz2 ${INT_RELEASE} ${INT_MODE} 1
fi
if [ "${INT_MODE}" != "mod_php" ] && [ "${INT_RELEASE}" != "8.0" ] && [ "${INT_RELEASE}" != "8.1" ] && [ "${INT_RELEASE}" != "8.2" ]; then
if [ "${HTSCANNER_OPT}" = "yes" ]; then
doPHPHtscanner ${INT_RELEASE} 1
fi
fi
if [ "${PHP_LDAP_OPT}" = "yes" ]; then
doPHPLDAP ${INT_RELEASE} ${INT_MODE} 1
fi
if [ "${OPCACHE_OPT}" = "yes" ]; then
doOpcache ${INT_RELEASE} ${INT_MODE} 1
fi
if [ "${SUHOSIN_OPT}" = "yes" ]; then
if [ "${INT_RELEASE}" != "5.3" ] && [ "${INT_RELEASE}" != "7.0" ] && [ "${INT_RELEASE}" != "7.1" ] && [ "${INT_RELEASE}" != "7.2" ] && [ "${INT_RELEASE}" != "7.3" ] && [ "${INT_RELEASE}" != "7.4" ] && [ "${INT_RELEASE}" != "8.0" ] && [ "${INT_RELEASE}" != "8.1" ] && [ "${INT_RELEASE}" != "8.2" ]; then
doSuhosin ${INT_RELEASE} ${INT_MODE} 1
else
echo "This suhosin version does not support PHP ${INT_RELEASE}."
fi
fi
if [ "${IONCUBE_OPT}" = "yes" ]; then
doIoncube ${INT_RELEASE} ${INT_MODE} 1
fi
if [ "${IMAGICK_OPT}" = "yes" ]; then
doIMagick ${INT_RELEASE} ${INT_MODE} 1
fi
#Only supported by PHP5
if echo "${INT_RELEASE}" | grep -m1 -q '^5'; then
if [ "${ZEND_OPT}" = "yes" ]; then
doZend_build ${INT_RELEASE} ${INT_MODE} 1
fi
fi
#Install Nginx Unit extension
if [ -d /usr/lib/unit/modules ] && [ ! -s /usr/lib/unit/modules/php${INT_RELEASE}.unit.so ] && [ "${UNIT_OPT}" != "yes" ]; then
if /usr/local/php${SHORT_RELEASE}/bin/php -i | grep -m1 -q 'enable-embed'; then
doNginxUnit_module php ${INT_RELEASE}
fi
fi
#############################################################
if [ -s /usr/local/bin/php ] && [ ! -e /bin/php ]; then
ln -s /usr/local/bin/php /bin/php
fi
ensure_curl_cacert
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
if [ "${INT_MODE}" = "php-fpm" ]; then
#configuration
mkdir -p /usr/local/php${SHORT_RELEASE}/sockets
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
chown apache:apache /usr/local/php${SHORT_RELEASE}/sockets
elif [ "${WEBSERVER_OPT}" = "nginx" ]; then
chown nginx:nginx /usr/local/php${SHORT_RELEASE}/sockets
fi
FPM_SOCK_CHMOD=700
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
FPM_SOCK_CHMOD=711
fi
chmod ${FPM_SOCK_CHMOD} /usr/local/php${SHORT_RELEASE}/sockets
if [ ! -s /usr/local/php${SHORT_RELEASE}/etc/php-fpm.conf ]; then
PHP_FPM_CONF_FILE=${WORKDIR}/configure/fpm/conf/php-fpm.conf.${SHORT_RELEASE}
if [ -e ${WORKDIR}/custom/php-fpm/conf/fpm.conf.${SHORT_RELEASE} ]; then
cp -f ${WORKDIR}/custom/php-fpm/conf/fpm.conf.${SHORT_RELEASE} /usr/local/php${SHORT_RELEASE}/etc/php-fpm.conf
elif [ -e ${WORKDIR}/custom/fpm/conf/fpm.conf.${SHORT_RELEASE} ]; then
cp -f ${WORKDIR}/custom/fpm/conf/fpm.conf.${SHORT_RELEASE} /usr/local/php${SHORT_RELEASE}/etc/php-fpm.conf
else
cp -f ${PHP_FPM_CONF_FILE} /usr/local/php${SHORT_RELEASE}/etc/php-fpm.conf
fi
fi
if [ ! -s /usr/local/php${SHORT_RELEASE}/etc/php-fpm.conf ]; then
getFile php-fpm.conf.${SHORT_RELEASE} php-fpm-conf-${SHORT_RELEASE} php-fpm.conf.${SHORT_RELEASE} hexan
cp -f ${CWD}/php-fpm.conf.${SHORT_RELEASE} /usr/local/php${SHORT_RELEASE}/etc/php-fpm.conf
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
perl -pi -e 's/nginx/apache/' /usr/local/php${SHORT_RELEASE}/etc/php-fpm.conf
elif [ "${WEBSERVER_OPT}" = "nginx" ]; then
perl -pi -e 's/apache/nginx/' /usr/local/php${SHORT_RELEASE}/etc/php-fpm.conf
fi
echo "Enabling php-fpm${SHORT_RELEASE} in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/php-fpm${SHORT_RELEASE}.service ]; then
cp -f ${CB_CUST_SYSTEMD}/php-fpm${SHORT_RELEASE}.service ${SYSTEMDDIR}/php-fpm${SHORT_RELEASE}.service
elif [ -e ${CB_CUST_SYSTEMD}/php-fpm.service ]; then
cp -f ${CB_CUST_SYSTEMD}/php-fpm.service ${SYSTEMDDIR}/php-fpm${SHORT_RELEASE}.service
else
cp -f ${CB_SYSTEMD}/php-fpm.service ${SYSTEMDDIR}/php-fpm${SHORT_RELEASE}.service
fi
chmod 644 ${SYSTEMDDIR}/php-fpm${SHORT_RELEASE}.service
perl -pi -e "s#/usr/local/php/sbin/php-fpm#/usr/local/php${SHORT_RELEASE}/sbin/php-fpm${SHORT_RELEASE}#" ${SYSTEMDDIR}/php-fpm${SHORT_RELEASE}.service
perl -pi -e "s#/run/php-fpm.pid#/run/php-fpm${SHORT_RELEASE}.pid#" ${SYSTEMDDIR}/php-fpm${SHORT_RELEASE}.service
if [ "${INT_RELEASE}" = "5.3" ]; then
perl -pi -e 's/Type\=notify/Type=simple/' ${SYSTEMDDIR}/php-fpm${SHORT_RELEASE}.service
fi
DISABLE_PRIVATETMP=false
if [ "${CLAMAV_OPT}" = "yes" ] && [ "${SUHOSIN_PHP_UPLOADSCAN_OPT}" = "yes" ]; then
DISABLE_PRIVATETMP=true
fi
if [ -e /proc/1/environ ]; then
if cat /proc/1/environ | tr '\0' '\n' | grep -q ^container=lxc; then
DISABLE_PRIVATETMP=true
fi
fi
if ${DISABLE_PRIVATETMP}; then
echo "Upload scan option detected in options.conf. Disabling PrivateTmp feature in php-fpm${SHORT_RELEASE}.service for ClamAV to be able to scan files in /tmp."
perl -pi -e 's#PrivateTmp\=true#PrivateTmp=false#' ${SYSTEMDDIR}/php-fpm${SHORT_RELEASE}.service
fi
systemctl daemon-reload
systemctl enable php-fpm${SHORT_RELEASE}.service
if [ -e /usr/local/php${SHORT_RELEASE}/sbin/php-fpm ] && [ ! -e /usr/local/php${SHORT_RELEASE}/sbin/php-fpm${SHORT_RELEASE} ]; then
mv /usr/local/php${SHORT_RELEASE}/sbin/php-fpm /usr/local/php${SHORT_RELEASE}/sbin/php-fpm${SHORT_RELEASE}
fi
if [ ! -e /usr/local/php${SHORT_RELEASE}/sbin/php-fpm ]; then
rm -f /usr/local/php${SHORT_RELEASE}/sbin/php-fpm
ln -sf /usr/local/php${SHORT_RELEASE}/sbin/php-fpm${SHORT_RELEASE} /usr/local/php${SHORT_RELEASE}/sbin/php-fpm
fi
fpmChecks
control_service php-fpm${SHORT_RELEASE} restart
#Make log files available in /var/log
if [ ! -h /var/log/php-fpm${SHORT_RELEASE}.log ]; then
ln -sf /usr/local/php${SHORT_RELEASE}/var/log/php-fpm.log /var/log/php-fpm${SHORT_RELEASE}.log
fi
elif [ "${INT_MODE}" = "fastcgi" ]; then
doSetupFcgidSh ${SHORT_RELEASE}
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
if [ -e /usr/local/php${SHORT_RELEASE}/bin/lsphp ] || [ -e /usr/local/php${SHORT_RELEASE}/bin/lsphp${SHORT_RELEASE} ]; then
mkdir -p /usr/local/lsws/fcgi-bin
control_service litespeed stop
sleep 2
killall -9 litespeed >/dev/null 2>&1
if [ -e /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp ]; then
ln -sf /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp /usr/local/bin/lsphp
elif [ -e /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp${PHP1_SHORTRELEASE} ]; then
ln -sf /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp${PHP1_SHORTRELEASE} /usr/local/bin/lsphp
fi
#Use /usr/local/bin/lsphp as PHP path
perl -pi -e 's|\$SERVER_ROOT/fcgi-bin/lsphp5|/usr/local/bin/lsphp|g' /usr/local/lsws/conf/httpd_config.xml
#Set appropriate path for lsphp
perl -pi -e 's|<path>\$SERVER_ROOT/usr/local/bin/lsphp</path>|<path>/usr/local/bin/lsphp</path>|g' /usr/local/lsws/conf/httpd_config.xml
#Log just errors
perl -pi -e 's|DEBUG|ERROR|g' /usr/local/lsws/conf/httpd_config.xml
if [ -e /usr/local/php${SHORT_RELEASE}/bin/lsphp${SHORT_RELEASE} ]; then
cp -pf /usr/local/php${SHORT_RELEASE}/bin/lsphp${SHORT_RELEASE} ${LSWS_HOME}/fcgi-bin/lsphp-${INT_RELEASE}
else
cp -pf /usr/local/php${SHORT_RELEASE}/bin/lsphp ${LSWS_HOME}/fcgi-bin/lsphp-${INT_RELEASE}
fi
if ${INT_MAIN_VERSION}; then
rm -f ${LSWS_HOME}/fcgi-bin/lsphp
ln -s ${LSWS_HOME}/fcgi-bin/lsphp-${INT_RELEASE} ${LSWS_HOME}/fcgi-bin/lsphp
rm -f ${LSWS_HOME}/fcgi-bin/lsphp${SHORT_RELEASE}
ln -s ${LSWS_HOME}/fcgi-bin/lsphp-${INT_RELEASE} ${LSWS_HOME}/fcgi-bin/lsphp${SHORT_RELEASE}
if [ ! -f "${LSWS_HOME}/fcgi-bin/lsphp4" ]; then
ln -sf "${LSWS_HOME}/fcgi-bin/lsphp" "${LSWS_HOME}/fcgi-bin/lsphp4"
fi
if [ ! -f "${LSWS_HOME}/fcgi-bin/lsphp7" ]; then
ln -sf "${LSWS_HOME}/fcgi-bin/lsphp" "${LSWS_HOME}/fcgi-bin/lsphp7"
fi
if [ ! -f "${LSWS_HOME}/fcgi-bin/lsphp8" ]; then
ln -sf "${LSWS_HOME}/fcgi-bin/lsphp" "${LSWS_HOME}/fcgi-bin/lsphp8"
fi
if [ ! -f "${LSWS_HOME}/fcgi-bin/lsphp5" ]; then
ln -sf "${LSWS_HOME}/fcgi-bin/lsphp" "${LSWS_HOME}/fcgi-bin/lsphp5"
fi
if [ ! -f "${LSWS_HOME}/fcgi-bin/lsphp55" ]; then
ln -sf "${LSWS_HOME}/fcgi-bin/lsphp" "${LSWS_HOME}/fcgi-bin/lsphp55"
fi
fi
control_service litespeed start
fi
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
if [ -e /usr/local/php${SHORT_RELEASE}/bin/lsphp ] || [ -e /usr/local/php${SHORT_RELEASE}/bin/lsphp${SHORT_RELEASE} ]; then
mkdir -p /usr/local/lsws/fcgi-bin
control_service litespeed stop
sleep 2
killall -9 litespeed >/dev/null 2>&1
if ${INT_MAIN_VERSION}; then
if [ -e /usr/local/php${SHORT_RELEASE}/bin/lsphp ]; then
ln -sf /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp /usr/local/bin/lsphp
else
ln -sf /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp${PHP1_SHORTRELEASE} /usr/local/bin/lsphp
fi
fi
control_service litespeed start
fi
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${INT_MODE}" = "lsphp" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] && [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ ! -s /usr/lib/apache/mod_lsapi.so ]; then
doModLsapi 0
else
if [ -s ${STRINGS} ]; then
MODLSAPIV="`${STRINGS} /usr/lib/apache/mod_lsapi.so | grep -m1 'version' | awk '{print $3}' | cut -d: -f1 | grep -o '.*[0-9][^a-z]'`"
if [ "${MODLSAPIV}" != "${MOD_LSAPI_VER}" ]; then
doModLsapi 0
fi
fi
fi
fi
fi
if ${INT_MAIN_VERSION}; then
NATIVE_CONF=/etc/cl.selector/native.conf
if [ -e ${NATIVE_CONF} ] && [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${PHP1_MODE_OPT}" != "mod_php" ] && [ -x /usr/sbin/cagefsctl ]; then
/usr/sbin/cagefsctl --setup-cl-selector
fi
fi
#install proactive defence if exists
if [ -x /usr/share/i360-php/easyapache3/native_da.hook ]; then
PHP_BUILD_BIN=/usr/local/php${SHORT_RELEASE}/bin/php
/usr/share/i360-php/easyapache3/native_da.hook --install-i360 ${PHP_BUILD_BIN}
fi
removeLockfile
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
#Revert temporary MPM mode set (to be fail-proof with non-ZTS version)
if [ -s ${PHPMODULES} ]; then
set_apache_mpm
fi
echo "Restarting apache."
control_service httpd restart
fi
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "Restarting nginx."
control_service nginx stop >/dev/null 2>&1
control_service nginx start
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "Rewriting all users httpd.conf files, please wait..."
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
elif [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
echo "Rewriting all users openlitespeed.conf files, please wait..."
echo "action=rewrite&value=openlitespeed" >> ${TASK_QUEUE}
elif [ "${WEBSERVER_OPT}" = "nginx" ]; then
echo "Rewriting all users nginx.conf files, please wait..."
echo "action=rewrite&value=nginx" >> ${TASK_QUEUE}
fi
run_dataskq d
echo "PHP ${PHP_VER} Installed."
writeLog "PHP ${PHP_VER} installed"
cd ${CWD}
}
####################################################
doModAclr2() {
cd ${CWD}
if [ "${WEBSERVER_OPT}" != "nginx_apache" ]; then
do_exit 1 "Cannot build mod_aclr2, because of the chosen webserver in the options.conf file."
fi
getFile mod_aclr2-${MOD_ACLR2_VER}.tar.gz mod_aclr2
getFile patches/mod_aclr2_userdir.patch mod_aclr2_userdir.patch patches/mod_aclr2_userdir.patch hexan
FILE=${CWD}/mod_aclr2-${MOD_ACLR2_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
#We don't have a directory in a tarball, so we create it here, and extract files to it
mkdir -p mod_aclr2-${MOD_ACLR2_VER}
tar xzf ${FILE} -C ./mod_aclr2-${MOD_ACLR2_VER}
cd mod_aclr2-${MOD_ACLR2_VER}
if [ -e patches/mod_aclr2_userdir.patch ]; then
echo "Patching to support UserDir..."
patch -p0 < patches/mod_aclr2_userdir.patch
fi
echo "Installing mod_aclr2-${MOD_ACLR2_VER}..."
APXS=/usr/sbin/apxs
if [ ! -e $APXS ]; then
echo "cannot find $APXS, trying a different path"
APXS=/usr/bin/apxs
fi
$APXS -c mod_aclr2.c
$APXS -i -a -n aclr mod_aclr2.la
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to install mod_aclr2-${MOD_ACLR2_VER}.\n"
do_exit 1
fi
perl -pi -e 's|^LoadModule aclr_module|#LoadModule aclr_module|' /etc/httpd/conf/httpd.conf
echo "mod_aclr2 has been installed successfully."
writeLog "mod_aclr2 installed"
cd ${CWD}
}
####################################################
doModRuid2() {
cd ${CWD}
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
do_exit 1 "Cannot build mod_ruid2, because nginx webserver is chosen in the options.conf file."
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
echo "Cannot build mod_ruid2, because litespeed webserver is chosen in the options.conf file."
return
fi
getFile mod_ruid2-${MOD_RUID2_VER}.tar.bz2 mod_ruid2
if [ "${MOD_RUID2_OPT}" != "yes" ]; then
do_exit 1 "You cannot install mod_ruid2, because you do not have it set in options.conf file."
fi
if [ ! -e /lib/libcap.so ] && [ ! -e /lib64/libcap.so ] && [ ! -e /usr/lib/libcap.so ] && [ ! -e /usr/lib64/libcap.so ] && [ ! -e /lib/x86_64-linux-gnu/libcap.so ] && [ ! -e /lib/i386-linux-gnu/libcap.so ] && [ ! -e /usr/lib/x86_64-linux-gnu/libcap.so ]; then
echo "Cannot find libcap.so for mod_ruid2. Please install libcap"
if [ -e /etc/debian_version ]; then
echo "apt-get install libcap-dev"
else
echo "yum -y install libcap-devel"
fi
return
fi
if [ ! -e /usr/bin/bzip2 ] && [ ! -e /bin/bzip2 ]; then
echo "Cannot find bzip2. Please install it."
if [ -e /etc/debian_version ]; then
echo "apt-get install bzip2"
else
echo "yum -y install bzip2"
fi
return
fi
FILE=${CWD}/mod_ruid2-${MOD_RUID2_VER}.tar.bz2
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xjf ${FILE}
cd mod_ruid2-${MOD_RUID2_VER}
echo "Installing mod_ruid2-${MOD_RUID2_VER}..."
APXS=/usr/sbin/apxs
if [ ! -e $APXS ]; then
echo "cannot find $APXS, trying a different path"
APXS=/usr/bin/apxs
fi
perl -pi -e 's#ap_hook_post_read_request\(ruid_setup, NULL, NULL, APR_HOOK_MIDDLE\);#ap_hook_post_read_request(ruid_setup, NULL, NULL, APR_HOOK_REALLY_FIRST);#' mod_ruid2.c
$APXS -a -i -l cap -c mod_ruid2.c
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to install mod_ruid2-${MOD_RUID2_VER}.\n"
do_exit 1
fi
set_LoadModule ruid2_module mod_ruid2.so
if [ -e ${PHPMODULES} ]; then
if ! grep -m1 -q '^Mutex ' ${PHPMODULES}; then
echo "Mutex posixsem" >> ${PHPMODULES}
fi
fi
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
run_dataskq
echo "mod_ruid2 has been installed successfully."
writeLog "mod_ruid2 installed"
cd ${CWD}
}
####################################################
doModHtscanner() {
cd ${CWD}
if [ "${HTSCANNER_OPT}" = "no" ]; then
do_exit 1 "Cannot build htscanner, because you do not have it set in php_extensions.conf file."
fi
if [ ! -e /usr/sbin/apxs ]; then
echo "/usr/sbin/apxs is not found, skipping htscanner for now."
return
fi
getFile htscanner-${HTSCANNER_VER}.tgz htscanner
FILE=${CWD}/htscanner-${HTSCANNER_VER}.tgz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE}
cd htscanner-${HTSCANNER_VER}
echo "Installing mod_htscanner2-${HTSCANNER_VER}..."
APXS=/usr/sbin/apxs
if [ ! -e $APXS ]; then
echo "cannot find $APXS, trying a different path"
APXS=/usr/bin/apxs
fi
$APXS -a -i -c mod_htscanner2.c
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to install mod_htscanner2-${HTSCANNER_VER}.\n"
do_exit 1
fi
set_LoadModule htscanner_module mod_htscanner2.so
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
run_dataskq
echo "mod_htscanner2 has been installed successfully."
writeLog "mod_htscanner2 installed"
cd ${CWD}
}
####################################################
doModFCGID() {
cd ${CWD}
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
do_exit 1 "Cannot build mod_fcgid, because nginx webserver is chosen in the options.conf file."
fi
getFile mod_fcgid-${MOD_FCGID_VER}.tar.gz mod_fcgid
FILE=${CWD}/mod_fcgid-${MOD_FCGID_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
cd mod_fcgid-${MOD_FCGID_VER}
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
patch -p1 < ../mod_fcgid_2_3_7.patch
fi
echo "Installing mod_fcgid-${MOD_FCGID_VER}..."
APXS=/usr/sbin/apxs ./configure.apxs
while echo "Trying to make mod_fcgid-${MOD_FCGID_VER}..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing mod_fcgid-${MOD_FCGID_VER}..."
make install
set_LoadModule fcgid_module mod_fcgid.so
if [ -e ${PHPMODULES} ]; then
if ! grep -m1 -q 'httpd-fcgid.conf' ${PHPMODULES}; then
echo "Include /etc/httpd/conf/extra/httpd-fcgid.conf" >> ${PHPMODULES}
fi
fi
if [ ! -e ${HTTPDCONF}/extra/httpd-fcgid.conf ] && [ -e ${CWD}/configure/ap2/conf/extra/httpd-fcgid.conf ]; then
cp ${CWD}/configure/ap2/conf/extra/httpd-fcgid.conf ${HTTPDCONF}/extra/httpd-fcgid.conf
fi
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
run_dataskq
echo "mod_fcgid-${MOD_FCGID_VER} has been installed successfully."
writeLog "mod_fcgid ${MOD_FCGID_VER} installed"
cd ${CWD}
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
ensure_curl_cacert() {
if [ "${PHP1_RELEASE_OPT}" != "no" ] && [ "`version_cmp ${PHP1_RELEASE_OPT} 5.6 'curl cacert'`" -ge 0 ]; then
CURL_CACERT_DIR=/usr/ssl
CURL_CACERT_PATH=${CURL_CACERT_DIR}/cert.pem
if [ -x /usr/local/bin/php ]; then
DCF=`/usr/local/bin/php -r "if (function_exists('openssl_get_cert_locations')) echo openssl_get_cert_locations()['default_cert_file'];"`
if [ "${DCF}" != "" ]; then
CURL_CACERT_PATH=${DCF}
CURL_CACERT_DIR=`dirname ${CURL_CACERT_PATH}`
fi
fi
SET_CURL_CACERT=0
if [ "$1" = "1" ]; then
SET_CURL_CACERT=1
fi
if [ ! -s "${CURL_CACERT_PATH}" ]; then
SET_CURL_CACERT=1
else
COUNT=`grep -c 'Bundle of CA Root Certificates' ${CURL_CACERT_PATH}`
if [ "${COUNT}" -gt 0 ]; then
SET_CURL_CACERT=1
fi
fi
if [ "${SET_CURL_CACERT}" -eq 1 ]; then
if [ ! -d ${CURL_CACERT_DIR} ]; then
mkdir -p ${CURL_CACERT_DIR}
chmod 755 ${CURL_CACERT_DIR}
fi
if [ "$M" != "0" ]; then
echo "${boldon}Downloading updated ${CURL_CACERT_PATH}${boldoff}"
getFile all/ssl/cacert.pem curl_cacert cacert.pem
if [ -s cacert.pem ]; then
CACERT_DIRECTORY="`dirname ${CURL_CACERT_PATH}`"
if [ ! -d ${CACERT_DIRECTORY} ]; then
mkdir -p ${CACERT_DIRECTORY}
fi
mv -f ${CURL_CACERT_PATH} ${CURL_CACERT_PATH}.old 2>/dev/null
mv cacert.pem ${CURL_CACERT_PATH}
chmod 644 ${CURL_CACERT_PATH}
fi
fi
fi
fi
}
ensure_server_ca() {
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
SSL_CA=${HTTPDCONF}/ssl.crt/server.ca
SSL_CRT=${HTTPDCONF}/ssl.crt/server.crt
SSL_KEY=${HTTPDCONF}/ssl.key/server.key
mkdir -p ${HTTPDCONF}/ssl.crt
ensure_dhparam ${HTTPDCONF}/ssl.crt/dhparams.pem
elif [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
SSL_CA=${LSWS_HOME}/ssl.crt/server.ca
SSL_CRT=${LSWS_HOME}/ssl.crt/server.crt
SSL_KEY=${LSWS_HOME}/ssl.key/server.key
mkdir -p ${LSWS_HOME}/ssl.crt
elif [ "${WEBSERVER_OPT}" = "nginx" ]; then
SSL_CA=${NGINXCONF}/ssl.crt/server.ca
SSL_CRT=${NGINXCONF}/ssl.crt/server.crt
mkdir -p ${NGINXCONF}/ssl.crt
ensure_dhparam ${NGINXCONF}/ssl.crt/dhparams.pem
else
echo "Unknown value for webserver=${WEBSERVER_OPT}"
return
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
mkdir -p ${NGINXCONF}/ssl.crt
mkdir -p ${NGINXCONF}/ssl.key
ensure_dhparam ${NGINXCONF}/ssl.crt/dhparams.pem
fi
echo "Checking to ensure ${SSL_CA} is set."
if [ ! -s ${SSL_CA} ]; then
echo "Downloading new generic server.ca ..."
safeDownloadWithMove "${SSL_CA}" "${WEBPATH_SERVICES}/all/ssl/server.ca"
fi
if [ "${WEBSERVER_OPT}" = "apache" ]; then
if [ -s ${SSL_CRT} ] && [ -s ${SSL_CA} ]; then
cat ${SSL_CRT} > ${SSL_CRT}.combined
#Sometimes we don't have a new line in SSL_CRT, so we add one to separate SSL_CRT and SSL_CA
echo >> ${SSL_CRT}.combined
cat ${SSL_CA} >> ${SSL_CRT}.combined
fi
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -s ${SSL_CRT} ] && [ -s ${SSL_CA} ]; then
cat ${SSL_CRT} > ${SSL_CRT}.combined
#Sometimes we don't have a new line in SSL_CRT, so we add one to separate SSL_CRT and SSL_CA
echo >> ${SSL_CRT}.combined
cat ${SSL_CA} >> ${SSL_CRT}.combined
fi
NG_CA=${NGINXCONF}/ssl.crt/server.ca
NG_CRT=${NGINXCONF}/ssl.crt/server.crt
NG_KEY=${NGINXCONF}/ssl.key/server.key
CP_FLAGS="-fu"
if [ ! -L ${SSL_CA} ]; then
cp ${CP_FLAGS} ${SSL_CA} ${NG_CA}
fi
if [ ! -L ${SSL_CRT} ]; then
cp ${CP_FLAGS} ${SSL_CRT} ${NG_CRT}
fi
if [ ! -L ${SSL_KEY} ]; then
cp ${CP_FLAGS} ${SSL_KEY} ${NG_KEY}
fi
fi
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
NG_CA=${NGINXCONF}/ssl.crt/server.ca
NG_CRT=${NGINXCONF}/ssl.crt/server.crt
if [ -s ${NG_CRT} ] && [ -s ${NG_CA} ]; then
cat ${NG_CRT} > ${NG_CRT}.combined
#Sometimes we don't have a new line in SSL_CRT, so we add one to separate SSL_CRT and SSL_CA
echo >> ${SSL_CRT}.combined
cat ${NG_CA} >> ${NG_CRT}.combined
fi
chmod 600 ${NGINXCONF}/ssl.crt/server.ca
chmod 600 ${NGINXCONF}/ssl.crt/server.crt
chmod 600 ${NG_CRT}.combined
fi
}
backupHttp() {
echo "Backing up certificate and key, and turning off httpd for DirectAdmins's check."
if [ -e ${HTTPDCONF}/ssl.crt/server.crt ]; then
cp -fp ${HTTPDCONF}/ssl.crt/server.crt ${HTTPDCONF}/ssl.crt/server.crt.backup
fi
if [ -e ${HTTPDCONF}/ssl.key/server.key ]; then
cp -fp ${HTTPDCONF}/ssl.key/server.key ${HTTPDCONF}/ssl.key/server.key.backup
fi
if [ -e ${HTTPD_CONF} ]; then
cp -fp ${HTTPD_CONF} ${HTTPD_CONF}.backup
fi
#turn off httpd service checking
set_service httpd OFF
}
restoreHttp() {
echo "Restoring certificate and key, and turning on httpd for DirectAdmins's check."
if [ -e ${HTTPDCONF}/ssl.crt/server.crt.backup ]; then
cp -fp ${HTTPDCONF}/ssl.crt/server.crt.backup ${HTTPDCONF}/ssl.crt/server.crt
chmod 600 ${HTTPDCONF}/ssl.crt/server.crt
fi
if [ -e ${HTTPDCONF}/ssl.key/server.key.backup ]; then
cp -fp ${HTTPDCONF}/ssl.key/server.key.backup ${HTTPDCONF}/ssl.key/server.key
chmod 600 ${HTTPDCONF}/ssl.key/server.key
fi
if [ -e ${HTTPDCONF}/httpd.conf.backup ]; then
cp -fp ${HTTPDCONF}/httpd.conf.backup ${HTTPDCONF}/httpd.conf
fi
ensure_server_ca
#turn on httpd service checking
set_service httpd ON
}
####################################################
checkRPMS() {
if [ -e ${DEBIAN_VERSION} ]; then
return
fi
echo "Removing all apache related rpms..."
rpm -e --nodeps mod_auth_pgsql 2> /dev/null
rpm -e --nodeps mod_python 2> /dev/null
rpm -e --nodeps mod_auth_mysql 2> /dev/null
rpm -e --nodeps mod_auth_any 2> /dev/null
rpm -e --nodeps mod_dav 2> /dev/null
rpm -e --nodeps mod_ssl 2> /dev/null
rpm -e --nodeps mod_perl 2> /dev/null
rpm -e --nodeps mod_fpse 2> /dev/null
rpm -e --nodeps apache-fp 2> /dev/null
rpm -e --nodeps apache-fp-devel 2> /dev/null
rpm -e --nodeps apache-manual 2> /dev/null
rpm -e --nodeps apacheconf 2> /dev/null
rpm -e --nodeps apache-devel 2> /dev/null
rpm -e --nodeps apache 2> /dev/null
rpm -e --nodeps httpd 2> /dev/null
rpm -e --nodeps httpd-devel 2> /dev/null
rpm -e --nodeps httpd-tools 2> /dev/null
rpm -e --nodeps httpd-manual 2> /dev/null
rpm -e --nodeps php 2> /dev/null
echo "All apache related rpms have been removed."
}
####################################################
#addUserGroup mail mail 12 12
addUserGroup() {
if [ -e ${DEBIAN_VERSION} ]; then
if ! /usr/bin/id ${1} > /dev/null 2>&1; then
/usr/sbin/adduser --system --group --no-create-home \
--disabled-login --force-badname ${1} > /dev/null
fi
else
if ! /usr/bin/id ${1} > /dev/null 2>&1; then
/usr/sbin/useradd -r -s /bin/false ${1}
fi
fi
}
####################################################
set64() {
if [ ! -d /usr/lib64 ]; then
return
fi
if [ ! -e /usr/lib/libssl.so ]; then
ln -sf /usr/lib64/libssl.so /usr/lib/libssl.so
fi
if [ ! -e /usr/lib/libidn.so ]; then
ln -sf /usr/lib64/libidn.so /usr/lib/libidn.so
fi
}
####################################################
doApacheCheck() {
if [ ! -e ${HTTPDCONF}/extra/httpd-includes.conf ]; then
echo -n "" > ${HTTPDCONF}/extra/httpd-includes.conf
fi
if [ ! -e ${SUPHP_HTTPD} ]; then
echo -n "" > ${SUPHP_HTTPD}
fi
if [ ! -e ${HTTPDCONF}/extra/httpd-php-handlers.conf ]; then
echo -n "" > ${HTTPDCONF}/extra/httpd-php-handlers.conf
fi
if [ ! -e ${HTTPDCONF}/extra/httpd-phpmodules.conf ]; then
echo -n "" > ${HTTPDCONF}/extra/httpd-phpmodules.conf
fi
}
####################################################
setFDSETSIZE() {
#this bit is to increase the socket limit
if [ -e /usr/include/bits/typesizes.h ]; then
perl -pi -e 's/__FD_SETSIZE.*1024/__FD_SETSIZE 32768/' /usr/include/bits/typesizes.h
fi
if [ -e /usr/include/linux/posix_types.h ]; then
perl -pi -e 's/__FD_SETSIZE.*1024/__FD_SETSIZE 32768/' /usr/include/linux/posix_types.h
fi
if [ -e /usr/include/bits/types.h ]; then
perl -pi -e 's/__FD_SETSIZE.*1024/__FD_SETSIZE 32768/' /usr/include/bits/types.h
fi
NUMBER=`cat /proc/sys/fs/file-max`
if [ ${NUMBER} -lt 131072 ]; then
echo "131072" > /proc/sys/fs/file-max
fi
}
####################################################
#tokenize the IP
tokenize_IP() {
TOKENFILE_APACHE=${HTTPDCONF}/extra/httpd-vhosts.conf
TOKENFILE_OPENLITESPEED=${LSWS_HOME}/conf/httpd-vhosts.conf
TOKENFILE_NGINX=${NGINXCONF}/nginx.conf
if [ -e ${TOKENFILE_NGINX} ]; then
if grep -q -m1 'nginx-vhosts\.conf' ${TOKENFILE_NGINX}; then
TOKENFILE_NGINX=${NGINXCONF}/nginx-vhosts.conf
fi
fi
TOKENFILE_NGINX_USERDIR=${NGINXCONF}/nginx-userdir.conf
if [ -d /usr/local/directadmin/data/admin/ips ]; then
IP="`grep -r -l -m1 '^status=server$' /usr/local/directadmin/data/admin/ips | cut -d/ -f8`"
fi
if [ "${IP}" = "" ]; then
IP="`grep -im1 ${HOSTNAME} /etc/hosts | awk '{print $1}'`"
if [ "${IP}" = "" ]; then
echo "Unable to detect your server IP in /etc/hosts. Please enter it: "
read IP
fi
fi
if [ "${IP}" = "" ]; then
echo "Unable to detect your server IP. Exiting..."
do_exit 0
fi
if [ "`echo ${IP} | grep -m1 -c ':'`" -gt 0 ]; then
IP="[${IP}]"
fi
echo "Using $IP for your server IP"
LAN_IP=`getDA_Opt lan_ip ""`
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -e ${TOKENFILE_APACHE} ]; then
if [ "`grep -m1 -c '|IP|' ${TOKENFILE_APACHE}`" -gt "0" ]; then
STR="perl -pi -e 's/\|IP\|/$IP/' ${TOKENFILE_APACHE}"
eval ${STR}
fi
if [ "`grep -m1 -c '|LINKEDIP|' ${TOKENFILE_APACHE}`" -gt "0" ]; then
#|LINKEDIP| and |LINKEDIPSSL|
#set them or clear them.
IP_CF=/usr/local/directadmin/data/admin/ips/${IP}
if [ -s ${IP_CF} ] && [ -s ${DACONF_FILE} ]; then
if [ "`grep -m1 -c '^linked_ips=' ${IP_CF}`" -gt "0" ]; then
#2 will tokenize the httpd-vhosts.conf
/usr/local/directadmin/dataskq --linked-ips=2
fi
fi
#this is a fallback, in case the dataskq did not do it
LINKEDIP="perl -pi -e 's/\|LINKEDIP\|//' ${TOKENFILE_APACHE}"
LINKEDIPSSL="perl -pi -e 's/\|LINKEDIPSSL\|//' ${TOKENFILE_APACHE}"
eval ${LINKEDIP}
eval ${LINKEDIPSSL}
fi
fi
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
if [ -e ${TOKENFILE_OPENLITESPEED} ]; then
if [ "`grep -m1 -c '|IP_LISTENER|' ${TOKENFILE_OPENLITESPEED}`" -gt "0" ]; then
IP_LISTENER=`echo "${IP}" | tr '.:' '-'`
STR="perl -pi -e 's/\|IP_LISTENER\|/$IP_LISTENER/g' ${TOKENFILE_OPENLITESPEED}"
eval ${STR}
fi
if [ "`grep -m1 -c '|HOSTNAME|' ${TOKENFILE_OPENLITESPEED}`" -gt "0" ]; then
STR="perl -pi -e 's/\|HOSTNAME\|/$HOSTNAME/g' ${TOKENFILE_OPENLITESPEED}"
eval ${STR}
fi
if [ "`grep -m1 -c '|LINKEDIP_LISTENERS|' ${TOKENFILE_OPENLITESPEED}`" -gt "0" ]; then
#|LINKEDIP_LISTENERS|
#set them or clear them.
IP_CF=/usr/local/directadmin/data/admin/ips/${IP}
if [ -s ${IP_CF} ] && [ -s ${DACONF_FILE} ]; then
if [ "`grep -m1 -c '^linked_ips=' ${IP_CF}`" -gt "0" ]; then
#4 will tokenize the httpd-vhosts.conf
/usr/local/directadmin/dataskq --linked-ips=4
fi
fi
#this is a fallback, in case the dataskq did not do it
LINKEDIP_LISTENERS="perl -pi -e 's/\|LINKEDIP_LISTENERS\|//' ${TOKENFILE_OPENLITESPEED}"
eval ${LINKEDIP_LISTENERS}
fi
fi
fi
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -e ${TOKENFILE_NGINX} ]; then
if [ "`grep -m1 -c '|IP|' ${TOKENFILE_NGINX}`" -gt "0" ]; then
if [ "${LAN_IP}" != "" ] && [ "${LAN_IP}" != "${IP}" ]; then
echo "Using lan_ip=$LAN_IP as a secondary server IP";
STR="perl -pi -e 's/\|IP\|:\|PORT_80\|;/\|IP\|:\|PORT_80\|;\n\tlisten\t\t$LAN_IP:\|PORT_80\|;/' ${TOKENFILE_NGINX}"
eval ${STR}
STR="perl -pi -e 's/\|IP\|:\|PORT_443\| ssl\|SPACE_HTTP2\|;/\|IP\|:\|PORT_443\| ssl\|SPACE_HTTP2\|;\n\tlisten\t\t$LAN_IP:\|PORT_443\| ssl\|SPACE_HTTP2\|;/' ${TOKENFILE_NGINX}"
eval ${STR}
fi
echo "Using $IP for your server IP"
STR="perl -pi -e 's/\|IP\|/$IP/' ${TOKENFILE_NGINX}"
eval ${STR}
fi
if [ "`grep -m1 -c '|LINKEDIP|' ${TOKENFILE_NGINX}`" -gt "0" ]; then
#|LINKEDIP| and |LINKEDIPSSL|
#set them or clear them.
IP_CF=/usr/local/directadmin/data/admin/ips/${IP}
if [ -s ${IP_CF} ] && [ -s ${DACONF_FILE} ]; then
if [ "`grep -m1 -c '^linked_ips=' ${IP_CF}`" -gt "0" ]; then
#3 will tokenize the nginx-vhosts.conf
/usr/local/directadmin/dataskq --linked-ips=3
fi
fi
#this is a fallback, in case the dataskq did not do it
LINKEDIP="perl -pi -e 's/\|LINKEDIP\|//' ${TOKENFILE_NGINX}"
LINKEDIPSSL="perl -pi -e 's/\|LINKEDIPSSL\|//' ${TOKENFILE_NGINX}"
eval ${LINKEDIP}
eval ${LINKEDIPSSL}
fi
fi
if [ -e ${TOKENFILE_NGINX_USERDIR} ]; then
if [ "`grep -m1 -c '|IP|' ${TOKENFILE_NGINX_USERDIR}`" -gt "0" ]; then
if [ "${LAN_IP}" != "" ] && [ "${LAN_IP}" != "${IP}" ]; then
STR="perl -pi -e 's/\|IP\|:\|PORT_80\|;/\|IP\|:\|PORT_80\|;\n\tlisten\t\t$LAN_IP:\|PORT_80\|;/' ${TOKENFILE_NGINX_USERDIR}"
eval ${STR}
STR="perl -pi -e 's/\|IP\|:\|PORT_443\| ssl\|SPACE_HTTP2\|;/\|IP\|:\|PORT_443\| ssl\|SPACE_HTTP2\|;\n\tlisten\t\t$LAN_IP:\|PORT_443\| ssl\|SPACE_HTTP2\|;/' ${TOKENFILE_NGINX_USERDIR}"
eval ${STR}
fi
STR="perl -pi -e 's/\|IP\|/$IP/' ${TOKENFILE_NGINX_USERDIR}"
eval ${STR}
fi
fi
fi
}
#tokenize ports
tokenize_ports() {
getWebserverPorts
TOKENFILE_APACHE=${HTTPDCONF}/extra/httpd-vhosts.conf
TOKENFILE_NGINX=${NGINXCONF}/nginx.conf
if [ -e ${TOKENFILE_NGINX} ]; then
if grep -q -m1 'nginx-vhosts\.conf' ${TOKENFILE_NGINX}; then
TOKENFILE_NGINX=${NGINXCONF}/nginx-vhosts.conf
fi
fi
TOKENFILE_NGINX_USERDIR=${NGINXCONF}/nginx-userdir.conf
TOKENFILE_OPENLITESPEED=${LSWS_HOME}/conf/httpd-vhosts.conf
if [ "${WEBSERVER_OPT}" = "openlitespeed" ] && [ -s ${TOKENFILE_OPENLITESPEED} ]; then
if [ "`grep -m1 -c '|PORT_80|' ${TOKENFILE_OPENLITESPEED}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_80\|/${PORT_80}/g\" ${TOKENFILE_OPENLITESPEED}"
eval ${STR}
fi
if [ "`grep -m1 -c '|PORT_443|' ${TOKENFILE_OPENLITESPEED}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_443\|/${PORT_443}/g\" ${TOKENFILE_OPENLITESPEED}"
eval ${STR}
fi
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ]; then
if [ -e ${TOKENFILE_APACHE} ]; then
if [ "`grep -m1 -c '|PORT_80|' ${TOKENFILE_APACHE}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_80\|/${PORT_80}/g\" ${TOKENFILE_APACHE}"
eval ${STR}
else
perl -pi -e "s/:${PORT_8080}\>/:${PORT_80}\>/" ${TOKENFILE_APACHE}
perl -pi -e "s/^Listen ${PORT_8080}$/Listen ${PORT_80}/" ${TOKENFILE_APACHE}
fi
if [ "`grep -m1 -c '|PORT_443|' ${TOKENFILE_APACHE}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_443\|/${PORT_443}/g\" ${TOKENFILE_APACHE}"
eval ${STR}
else
perl -pi -e "s/:${PORT_8081}\>/:${PORT_443}\>/" ${TOKENFILE_APACHE}
perl -pi -e "s/^Listen ${PORT_8081}$/Listen ${PORT_443}/" ${TOKENFILE_APACHE}
fi
SSLFILE=${HTTPDCONF}/extra/httpd-ssl.conf
STR="perl -pi -e \"s/\|PORT_443\|/${PORT_443}/g\" ${SSLFILE}"
eval ${STR}
perl -pi -e "s/:${PORT_8081}\>/:${PORT_443}\>/" ${SSLFILE}
perl -pi -e "s/^Listen ${PORT_8081}$/Listen ${PORT_443}/" ${SSLFILE}
STR="perl -pi -e \"s/\|PORT_80\|/${PORT_80}/g\" ${HTTPD_CONF}"
eval ${STR}
perl -pi -e "s/:${PORT_8080}\>/:${PORT_80}\>/" ${HTTPD_CONF}
perl -pi -e "s/^Listen ${PORT_8080}$/Listen ${PORT_80}/" ${HTTPD_CONF}
fi
fi
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
SPACE_HTTP2=
initHTTP2var
if [ "$HTTP2" = "1" ]; then
SPACE_HTTP2=" http2"
fi
STR="perl -pi -e \"s/\|SPACE_HTTP2\|/${SPACE_HTTP2}/g\" ${TOKENFILE_NGINX}"
eval ${STR}
fi
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
if [ -e ${TOKENFILE_NGINX} ]; then
if [ "`grep -m1 -c '|PORT_80|' ${TOKENFILE_NGINX}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_80\|/${PORT_80}/g\" ${TOKENFILE_NGINX}"
eval ${STR}
fi
if [ "`grep -m1 -c '|PORT_443|' ${TOKENFILE_NGINX}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_443\|/${PORT_443}/g\" ${TOKENFILE_NGINX}"
eval ${STR}
fi
fi
if [ -e ${TOKENFILE_NGINX_USERDIR} ]; then
if [ "`grep -m1 -c '|PORT_80|' ${TOKENFILE_NGINX_USERDIR}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_80\|/${PORT_80}/g\" ${TOKENFILE_NGINX_USERDIR}"
eval ${STR}
fi
if [ "`grep -m1 -c '|PORT_443|' ${TOKENFILE_NGINX_USERDIR}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_443\|/${PORT_443}/g\" ${TOKENFILE_NGINX_USERDIR}"
eval ${STR}
fi
fi
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -e ${TOKENFILE_NGINX} ]; then
if [ "`grep -m1 -c '|PORT_80|' ${TOKENFILE_NGINX}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_80\|/${PORT_80}/g\" ${TOKENFILE_NGINX}"
eval ${STR}
fi
if [ "`grep -m1 -c '|PORT_443|' ${TOKENFILE_NGINX}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_443\|/${PORT_443}/g\" ${TOKENFILE_NGINX}"
eval ${STR}
fi
if [ "`grep -m1 -c '|PORT_8080|' ${TOKENFILE_NGINX}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_8080\|/${PORT_8080}/g\" ${TOKENFILE_NGINX}"
eval ${STR}
fi
if [ "`grep -m1 -c '|PORT_8081|' ${TOKENFILE_NGINX}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_8081\|/${PORT_8081}/g\" ${TOKENFILE_NGINX}"
eval ${STR}
fi
fi
if [ -e ${TOKENFILE_NGINX_USERDIR} ]; then
if [ "`grep -m1 -c '|PORT_80|' ${TOKENFILE_NGINX_USERDIR}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_80\|/${PORT_80}/g\" ${TOKENFILE_NGINX_USERDIR}"
eval ${STR}
fi
if [ "`grep -m1 -c '|PORT_443|' ${TOKENFILE_NGINX_USERDIR}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_443\|/${PORT_443}/g\" ${TOKENFILE_NGINX_USERDIR}"
eval ${STR}
fi
if [ "`grep -m1 -c '|PORT_8080|' ${TOKENFILE_NGINX_USERDIR}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_8080\|/${PORT_8080}/g\" ${TOKENFILE_NGINX_USERDIR}"
eval ${STR}
fi
if [ "`grep -m1 -c '|PORT_8081|' ${TOKENFILE_NGINX_USERDIR}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_8081\|/${PORT_8081}/g\" ${TOKENFILE_NGINX_USERDIR}"
eval ${STR}
fi
fi
if [ -e ${TOKENFILE_APACHE} ]; then
if [ "`grep -m1 -c '|PORT_80|' ${TOKENFILE_APACHE}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_80\|/${PORT_8080}/g\" ${TOKENFILE_APACHE}"
eval ${STR}
else
perl -pi -e "s/:${PORT_80}\>/:${PORT_8080}\>/" ${TOKENFILE_APACHE}
fi
if [ "`grep -m1 -c '|PORT_443|' ${TOKENFILE_APACHE}`" -gt "0" ]; then
STR="perl -pi -e \"s/\|PORT_443\|/${PORT_8081}/g\" ${TOKENFILE_APACHE}"
eval ${STR}
else
perl -pi -e "s/:${PORT_443}\>/:${PORT_8081}\>/" ${TOKENFILE_APACHE}
fi
if [ "`grep -m1 -c "^Listen ${PORT_80}$" ${HTTPD_CONF}`" -gt 0 ]; then
STR="perl -pi -e \"s/^Listen ${PORT_80}$/Listen ${PORT_8080}/\" ${HTTPD_CONF}"
eval ${STR}
else
perl -pi -e "s/:${PORT_80}\>/:${PORT_8080}\>/" ${HTTPD_CONF}
fi
STR="perl -pi -e \"s/\|PORT_80\|/${PORT_8080}/g\" ${HTTPD_CONF}"
eval ${STR}
perl -pi -e "s/:${PORT_80}\>/:${PORT_8080}\>/" ${HTTPD_CONF}
perl -pi -e "s/^Listen ${PORT_80}$/Listen ${PORT_8080}/" ${HTTPD_CONF}
SSLFILE=${HTTPDCONF}/extra/httpd-ssl.conf
STR="perl -pi -e \"s/\|PORT_443\|/${PORT_8081}/g\" ${SSLFILE}"
eval ${STR}
perl -pi -e "s/:${PORT_443}\>/:${PORT_8081}\>/" ${SSLFILE}
perl -pi -e "s/^Listen ${PORT_443}$/Listen ${PORT_8081}/" ${SSLFILE}
fi
fi
}
doCURL() {
if [ "${CURL_OPT}" != "yes" ]; then
echo "You cannot install curl, because you do not have it set in options.conf file."
return
fi
if [ ! -s /usr/include/nghttp2/nghttp2.h ] && [ ! -s /usr/local/include/nghttp2/nghttp2.h ]; then
echo "Cannot find nghttp2.h. Installing nghttp2.";
if [ -e ${DEBIAN_VERSION} ]; then
apt-get -y install libnghttp2-dev
elif [ "${OS_CENTOS_VER}" = "7" ]; then
if [ -s /etc/yum.repos.d/epel.repo ]; then
yum -y install libnghttp2-devel --enablerepo=${EPEL_REPO_NAME}
else
yum -y install libnghttp2-devel
fi
else
yum -y install libnghttp2-devel --enablerepo=${POWERTOOLS}
fi
fi
getFile curl-${CURL_VER}.tar.gz curl
quitIfLocked doCURL
cd ${CWD}
FILE=${CWD}/curl-${CURL_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
chmod -R 755 curl-${CURL_VER}
cd curl-${CURL_VER}
echo "Configuring curl-${CURL_VER}..."
if [ "${HTTP2}" = "1" ]; then
echo "Enabling http2 support...";
if ! grep -m1 -q "\-\-with-nghttp2" ${CWD}/${CURL_CONFIGURE}; then
perl -pi -e 's|\./configure|./configure --with-nghttp2|' ${CWD}/${CURL_CONFIGURE}
fi
fi
${CWD}/${CURL_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure cURL.\n"
do_exit 1
fi
echo "Done. Making curl-${CURL_VER}..."
while echo "Trying to make cURL..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing curl-${CURL_VER}..."
if [ -e /usr/local/lib/libcurl.la ]; then
rm -f /usr/local/lib/libcurl.la
fi
if [ -e /usr/local/lib/libcurl.a ]; then
rm -f /usr/local/lib/libcurl.a
fi
if [ -L /usr/local/lib/libcurl.so ]; then
LIBCURL_SO="`readlink /usr/local/lib/libcurl.so`"
rm -f /usr/local/lib/libcurl.so
rm -f "${LIBCURL_SO}"
fi
make install
ldconfig
echo "Done curl."
writeLog "curl ${CURL_VER} installed"
removeLockfile
cd ${CWD}
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
doRemoveCURL() {
if [ "${CURL_OPT}" = "yes" ]; then
do_exit 1 "Cannot remove cURL, because it is enabled in options.conf file."
fi
quitIfLocked doRemoveCURL
cd ${CWD}
FILE=${CWD}/curl-${CURL_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
chmod -R 755 curl-${CURL_VER}
cd curl-${CURL_VER}
echo "Configuring curl-${CURL_VER}..."
${CWD}/${CURL_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure cURL.\n"
do_exit 1
fi
echo "Done. Removing curl-${CURL_VER}..."
make uninstall
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
cd ${CWD}
writeLog "cURL removed"
}
####################################################
doImageMagick() {
if [ "${IMAGICK_OPT}" != "yes" ]; then
do_exit 1 "You cannot install ImageMagick, because you do not have imagick=yes set in php_extensions.conf file."
fi
getFile imagick/ImageMagick-${IMAGEMAGICK_VER}.tar.gz imagemagick ImageMagick-${IMAGEMAGICK_VER}.tar.gz
removeLockfile
quitIfLocked doImageMagick
cd ${CWD}
FILE=${CWD}/ImageMagick-${IMAGEMAGICK_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd ImageMagick-${IMAGEMAGICK_VER}
echo "Configuring ImageMagick-${IMAGEMAGICK_VER}..."
${CWD}/${IMAGEMAGICK_CONFIGURE}
echo "Done. Making ImageMagick-${IMAGEMAGICK_VER}..."
while echo "Trying to make imagemagick..."; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing ImageMagick-${IMAGEMAGICK_VER}..."
make install
echo "Done ImageMagick."
writeLog "ImageMagick ${IMAGEMAGICK_VER} installed"
removeLockfile
cd ${CWD}
if [ "${PHP_IMAGICK_OPT}" = "yes" ]; then
doIMagick
fi
/sbin/ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
doRedis() {
if [ "${REDIS_OPT}" != "yes" ]; then
do_exit 1 "You cannot install Redis, because you do not have redis=yes set in options.conf file."
fi
#Add redis user/group if it doesn't exist
addUserGroup redis redis
getFile redis/redis-${REDIS_VER}.tar.gz redis redis-${REDIS_VER}.tar.gz
removeLockfile
quitIfLocked doRedis
cd ${CWD}
FILE=${CWD}/redis-${REDIS_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd redis-${REDIS_VER}
echo "Making redis-${REDIS_VER}..."
while echo "Trying to make redis..."; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing redis-${REDIS_VER}..."
make install
echo "Done redis."
writeLog "Redis ${REDIS_VER} installed"
removeLockfile
cd ${CWD}
/sbin/ldconfig
cd ${CWD}
echo "Enabling redis in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/redis@.service ]; then
cp -f ${CB_CUST_SYSTEMD}/redis@.service ${SYSTEMDDIR}/redis@.service
else
cp -f ${CB_SYSTEMD}/redis@.service ${SYSTEMDDIR}/redis@.service
fi
chmod 644 ${SYSTEMDDIR}/redis@.service
systemctl daemon-reload
if [ "${SPAMD_OPT}" = "rspamd" ]; then
echo "Enabling redis-rspamd in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/redis-rspamd.service ]; then
cp -f ${CB_CUST_SYSTEMD}/redis-rspamd.service ${SYSTEMDDIR}/redis-rspamd.service
else
cp -f ${CB_SYSTEMD}/redis-rspamd.service ${SYSTEMDDIR}/redis-rspamd.service
fi
chmod 644 ${SYSTEMDDIR}/redis-rspamd.service
systemctl daemon-reload
systemctl enable --now redis-rspamd
if [ ! -d /etc/rspamd/local.d ]; then
mkdir -p /etc/rspamd/local.d
chmod 755 /etc/rspamd/local.d
fi
echo 'servers = "/var/lib/rspamd/.redis/redis.sock";' > /etc/rspamd/local.d/redis.conf
systemctl reload rspamd
fi
if [ ! -e /etc/logrotate.d/redis ]; then
safeDownloadWithMove /etc/logrotate.d/redis "${WEBPATH}/redis.logrotate"
fi
if [ "${OS}" != "FreBSD" ]; then
if [ `sysctl vm.overcommit_memory | cut -d= -f2 | awk '{print $1}'` -eq 0 ]; then
if [ -d /etc/sysctl.d ]; then
if [ -e /etc/sysctl.d/99-directadmin.conf ]; then
if grep -m1 -q '^overcommit_memory' /etc/sysctl.d/99-directadmin.conf; then
echo 'vm.overcommit_memory=1' >> /etc/sysctl.d/99-directadmin.conf
sysctl -p /etc/sysctl.d/99-directadmin.conf
fi
else
echo 'vm.overcommit_memory=1' > /etc/sysctl.d/99-directadmin.conf
sysctl -p /etc/sysctl.d/99-directadmin.conf
fi
fi
fi
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
installXMLRPC() {
if [ -z $1 ] || [ "$1" = "no" ] || [ ! -x /usr/local/php$1/bin/phpize ]; then
return
fi
getFile php_extensions/xmlrpc/xmlrpc-${XMLRPC_VER}.tgz xmlrpc xmlrpc-${XMLRPC_VER}.tgz
echo "Installing xmlrpc-${XMLRPC_VER} PHP extension for PHP $1..."
FILE=${CWD}/xmlrpc-${XMLRPC_VER}.tgz
checkFile ${FILE}
echo "Extracting ${FILE}..."
#make clean didn't clean everything up
if [ -d xmlrpc-${XMLRPC_VER} ]; then
rm -rf xmlrpc-${XMLRPC_VER}
fi
tar xzf ${FILE}
cd xmlrpc-${XMLRPC_VER}
/usr/local/php$1/bin/phpize
./configure --with-php-config=/usr/local/php$1/bin/php-config
while echo "Trying to make xmlrpc-${XMLRPC_VER} PHP extension..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
make install
make clean
cd ${CWD}
}
####################################################
installIMagick() {
if [ -z $1 ] || [ "$1" = "no" ] || [ ! -x /usr/local/php$1/bin/phpize ]; then
return
fi
getFile imagick/imagick-${IMAGICK_VER}.tgz imagick imagick-${IMAGICK_VER}.tgz
echo "Installing imagick-${IMAGICK_VER} PHP extension for PHP $1..."
FILE=${CWD}/imagick-${IMAGICK_VER}.tgz
checkFile ${FILE}
echo "Extracting ${FILE}..."
#make clean didn't clean everything up
if [ -d imagick-${IMAGICK_VER} ]; then
rm -rf imagick-${IMAGICK_VER}
fi
tar xzf ${FILE}
cd imagick-${IMAGICK_VER}
/usr/local/php$1/bin/phpize
./configure --with-php-config=/usr/local/php$1/bin/php-config
while echo "Trying to make imagick-${IMAGICK_VER} PHP extension..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
make install
make clean
cd ${CWD}
}
doIMagick() {
cd ${CWD}
if [ "${IMAGICK_OPT}" = "no" ]; then
do_exit 1 "Cannot build imagick, because you do not have it set in php_extensions.conf file."
fi
if [ ! -e /usr/local/bin/magick ]; then
doImageMagick
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
IMAGICK_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
if [ "${FOR_ALL}" = "no" ]; then
installIMagick ${IMAGICK_INT_SHORTRELEASE} $2
else
installIMagick ${PHP1_SHORTRELEASE} ${PHP1_MODE_OPT}
installIMagick ${PHP2_SHORTRELEASE} ${PHP2_MODE_OPT}
installIMagick ${PHP3_SHORTRELEASE} ${PHP3_MODE_OPT}
installIMagick ${PHP4_SHORTRELEASE} ${PHP4_MODE_OPT}
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} imagick
else
doExtensions_build ${1} ${2} imagick
fi
echo "imagick ${IMAGICK_VER} PHP extension has been installed successfully."
writeLog "imagick ${IMAGICK_VER} installed"
cd ${CWD}
}
installGeneralSrcExt() {
if [ -z $3 ] || [ "$3" = "no" ]; then
return
fi
PHP_EXT_NAME=$1
echo "Installing ${PHP_EXT_NAME} PHP extension for PHP $3..."
PHP_EXT_SHORTRELEASE=`echo $3 | cut -d'.' -f1,2 | tr -d '.'`
getFile php-${3}.tar.gz php${PHP_EXT_SHORTRELEASE}
FILE=${CWD}/php-${3}.tar.gz
if [ ! -d "php-${3}/ext/${PHP_EXT_NAME}" ]; then
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
if [ ! -d "php-${3}/ext/${PHP_EXT_NAME}" ]; then
echo "Unable to found php-${3}/ext/${PHP_EXT_NAME}, skipping..."
return
fi
fi
cd "php-${3}/ext/${PHP_EXT_NAME}"
if [ $? -ne 0 ]; then
do_exit 1 "Failed to change directory to: php-${3}. Exiting..."
fi
/usr/local/php${PHP_EXT_SHORTRELEASE}/bin/phpize
./configure --with-php-config=/usr/local/php${PHP_EXT_SHORTRELEASE}/bin/php-config ${4}
while echo "Trying to make ${PHP_EXT_NAME} PHP extension..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
make install
make clean
cd ${CWD}
}
installGeneralExt() {
if [ -z $3 ] || [ "$3" = "no" ]; then
return
fi
PHP_EXT_NAME=$1
PHP_EXT_VER=$2
if [ "${PHP_EXT_NAME}" = "snuffleupagus" ] || [ "${PHP_EXT_NAME}" = "igbinary" ]; then
FILE_EXT="tar.gz"
else
FILE_EXT="tgz"
fi
if [ "${PHP_EXT_NAME}" = "psr" ] || [ "${PHP_EXT_NAME}" = "phalcon" ]; then
if [ "${3}" = "53" ] || [ "${3}" = "54" ] || [ "${3}" = "55" ] || [ "${3}" = "56" ] || [ "${3}" = "70" ] || [ "${3}" = "71" ]; then
return
fi
elif [ "${PHP_EXT_NAME}" = "snuffleupagus" ] || [ "${PHP_EXT_NAME}" = "igbinary" ]; then
if [ "${3}" = "53" ] || [ "${3}" = "54" ] || [ "${3}" = "55" ] || [ "${3}" = "56" ]; then
return
fi
fi
echo "Installing ${PHP_EXT_NAME}-${PHP_EXT_VER} PHP extension for PHP $3..."
if [ "${PHP_EXT_NAME}" = "redis" ]; then
getFile php_extensions/${PHP_EXT_NAME}/${PHP_EXT_NAME}-${PHP_EXT_VER}.${FILE_EXT} phpredis ${PHP_EXT_NAME}-${PHP_EXT_VER}.${FILE_EXT}
else
getFile php_extensions/${PHP_EXT_NAME}/${PHP_EXT_NAME}-${PHP_EXT_VER}.${FILE_EXT} ${PHP_EXT_NAME} ${PHP_EXT_NAME}-${PHP_EXT_VER}.${FILE_EXT}
fi
FILE=${CWD}/${PHP_EXT_NAME}-${PHP_EXT_VER}.${FILE_EXT}
checkFile ${FILE}
echo "Extracting ${FILE}..."
#make clean didn't clean everything up
if [ -d ${PHP_EXT_NAME}-${PHP_EXT_VER} ]; then
rm -rf ${PHP_EXT_NAME}-${PHP_EXT_VER}
fi
tar xzf ${FILE}
if [ "${PHP_EXT_NAME}" = "snuffleupagus" ]; then
cd ${PHP_EXT_NAME}-${PHP_EXT_VER}/src
else
cd ${PHP_EXT_NAME}-${PHP_EXT_VER}
fi
/usr/local/php$3/bin/phpize
APPEND_CONFIG_FLAG=""
if [ "${PHP_EXT_NAME}" = "redis" ]; then
if /usr/local/php$3/bin/php$3 -i | grep -m1 'igbinary version' | tail -n1 | grep -m1 -q -o '[0-9.]*' 2>/dev/null; then
APPEND_CONFIG_FLAG=" --enable-redis-igbinary"
fi
fi
./configure --with-php-config=/usr/local/php$3/bin/php-config${APPEND_CONFIG_FLAG}
while echo "Trying to make ${PHP_EXT_NAME}-${PHP_EXT_VER} PHP extension..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
make install
make clean
cd ${CWD}
}
doPsr() {
cd ${CWD}
INSTALL_EXT_NAME=psr
INSTALL_EXT_VER=${PSR_VER}
if [ "${PHP_PHALCON_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
SUPPORTED_VERSIONS="73 74"
if [ "${FOR_ALL}" = "no" ]; then
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${GENERAL_EXT_INT_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${GENERAL_EXT_INT_SHORTRELEASE} $2
fi
else
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP1_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP1_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP2_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP2_SHORTRELEASE} ${PHP2_MODE_OPT}
fi
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP3_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP3_SHORTRELEASE} ${PHP3_MODE_OPT}
fi
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP4_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP4_SHORTRELEASE} ${PHP4_MODE_OPT}
fi
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build "${1}" "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} installed"
cd ${CWD}
}
doPhalcon() {
cd ${CWD}
if [ "${PHP_PHALCON_OPT}" = "yes" ]; then
doPsr $1 $2 $3
fi
INSTALL_EXT_NAME=phalcon
INSTALL_EXT_VER=${PHALCON_VER}
if [ "${PHP_PHALCON_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
SUPPORTED_VERSIONS="73 74"
if [ "${FOR_ALL}" = "no" ]; then
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${GENERAL_EXT_INT_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${GENERAL_EXT_INT_SHORTRELEASE} $2
fi
else
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP1_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP1_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP2_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP2_SHORTRELEASE} ${PHP2_MODE_OPT}
fi
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP3_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP3_SHORTRELEASE} ${PHP3_MODE_OPT}
fi
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP4_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP4_SHORTRELEASE} ${PHP4_MODE_OPT}
fi
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} installed"
cd ${CWD}
}
doPHPRedis() {
cd ${CWD}
INSTALL_EXT_NAME=redis
INSTALL_EXT_VER=${PHPREDIS_VER}
if [ "${PHP_REDIS_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
UNSUPPORTED_VERSIONS="53 54 55 56"
if [ "${FOR_ALL}" = "no" ]; then
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${GENERAL_EXT_INT_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${GENERAL_EXT_INT_SHORTRELEASE} $2
fi
else
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP1_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP1_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP2_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP2_SHORTRELEASE} ${PHP2_MODE_OPT}
fi
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP3_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP3_SHORTRELEASE} ${PHP3_MODE_OPT}
fi
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP4_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP4_SHORTRELEASE} ${PHP4_MODE_OPT}
fi
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} installed"
cd ${CWD}
}
doIgbinary() {
cd ${CWD}
INSTALL_EXT_NAME=igbinary
INSTALL_EXT_VER=${IGBINARY_VER}
if [ "${PHP_IGBINARY_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
UNSUPPORTED_VERSIONS="53 54 55 56"
if [ "${FOR_ALL}" = "no" ]; then
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${GENERAL_EXT_INT_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${GENERAL_EXT_INT_SHORTRELEASE} $2
fi
else
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP1_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP1_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP2_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP2_SHORTRELEASE} ${PHP2_MODE_OPT}
fi
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP3_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP3_SHORTRELEASE} ${PHP3_MODE_OPT}
fi
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP4_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP4_SHORTRELEASE} ${PHP4_MODE_OPT}
fi
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} installed"
cd ${CWD}
}
doSnuffleupagus() {
cd ${CWD}
INSTALL_EXT_NAME=snuffleupagus
INSTALL_EXT_VER=${SNUFFLEUPAGUS_VER}
if [ "${PHP_SNUFFLEUPAGUS_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
UNSUPPORTED_VERSIONS="53 54 55 56"
if [ "${FOR_ALL}" = "no" ]; then
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${GENERAL_EXT_INT_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${GENERAL_EXT_INT_SHORTRELEASE} $2
fi
else
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP1_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP1_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP2_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP2_SHORTRELEASE} ${PHP2_MODE_OPT}
fi
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP3_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP3_SHORTRELEASE} ${PHP3_MODE_OPT}
fi
if ! echo "${UNSUPPORTED_VERSIONS}" | grep -m1 -q "${PHP4_SHORTRELEASE}"; then
installGeneralExt ${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} ${PHP4_SHORTRELEASE} ${PHP4_MODE_OPT}
fi
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} ${INSTALL_EXT_VER} installed"
cd ${CWD}
}
doImap() {
cd ${CWD}
getFile all/imap/imap-${IMAP_VER}.tar.gz imap imap-${IMAP_VER}.tar.gz
if [ ! -s imap-${IMAP_VER}.tar.gz ]; then
echo "Cannot find imap-${IMAP_VER}.tar.gz for extraction";
exit 1
fi
tar xvzf imap-${IMAP_VER}.tar.gz
cd imap-${IMAP_VER}
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage pam-devel` -ne 0 ]; then
yum -y install pam-devel
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage libpam0g-dev` -ne 0 ]; then
apt-get -y install libpam0g-dev
ldconfig
fi
fi
UW_PATCH=1006_openssl1.1_autoverify.patch
safeDownloadWithMove "${CWD}/imap-${IMAP_VER}/${UW_PATCH}" "${DOWNLOADSERVER_OPT}/services/custombuild/patches/${UW_PATCH}"
if [ -s ${UW_PATCH} ]; then
patch -p1 < ${UW_PATCH}
fi
make lr5 EXTRACFLAGS=-fPIC
mkdir -p /usr/local/uw-imap/lib
mkdir -p /usr/local/uw-imap/include
cp -f c-client/*.c /usr/local/uw-imap/lib/
cp -f c-client/*.h /usr/local/uw-imap/include/
cp -f c-client/c-client.a /usr/local/uw-imap/lib/libc-client.a
echo "IMAP ${IMAP_VER} has been installed successfully."
writeLog "IMAP ${IMAP_VER} installed"
cd ${CWD}
}
doPHPGmp() {
cd ${CWD}
INSTALL_EXT_NAME=gmp
if [ "${PHP_GMP_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage gmp-devel` -ne 0 ]; then
yum -y install gmp-devel
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage libgmp-dev` -ne 0 ]; then
apt-get -y install libgmp-dev
ldconfig
fi
fi
if [ -e /usr/include/x86_64-linux-gnu/gmp.h ] && [ ! -e /usr/include/gmp.h ]; then
ln -s /usr/include/x86_64-linux-gnu/gmp.h /usr/include/gmp.h
elif [ -e /usr/include/aarch64-linux-gnu/gmp.h ] && [ ! -e /usr/include/gmp.h ]; then
ln -s /usr/include/aarch64-linux-gnu/gmp.h /usr/include/gmp.h
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
EXTRA_CONFIGURATION_FLAGS=""
if [ "${FOR_ALL}" = "no" ]; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${GENERAL_EXT_INT_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP1_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP2_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP3_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP4_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} installed"
cd ${CWD}
}
doPHPReadline() {
cd ${CWD}
INSTALL_EXT_NAME=readline
if [ "${PHP_READLINE_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
RPM_TO_INSTALL=""
if [ `checkRPMPackage readline-devel` -ne 0 ]; then
RPM_TO_INSTALL="readline-devel "
fi
if [ `checkRPMPackage libedit-devel` -ne 0 ]; then
RPM_TO_INSTALL="${RPM_TO_INSTALL}libedit-devel"
fi
if [ ! -z "${RPM_TO_INSTALL}" ]; then
if [ "${OS_CENTOS_VER}" = "8" ]; then
yum -y install ${RPM_TO_INSTALL} --enablerepo=${POWERTOOLS}
elif [ "${OS_CENTOS_VER}" = "9" ]; then
yum -y install ${RPM_TO_INSTALL} --enablerepo=crb
else
yum -y install ${RPM_TO_INSTALL}
fi
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
DPKG_TO_INSTALL=""
if [ `checkDebianPackage libreadline-dev` -ne 0 ]; then
DPKG_TO_INSTALL="libreadline-dev "
fi
if [ `checkDebianPackage libedit-dev` -ne 0 ]; then
DPKG_TO_INSTALL="${DPKG_TO_INSTALL}libedit-dev"
fi
if [ ! -z "${DPKG_TO_INSTALL}" ]; then
apt-get -y install ${DPKG_TO_INSTALL}
ldconfig
fi
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
EXTRA_CONFIGURATION_FLAGS=""
if [ "${FOR_ALL}" = "no" ]; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${GENERAL_EXT_INT_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP1_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP2_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP3_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP4_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} installed"
cd ${CWD}
}
doPHPLDAP() {
cd ${CWD}
INSTALL_EXT_NAME=ldap
if [ "${PHP_LDAP_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage openldap-devel` -ne 0 ]; then
yum -y install openldap-devel
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage libldap2-dev` -ne 0 ]; then
apt-get -y install libldap2-dev
ldconfig
fi
fi
if [ -e /usr/include/x86_64-linux-gnu/ldap.h ] && [ ! -e /usr/include/ldap.h ]; then
ln -s /usr/include/x86_64-linux-gnu/ldap.h /usr/include/ldap.h
fi
if [ -e /usr/include/aarch64-linux-gnu/gmp.h ] && [ ! -e /usr/include/ldap.h ]; then
ln -s /usr/include/aarch64-linux-gnu/gmp.h /usr/include/ldap.h
fi
if [ -e /usr/lib64/libldap.so ] && [ ! -e /usr/lib/libldap.so ]; then
ln -s /usr/lib64/libldap.so /usr/lib/libldap.so
fi
if [ -e /usr/lib64/libldap_r.so ] && [ ! -e /usr/lib/libldap_r.so ]; then
ln -s /usr/lib64/libldap_r.so /usr/lib/libldap_r.so
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
EXTRA_CONFIGURATION_FLAGS=""
if [ "${FOR_ALL}" = "no" ]; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${GENERAL_EXT_INT_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP1_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP2_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP3_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP4_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} installed"
cd ${CWD}
}
doPHPBz2() {
cd ${CWD}
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage bzip2-devel` -ne 0 ]; then
yum -y install bzip2-devel
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage libbz2-dev` -ne 0 ]; then
apt-get -y install libbz2-dev
ldconfig
fi
fi
INSTALL_EXT_NAME=bz2
if [ "${PHP_BZ2_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
EXTRA_CONFIGURATION_FLAGS="--with-imap=/usr/local/uw-imap --with-imap-ssl"
if [ "${FOR_ALL}" = "no" ]; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${GENERAL_EXT_INT_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP1_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP2_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP3_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP4_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} installed"
cd ${CWD}
}
doPHPXmlrpc() {
cd ${CWD}
INSTALL_EXT_NAME=xmlrpc
if [ "${PHP_XMLRPC_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
EXTRA_CONFIGURATION_FLAGS=""
SUPPORTED_VERSIONS="53 54 55 56 70 71 72 73 74"
if [ "${FOR_ALL}" = "no" ]; then
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${GENERAL_EXT_INT_SHORTRELEASE}"; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${GENERAL_EXT_INT_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installXMLRPC ${GENERAL_EXT_INT_SHORTRELEASE} $2
fi
else
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP1_SHORTRELEASE}"; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP1_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installXMLRPC ${PHP1_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP2_SHORTRELEASE}"; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP2_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installXMLRPC ${PHP2_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP3_SHORTRELEASE}"; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP3_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installXMLRPC ${PHP3_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
if echo "${SUPPORTED_VERSIONS}" | grep -m1 -q "${PHP4_SHORTRELEASE}"; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP4_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installXMLRPC ${PHP4_SHORTRELEASE} ${PHP1_MODE_OPT}
fi
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} installed"
cd ${CWD}
}
doPHPImap() {
cd ${CWD}
if [ ! -s /usr/local/uw-imap/lib/libc-client.a ]; then
doImap
fi
INSTALL_EXT_NAME=imap
if [ "${PHP_IMAP_OPT}" = "no" ]; then
do_exit 1 "Cannot build ${INSTALL_EXT_NAME}, because you do not have it set in php_extensions.conf file."
fi
FOR_ALL="no"
if [ -z $1 ] || [ $1 = "d" ] || [ -z $2 ]; then
FOR_ALL="yes"
fi
if [ "${FOR_ALL}" = "no" ]; then
GENERAL_EXT_INT_SHORTRELEASE="`echo $1 | tr -d '.'`"
GENERAL_EXT_INT_VER_VAR=PHP${GENERAL_EXT_INT_SHORTRELEASE}_VER
GENERAL_EXT_INT_VER=$(eval_var ${GENERAL_EXT_INT_VER_VAR})
fi
SKIP_RESTART=1
if [ "$3" != "1" ]; then
SKIP_RESTART=0
fi
EXTRA_CONFIGURATION_FLAGS="--with-imap=/usr/local/uw-imap --with-imap-ssl"
if [ "${FOR_ALL}" = "no" ]; then
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${GENERAL_EXT_INT_VER} "${EXTRA_CONFIGURATION_FLAGS}"
else
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP1_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP2_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP3_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
installGeneralSrcExt ${INSTALL_EXT_NAME} "" ${PHP4_RELEASE_VER} "${EXTRA_CONFIGURATION_FLAGS}"
fi
if [ "${FOR_ALL}" = "yes" ]; then
doExtensions ${SKIP_RESTART} ${INSTALL_EXT_NAME}
else
doExtensions_build ${GENERAL_EXT_INT_SHORTRELEASE} "${4}" ${INSTALL_EXT_NAME}
fi
echo "${INSTALL_EXT_NAME} PHP extension has been installed successfully."
writeLog "${INSTALL_EXT_NAME} installed"
cd ${CWD}
}
doExtensionsSetup() {
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
#Skip executing CL commands like "cagefsctl --force update" on every component update
EXEC_CL_COMMANDS_ONCE=true
fi
#IONCUBE IMAP OPCACHE HTSCANNER IMAGICK PHALCON PSR SUHOSIN ZEND
for setting in ${PHP_EXT_SETTINGS}; do {
SETTING_NAME=`echo $setting | tr "[A-Z]" "[a-z]"`
SETTING_OPTION_VAR=PHP_${setting}_OPT
if [ "$(eval_var ${SETTING_OPTION_VAR})" = "yes" ]; then
if [ "${setting}" = "IMAP" ]; then
doPHPImap
elif [ "${setting}" = "BZ2" ]; then
doPHPBz2
elif [ "${setting}" = "XMLRPC" ]; then
doPHPXmlrpc
elif [ "${setting}" = "GMP" ]; then
doPHPGmp
elif [ "${setting}" = "LDAP" ]; then
doPHPLDAP
elif [ "${setting}" = "PHALCON" ]; then
doPhalcon
elif [ "${setting}" = "IGBINARY" ]; then
doIgbinary
elif [ "${setting}" = "IMAGICK" ]; then
doIMagick
elif [ "${setting}" = "IONCUBE" ]; then
doIoncube
elif [ "${setting}" = "SNUFFLEUPAGUS" ]; then
doSnuffleupagus
elif [ "${setting}" = "REDIS" ]; then
doPHPRedis
elif [ "${setting}" = "OPCACHE" ]; then
doOpcache
elif [ "${setting}" = "ZEND" ]; then
doZend
fi
fi
}
done
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
cagefsctl_update
fi
}
####################################################
doComposer() {
cd ${WORKDIR}
getFile composer/${COMPOSER_VER}/composer.phar composer composer.phar.${COMPOSER_VER}
if [ -s ${WORKDIR}/composer.phar.${COMPOSER_VER} ]; then
mv -f ${WORKDIR}/composer.phar.${COMPOSER_VER} /usr/local/bin/composer
chmod 755 /usr/local/bin/composer
else
rm -f ${WORKDIR}/composer.phar.${COMPOSER_VER}
fi
if [ -d /etc/cagefs/conf.d ] && [ ! -s /etc/cagefs/conf.d/composer.cfg ]; then
echo '[composer]' > /etc/cagefs/conf.d/composer.cfg
echo 'comment=Composer' >> /etc/cagefs/conf.d/composer.cfg
echo 'paths=/usr/local/bin/composer' >> /etc/cagefs/conf.d/composer.cfg
fi
echo "Composer ${COMPOSER_VER} Installed."
writeLog "composer ${COMPOSER_VER} installed"
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
doMajordomo() {
cd ${WORKDIR}
SOURCEPATH="${WORKDIR}/majordomo-1.94.5"
mkdir -p "${SOURCEPATH}"
safeDownloadWithMove "${CWD}/majordomo-1.94.5-patched.tar.gz" "${WEBPATH_SERVICES}/all/majordomo-1.94.5-patched.tar.gz"
tar xzf majordomo-1.94.5-patched.tar.gz
if [ ! -e ${SOURCEPATH}/Makefile ]; then
do_exit 1 "The source path for majordomo does not exist. Make sure the correct path is set in majordomo.sh"
fi
mkdir -p /etc/virtual/majordomo
MDGID=`id -g daemon`
if [ -e /etc/debian_version ]; then
/usr/sbin/groupadd nobody 2>/dev/null
/usr/sbin/useradd -d /etc/virtual/majordomo -g $MDGID -s /bin/false majordomo 2> /dev/null
else
/usr/sbin/useradd -d /etc/virtual/majordomo -g $MDGID majordomo -s /bin/false -n -r 2> /dev/null
fi
addToAccess majordomo
addToAccess nobody
MDUID=`id -u majordomo`
perl -pi -e "s/PERL = .*/PERL = \/usr\/bin\/perl/" ${SOURCEPATH}/Makefile
perl -pi -e "s/W_HOME = .*/W_HOME = \/etc\/virtual\/majordomo/" ${SOURCEPATH}/Makefile
#Perl and Bash weren't getting along. MDUID wasn't showing up so I did it this way.
perl -pi -e "s/W_USER = .*/W_USER = ${MDUID}/" ${SOURCEPATH}/Makefile
perl -pi -e "s/W_GROUP = .*/W_GROUP = ${MDGID}/" ${SOURCEPATH}/Makefile
perl -pi -e "s/TMPDIR = .*/TMPDIR = \/tmp/" ${SOURCEPATH}/Makefile
#fix REALLY-TO value in digests file
perl -pi -e "s/\$ARGV\[0\];/\$ARGV\[0\].\${whereami};/" ${SOURCEPATH}/digest
perl -pi -e "s#/usr/test/majordomo#/etc/virtual/majordomo#" ${SOURCEPATH}/sample.cf
cd "${SOURCEPATH}"
make wrapper
make install
make install-wrapper
perl -pi -e 's#/usr/test/majordomo#/etc/virtual/majordomo#' /etc/virtual/majordomo/majordomo.cf
PATCH1=majordomo.patch
PATCH1_PATH=/etc/virtual/majordomo/${PATCH1}
if [ ! -s "${PATCH1_PATH}" ]; then
safeDownloadWithMove "${PATCH1_PATH}" "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/all/majordomo/${PATCH1}"
fi
if [ -s "${PATCH1_PATH}" ]; then
cd /etc/virtual/majordomo
patch -fp0 < majordomo.patch
else
echo "Cannot find ${PATCH1_PATH} to patch majordomo.";
fi
#just to put up back where we were.. likely not needed.
cd ${WORKDIR}
rm -f "${WORKDIR}/majordomo-1.94.5-patched.tar.gz"
rm -rf "${SOURCEPATH}"
chmod 750 /etc/virtual/majordomo
}
####################################################
doSysbk() {
echo "Installing sysbk..."
cd ${WORKDIR}
safeDownloadWithMove "${WORKDIR}/sysbk.tar.gz" "${WEBPATH_SERVICES}/sysbk.tar.gz"
tar xzf sysbk.tar.gz -C /usr/local
KEY=/root/.ssh/id_dsa
if [ ! -e $KEY ]; then
/usr/bin/ssh-keygen -t rsa -b 2048 -N '' -q -f $KEY
fi
cd ${WORKDIR}
rm -f "${WORKDIR}/sysbk.tar.gz"
}
####################################################
doCSF() {
if [ "${CSF_OPT}" != "yes" ]; then
do_exit 1 "You cannot install CSF, because you do not have it set in options.conf file."
fi
if [ -e /etc/debian_version ]; then
if [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage libwww-perl` -ne 0 ]; then
apt-get -y install libwww-perl
fi
fi
else
if [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage perl-libwww-perl` -ne 0 ]; then
yum -y install perl-libwww-perl
fi
fi
fi
CSF_LOG=/var/log/directadmin/csf_install.log
CSF_CONF=/etc/csf/csf.conf
echo "Installing CSF..."
if [ ! -d /var/log/directadmin ]; then
mkdir -p /var/log/directadmin
fi
curl -L --progress-bar -o ${WORKDIR}/csf.tgz https://download.configserver.com/csf.tgz
tar xzf csf.tgz
if ! ${WORKDIR}/csf/csftest.pl | tail -n 1 | grep -q 'RESULT: csf should function on this server'; then
echo "CSF is missing some modules"
return
fi
cd ${WORKDIR}/csf
bash ./install.sh >/dev/null 2>&1
if [ -s ${CSF_CONF} ]; then
USE_IPSET=true
if [ -x /usr/bin/systemd-detect-virt ]; then
if systemd-detect-virt | grep -m1 -q -E 'lxc|openvz'; then
USE_IPSET=false
fi
fi
if ${USE_IPSET} && grep -m1 -q '^LF_IPSET = "0"' ${CSF_CONF}; then
perl -pi -e 's|^LF_IPSET = "0"|LF_IPSET = "1"|g' ${CSF_CONF}
fi
#Add FTP passive port range
if ! grep ^TCP_IN ${CSF_CONF} | grep -q '35000:'; then
perl -pi -e 's|^TCP_IN = "(.*)"$|TCP_IN = "$1,35000:35999"|' ${CSF_CONF}
fi
if ! grep ^TCP6_IN ${CSF_CONF} | grep -q '35000:'; then
perl -pi -e 's|^TCP6_IN = "(.*)"$|TCP6_IN = "$1,35000:35999"|' ${CSF_CONF}
fi
#Add IMAP outbound ports for imapsync
if ! grep -q '^TCP_OUT = .*[,"]143[,"]' ${CSF_CONF}; then
perl -pi -e 's|^TCP_OUT = "|TCP_OUT = "143,|g' ${CSF_CONF}
fi
if ! grep -q '^TCP6_OUT = .*[,"]143[,"]' ${CSF_CONF}; then
perl -pi -e 's|^TCP6_OUT = "|TCP6_OUT = "143,|g' ${CSF_CONF}
fi
#Block SMTP by default, use RESTRICT_SYSLOG=3
perl -pi -e 's|^SMTP_BLOCK = "0"$|SMTP_BLOCK = "1"|' ${CSF_CONF}
perl -pi -e 's|^RESTRICT_SYSLOG = "0"$|RESTRICT_SYSLOG = "3"|' ${CSF_CONF}
#Disable testing mode in CSF
perl -pi -e 's/^TESTING = "1"/TESTING = "0"/' ${CSF_CONF}
#Allow all TCP/UDP outbound connections from root
if [ -e /etc/csf/csf.allow ] && [ -x /usr/sbin/csf ]; then
if ! grep -q 'out|u=0' /etc/csf/csf.allow; then
csf -a "tcp|out|u=0" "Added by DirectAdmin"
csf -a "udp|out|u=0" "Added by DirectAdmin"
fi
fi
csf -r >> /dev/null 2>&1
fi
echo "CSF installation has finished."
cd ${WORKDIR}
rm -f "${WORKDIR}/csf.tar.gz"
rm -rf "${WORKDIR}/csf"
#disable BFM notices if CSF is installed.
C=0
if [ -s ${DACONF_FILE} ]; then
C=`grep -c hide_brute_force_notifications ${DACONF_FILE}`
fi
if [ "$C" = "0" ]; then
setVal hide_brute_force_notifications 1 ${DACONF_FILE}
setVal hide_brute_force_notifications 1 ${DACONF_TEMPLATE_FILE}
echo "Brute Force Monitor messages have been suppressed."
fi
}
####################################################
doNamedConf() {
if [ -e /etc/sysconfig/named ]; then
/usr/bin/perl -pi -e 's/^ROOTDIR=.*/ROOTDIR=/' /etc/sysconfig/named
fi
SERVICE_NAME=named
if [ -s ${DACONF_FILE} ] && [ -x ${DA_BIN} ]; then
NAMED_CONF=`${DA_BIN} c | grep ^namedconfig= | cut -d= -f2`
NAMED_OVERRIDE=`${DA_BIN} c | grep ^named_service_override= | cut -d= -f2`
if [ "${NAMED_OVERRIDE}" != "" ]; then
SERVICE_NAME=${NAMED_OVERRIDE}
fi
fi
if [ ! -s $NAMED_CONF ]; then
echo "Cannot find $NAMED_CONF to check";
return
fi
NAMED_OPTIONS_CONF=$NAMED_CONF
HAVE_OPTIONS_AREA=`grep -c '^options {' ${NAMED_OPTIONS_CONF}`
for i in `grep -E '^[[:space:]]*include ' ${NAMED_CONF} | cut -d\" -f2`; do
{
if [ "$i" = "" ] || [ ! -s "$i" ]; then
continue;
fi
if grep -m1 -q allow-transfer ${i}; then
#echo "Skipping allow-transfer chcek on ${i}. allow-transfer already present.";
return
fi
if [ "${HAVE_OPTIONS_AREA}" -eq 0 ]; then
HAVE_OPTIONS_AREA=`grep -c '^options {' $i`
if [ "${HAVE_OPTIONS_AREA}" -eq 0 ]; then
continue;
fi
NAMED_OPTIONS_CONF=$i
fi
};
done;
if [ "${HAVE_OPTIONS_AREA}" -eq 0 ]; then
echo "Could not find options section in the $NAMED_CONF or any of it's include files";
return
fi
if ! grep -m1 -q allow-transfer ${NAMED_OPTIONS_CONF}; then
perl -pi -e 's|options \{|options \{\n\tallow-transfer \{ none; \};|g' ${NAMED_OPTIONS_CONF}
echo "Added 'allow-transfer { none; };' to ${NAMED_OPTIONS_CONF}"
echo "action=${SERVICE_NAME}&value=reload" >> /usr/local/directadmin/data/task.queue
fi
if grep -m1 -q 'listen-on[[:space:]]*port[[:space:]]*53[[:space:]]*{[[:space:]]*127.0.0.1;[[:space:]]*};' ${NAMED_OPTIONS_CONF}; then
perl -pi -e 's|listen-on[[:space:]]*port[[:space:]]*53[[:space:]]*{[[:space:]]*127.0.0.1;[[:space:]]*};|listen-on port 53 { any; };|g' ${NAMED_OPTIONS_CONF}
echo "action=${SERVICE_NAME}&value=reload" >> /usr/local/directadmin/data/task.queue
fi
if grep -m1 -q 'recursion[[:space:]]*yes;' ${NAMED_OPTIONS_CONF}; then
perl -pi -e 's|recursion[[:space:]]*yes;|recursion no;|g' ${NAMED_OPTIONS_CONF}
echo "action=${SERVICE_NAME}&value=reload" >> /usr/local/directadmin/data/task.queue
fi
if grep -m1 -q 'listen-on-v6[[:space:]]*port[[:space:]]*53[[:space:]]*{[[:space:]]*::1;[[:space:]]*};' ${NAMED_OPTIONS_CONF}; then
perl -pi -e 's|listen-on-v6[[:space:]]*port[[:space:]]*53[[:space:]]*{[[:space:]]*::1;[[:space:]]*};|listen-on-v6 port 53 { any; };|g' ${NAMED_OPTIONS_CONF}
echo "action=${SERVICE_NAME}&value=reload" >> /usr/local/directadmin/data/task.queue
fi
if grep -m1 -q 'allow-query[[:space:]]*{[[:space:]]*localhost;[[:space:]]*};' ${NAMED_OPTIONS_CONF}; then
perl -pi -e 's|allow-query[[:space:]]*{[[:space:]]*localhost;[[:space:]]*};|allow-query { any; };|g' ${NAMED_OPTIONS_CONF}
echo "action=${SERVICE_NAME}&value=reload" >> /usr/local/directadmin/data/task.queue
fi
}
doBind() {
if [ -e /etc/debian_version ]; then
if [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage bind9` -ne 0 ]; then
apt-get -y install bind9
fi
fi
else
if [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage bind` -ne 0 ] || [ `checkRPMPackage bind-libs` -ne 0 ] || [ `checkRPMPackage bind-utils` -ne 0 ]; then
yum -y install bind bind-libs bind-utils
fi
fi
fi
if [ ! -e ${DEBIAN_VERSION} ]; then
NAMED_CONF=/etc/named.conf
if [ ! -s "${NAMED_CONF}" ]; then
curl -L --progress-bar -o ${NAMED_CONF} ${WEBPATH_SERVICES}/all/named/named.conf
fi
if [ ! -s /var/named/named.ca ]; then
mkdir -p /var/named
chown named:named /var/named
curl -L --progress-bar -o /var/named/named.ca ${WEBPATH_SERVICES}/all/named/named.ca
fi
if [ ! -s /var/named/localhost.zone ]; then
curl -L --progress-bar -o /var/named/localhost.zone ${WEBPATH_SERVICES}/all/named/localhost.zone
fi
if [ ! -s /var/named/named.local ]; then
curl -L --progress-bar -o /var/named/named.local ${WEBPATH_SERVICES}/all/named/named.local
fi
if [ ! -s /usr/lib/systemd/system/named-setup-rndc.service ]; then
curl -L --progress-bar -o /usr/lib/systemd/system/named-setup-rndc.service ${WEBPATH_SGIT}/named/named-setup-rndc.service
fi
if [ ! -s /etc/systemd/system/named.service ]; then
if [ -s /usr/lib/systemd/system/named.service ]; then
mv /usr/lib/systemd/system/named.service /etc/systemd/system/named.service
else
curl -L --progress-bar -o /etc/systemd/system/named.service ${WEBPATH_SGIT}/named/named.service
fi
doNamedConf
systemctl daemon-reload
systemctl enable named.service
systemctl start named.service
fi
RNDCKEY=/etc/rndc.key
if [ ! -s $RNDCKEY ]; then
echo "Generating new key: $RNDCKEY ...";
if [ -e /dev/urandom ]; then
/usr/sbin/rndc-confgen -a -r /dev/urandom
else
/usr/sbin/rndc-confgen -a
fi
if grep -q 'key "rndc-key"' $RNDCKEY; then
perl -pi -e 's/key "rndc-key"/key "rndckey"/' $RNDCKEY
fi
echo "Done generating new key"
fi
if [ ! -s $RNDCKEY ]; then
echo "rndc-confgen failed. Using template instead."
curl -L --progress-bar -o $RNDCKEY http://www.directadmin.com/rndc.key
if ! grep -q secret $RNDCKEY; then
SECRET=$(/usr/sbin/rndc-confgen | grep secret | head -n 1)
perl -pi -e 's#hmac-md5;#hmac-md5;\n\t$SECRET#' $RNDCKEY
echo "Template installed."
fi
fi
chown named:named ${RNDCKEY}
else
NAMED_CONF=/etc/bind/named.conf
if [ ! -s "${NAMED_CONF}" ]; then
curl -L --progress-bar -o ${NAMED_CONF} ${WEBPATH_SERVICES}/all/named/named.conf.debian
elif grep 'listen-on' /etc/bind/named.conf | grep -m1 -q '127.0.0.1'; then
curl -L --progress-bar -o ${NAMED_CONF} ${WEBPATH_SERVICES}/all/named/named.conf.debian
else
if [ -s /etc/bind/named.conf.options ]; then
if grep 'listen-on' /etc/bind/named.conf.options | grep -m1 -q '127.0.0.1'; then
curl -L --progress-bar -o ${NAMED_CONF} ${WEBPATH_SERVICES}/all/named/named.conf.debian
fi
fi
fi
if [ ! -s /etc/bind/named.ca ]; then
curl -L --progress-bar -o /etc/bind/named.ca ${WEBPATH_SERVICES}/all/named/named.ca
fi
BIND9=/lib/systemd/system/bind9.service
if [ ! -s ${BIND9} ] && [ -s /etc/systemd/system/multi-user.target.wants/bind9.service ]; then
BIND9=/etc/systemd/system/multi-user.target.wants/bind9.service
fi
if [ ! -s /etc/systemd/system/named.service ]; then
if [ -s ${BIND9} ]; then
systemctl stop bind9.service
systemctl disable bind9.service
mv ${BIND9} /etc/systemd/system/named.service
else
if [ -s /etc/init.d/bind9 ]; then #I guess it's not systemd here.
ln -s bind9 /etc/init.d/named
else
curl -L --progress-bar -o /etc/systemd/system/named.service ${WEBPATH_SGIT}/named/named.service.debian
fi
fi
fi
doNamedConf
if [ -s ${BIND9} ]; then
systemctl stop bind9.service
fi
systemctl daemon-reload
systemctl disable bind9.service
systemctl enable named.service
systemctl start named.service
fi
set_service named ON
}
####################################################
doWP() {
cd ${WORKDIR}
getFile wp/${WP_VER}/wp-cli.phar wp-cli wp-cli.${WP_VER}
if [ -s ${WORKDIR}/wp-cli.${WP_VER} ]; then
mv -f ${WORKDIR}/wp-cli.${WP_VER} /usr/local/bin/wp
chmod 755 /usr/local/bin/wp
else
rm -f ${WORKDIR}/wp-cli.${WP_VER}
fi
if [ -d /etc/cagefs/conf.d ] && [ ! -s /etc/cagefs/conf.d/wp.cfg ]; then
echo '[wp-cli]' > /etc/cagefs/conf.d/wp.cfg
echo 'comment=wp-cli' >> /etc/cagefs/conf.d/wp.cfg
echo 'paths=/usr/local/bin/wp' >> /etc/cagefs/conf.d/wp.cfg
fi
echo "WP-CLI ${WP_VER} Installed."
writeLog "WP_CLI ${WP_VER} installed"
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
doImapsync() {
getFile imapsync/imapsync-${IMAPSYNC_VER}.tar.gz imapsync imapsync-${IMAPSYNC_VER}.tar.gz
if [ ! -e ${DEBIAN_VERSION} ]; then
CENTOS7_DEPS="perl-File-Copy-Recursive perl-App-cpanminus perl-Dist-CheckConflicts perl-HTML-Parser perl-libwww-perl perl-Module-Implementation perl-Module-ScanDeps perl-Package-Stash perl-Package-Stash-XS perl-PAR-Packer perl-Regexp-Common perl-Sys-MemInfo perl-Test-Fatal perl-Test-Mock-Guard perl-Test-Requires perl-Test-Deep perl-File-Tail perl-Test-NoWarnings perl-Test-Simple perl-Test-Warn perl-Sub-Uplevel"
if [ "${OS_CENTOS_VER}" = "7" ]; then
CENTOS7_DEPS="${CENTOS7_DEPS} perl-Digest-HMAC"
fi
if ! rpm -q --quiet ${CENTOS7_DEPS}; then
yum -y install ${CENTOS7_DEPS}
fi
if [ "${OS_CENTOS_VER}" = "8" ]; then
APPEND_ENABLEREPO="--enablerepo=${POWERTOOLS}"
elif [ "${OS_CENTOS_VER}" = "9" ]; then
APPEND_ENABLEREPO="--enablerepo=crb"
fi
if ! rpm -q --quiet perl-IO-Tee perl-Mail-IMAPClient perl-Sys-MemInfo perl-Readonly perl-Encode-IMAPUTF7 perl-File-Copy-Recursive perl-Unicode-String perl-Regexp-Common perl-File-Tail perl-IO-Socket-INET6; then
yum -y install perl-IO-Tee perl-Mail-IMAPClient perl-Sys-MemInfo perl-Readonly perl-Encode-IMAPUTF7 perl-File-Copy-Recursive perl-Unicode-String perl-Regexp-Common perl-File-Tail perl-IO-Socket-INET6 --enablerepo=${EPEL_REPO_NAME} ${APPEND_ENABLEREPO}
fi
else
DEBIAN10_DEAPS="libauthen-ntlm-perl libcgi-pm-perl libcrypt-openssl-rsa-perl libdata-uniqid-perl libencode-imaputf7-perl libfile-copy-recursive-perl libfile-tail-perl libio-socket-inet6-perl libio-socket-ssl-perl libio-tee-perl libhtml-parser-perl libjson-webtoken-perl libmail-imapclient-perl libparse-recdescent-perl libmodule-scandeps-perl libreadonly-perl libregexp-common-perl libsys-meminfo-perl libterm-readkey-perl libtest-mockobject-perl libtest-pod-perl libunicode-string-perl liburi-perl libwww-perl libtest-nowarnings-perl libtest-deep-perl libtest-warn-perl libtest-requires-perl libtest-modern-perl libtest-mock-guard-perl libpar-packer-perl libdist-checkconflicts-perl cpanminus"
if ! dpkg -s ${DEBIAN10_DEAPS} >/dev/null 2>&1; then
apt-get -y install ${DEBIAN10_DEAPS}
fi
fi
quitIfLocked doImapsync
cd ${CWD}
FILE=${CWD}/imapsync-${IMAPSYNC_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd imapsync-imapsync-${IMAPSYNC_VER}
echo "Configuring imapsync-${IMAPSYNC_VER}..."
chmod +x imapsync
echo "Installing imapsync-${IMAPSYNC_VER}..."
cp -p imapsync /usr/local/bin/imapsync
if [ -d /etc/cagefs/conf.d ] && [ ! -s /etc/cagefs/conf.d/imapsync.cfg ]; then
echo '[imapsync]' > /etc/cagefs/conf.d/imapsync.cfg
echo 'comment=imapsync' >> /etc/cagefs/conf.d/imapsync.cfg
echo 'paths=/usr/local/bin/imapsync' >> /etc/cagefs/conf.d/imapsync.cfg
fi
#Add IMAP outbound ports for imapsync
CSFRESTART=false
CSF_CONF=/etc/csf/csf.conf
if ! grep -q '^TCP_OUT = .*[,"]143[,"]' ${CSF_CONF}; then
perl -pi -e 's|^TCP_OUT = "|TCP_OUT = "143,|g' ${CSF_CONF}
CSFRESTART=true
fi
if ! grep -q '^TCP6_OUT = .*[,"]143[,"]' ${CSF_CONF}; then
perl -pi -e 's|^TCP6_OUT = "|TCP6_OUT = "143,|g' ${CSF_CONF}
CSFRESTART=true
fi
if ${CSFRESTART} && csf --status 2&>1 >/dev/null; then
echo "Opened UDP ports for QUIC in CSF, restarting CSF..."
/usr/sbin/csf -r 2&>1 >/dev/null
fi
echo "imapsync ${IMAPSYNC_VER} installed"
writeLog "imapsync ${IMAPSYNC_VER} installed"
removeLockfile
cd ${CWD}
/sbin/ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
doLego() {
cd ${WORKDIR}
if [ "${B64}" = "2" ]; then
LEGO_FILENAME=lego_v${LEGO_VER}_linux_arm64.tar.gz
getFile lego/${LEGO_FILENAME} lego_arm ${LEGO_FILENAME}
else
LEGO_FILENAME=lego_v${LEGO_VER}_linux_amd64.tar.gz
getFile lego/${LEGO_FILENAME} lego ${LEGO_FILENAME}
fi
tar xzf ${LEGO_FILENAME} -C /usr/local/bin/ --no-same-owner 'lego'
chmod 700 /usr/local/bin/lego
DNSPROVIDERS_JSON=/usr/local/directadmin/data/admin/dnsproviders.json
DNSPROVIDERS_VER=`getVer dnsproviders`
getFile lego/dnsproviders-${DNSPROVIDERS_VER}.json dnsproviders dnsproviders.json
if [ -d /usr/local/directadmin/data/admin ]; then
mv -f dnsproviders.json ${DNSPROVIDERS_JSON}
chmod 600 ${DNSPROVIDERS_JSON}
chown diradmin:diradmin ${DNSPROVIDERS_JSON}
fi
echo "Lego ${LEGO_VER} Installed."
writeLog "Lego ${LEGO_VER} installed"
}
doLibzip() {
getFile libzip-${LIBZIP_VER}.tar.gz libzip
quitIfLocked doLibzip
ensure_cmake
if [ ! -e /usr/include/uv.h ] && [ ! -e /usr/local/include/uv.h ]; then
if [ -e /etc/debian_version ]; then
apt-get -y install libuv-dev
else
yum -y install libuv-devel
fi
fi
if [ -e /usr/bin/cmake3 ] && [ ! -e /usr/bin/cmake ]; then
ln -sf /usr/bin/cmake3 /usr/bin/cmake
fi
cd ${CWD}
FILE=${CWD}/libzip-${LIBZIP_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd libzip-${LIBZIP_VER}
echo "Configuring libzip-${LIBZIP_VER}..."
mkdir -p build
cd build
${CMAKE_NAME} -DENABLE_GNUTLS=OFF ../
echo "Done. Making libzip-${LIBZIP_VER}..."
while echo "Trying to make libzip..."; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing libzip-${LIBZIP_VER}..."
make install
echo "Done libzip. It is recommended to reinstall libxslt after update of libzip."
writeLog "libzip ${LIBZIP_VER} installed"
removeLockfile
cd ${CWD}
/sbin/ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
doWebalizer() {
quitIfLocked doWebalizer
if [ "${WEBALIZER_OPT}" != "yes" ]; then
setVal webalizer 0 ${DACONF_TEMPLATE_FILE}
setVal webalizer 0 ${DACONF_FILE}
do_exit 1 "You cannot install webalizer, because you do not have it set in options.conf file."
fi
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage gd-devel` -ne 0 ]; then
yum -y install gd-devel
ldconfig
fi
fi
PREFIX=/usr
LIBPATH=/usr/lib
INCPATH=/usr/include
if [ -e ${PREFIX}/bin/webalizer ]; then
echo "The webalizer binary exists, aborting. Delete ${PREFIX}/bin/webalizer if you wish to compile."
removeLockfile
return
fi
cd ${CWD}
getFile ${WEBALIZER_FILE} webalizer
tar xzf ${WEBALIZER_FILE} --no-same-owner
cd ${WEBALIZER}
export LD_LIBRARY_PATH=${LIBPATH}
./configure --prefix=${PREFIX} --with-png=${LIBPATH} --with-gdlib=${LIBPATH} --with-gd=${INCPATH} --enable-dns --with-dblib --with-db --with-z-inc --with-zlib
while echo "Trying to make webalizer..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
echo -n -e "\n*** The make has failed, would you like to try to make again? (y,n): "
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
removeLockfile
return
fi
else
break
fi
done
make install
writeLog "webalizer ${WEBALIZER_VER} installed"
removeLockfile
if [ "${AWSTATS_OPT}" = "no" ]; then
setVal awstats 0 ${DACONF_TEMPLATE_FILE}
setVal awstats 0 ${DACONF_FILE}
else
setVal awstats 1 ${DACONF_TEMPLATE_FILE}
setVal awstats 1 ${DACONF_FILE}
fi
doRestartDA
if [ -e /etc/webalizer.conf ]; then
mv -f /etc/webalizer.conf /etc/webalizer.conf.moved 2> /dev/null > /dev/null
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
doawstats_process() {
if [ "${AWSTATS_OPT}" != "yes" ]; then
do_exit 1 "You cannot update awstats_process.sh, because you do not have awstats=1 set in options.conf file."
fi
cd ${CWD}
AWSTATS_PROCESS_SH=/usr/local/directadmin/scripts/awstats_process.sh
getFile all/awstats/awstats_process.sh-${AWSTATS_PROCESS_VER} awstats_process awstats_process.sh
if [ -s awstats_process.sh ]; then
mv -f ${CWD}/awstats_process.sh ${AWSTATS_PROCESS_SH}
chmod 700 ${AWSTATS_PROCESS_SH}
echo "awstats_process.sh ${AWSTATS_PROCESS_VER} has been installed."
writeLog "awstats_process.sh updated to ${AWSTATS_PROCESS_VER}"
fi
}
doawstats() {
if [ "${AWSTATS_OPT}" != "yes" ]; then
setVal awstats 0 ${DACONF_TEMPLATE_FILE}
setVal awstats 0 ${DACONF_FILE}
do_exit 1 "You cannot install awstats, because you do not have it set in options.conf file."
fi
TARGZ=awstats-${AWSTATS_VER}.tar.gz
TARFILE=${WORKDIR}/${TARGZ}
USR=/usr/local
REALPATH=${USR}/awstats-${AWSTATS_VER}
ALIASPATH=${USR}/awstats
getFile all/awstats/${TARGZ} awstats ${TARGZ}
#Extract the file
tar xzf ${TARFILE} --no-same-owner -C ${USR}
if [ ! -e ${REALPATH} ]; then
do_exit 1 "Directory ${REALPATH} does not exist"
fi
#link it from a fake path:
/bin/rm -f ${ALIASPATH}
/bin/ln -sf ${REALPATH} ${ALIASPATH}
cd ${REALPATH}
chown -R root:${ROOT_GRP} ${REALPATH}
chmod -R 755 ${REALPATH}
#setup the directadmin.conf
setVal awstats 1 ${DACONF_TEMPLATE_FILE}
setVal awstats 1 ${DACONF_FILE}
if [ "${WEBALIZER_OPT}" = "no" ]; then
setVal webalizer 0 ${DACONF_TEMPLATE_FILE}
setVal webalizer 0 ${DACONF_FILE}
else
setVal webalizer 1 ${DACONF_TEMPLATE_FILE}
setVal webalizer 1 ${DACONF_FILE}
fi
doRestartDA
cd ${CWD}
echo "AWstats ${AWSTATS_VER} installation is done."
writeLog "Awstats ${AWSTATS_VER} installed"
doawstats_process
}
####################################################
doNginxUnit_module() {
if [ ! -d unit-${UNIT_VER} ]; then
getFile unit/unit-${UNIT_VER}.tar.gz unit unit-${UNIT_VER}.tar.gz
cd ${CWD}
FILE=${CWD}/unit-${UNIT_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
fi
cd unit-${UNIT_VER}
if [ ! -s Makefile ]; then
#configure
echo "Configuring unit-${UNIT_VER}"
${CWD}/${UNIT_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure Nginx. Check the ${UNIT_CONFIGURE} file\n"
do_exit 1
fi
echo "Done Configuration."
fi
UNIT_COMPONENT="$1"
UNIT_COMPONENT_VER="$2"
UNIT_COMPONENT_ADDITIONAL_FLAGS=""
if [ "${UNIT_COMPONENT}" = "php" ]; then
UNIT_COMPONENT_VER_SHORT=`echo "${UNIT_COMPONENT_VER}" | tr -d '.'`
UNIT_PHP_CONFIG="/usr/local/php${UNIT_COMPONENT_VER_SHORT}/bin/php-config${UNIT_COMPONENT_VER_SHORT}"
if [ ! -e "${UNIT_PHP_CONFIG}" ]; then
UNIT_PHP_CONFIG="/usr/local/php${UNIT_COMPONENT_VER_SHORT}/bin/php-config"
fi
UNIT_COMPONENT_ADDITIONAL_FLAGS="--module=${UNIT_COMPONENT}${UNIT_COMPONENT_VER} --config=${UNIT_PHP_CONFIG} --lib-path=/usr/local/php${UNIT_COMPONENT_VER_SHORT}/lib"
elif [ "${UNIT_COMPONENT}" = "python" ]; then
UNIT_COMPONENT_ADDITIONAL_FLAGS="--module=python${UNIT_COMPONENT_VER} --config=/usr/bin/python3-config"
elif [ "${UNIT_COMPONENT}" = "perl" ]; then
UNIT_COMPONENT_ADDITIONAL_FLAGS="--module=${UNIT_COMPONENT}5 --${UNIT_COMPONENT}=${UNIT_COMPONENT}"
elif [ "${UNIT_COMPONENT}" = "ruby" ]; then
UNIT_COMPONENT_ADDITIONAL_FLAGS="--module=${UNIT_COMPONENT}${UNIT_COMPONENT_VER} --${UNIT_COMPONENT}=${UNIT_COMPONENT}"
elif [ "${UNIT_COMPONENT}" = "java" ]; then
JAVA_LIB_PATH="${3}/jre/lib"
if [ -d "${JAVA_LIB_PATH}/amd64" ]; then
JAVA_LIB_PATH="${JAVA_LIB_PATH}/amd64"
elif [ ! -d ${JAVA_LIB_PATH} ]; then
JAVA_LIB_PATH="${3}/lib"
fi
UNIT_COMPONENT_ADDITIONAL_FLAGS="--module=${UNIT_COMPONENT}${UNIT_COMPONENT_VER} --home="${3}" --lib-path="${JAVA_LIB_PATH}" --jars=/usr/share/unit-jsc-common/"
fi
./configure ${UNIT_COMPONENT} ${UNIT_COMPONENT_ADDITIONAL_FLAGS}
if [ "${UNIT_COMPONENT}" = "nodejs" ]; then
if [ "${OS_CENTOS_VER}" = "7" ]; then
#C++11 is needed for libmodsecurity
if [ ! -d /opt/rh/devtoolset-9 ]; then
yum -y install centos-release-scl
yum -y install devtoolset-9
fi
scl enable devtoolset-9 "make node-install"
else
make node-install
fi
elif [ "${UNIT_COMPONENT}" = "java" ]; then
make ${UNIT_COMPONENT}${UNIT_COMPONENT_VER}-install
elif [ "${UNIT_COMPONENT}" = "perl" ]; then
make perl5-install
else
make ${UNIT_COMPONENT}${UNIT_COMPONENT_VER}
if [ -s build/${UNIT_COMPONENT}${UNIT_COMPONENT_VER}.unit.so ]; then
MODULES_DIR=`/usr/sbin/unitd --version 2>&1 | grep -o 'modules=[^ ]*'|cut -d= -f2`
cp -pf build/${UNIT_COMPONENT}${UNIT_COMPONENT_VER}.unit.so ${MODULES_DIR}/${UNIT_COMPONENT}${UNIT_COMPONENT_VER}.unit.so
fi
fi
cd ${CWD}
}
doNginxUnit_modules() {
if [ -d /usr/lib/unit/modules ] && [ "${UNIT_OPT}" = "yes" ]; then
#cleanup all the modules
rm -f /usr/lib/unit/modules/*
#Install Nginx Unit extensions for all releases of PHP
if [ -x /usr/local/php${PHP1_SHORTRELEASE}/bin/php ]; then
if /usr/local/php${PHP1_SHORTRELEASE}/bin/php -i | grep -m1 -q 'enable-embed'; then
doNginxUnit_module php ${PHP1_RELEASE_OPT}
fi
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ] && [ -x /usr/local/php${PHP2_SHORTRELEASE}/bin/php ]; then
if /usr/local/php${PHP2_SHORTRELEASE}/bin/php -i | grep -m1 -q 'enable-embed'; then
doNginxUnit_module php ${PHP2_RELEASE_OPT}
fi
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ] && [ -x /usr/local/php${PHP3_SHORTRELEASE}/bin/php ]; then
if /usr/local/php${PHP3_SHORTRELEASE}/bin/php -i | grep -m1 -q 'enable-embed'; then
doNginxUnit_module php ${PHP3_RELEASE_OPT}
fi
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ] && [ -x /usr/local/php${PHP4_SHORTRELEASE}/bin/php ]; then
if /usr/local/php${PHP4_SHORTRELEASE}/bin/php -i | grep -m1 -q 'enable-embed'; then
doNginxUnit_module php ${PHP4_RELEASE_OPT}
fi
fi
#Install missing language files, if any
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
MISSING_PACKAGES=" "
for package in mercurial perl-devel perl-libs${APPENDED_PACKAGES}; do {
PACKAGE_TEST=`checkRPMPackage ${package}`
if [ ${PACKAGE_TEST} -ne 0 ]; then
MISSING_PACKAGES="${package} ${MISSING_PACKAGES}"
fi
}
done
if [ "${MISSING_PACKAGES}" != " " ]; then
yum -y install ${MISSING_PACKAGES}
fi
elif [ -e ${DEBIAN_VERSION} ]; then
if [ -x /usr/bin/dpkg-query ]; then
MISSING_PACKAGES=" "
for package in hg-fast-export libperl-dev python3-dev python3-pip; do {
PACKAGE_TEST=`checkDebianPackage ${package}`
if [ ${PACKAGE_TEST} -ne 0 ]; then
MISSING_PACKAGES="${package} ${MISSING_PACKAGES}"
fi
}
done
if [ "${MISSING_PACKAGES}" != " " ]; then
curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
apt-get update
apt-get -y install ${MISSING_PACKAGES}
fi
fi
fi
if [ -x /usr/bin/perl ] || [ -x /usr/local/bin/perl ]; then
doNginxUnit_module perl
fi
if [ -x /usr/bin/which ]; then
JAVA_DIRECTORY=$(dirname $(dirname $(readlink -f $(which javac 2>/dev/null) 2>/dev/null) 2>/dev/null) 2>/dev/null)
if [ -z "${JAVA_DIRECTORY}" ]; then
if [ -e /etc/debian_version ]; then
if [ "${OS_DEBIAN_VER}" = "9" ]; then
apt-get -y install openjdk-8-jdk
else
apt-get -y install openjdk-11-jdk
fi
else
yum -y install java-11-openjdk-devel
fi
fi
if [ -e /usr/lib/jvm/java-11-openjdk ]; then
doNginxUnit_module java "11" "/usr/lib/jvm/java-11-openjdk"
elif [ -e /usr/lib/jvm/java-11-openjdk-amd64 ]; then
doNginxUnit_module java "11" "/usr/lib/jvm/java-11-openjdk-amd64"
fi
if [ -e /usr/lib/jvm/java-1.8.0-openjdk ]; then
doNginxUnit_module java "1.8" "/usr/lib/jvm/java-1.8.0-openjdk"
elif [ -e /usr/lib/jvm/java-1.8.0-openjdk-amd64 ]; then
doNginxUnit_module java "1.8" "/usr/lib/jvm/java-1.8.0-openjdk-amd64"
fi
if [ -e /usr/lib/jvm/java-1.7.0-openjdk-amd64 ]; then
doNginxUnit_module java "7" "/usr/lib/jvm/java-1.7.0-openjdk-amd64"
fi
fi
if [ ! -x /usr/bin/python3-config ] && [ ! -x /usr/local/bin/python3-config ]; then
if [ -e /etc/debian_version ]; then
apt-get -y install python3-dev
else
yum -y install python3-devel
fi
fi
if [ -x /usr/bin/python3-config ]; then
PYTHON_VERSION=`python3 --version | awk '{print $2}' | cut -d. -f1,2`
if [ -z "${PYTHON_VERSION}" ]; then
PYTHON_VERSION=3
fi
doNginxUnit_module python ${PYTHON_VERSION}
fi
if ! ls -ld /usr/include/ruby*/ 2>/dev/null || [ ! -d /usr/lib64/ruby ]; then
if [ -e /etc/debian_version ]; then
apt-get -y install ruby-dev ruby-rack
else
yum -y install ruby-devel rubygem-rack
fi
fi
if ls -ld /usr/include/ruby*/ 2>/dev/null || [ -d /usr/lib64/ruby ]; then
RUBY_VERSION=`ruby -v | awk '{print $2}' | cut -d. -f1,2`
if [ -z "${RUBY_VERSION}" ]; then
RUBY_VERSION=2
fi
doNginxUnit_module ruby ${RUBY_VERSION}
fi
if [ ! -x /usr/bin/npm ] && [ ! -x /usr/local/bin/npm ]; then
curl -sL https://deb.nodesource.com/setup_lts.x | bash -
if [ -e /etc/debian_version ]; then
apt-get install -y nodejs
else
yum install -y nodejs
fi
fi
#If npm is detected - install unit module
if [ -x /usr/bin/npm ] || [ -x /usr/local/bin/npm ]; then
if [ ! -x /usr/bin/node-gyp ] && [ ! -x /usr/local/bin/node-gyp ]; then
npm install -g node-gyp
fi
doNginxUnit_module nodejs
fi
if [ -d /usr/local/lib/node_modules ] && [ ! -d /usr/lib/node_modules ]; then
ln -s /usr/local/lib/node_modules /usr/lib/node_modules 2>/dev/null
fi
echo "Nginx Unit language modules have been installed."
fi
}
doNginxUnit() {
if [ "${UNIT_OPT}" != "yes" ]; then
do_exit 1 "You cannot install Nginx Unit, because you do not have it set in options.conf file."
fi
getFile unit/unit-${UNIT_VER}.tar.gz unit unit-${UNIT_VER}.tar.gz
getFile patches/unit_cgroup.patch unit_cgroup.patch patches/unit_cgroup.patch hexan
#Add nginx_unit user/group if it doesn't exist after installation
addUserGroup nginx_unit nginx_unit
addToAccess nginx_unit
quitIfLocked doNginxUnit
cd ${CWD}
FILE=${CWD}/unit-${UNIT_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
cd unit-${UNIT_VER}
if [ -s src/nxt_process.c ]; then
echo "Patching unit for per-user process grouping"
if [ ! -s ../patches/unit_cgroup.patch ]; then
echo "${boldon}ERROR downloading patches/unit_cgroup.patch${boldoff}"
else
patch -p0 < ../patches/unit_cgroup.patch
fi
fi
#configure
echo "Configuring unit-${UNIT_VER}"
${CWD}/${UNIT_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure Nginx. Check the ${UNIT_CONFIGURE} file\n"
do_exit 1
fi
echo "Done Configuration."
while echo "Trying to make Nginx Unit..."; do
C_INCLUDE_PATH=/usr/kerberos/include make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing Nginx Unit..."
make install
make libunit-install
cd ${CWD}
#fresh install, add to System Backup
if [ ! -s ${SYSTEMDDIR}/unit.service ]; then
add_to_system_backup dirs /var/lib/unit
fi
echo "Enabling Nginx Unit in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/unit.service ]; then
cp -f ${CB_CUST_SYSTEMD}/unit.service ${SYSTEMDDIR}/unit.service
else
cp -f ${CB_SYSTEMD}/unit.service ${SYSTEMDDIR}/unit.service
fi
chmod 644 ${SYSTEMDDIR}/unit.service
systemctl daemon-reload
systemctl enable unit.service
if [ ! -e /etc/logrotate.d/unit ]; then
safeDownloadWithMove "/etc/logrotate.d/unit" "${WEBPATH}/unit.logrotate"
fi
if [ ! -d /var/log/unit ]; then
mkdir -p /var/log/unit
fi
chmod 700 /var/log/unit
chown root:${ROOT_GRP} /var/log/unit
if [ ! -d /usr/lib/unit/modules ]; then
mkdir -p /usr/lib/unit/modules
fi
set_service unit ON
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "Restarting Nginx Unit."
control_service unit stop >/dev/null 2>&1
removeLockfile
doNginxUnit_modules
control_service unit start
writeLog "Nginx Unit ${UNIT_VER} installed"
}
####################################################
doUpdateScript() {
cd ${CWD}
cp -f options.conf ..
cd ..
#safeDownloadWithMove "${CWD}/../${NAME}.tar.gz" "${WEBPATH}/${CUSTOMBUILD_OPT}/${NAME}.tar.gz"
# Hexan
if [ ! -s "${CWD}/../${NAME}.tar.gz" ]; then
echo "${boldon}Fileserver might be down, using the backup file server..${boldoff}"
# safeDownloadWithMove "${CWD}/${NAME}.tar.gz" ${WEBPATH_BACKUP}/${CUSTOMBUILD_OPT}/${NAME}.tar.gz
# Hexan
fi
if [ -s "${CWD}/../${NAME}.tar.gz" ]; then
echo "Extracting ${NAME}.tar.gz..."
#tar xzf "${CWD}/../${NAME}.tar.gz" --no-same-owner
#if [ $? -ne 0 ]; then
# echo "Unable to extract ${NAME}.tar.gz."
#fi
# Hexan
mv -f options.conf ${WORKDIR}
cd ${CWD}
downloadVersionsTxt
chmod 700 build
else
echo "Unable to extract ${NAME}.tar.gz."
fi
}
####################################################
doUpdate() {
doUpdateScript
cd ${CWD}
./build update_data
if [ "${CRON_OPT}" = "yes" ]; then
./build cron
fi
}
####################################################
doPhpConf() {
# if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
# return
# fi
if [ "${HAVE_FPM_CGI}" = "yes" ]; then
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
set_service php-fpm${php_shortrelease} OFF
done
else
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
set_service php-fpm${php_shortrelease} delete
done
fi
fpmChecks
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
doApacheHostConf
if [ -e ${WORKDIR}/custom/ap2/conf/extra/httpd-php-handlers.conf ]; then
cp -f ${WORKDIR}/custom/ap2/conf/extra/httpd-php-handlers.conf ${PHP_HANDLERS_HTTPD}
else
# Writing data to httpd-php-handlers.conf
echo -n "" > ${PHP_HANDLERS_HTTPD}
echo '<FilesMatch "\.(inc|php[0-9]*|phtml|phps)$">' >> ${PHP_HANDLERS_HTTPD}
if [ "${PHP1_MODE_OPT}" = "mod_php" ]; then
echo "AddHandler application/x-httpd-php .inc .php .php5 .php${PHP1_SHORTRELEASE} .phtml" >> ${PHP_HANDLERS_HTTPD}
echo "AddHandler application/x-httpd-php-source .phps" >> ${PHP_HANDLERS_HTTPD}
fi
if [ "${PHP1_MODE_OPT}" = "lsphp" ]; then
echo "AddHandler application/x-httpd-lsphp .inc .php .php5 .php${PHP1_SHORTRELEASE} .phtml" >> ${PHP_HANDLERS_HTTPD}
fi
if [ "${PHP1_MODE_OPT}" = "lsphp" ]; then
echo "AddHandler application/x-httpd-php-source .phps" >> ${PHP_HANDLERS_HTTPD}
fi
echo '</FilesMatch>' >> ${PHP_HANDLERS_HTTPD}
echo "AddType text/html .php" >> ${PHP_HANDLERS_HTTPD}
fi
fi
if [ "${HAVE_FCGID}" = "yes" ]; then
if [ "${PHP1_MODE_OPT}" = "fastcgi" ]; then
doSetupFcgidSh ${PHP1_SHORTRELEASE}
fi
if [ "${PHP2_MODE_OPT}" = "fastcgi" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
doSetupFcgidSh ${PHP2_SHORTRELEASE}
fi
if [ "${PHP3_MODE_OPT}" = "fastcgi" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
doSetupFcgidSh ${PHP3_SHORTRELEASE}
fi
if [ "${PHP4_MODE_OPT}" = "fastcgi" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
doSetupFcgidSh ${PHP4_SHORTRELEASE}
fi
fi
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
eval `echo "HAVE_FPM${php_shortrelease}=no"`
done
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
systemctl restart php-fpm${PHP1_SHORTRELEASE}.service
systemctl enable php-fpm${PHP1_SHORTRELEASE}.service
set_service php-fpm${PHP1_SHORTRELEASE} ON
eval `echo "HAVE_FPM${PHP1_SHORTRELEASE}=yes"`
fi
if [ "${PHP2_MODE_OPT}" = "php-fpm" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
systemctl restart php-fpm${PHP2_SHORTRELEASE}.service
systemctl enable php-fpm${PHP2_SHORTRELEASE}.service
set_service php-fpm${PHP2_SHORTRELEASE} ON
eval `echo "HAVE_FPM${PHP2_SHORTRELEASE}=yes"`
fi
if [ "${PHP3_MODE_OPT}" = "php-fpm" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
systemctl restart php-fpm${PHP3_SHORTRELEASE}.service
systemctl enable php-fpm${PHP3_SHORTRELEASE}.service
set_service php-fpm${PHP3_SHORTRELEASE} ON
eval `echo "HAVE_FPM${PHP3_SHORTRELEASE}=yes"`
fi
if [ "${PHP4_MODE_OPT}" = "php-fpm" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
systemctl restart php-fpm${PHP4_SHORTRELEASE}.service
systemctl enable php-fpm${PHP4_SHORTRELEASE}.service
set_service php-fpm${PHP4_SHORTRELEASE} ON
eval `echo "HAVE_FPM${PHP4_SHORTRELEASE}=yes"`
fi
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
EVAL_FPM_VAR=HAVE_FPM${php_shortrelease}
HAVE_SHORTRELEASE="$(eval_var ${EVAL_FPM_VAR})"
if [ "${HAVE_SHORTRELEASE}" = "no" ]; then
systemctl stop php-fpm${php_shortrelease}.service 2> /dev/null
systemctl disable php-fpm${php_shortrelease}.service 2> /dev/null
if [ -e ${SYSTEMDDIR}/php-fpm${php_shortrelease}.service ]; then
rm -f ${SYSTEMDDIR}/php-fpm${php_shortrelease}.service
fi
systemctl daemon-reload
set_service php-fpm${php_shortrelease} delete
fi
done
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ "${HAVE_SUPHP_CGI}" = "yes" ]; then
# Writing data to suphp.conf
echo -n "" > ${SUPHP_CONF_FILE}
echo "[global]" >> ${SUPHP_CONF_FILE}
echo ";Path to logfile" >> ${SUPHP_CONF_FILE}
echo "logfile=/var/log/suphp.log" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo ";Loglevel" >> ${SUPHP_CONF_FILE}
echo "loglevel=warn" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo ";User Apache is running as" >> ${SUPHP_CONF_FILE}
echo "webserver_user=apache" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo ";Path all scripts have to be in" >> ${SUPHP_CONF_FILE}
echo "docroot=/" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo "; Security options" >> ${SUPHP_CONF_FILE}
echo "allow_file_group_writeable=false" >> ${SUPHP_CONF_FILE}
echo "allow_file_others_writeable=false" >> ${SUPHP_CONF_FILE}
echo "allow_directory_group_writeable=false" >> ${SUPHP_CONF_FILE}
echo "allow_directory_others_writeable=false" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo ";Check wheter script is within DOCUMENT_ROOT" >> ${SUPHP_CONF_FILE}
echo "check_vhost_docroot=false" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo ";Send minor error messages to browser" >> ${SUPHP_CONF_FILE}
echo "errors_to_browser=true" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo ";PATH environment variable" >> ${SUPHP_CONF_FILE}
echo "env_path=\"/bin:/usr/bin\"" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo ";Umask to set, specify in octal notation" >> ${SUPHP_CONF_FILE}
echo "umask=0022" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo ";Minimum UID" >> ${SUPHP_CONF_FILE}
echo "min_uid=100" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo ";Minimum GID" >> ${SUPHP_CONF_FILE}
echo "min_gid=100" >> ${SUPHP_CONF_FILE}
echo "" >> ${SUPHP_CONF_FILE}
echo "[handlers]" >> ${SUPHP_CONF_FILE}
echo ";Handler for php-scripts" >> ${SUPHP_CONF_FILE}
if [ "${PHP1_MODE_OPT}" = "suphp" ]; then
echo "x-httpd-php${PHP1_SHORTRELEASE}=\"php:/usr/local/php${PHP1_SHORTRELEASE}/bin/php-cgi${PHP1_SHORTRELEASE}\"" >> ${SUPHP_CONF_FILE}
fi
if [ "${PHP2_MODE_OPT}" = "suphp" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
echo "x-httpd-php${PHP2_SHORTRELEASE}=\"php:/usr/local/php${PHP2_SHORTRELEASE}/bin/php-cgi${PHP2_SHORTRELEASE}\"" >> ${SUPHP_CONF_FILE}
fi
if [ "${PHP3_MODE_OPT}" = "suphp" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
echo "x-httpd-php${PHP3_SHORTRELEASE}=\"php:/usr/local/php${PHP3_SHORTRELEASE}/bin/php-cgi${PHP3_SHORTRELEASE}\"" >> ${SUPHP_CONF_FILE}
fi
if [ "${PHP4_MODE_OPT}" = "suphp" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
echo "x-httpd-php${PHP4_SHORTRELEASE}=\"php:/usr/local/php${PHP4_SHORTRELEASE}/bin/php-cgi${PHP4_SHORTRELEASE}\"" >> ${SUPHP_CONF_FILE}
fi
echo "" >> ${SUPHP_CONF_FILE}
echo ";Handler for CGI-scripts" >> ${SUPHP_CONF_FILE}
echo "x-suphp-cgi=\"execute:!self\"" >> ${SUPHP_CONF_FILE}
# Writing data to /etc/httpd/conf/extra/httpd-suphp.conf
echo "Writing data to ${SUPHP_HTTPD}"
echo -n "" > ${SUPHP_HTTPD}
echo "<IfModule mod_suphp.c>" >> ${SUPHP_HTTPD}
echo '<FilesMatch "\.(inc|php[0-9]*|phtml|phps)$">' >> ${SUPHP_HTTPD}
if [ "${PHP1_MODE_OPT}" = "suphp" ]; then
echo "AddHandler x-httpd-php${PHP1_SHORTRELEASE} .inc .php .php3 .php4 .php5 .php${PHP1_SHORTRELEASE} .phtml" >> ${SUPHP_HTTPD}
fi
echo '</FilesMatch>' >> ${SUPHP_HTTPD}
echo "<Location />" >> ${SUPHP_HTTPD}
echo "suPHP_Engine on" >> ${SUPHP_HTTPD}
if [ -d /usr/local/php${PHP1_SHORTRELEASE}/lib ] && [ "${PHP1_MODE_OPT}" = "suphp" ]; then
echo "suPHP_ConfigPath /usr/local/php${PHP1_SHORTRELEASE}/lib/" >> ${SUPHP_HTTPD}
elif [ -d /usr/local/php${PHP2_SHORTRELEASE}/lib ] && [ "${PHP2_MODE_OPT}" = "suphp" ]; then
echo "suPHP_ConfigPath /usr/local/php${PHP2_SHORTRELEASE}/lib/" >> ${SUPHP_HTTPD}
elif [ -d /usr/local/php${PHP3_SHORTRELEASE}/lib ] && [ "${PHP3_MODE_OPT}" = "suphp" ]; then
echo "suPHP_ConfigPath /usr/local/php${PHP3_SHORTRELEASE}/lib/" >> ${SUPHP_HTTPD}
elif [ -d /usr/local/php${PHP4_SHORTRELEASE}/lib ] && [ "${PHP4_MODE_OPT}" = "suphp" ]; then
echo "suPHP_ConfigPath /usr/local/php${PHP4_SHORTRELEASE}/lib/" >> ${SUPHP_HTTPD}
fi
if [ "${PHP1_MODE_OPT}" = "suphp" ]; then
echo "suPHP_AddHandler x-httpd-php${PHP1_SHORTRELEASE}" >> ${SUPHP_HTTPD}
fi
if [ "${PHP2_MODE_OPT}" = "suphp" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
echo "suPHP_AddHandler x-httpd-php${PHP2_SHORTRELEASE}" >> ${SUPHP_HTTPD}
fi
if [ "${PHP3_MODE_OPT}" = "suphp" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
echo "suPHP_AddHandler x-httpd-php${PHP3_SHORTRELEASE}" >> ${SUPHP_HTTPD}
fi
if [ "${PHP4_MODE_OPT}" = "suphp" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
echo "suPHP_AddHandler x-httpd-php${PHP4_SHORTRELEASE}" >> ${SUPHP_HTTPD}
fi
echo "</Location>" >> ${SUPHP_HTTPD}
echo "</IfModule>" >> ${SUPHP_HTTPD}
echo "Done."
elif [ -e ${SUPHP_HTTPD} ]; then
echo -n "" > ${SUPHP_HTTPD}
fi
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
OPENLITESPEED_EXTPROCESSORS=${LSWS_HOME}/conf/httpd-extprocessors.conf
echo -n '' > ${OPENLITESPEED_EXTPROCESSORS}
if [ "${PHP1_MODE_OPT}" = "lsphp" ]; then
perl -p -e "s#\|PHP_SHORTRELEASE\|#${PHP1_SHORTRELEASE}#g" ${WORKDIR}/${OPENLITESPEED_WEBAPPS_EXTPROCESSOR_TEMPLATE} >> ${OPENLITESPEED_EXTPROCESSORS}
echo '' >> ${OPENLITESPEED_EXTPROCESSORS}
perl -p -e "s#\|PHP_SHORTRELEASE\|#${PHP1_SHORTRELEASE}#g" ${WORKDIR}/${OPENLITESPEED_EXTPROCESSORS_TEMPLATE} >> ${OPENLITESPEED_EXTPROCESSORS}
echo '' >> ${OPENLITESPEED_EXTPROCESSORS}
#CloudLinux PHP selector support needs /usr/local/bin/lsphp as the path
perl -pi -e "s#/usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp#/usr/local/bin/lsphp#g" ${OPENLITESPEED_EXTPROCESSORS}
fi
if [ "${PHP2_MODE_OPT}" = "lsphp" ] && [ "${PHP2_RELEASE_OPT}" != "no" ]; then
perl -p -e "s#\|PHP_SHORTRELEASE\|#${PHP2_SHORTRELEASE}#g" ${WORKDIR}/${OPENLITESPEED_EXTPROCESSORS_TEMPLATE} >> ${OPENLITESPEED_EXTPROCESSORS}
echo '' >> ${OPENLITESPEED_EXTPROCESSORS}
fi
if [ "${PHP3_MODE_OPT}" = "lsphp" ] && [ "${PHP3_RELEASE_OPT}" != "no" ]; then
perl -p -e "s#\|PHP_SHORTRELEASE\|#${PHP3_SHORTRELEASE}#g" ${WORKDIR}/${OPENLITESPEED_EXTPROCESSORS_TEMPLATE} >> ${OPENLITESPEED_EXTPROCESSORS}
echo '' >> ${OPENLITESPEED_EXTPROCESSORS}
fi
if [ "${PHP4_MODE_OPT}" = "lsphp" ] && [ "${PHP4_RELEASE_OPT}" != "no" ]; then
perl -p -e "s#\|PHP_SHORTRELEASE\|#${PHP4_SHORTRELEASE}#g" ${WORKDIR}/${OPENLITESPEED_EXTPROCESSORS_TEMPLATE} >> ${OPENLITESPEED_EXTPROCESSORS}
echo '' >> ${OPENLITESPEED_EXTPROCESSORS}
fi
OPENLITESPEED_SCRIPTHANDLER=${LSWS_HOME}/conf/httpd-scripthandler.conf
echo 'scriptHandler{' > ${OPENLITESPEED_SCRIPTHANDLER}
echo "add lsapi:lsphp${PHP1_SHORTRELEASE} php" >> ${OPENLITESPEED_SCRIPTHANDLER}
echo 'add lsapi:lsphpwebapps lsphpwebapps' >> ${OPENLITESPEED_SCRIPTHANDLER}
echo '}' >> ${OPENLITESPEED_SCRIPTHANDLER}
fi
if [ "${SECURE_PHP_OPT}" = "yes" ]; then
secure_php
fi
}
####################################################
add_alias_redirect() {
AF=$1
A=$2
P=$3
HTTP=http://
if [ "${REDIRECT_HOST_HTTPS_OPT}" = "yes" ]; then
HTTP=https://
fi
HOST_ALIAS=no
if [ "${USE_HOSTNAME_FOR_ALIAS_OPT}" = "yes" ]; then
HOST_ALIAS=yes
fi
IS_WELL_KNOWN=no
if [ "${P}" = ".well-known/acme-challenge" ]; then
IS_WELL_KNOWN=yes
fi
if [ "${HOST_ALIAS}" = "yes" ] && [ "${IS_WELL_KNOWN}" = "no" ]; then
echo "RewriteCond %{HTTP_HOST} !^${REDIRECT_HOST_OPT}\$" >> ${AF}
echo "RewriteCond %{REQUEST_URI} ^/${A}/ [OR]" >> ${AF}
echo "RewriteCond %{REQUEST_URI} ^/${A}\$" >> ${AF}
echo "RewriteRule ^/${A}(.*) ${HTTP}${REDIRECT_HOST_OPT}/${P}\$1" >> ${AF}
echo "" >> ${AF}
fi
#For let's encrypt challenges
if [ "${IS_WELL_KNOWN}" = "yes" ]; then
LETSENCRYPT=`getDA_Opt letsencrypt 1`
if [ "${LETSENCRYPT}" = "1" ]; then
echo "Alias /${A} /var/www/html/${P}" >> ${AF}
fi
return;
fi
# "! -e /var/www/html/${A}" is used to add Alias'es for the RewriteRules that don't have /var/www/html/ALIAS
if [ "${HOST_ALIAS}" = "no" ] || [ ! -e /var/www/html/${A} ]; then
echo "Alias /${A} /var/www/html/${P}" >> ${AF}
fi
}
do_rewrite_httpd_alias() {
if [ -e ${WORKDIR}/custom/ap2/conf/extra/httpd-alias.conf ]; then
cp -pf ${WORKDIR}/custom/ap2/conf/extra/httpd-alias.conf /etc/httpd/conf/extra/httpd-alias.conf
else
HA=/etc/httpd/conf/extra/httpd-alias.conf
echo -n '' > ${HA}
if [ "${USE_HOSTNAME_FOR_ALIAS_OPT}" = "yes" ]; then
echo "RewriteEngine On" >> ${HA}
fi
#For let's encrypt challenges
LETSENCRYPT=`getDA_Opt letsencrypt 1`
if [ "${LETSENCRYPT}" = "1" ]; then
add_alias_redirect ${HA} .well-known/acme-challenge .well-known/acme-challenge
fi
add_alias_redirect ${HA} config redirect.php
if [ "${SQUIRRELMAIL_OPT}" = "yes" ]; then
add_alias_redirect ${HA} squirrelmail squirrelmail
fi
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
add_alias_redirect ${HA} roundcube roundcube
fi
WEBMAILLINK=`get_webmail_link`
if [ -e /var/www/html/${WEBMAILLINK} ]; then
add_alias_redirect ${HA} webmail ${WEBMAILLINK}
fi
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
add_alias_redirect ${HA} phpMyAdmin phpMyAdmin
add_alias_redirect ${HA} phpmyadmin phpMyAdmin
add_alias_redirect ${HA} pma phpMyAdmin
fi
if [ -s "${WEBAPPS_LIST}" ]; then
#https://forum.directadmin.com/showthread.php?t=48203&p=247343#post247343
echo "Adding custom webapps from ${WEBAPPS_LIST}"
cat ${WEBAPPS_LIST} | while read l; do
app=`echo "$l" | cut -d= -f1`
app_path=`echo "$l" | cut -d= -f2`
if [ "${app}" = "" ] || [ "${app_path}" = "" ]; then
echo "${boldon}Check your ${WEBAPPS_LIST}. A name or path is blank.${boldoff}"
echo "name=$app"
echo "path=$app_path"
continue
fi
if [ ! -e /var/www/html/${app_path} ]; then
echo "${boldon}Cannot find path /var/www/html/${app_path} for alias ${app}${boldoff}"
continue
fi
add_alias_redirect ${HA} ${app} ${app_path}
echo "Added ${app} pointing to ${app_path}"
done
fi
fi
}
add_nginx_alias_redirect() {
#A fake P real
F=$1
A=$2
P=$3
#Locations with regex have higher priority for URL-rewrites/aliases
printf "\tlocation ~ ^/${A} {\n" >> ${F}
printf "\t\trewrite ^/* /${P} last;\n" >> ${F}
printf "\t}\n" >> ${F}
}
add_nginx_alias() {
F=$1
A=$2
#Locations with regex (~ ^/alias) have higher priority for URL-rewrites/aliases
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
printf "\tlocation ^~ /${A} {\n" >> ${F}
printf "\t\troot /var/www/html/;\n" >> ${F}
printf "\t\tindex index.php index.html index.htm;\n" >> ${F}
printf "\t\tlocation ~ ^/${A}/(.+\.php)\$ {\n" >> ${F}
printf "\t\t\tinclude /etc/nginx/webapps_settings.conf;\n" >> ${F}
printf "\t\t}\n" >> ${F}
#protect RoundCube folders
if [ "${A}" = "roundcube" ]; then
printf "\t\tlocation ~ /${A}/(bin|SQL|config|logs|temp)/ {\n" >> ${F}
printf "\t\t\tdeny all;\n" >> ${F}
printf "\t\t}\n" >> ${F}
elif [ "${A}" = "phpMyAdmin" ]; then
printf "\t\tlocation ~ /${A}/log/ {\n" >> ${F}
printf "\t\t\tdeny all;\n" >> ${F}
printf "\t\t}\n" >> ${F}
fi
printf "\t\tlocation ~* ^/${A}/(.*(\.htaccess|\.htpasswd|\.user\.ini|\.env|\.git))\$ {\n" >> ${F}
printf "\t\t\tdeny all;\n" >> ${F}
printf "\t\t}\n" >> ${F}
printf "\t\tlocation ~* ^/${A}/(.+\\.(jpg|jpeg|gif|css|png|js|ico|html|webp|xml|txt))\$ {\n" >> ${F}
printf "\t\t\troot /var/www/html/;\n" >> ${F}
printf "\t\t}\n" >> ${F}
printf "\t}\n" >> ${F}
elif [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
getWebserverPorts
printf "\tlocation ^~ /${A} {\n" >> ${F}
printf "\t\troot /var/www/html/;\n" >> ${F}
printf "\t\tindex index.php index.html index.htm;\n" >> ${F}
printf "\t\tlocation ~ ^/${A}/ {\n" >> ${F}
printf "\t\t\taccess_log off;\n" >> ${F}
printf "\t\tset \$my_server_addr \$server_addr;\n" >> ${F}
printf "\t\tif (\$server_addr ~ ^[0-9a-fA-F:]+$) { set \$my_server_addr [\$server_addr]; }\n" >> ${F}
printf "\t\t\tproxy_pass http://\$my_server_addr:${PORT_8080};\n" >> ${F}
printf "\t\t\tproxy_set_header X-Client-IP \$remote_addr;\n" >> ${F}
printf "\t\t\tproxy_set_header X-Accel-Internal /$A/nginx_static_files;\n" >> ${F}
printf "\t\t\tproxy_set_header Host\t \$host;\n" >> ${F}
printf "\t\t\tproxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;\n" >> ${F}
printf "\t\t\tproxy_hide_header Upgrade;\n" >> ${F}
printf "\t\t}\n" >> ${F}
printf "\t\tlocation ~ ^/${A}/nginx_static_files/ {\n" >> ${F}
printf "\t\t\taccess_log /var/log/nginx/access_log_proxy;\n" >> ${F}
printf "\t\t\talias /var/www/html/;\n" >> ${F}
printf "\t\t\tinternal;\n" >> ${F}
printf "\t\t}\n" >> ${F}
printf "\t}\n" >> ${F}
fi
}
do_rewrite_nginx_webapps() {
if [ -e ${WORKDIR}/custom/nginx/conf/webapps.conf ] && [ "${WEBSERVER_OPT}" = "nginx" ]; then
cp -pf ${WORKDIR}/custom/nginx/conf/webapps.conf /etc/nginx/webapps.conf
elif [ -e ${WORKDIR}/custom/nginx_reverse/conf/webapps.conf ] && [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
cp -pf ${WORKDIR}/custom/nginx_reverse/conf/webapps.conf /etc/nginx/webapps.conf
else
NW=/etc/nginx/webapps.conf
: > ${NW}
#block .htaccess and .user.ini
printf '\tlocation ~ /(\\.htaccess|\\.htpasswd|\\.user\\.ini|\\.env|\\.git) {\n' >> ${NW}
printf '\t\tdeny all;\n' >> ${NW}
printf '\t}\n' >> ${NW}
#For let's encrypt challenges
LETSENCRYPT=`getDA_Opt letsencrypt 1`
if [ "${LETSENCRYPT}" = "1" ]; then
add_nginx_alias ${NW} .well-known/acme-challenge
fi
if [ "${SQUIRRELMAIL_OPT}" = "yes" ]; then
add_nginx_alias ${NW} squirrelmail
fi
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
add_nginx_alias ${NW} roundcube
fi
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
add_nginx_alias ${NW} phpMyAdmin
add_nginx_alias_redirect ${NW} phpmyadmin phpMyAdmin
add_nginx_alias_redirect ${NW} pma phpMyAdmin
fi
WEBMAILLINK=`get_webmail_link`
if [ -e /var/www/html/${WEBMAILLINK} ]; then
if [ "${WEBMAILLINK}" = "webmail" ]; then
add_nginx_alias ${NW} webmail
else
add_nginx_alias_redirect ${NW} webmail ${WEBMAILLINK}
fi
fi
if [ "${HTTP_METHODS_OPT}" != "ALL" ]; then
NGINX_HTTP_METHODS="`echo ${HTTP_METHODS_OPT} | tr ':' '|'`"
printf "\tif (\$request_method !~ ^(${NGINX_HTTP_METHODS})\$ ) {\n" >> ${NW}
printf '\t\treturn 444;\n' >> ${NW}
printf '\t}\n' >> ${NW}
fi
fi
WAHC=webapps.hostname.conf
if [ -e ${WORKDIR}/custom/nginx/conf/${WAHC} ] && [ "${WEBSERVER_OPT}" = "nginx" ]; then
cp -pf ${WORKDIR}/custom/nginx/conf/${WAHC} /etc/nginx/${WAHC}
elif [ -e ${WORKDIR}/custom/nginx_reverse/conf/${WAHC} ] && [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
cp -pf ${WORKDIR}/custom/nginx_reverse/conf/${WAHC} /etc/nginx/${WAHC}
else
#In nginx-vhosts.conf we don't need to have "real" alias specified, because they already exist when acessing http://IP or http://hostname
NW_HOSTNAME=/etc/nginx/${WAHC}
: > ${NW_HOSTNAME}
#block .htaccess and .user.ini
printf '\tlocation ~ /(\\.htaccess|\\.htpasswd|\\.user\\.ini|\\.env|\\.git) {\n' >> ${NW_HOSTNAME}
printf '\t\tdeny all;\n' >> ${NW_HOSTNAME}
printf '\t}\n' >> ${NW_HOSTNAME}
#protect other places
printf '\tlocation ~ /(roundcube|webmail)/(bin|SQL|config|logs|temp)/ {\n' >> ${NW_HOSTNAME}
printf '\t\tdeny all;\n' >> ${NW_HOSTNAME}
printf '\t}\n' >> ${NW_HOSTNAME}
printf '\tlocation ~ /phpMyAdmin/log/ {\n' >> ${NW_HOSTNAME}
printf '\t\tdeny all;\n' >> ${NW_HOSTNAME}
printf '\t}\n' >> ${NW_HOSTNAME}
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
add_nginx_alias_redirect ${NW_HOSTNAME} phpmyadmin phpMyAdmin
add_nginx_alias_redirect ${NW_HOSTNAME} pma phpMyAdmin
fi
WEBMAILLINK=`get_webmail_link`
if [ ! -e /var/www/html/${WEBMAILLINK} ] && [ "${WEBMAILLINK}" != "webmail" ]; then
add_nginx_alias_redirect ${NW_HOSTNAME} webmail ${WEBMAILLINK}
fi
if [ -s "${WEBAPPS_LIST}" ]; then
#https://forum.directadmin.com/showthread.php?t=48203&p=247343#post247343
echo "Adding custom webapps from ${WEBAPPS_LIST}"
cat ${WEBAPPS_LIST} | while read l; do
app=`echo "$l" | cut -d= -f1`
app_path=`echo "$l" | cut -d= -f2`
if [ "${app}" = "" ] || [ "${app_path}" = "" ]; then
echo "${boldon}Check your ${WEBAPPS_LIST}. A name or path is blank.${boldoff}"
echo "name=$app"
echo "path=$app_path"
continue
fi
if [ ! -e /var/www/html/${app_path} ]; then
echo "${boldon}Cannot find path /var/www/html/${app_path} for alias ${app}${boldoff}"
continue
fi
if [ -e /var/www/html/${app} ] && [ "${app}" = "${app_path}" ]; then
add_nginx_alias ${NW} ${app}
else
add_nginx_alias_redirect ${NW} ${app} ${app_path}
fi
echo "Added ${app} pointing to ${app_path}"
done
fi
if [ "${HTTP_METHODS_OPT}" != "ALL" ]; then
NGINX_HTTP_METHODS="`echo ${HTTP_METHODS_OPT} | tr ':' '|'`"
printf "\tif (\$request_method !~ ^(${NGINX_HTTP_METHODS})\$ ) {\n" >> ${NW_HOSTNAME}
printf '\t\treturn 444;\n' >> ${NW_HOSTNAME}
printf '\t}\n' >> ${NW_HOSTNAME}
fi
fi
cp -pf /etc/nginx/webapps.conf /etc/nginx/webapps.ssl.conf
getWebserverPorts
perl -pi -e "s|:${PORT_8080}|:${PORT_8081}|" /etc/nginx/webapps.ssl.conf
perl -pi -e 's|http:|https:|' /etc/nginx/webapps.ssl.conf
if [ "${HAVE_FPM_CGI}" = "yes" ]; then
#update the webapps_settings.conf
#swap "fastcgi_pass unix:/usr/local/php54/sockets/webapps.sock;" if needed
#might be a better way to do this, other checks. Close enough for now.
PHP_REPLACE_STRING="`grep -m1 '^fastcgi_pass unix:/usr/local/php../sockets/webapps.sock;' /etc/nginx/webapps_settings.conf | cut -d/ -f4`"
if [ "${PHP_REPLACE_STRING}" = "" ]; then
PHP_REPLACE_STRING=php54
fi
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
perl -pi -e "s#${PHP_REPLACE_STRING}#php${PHP1_SHORTRELEASE}#" /etc/nginx/webapps_settings.conf
fi
fi
}
####################################################
create_httpd_nginx() {
CONF_FILE=${HTTPDCONF}/extra/httpd-nginx.conf
echo -n '' > ${CONF_FILE}
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ ! -e /usr/lib/apache/mod_aclr2.so ]; then
doModAclr2
elif [ -s ${STRINGS} ]; then
if ! ${STRINGS} /usr/lib/apache/mod_aclr2.so | grep -q -m1 'memmove'; then
doModAclr2
fi
fi
echo 'LoadModule aclr_module /usr/lib/apache/mod_aclr2.so' >> ${CONF_FILE}
echo 'AccelRedirectSet On' >> ${CONF_FILE}
echo 'AccelRedirectSize 1k' >> ${CONF_FILE}
echo 'RemoteIPHeader X-Client-IP' >> ${CONF_FILE}
echo 'RemoteIPInternalProxy 127.0.0.1' >> ${CONF_FILE}
if [ "${IPV6}" = "1" ]; then
echo 'RemoteIPInternalProxy ::1' >> ${CONF_FILE}
fi
echo 'RemoteIPInternalProxyList /usr/local/directadmin/data/admin/ip.list' >> ${CONF_FILE}
fi
}
ensure_dhparam() {
DHF=$1
MD5="6377960551b81b27240486a0e2680ef8"
if [ -s ${DHF} ]; then
FMD5=`$MD5SUM ${DHF} | cut -d\ -f1`
else
FMD5=""
fi
if [ "${MD5}" != "${FMD5}" ]; then
safeDownloadWithMove "${DHF}" "${WEBPATH}/dhe/ffdhe4096.pem"
fi
if [ ! -s ${DHF} ]; then
echo "Creating dhparam in ${DHF}"
/usr/bin/openssl dhparam -out ${DHF} 4096
fi
}
ensure_ecparam() {
ECF=$1
if [ ! -s ${ECF} ]; then
echo "Creating ecparam in ${ECF}";
openssl ecparam -out ${ECF} -name prime256v1 -genkey
fi
}
check_http2_prefork_message() {
initHTTP2var
if [ "${HTTP2}" = "1" ] && [ "${WEBSERVER_OPT}" = "apache" ]; then
echo "**************************************"
echo ""
echo "${boldon}Apache 2.4.27 and higher will not negotiate http2 with mpm_prefork. Please do not use mod_php${boldoff} or disable http2 in the directadmin.conf";
echo "https://www.apache.org/dist/httpd/CHANGES_2.4.27"
echo ""
echo "**************************************"
fi
}
set_apache_mpm() {
if ! grep -m1 -q '/usr/lib/apache/mod_mpm_' ${PHPMODULES}; then
#Use event MPM for php-fpm and prefork for mod_php
if [ "${APACHE_MPM_OPT}" = "auto" ]; then
if [ "${HAVE_CLI}" = "no" ]; then
set_LoadModule mpm_event_module mod_mpm_event.so
else
set_LoadModule mpm_prefork_module mod_mpm_prefork.so
check_http2_prefork_message
fi
elif [ "${APACHE_MPM_OPT}" = "event" ]; then
set_LoadModule mpm_event_module mod_mpm_event.so
elif [ "${APACHE_MPM_OPT}" = "worker" ]; then
set_LoadModule mpm_worker_module mod_mpm_worker.so
else
set_LoadModule mpm_prefork_module mod_mpm_prefork.so
check_http2_prefork_message
fi
else
if [ "${APACHE_MPM_OPT}" = "auto" ]; then
if [ "${HAVE_CLI}" = "no" ]; then
MPM_NAME=event
else
MPM_NAME=prefork
fi
else
MPM_NAME=${APACHE_MPM_OPT}
fi
if ! grep -m1 -q "mpm_${MPM_NAME}_module" ${PHPMODULES}; then
if grep -m1 -q 'LoadModule mpm_[a-z]*_module /usr/lib/apache/mod_mpm_[a-z]*.so' ${PHPMODULES}; then
perl -pi -e "s#LoadModule mpm_[a-z]*_module /usr/lib/apache/mod_mpm_[a-z]*.so#LoadModule mpm_${MPM_NAME}_module /usr/lib/apache/mod_mpm_${MPM_NAME}.so#" ${PHPMODULES}
fi
fi
fi
}
initHTTP2var() {
HTTP2=`getDA_Opt http2 1`
}
set_http2() {
initHTTP2var
HTTP2_DACONF=1
if [ -s ${DACONF_FILE} ]; then
if grep -q -m1 'http2=0' ${DACONF_FILE}; then
HTTP2_DACONF=0
fi
fi
if [ ${HTTP2_DACONF} -ne 0 ] && [ -s ${DACONF_FILE} ]; then
if ! grep -q -m1 'http2=1' ${DACONF_FILE}; then
echo "Enabling http2 in directadmin.conf."
setVal http2 1 ${DACONF_TEMPLATE_FILE}
setVal http2 1 ${DACONF_FILE}
doRestartDA
HTTP2=1
fi
else
HTTP2=1
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ "${APACHE_VER_OPT}" = "2.4" ] && [ "${HTTP2}" = "1" ] && [ "${APACHE_MPM_OPT}" != "prefork" ] && [ "${PHP1_MODE_OPT}" != "mod_php" ] && [ -d /etc/httpd/conf/extra ]; then
if ! grep -m1 -q 'ProtocolsHonorOrder' ${PHPMODULES}; then
echo 'ProtocolsHonorOrder On' >> ${PHPMODULES}
echo 'Protocols h2 h2c http/1.1' >> ${PHPMODULES}
fi
fi
fi
}
rewrite_phpmodules() {
echo -n "" > ${PHPMODULES}
if [ "${HAVE_SUPHP_CGI}" = "yes" ]; then
set_LoadModule suphp_module mod_suphp.so
fi
set_http2
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
set_LoadModule ruid2_module mod_ruid2.so
if ! grep -m1 -q '^Mutex ' ${PHPMODULES}; then
echo "Mutex posixsem" >> ${PHPMODULES}
fi
fi
if [ "${MOD_RUID2_OPT}" = "no" ] && [ "${PHP1_MODE_OPT}" = "lsphp" ]; then
if ! grep -m1 -q '^Mutex ' ${PHPMODULES}; then
echo "Mutex posixsem" >> ${PHPMODULES}
fi
fi
if [ "${MODSECURITY_OPT}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ]; then
if grep -m1 -q "^LoadModule security2_module" /etc/httpd/conf/httpd.conf; then
perl -pi -e 's|^LoadModule security2_module|#LoadModule security2_module|' /etc/httpd/conf/httpd.conf
fi
echo "Include /etc/httpd/conf/extra/httpd-modsecurity.conf" >> ${PHPMODULES}
cp -pf ${MODSECURITY_APACHE_INCLUDE} /etc/httpd/conf/extra/httpd-modsecurity.conf
if [ -e /usr/lib/libxml2.so ] && [ ! -e /usr/local/lib/libxml2.so ]; then
perl -pi -e 's|LoadFile /usr/local/lib/libxml2.so|LoadFile /usr/lib/libxml2.so|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
elif [ -e /usr/lib64/libxml2.so ] && [ ! -e /usr/local/lib/libxml2.so ]; then
perl -pi -e 's|LoadFile /usr/local/lib/libxml2.so|LoadFile /usr/lib64/libxml2.so|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
elif [ -e /usr/lib/x86_64-linux-gnu/libxml2.so ] && [ ! -e /usr/local/lib/libxml2.so ]; then
perl -pi -e 's|LoadFile /usr/local/lib/libxml2.so|LoadFile /usr/lib/x86_64-linux-gnu/libxml2.so|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
elif [ -e /usr/lib/aarch64-linux-gnu/libxml2.so ] && [ ! -e /usr/local/lib/libxml2.so ]; then
perl -pi -e 's|LoadFile /usr/local/lib/libxml2.so|LoadFile /usr/lib/aarch64-linux-gnu/libxml2.so|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
perl -pi -e 's|^Load|#Load|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
fi
doModSecurityRules norestart
elif [ -s /etc/httpd/conf/extra/httpd-modsecurity.conf ]; then
if grep -m1 -q '^LoadModule security2_module' /etc/httpd/conf/extra/httpd-modsecurity.conf; then
perl -pi -e 's|^Load|#Load|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
fi
fi
elif [ -s /etc/httpd/conf/extra/httpd-modsecurity.conf ]; then
if grep -m1 -q '^LoadModule security2_module' /etc/httpd/conf/extra/httpd-modsecurity.conf; then
perl -pi -e 's|^Load|#Load|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
fi
fi
if [ "${HTSCANNER_OPT}" = "yes" ]; then
if [ "${HAVE_FCGID}" = "yes" ] || [ "${HAVE_FPM_CGI}" = "yes" ] || [ "${HAVE_SUPHP_CGI}" = "yes" ]; then
set_LoadModule htscanner_module mod_htscanner2.so
fi
fi
set_apache_mpm
perl -pi -e 's/^LoadModule php4/\#LoadModule php4/' /etc/httpd/conf/httpd.conf
perl -pi -e 's/^LoadModule php5/\#LoadModule php5/' /etc/httpd/conf/httpd.conf
perl -pi -e 's/^LoadModule php7/\#LoadModule php7/' /etc/httpd/conf/httpd.conf
perl -pi -e 's/^LoadModule php8/\#LoadModule php8/' /etc/httpd/conf/httpd.conf
# Add correct php module to httpd-phpmodules.conf
if [ "${PHP1_MODE_OPT}" = "mod_php" ]; then
if echo "${PHP1_RELEASE_OPT}" | grep -m1 -q '^5'; then
set_LoadModule php5_module libphp5.so
elif echo "${PHP1_RELEASE_OPT}" | grep -m1 -q '^7'; then
set_LoadModule php7_module libphp7.so
else
set_LoadModule php8_module libphp8.so
fi
fi
if [ "${HAVE_FCGID}" = "yes" ]; then
if ! grep -m1 -c 'fcgid_module' ${PHPMODULES}; then
set_LoadModule fcgid_module mod_fcgid.so
fi
if ! grep -m1 -c 'httpd-fcgid.conf' ${PHPMODULES}; then
echo "Include /etc/httpd/conf/extra/httpd-fcgid.conf" >> ${PHPMODULES}
fi
fi
set_http2
}
doImportCipherSuites() {
SSL_CONFIGURATION_OPT_UP="`echo ${SSL_CONFIGURATION_OPT} | tr '[a-z]' '[A-Z]'`"
#older boxes might not support intermediate or modern. Rewriting with either may kill those services.
#must have OpenSSL 1.0.1 or higher for intermedaite+
if [ "${SSL_CONFIGURATION_OPT_UP}" = "INTERMEDIATE" ] || [ "${SSL_CONFIGURATION_OPT_UP}" = "MODERN" ]; then
OV=`openssl_version`
if [ "${OV}" != "" ] && [ "`version_cmp ${OV} 1.0.1 'doImportCipherSuites check for openssl 1.0.1 ver check'`" -lt 0 ]; then
echo "${boldon}*** ssl_configuration=${SSL_CONFIGURATION_OPT_UP} will try to use TLSv1.2, which your OpenSSL version ${OV} does not support.${boldoff}"
echo "${boldon}Dropping this write down to ssl_configuration=old. You may want to make this permanent: './build set ssl_configuration old' or update your OS${boldoff}"
SSL_CONFIGURATION_OPT_UP=OLD
fi
fi
#MODERN is not there, as it's the default (empty) in service configuration
INTERMEDIATE_CIPHERSUITE="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256"
OLD_CIPHERSUITE="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
}
doSslConfigurationWebserver() {
doImportCipherSuites
#Do cleanup of old files in configure/ap2/conf/extra/ direcotry
if [ -e configure/ap2/conf/extra/httpd-ssl-protocol.old.conf ]; then
rm -f configure/ap2/conf/extra/httpd-ssl-protocol.old.conf
fi
if [ -e configure/ap2/conf/extra/httpd-ssl-protocol.intermediate.conf ]; then
rm -f configure/ap2/conf/extra/httpd-ssl-protocol.intermediate.conf
fi
if [ -e configure/ap2/conf/extra/httpd-ssl-protocol.modern.conf ]; then
rm -f configure/ap2/conf/extra/httpd-ssl-protocol.modern.conf
fi
MODERN_APACHE_SSL_PROTOCOLS="SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2"
MODERN_APACHE_SSL_CIPHERSUITE=""
MODERN_NGINX_SSL_PROTOCOLS="ssl_protocols TLSv1.3;"
MODERN_NGINX_SSL_CIPHERSUITE="ssl_ciphers DEFAULT;"
MODERN_OLS_SSL_PROTOCOLS="sslProtocol 16"
MODERN_OLS_SSL_CIPHERSUITE=""
INTERMEDIATE_APACHE_SSL_PROTOCOLS="SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1"
INTERMEDIATE_APACHE_SSL_CIPHERSUITE="SSLCipherSuite ${INTERMEDIATE_CIPHERSUITE}"
INTERMEDIATE_NGINX_SSL_PROTOCOLS="ssl_protocols TLSv1.2 TLSv1.3;"
INTERMEDIATE_NGINX_SSL_CIPHERSUITE="ssl_ciphers ${INTERMEDIATE_CIPHERSUITE};"
INTERMEDIATE_OLS_SSL_PROTOCOLS="sslProtocol 24"
INTERMEDIATE_OLS_SSL_CIPHERSUITE="ciphers ${INTERMEDIATE_CIPHERSUITE}"
OLD_APACHE_SSL_PROTOCOLS="SSLProtocol all -SSLv3"
OLD_APACHE_SSL_CIPHERSUITE="SSLCipherSuite ${OLD_CIPHERSUITE}"
OLD_NGINX_SSL_PROTOCOLS="ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;"
OLD_NGINX_SSL_CIPHERSUITE="ssl_ciphers ${OLD_CIPHERSUITE};"
OLD_OLS_SSL_PROTOCOLS="sslProtocol 30"
OLD_OLS_SSL_CIPHERSUITE="ciphers ${OLD_CIPHERSUITE}"
APACHE_SSL_PROTOCOLS="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_APACHE_SSL_PROTOCOLS)"
APACHE_SSL_CIPHERSUITE="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_APACHE_SSL_CIPHERSUITE)"
NGINX_SSL_PROTOCOLS="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_NGINX_SSL_PROTOCOLS)"
NGINX_SSL_PROXY_PROTOCOLS="proxy_$(eval_var ${SSL_CONFIGURATION_OPT_UP}_NGINX_SSL_PROTOCOLS)"
NGINX_SSL_CIPHERSUITE="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_NGINX_SSL_CIPHERSUITE)"
NGINX_SSL_PROXY_CIPHERSUITE="proxy_$(eval_var ${SSL_CONFIGURATION_OPT_UP}_NGINX_SSL_CIPHERSUITE)"
OLS_SSL_PROTOCOLS="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_OLS_SSL_PROTOCOLS)"
OLS_SSL_CIPHERSUITE="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_OLS_SSL_CIPHERSUITE)"
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ ! -e ${WORKDIR}/custom/ap2/conf/extra/httpd-ssl.conf ]; then
perl -pi -e "s|^SSLProtocol.*|${APACHE_SSL_PROTOCOLS}|g" /etc/httpd/conf/extra/httpd-ssl.conf
perl -pi -e "s|^SSLCipherSuite.*|${APACHE_SSL_CIPHERSUITE}|g" /etc/httpd/conf/extra/httpd-ssl.conf
if [ -s /etc/httpd/conf/ssl.crt/server.crt.combined ]; then
perl -pi -e 's|/etc/httpd/conf/ssl\.crt/server\.crt$|/etc/httpd/conf/ssl.crt/server.crt.combined|g' /etc/httpd/conf/extra/httpd-ssl.conf
perl -pi -e 's|^SSLCACertificateFile|#SSLCACertificateFile|g' /etc/httpd/conf/extra/httpd-ssl.conf
perl -pi -e 's|/etc/httpd/conf/ssl\.crt/server\.crt$|/etc/httpd/conf/ssl.crt/server.crt.combined|g' /etc/httpd/conf/extra/httpd-vhosts.conf
perl -pi -e 's| SSLCACertificateFile| #SSLCACertificateFile|g' /etc/httpd/conf/extra/httpd-vhosts.conf
fi
if ! grep -m1 -q 'SSLOpenSSLConfCmd' /etc/httpd/conf/extra/httpd-ssl.conf; then
# Needs OpenSSL 1.0.2 or higher
OV=`openssl_version`
if [ "${OV}" != "" ] && [ "`version_cmp ${OV} 1.0.2 'apache SSLOpenSSLConfCmd support for openssl 1.0.2 ver check'`" -ge 0 ]; then
echo 'SSLOpenSSLConfCmd DHParameters "/etc/httpd/conf/ssl.crt/dhparams.pem"' >> /etc/httpd/conf/extra/httpd-ssl.conf
fi
fi
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ] && [ ! -e ${WORKDIR}/custom/nginx_reverse/conf/nginx-defaults.conf ]; then
perl -pi -e "s|^ssl_protocols.*|${NGINX_SSL_PROTOCOLS}|g" /etc/nginx/nginx-defaults.conf
perl -pi -e "s|^ssl_ciphers.*|${NGINX_SSL_CIPHERSUITE}|g" /etc/nginx/nginx-defaults.conf
perl -pi -e "s|^proxy_ssl_protocols.*|proxy_${NGINX_SSL_PROTOCOLS}|g" /etc/nginx/nginx-defaults.conf
perl -pi -e "s|^proxy_ssl_ciphers.*|proxy_${NGINX_SSL_CIPHERSUITE}|g" /etc/nginx/nginx-defaults.conf
fi
fi
if [ "${WEBSERVER_OPT}" = "nginx" ] && [ ! -e ${WORKDIR}/custom/nginx/conf/nginx-defaults.conf ]; then
perl -pi -e "s|^ssl_protocols.*|${NGINX_SSL_PROTOCOLS}|g" /etc/nginx/nginx-defaults.conf
perl -pi -e "s|^ssl_ciphers.*|${NGINX_SSL_CIPHERSUITE}|g" /etc/nginx/nginx-defaults.conf
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ] && [ ! -e ${WORKDIR}/openlitespeed/conf/httpd-vhosts.conf ]; then
perl -pi -e "s| sslProtocol.*| ${OLS_SSL_PROTOCOLS}|g" /usr/local/lsws/conf/httpd-vhosts.conf
perl -pi -e "s| ciphers.*| ${OLS_SSL_CIPHERSUITE}|g" /usr/local/lsws/conf/httpd-vhosts.conf
fi
}
doSslConfigurationFtp() {
doImportCipherSuites
MODERN_PROFTPD_SSL_PROTOCOLS="TLSProtocol ALL -TLSv1 -TLSv1.1 -TLSv1.2"
MODERN_PROFTPD_SSL_CIPHERSUITE=""
MODERN_PUREFTPD_SSL_CIPHERSUITE=""
INTERMEDIATE_PROFTPD_SSL_PROTOCOLS="TLSProtocol ALL -TLSv1 -TLSv1.1"
IMTERMEDIATE_PROFTPD_SSL_CIPHERSUITE="TLSCipherSuite ${INTERMEDIATE_CIPHERSUITE}"
INTERMEDIATE_PUREFTPD_SSL_CIPHERSUITE="TLSCipherSuite HIGH"
OLD_PROFTPD_SSL_PROTOCOLS="TLSProtocol ALL"
OLD_PROFTPD_SSL_CIPHERSUITE="TLSCipherSuite ${OLD_CIPHERSUITE}"
OLD_PUREFTPD_SSL_CIPHERSUITE="TLSCipherSuite HIGH:MEDIUM:+TLSv1"
PROFTPD_SSL_PROTOCOLS="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_PROFTPD_SSL_PROTOCOLS)"
PROFTPD_SSL_CIPHERSUITE="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_PROFTPD_SSL_CIPHERSUITE)"
PUREFTPD_SSL_CIPHERSUITE="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_PUREFTPD_SSL_CIPHERSUITE)"
if [ "${FTPD_OPT}" = "proftpd" ] && [ ! -e ${WORKDIR}/custom/proftpd/conf/proftpd.conf ]; then
perl -pi -e "s|TLSCipherSuite .*|${PROFTPD_SSL_CIPHERSUITE}|g" /etc/proftpd.conf
perl -pi -e "s|TLSProtocol .*|${PROFTPD_SSL_PROTOCOLS}|g" /etc/proftpd.conf
if openssl x509 -in /etc/exim.cert -text -noout | grep -i 'Public Key Algorithm' | grep -q 'ecPub'; then
perl -pi -e 's|TLSRSACertificateFile|TLSECCertificateFile|g' /etc/proftpd.conf
perl -pi -e 's|TLSRSACertificateKeyFile|TLSECCertificateKeyFile|g' /etc/proftpd.conf
else
perl -pi -e 's|TLSECCertificateFile|TLSRSACertificateFile|g' /etc/proftpd.conf
perl -pi -e 's|TLSECCertificateKeyFile|TLSRSACertificateKeyFile|g' /etc/proftpd.conf
fi
elif [ "${FTPD_OPT}" = "pureftpd" ] && [ ! -e ${WORKDIR}/custom/pureftpd/pure-ftpd.conf ] && [ -s /etc/pure-ftpd.conf ]; then
perl -pi -e "s|^TLSCipherSuite.*|${PUREFTPD_SSL_CIPHERSUITE}|g" /etc/pure-ftpd.conf
fi
}
doSslConfigurationEmail() {
doImportCipherSuites
MODERN_DOVECOT_SSL_PROTOCOLS="ssl_min_protocol = TLSv1.3"
MODERN_DOVECOT_SSL_CIPHERSUITE=""
MODERN_EXIM_SSL_PROTOCOLS="openssl_options = +no_sslv2 +no_sslv3 +no_tlsv1 +no_tlsv1_1 +no_tlsv1_2 +cipher_server_preference"
MODERN_EXIM_SSL_CIPHERSUITE=""
INTERMEDIATE_DOVECOT_SSL_PROTOCOLS="ssl_min_protocol = TLSv1.2"
INTERMEDIATE_DOVECOT_SSL_CIPHERSUITE="ssl_cipher_list = ${INTERMEDIATE_CIPHERSUITE}"
INTERMEDIATE_EXIM_SSL_PROTOCOLS="openssl_options = +no_sslv2 +no_sslv3 +no_tlsv1 +no_tlsv1_1 +cipher_server_preference"
INTERMEDIATE_EXIM_SSL_CIPHERSUITE="tls_require_ciphers = ${INTERMEDIATE_CIPHERSUITE}"
OLD_DOVECOT_SSL_PROTOCOLS="ssl_min_protocol = TLSv1"
OLD_DOVECOT_SSL_CIPHERSUITE="ssl_cipher_list = ${OLD_CIPHERSUITE}"
OLD_EXIM_SSL_PROTOCOLS="openssl_options = +no_sslv2 +no_sslv3 +cipher_server_preference"
OLD_EXIM_SSL_CIPHERSUITE="tls_require_ciphers = ${OLD_CIPHERSUITE}"
DOVECOT_SSL_PROTOCOLS="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_DOVECOT_SSL_PROTOCOLS)"
DOVECOT_SSL_CIPHERSUITE="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_DOVECOT_SSL_CIPHERSUITE)"
EXIM_SSL_PROTOCOLS="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_EXIM_SSL_PROTOCOLS)"
EXIM_SSL_CIPHERSUITE="$(eval_var ${SSL_CONFIGURATION_OPT_UP}_EXIM_SSL_CIPHERSUITE)"
if [ "${DOVECOT_OPT}" = "yes" ] && [ "${DOVECOT_CONF_OPT}" = "yes" ] && [ ! -e ${WORKDIR}/custom/dovecot/conf/ssl.conf ] && [ -s /etc/dovecot/conf/ssl.conf ]; then
perl -pi -e "s|^ssl_min_protocol.*|${DOVECOT_SSL_PROTOCOLS}|g" /etc/dovecot/conf/ssl.conf
perl -pi -e "s|^ssl_cipher_list.*|${DOVECOT_SSL_CIPHERSUITE}|g" /etc/dovecot/conf/ssl.conf
if [ "${SSL_CONFIGURATION_OPT}" = "old" ] && ! grep -m1 -q 'ssl_prefer_server_ciphers' /etc/dovecot/conf/ssl.conf; then
echo 'ssl_prefer_server_ciphers = yes' >> /etc/dovecot/conf/ssl.conf
fi
fi
if [ "${EXIM_OPT}" = "yes" ] && [ "${EXIMCONF_OPT}" = "yes" ] && [ -s /etc/exim.variables.conf.default ]; then
perl -pi -e "s|^openssl_options.*|${EXIM_SSL_PROTOCOLS}|g" /etc/exim.variables.conf.default
perl -pi -e "s|^tls_require_ciphers.*|${EXIM_SSL_CIPHERSUITE}|g" /etc/exim.variables.conf.default
fi
}
doRewriteCLPhpHandler() {
if [ -d /etc/container ] && [ "${CLOUDLINUX_OPT}" = "yes" ]; then
echo "Configuring /etc/container/php.handler..."
if [ "${PHP1_MODE_OPT}" = "lsphp" ]; then
mkdir -p /opt/alt/php.perdir/php${PHP1_SHORTRELEASE}/bin
ln -sf /usr/local/php${PHP1_SHORTRELEASE}/bin/lsphp /opt/alt/php.perdir/php${PHP1_SHORTRELEASE}/bin/lsphp
if grep -m1 -q "x-httpd-php${PHP1_SHORTRELEASE}" /etc/container/php.handler; then
sed -i "/x-httpd-php${PHP1_SHORTRELEASE}/d" /etc/container/php.handler
fi
echo "application/x-httpd-php${PHP1_SHORTRELEASE} /usr/local/bin/lsphp" >> /etc/container/php.handler
if grep -m1 -q "x-httpd-php " /etc/container/php.handler; then
sed -i "/x-httpd-php /d" /etc/container/php.handler
fi
echo "application/x-httpd-php /usr/local/bin/lsphp" >> /etc/container/php.handler
fi
if [ "${PHP2_MODE_OPT}" = "lsphp" ]; then
mkdir -p /opt/alt/php.perdir/php${PHP2_SHORTRELEASE}/bin
ln -sf /usr/local/php${PHP2_SHORTRELEASE}/bin/lsphp /opt/alt/php.perdir/php${PHP2_SHORTRELEASE}/bin/lsphp
if ! grep -m1 -q "^application/x-httpd-php${PHP2_SHORTRELEASE} " /etc/container/php.handler; then
echo "application/x-httpd-php${PHP2_SHORTRELEASE} /opt/alt/php.perdir/php${PHP2_SHORTRELEASE}/bin/lsphp" >> /etc/container/php.handler
elif grep -m1 -q "^application/x-httpd-php${PHP2_SHORTRELEASE} /usr/local/php${PHP2_SHORTRELEASE}/bin/lsphp" /etc/container/php.handler; then
perl -pi -e "s|^application/x-httpd-php${PHP2_SHORTRELEASE} /usr/local/php${PHP2_SHORTRELEASE}/bin/lsphp|application/x-httpd-php${PHP2_SHORTRELEASE} /usr/local/php${PHP2_SHORTRELEASE}/bin/lsphp|g" /etc/container/php.handler
fi
fi
if [ "${PHP3_MODE_OPT}" = "lsphp" ]; then
mkdir -p /opt/alt/php.perdir/php${PHP3_SHORTRELEASE}/bin
ln -sf /usr/local/php${PHP3_SHORTRELEASE}/bin/lsphp /opt/alt/php.perdir/php${PHP3_SHORTRELEASE}/bin/lsphp
if ! grep -m1 -q "^application/x-httpd-php${PHP3_SHORTRELEASE} " /etc/container/php.handler; then
echo "application/x-httpd-php${PHP3_SHORTRELEASE} /opt/alt/php.perdir/php${PHP3_SHORTRELEASE}/bin/lsphp" >> /etc/container/php.handler
elif grep -m1 -q "^application/x-httpd-php${PHP3_SHORTRELEASE} /usr/local/php${PHP3_SHORTRELEASE}/bin/lsphp" /etc/container/php.handler; then
perl -pi -e "s|^application/x-httpd-php${PHP3_SHORTRELEASE} /usr/local/php${PHP3_SHORTRELEASE}/bin/lsphp|application/x-httpd-php${PHP3_SHORTRELEASE} /usr/local/php${PHP3_SHORTRELEASE}/bin/lsphp|g" /etc/container/php.handler
fi
fi
if [ "${PHP4_MODE_OPT}" = "lsphp" ]; then
mkdir -p /opt/alt/php.perdir/php${PHP4_SHORTRELEASE}/bin
ln -sf /usr/local/php${PHP4_SHORTRELEASE}/bin/lsphp /opt/alt/php.perdir/php${PHP4_SHORTRELEASE}/bin/lsphp
if ! grep -m1 -q "^application/x-httpd-php${PHP4_SHORTRELEASE} " /etc/container/php.handler; then
echo "application/x-httpd-php${PHP4_SHORTRELEASE} /opt/alt/php.perdir/php${PHP4_SHORTRELEASE}/bin/lsphp" >> /etc/container/php.handler
elif grep -m1 -q "^application/x-httpd-php${PHP4_SHORTRELEASE} /usr/local/php${PHP4_SHORTRELEASE}/bin/lsphp" /etc/container/php.handler; then
perl -pi -e "s|^application/x-httpd-php${PHP4_SHORTRELEASE} /usr/local/php${PHP4_SHORTRELEASE}/bin/lsphp|application/x-httpd-php${PHP4_SHORTRELEASE} /usr/local/php${PHP4_SHORTRELEASE}/bin/lsphp|g" /etc/container/php.handler
fi
fi
fi
}
doRewriteConfs() {
quitIfLocked doRewriteConfs
cd ${CWD}
if [ "${UNIT_OPT}" = "yes" ] && [ -e /var/run/unit/control.sock ]; then
echo "action=rewrite&value=nginx_unit" >> ${TASK_QUEUE}
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ ! -e httpd-${APACHE2_VER}.tar.gz ]; then
getFile httpd-${APACHE2_VER}.tar.gz
fi
if [ ! -e httpd-${APACHE2_VER}.tar.gz ]; then
echo "File httpd-${APACHE2_VER}.tar.gz does not exist. Cannot rewrite configs"
else
tar xzf httpd-${APACHE2_VER}.tar.gz --no-same-owner
fi
if [ ! -d httpd-${APACHE2_VER} ]; then
echo "Directory httpd-${APACHE2_VER} does not exist. Cannot rewrite configs"
fi
#copy the new configs
cp -rf ${APCONFDIR} ${HTTPDDIR}
cp -f ${APCONFDIR}/httpd.conf ${HTTPD_CONF}
cp -f ${APCONFDIR}/extra/httpd-mpm.conf ${HTTPDCONF}/extra/httpd-mpm.conf
perl -pi -e 's/^DefaultType/#DefaultType/' ${HTTPD_CONF}
HDC=httpd-directories-old.conf
ln -sf $HDC ${HTTPDCONF}/extra/httpd-directories.conf
doApacheHostConf
doPasswdServerStatus
if [ "${APCUSTOMCONFDIR}" != "0" ]; then
cp -rf ${APCUSTOMCONFDIR} ${HTTPDDIR}
fi
chmod 710 ${HTTPDDIR}/conf
if [ "${HTTP_METHODS_OPT}" != "ALL" ]; then
APACHE_HTTP_METHODS="`echo ${HTTP_METHODS_OPT} | tr ':' ' '`"
else
APACHE_HTTP_METHODS="reset"
fi
perl -pi -e "s#\|HTTP_METHODS\|#${APACHE_HTTP_METHODS}#g" ${HTTPDCONF}/extra/httpd-directories-old.conf
perl -pi -e "s#\|HTTP_METHODS\|#${APACHE_HTTP_METHODS}#g" ${HTTPDCONF}/extra/httpd-directories-new.conf
#swap the |WEBAPPS_PHP_RELEASE| token.
if [ "${PHP1_MODE_OPT}" = "php-fpm" ] || [ "${PHP2_MODE_OPT}" = "php-fpm" ] || [ "${PHP3_MODE_OPT}" = "php-fpm" ] || [ "${PHP4_MODE_OPT}" = "php-fpm" ]; then
PHPV=""
if [ "${PHP1_MODE_OPT}" = "php-fpm" ]; then
PHPV=`perl -e "print ${PHP1_RELEASE_OPT} * 10"`
elif [ "${PHP2_RELEASE_OPT}" != "no" ]; then
PHPV=`perl -e "print ${PHP2_RELEASE_OPT} * 10"`
elif [ "${PHP3_RELEASE_OPT}" != "no" ]; then
PHPV=`perl -e "print ${PHP3_RELEASE_OPT} * 10"`
elif [ "${PHP4_RELEASE_OPT}" != "no" ]; then
PHPV=`perl -e "print ${PHP4_RELEASE_OPT} * 10"`
fi
if [ "${PHPV}" != "" ]; then
perl -pi -e "s/\|WEBAPPS_PHP_RELEASE\|/${PHPV}/" ${HTTPDCONF}/extra/${HDC}
fi
fi
ensure_server_ca
doRewriteCLPhpHandler
#ensure we have the correct apache_ver
setVal apache_ver 2.0 ${DACONF_TEMPLATE_FILE}
setVal apache_ver 2.0 ${DACONF_FILE}
do_rewrite_httpd_alias
#rewrite ips.conf
echo "action=rewrite&value=ips" >> ${TASK_QUEUE}
run_dataskq
#tokenize the IP and ports
tokenize_IP
tokenize_ports
doVhosts
if [ "${MODSECURITY_OPT}" = "yes" ]; then
echo -n '' > /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
echo '<IfModule mod_security3.c>' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
echo 'modsecurity on' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
echo 'modsecurity_rules_file /etc/nginx/nginx-modsecurity.conf' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
create_global_modsecurity_rules
echo 'modsecurity_rules_file /usr/local/directadmin/data/admin/modsecurity_rules' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
echo '</IfModule>' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
cp -pf ${MODSECURITY_APACHE_INCLUDE} /etc/httpd/conf/extra/httpd-modsecurity.conf
else
echo -n '' > /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
fi
if [ ! -d /etc/httpd/conf/ssl.key ] || [ ! -d /etc/httpd/conf/ssl.crt ]; then
cd ${WORKDIR}
mkdir -p /etc/httpd/conf/ssl.key
mkdir -p /etc/httpd/conf/ssl.crt
#install the cert/key
/usr/bin/openssl req -x509 -newkey rsa:2048 -keyout /etc/httpd/conf/ssl.key/server.key -out /etc/httpd/conf/ssl.crt/server.crt -days 9999 -nodes -config ./${APCERTCONF}
chmod 600 ${HTTPDCONF}/ssl.crt/server.crt
chmod 600 ${HTTPDCONF}/ssl.key/server.key
cd ${CWD}
fi
doApacheCheck
rm -rf ${CWD}/httpd-${APACHE2_VER}
cd ${CWD}
echo -n "" > ${HTTPDCONF}/extra/httpd-nginx.conf
rewrite_phpmodules
if [ "${HAVE_FCGID}" = "yes" ]; then
if [ ! -d /usr/local/safe-bin ]; then
mkdir -p /usr/local/safe-bin
chmod 511 /usr/local/safe-bin
chown apache:apache /usr/local/safe-bin
fi
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
EVAL_CHECK_VAR=HAVE_FCGID${php_shortrelease}
if [ "$(eval_var ${EVAL_CHECK_VAR})" = "yes" ]; then
doSetupFcgidSh ${php_shortrelease}
fi
done
fi
if [ "${NEWCONFIGS}" = "1" ]; then
perl -pi -e 's/^LoadModule mod_php/\#LoadModule mod_php/' /etc/httpd/conf/httpd.conf
perl -pi -e 's/^LoadModule php/\#LoadModule php/' /etc/httpd/conf/httpd.conf
perl -pi -e 's/^LoadModule suphp/\#LoadModule suphp/' /etc/httpd/conf/httpd.conf
fi
WEBMAILLINK=`get_webmail_link`
perl -pi -e "s#Alias /webmail \"/var/www/html/roundcube/\"#Alias /webmail \"/var/www/html/${WEBMAILLINK}/\"#" /etc/httpd/conf/extra/httpd-alias.conf
doPhpConf
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
doModLsapi 0
fi
# Disable UserDir access if userdir_access=no is set in the options.conf file
if [ "${USERDIR_ACCESS_OPT}" = "no" ]; then
perl -pi -e 's#UserDir public_html#UserDir disabled#' /etc/httpd/conf/extra/httpd-vhosts.conf
#~username is enabled by default for litespeed, so explicitly turn it off.
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
perl -pi -e 's#^\#Include conf/extra/httpd-userdir.conf#Include conf/extra/httpd-userdir.conf#' ${HTTPD_CONF}
fi
else
perl -pi -e 's#UserDir disabled#UserDir public_html#' /etc/httpd/conf/extra/httpd-vhosts.conf
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
perl -pi -e 's#^Include conf/extra/httpd-userdir.conf#\#Include conf/extra/httpd-userdir.conf#' ${HTTPD_CONF}
fi
fi
create_httpd_nginx
doModSecurityAdj
doSslConfigurationWebserver
#Rewriting httpd configuration
if [ "${WEBSERVER_OPT}" != "nginx_apache" ]; then
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
run_dataskq
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "Restarting apache."
control_service httpd restart
elif [ "${WEBSERVER_OPT}" = "litespeed" ]; then
#Add CloudFlare to allow list
if grep -m1 -q '<allow>ALL</allow>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|<allow>ALL</allow>|<allow>ALL, 173.245.48.0/20T, 103.21.244.0/22T, 103.22.200.0/22T, 103.31.4.0/22T, 141.101.64.0/18T, 108.162.192.0/18T, 190.93.240.0/20T, 188.114.96.0/20T, 197.234.240.0/22T, 198.41.128.0/17T, 162.158.0.0/15T, 104.16.0.0/13T, 104.24.0.0/14T, 172.64.0.0/13T, 131.0.72.0/22T, 2400:cb00::/32T, 2606:4700::/32T, 2803:f800::/32T, 2405:b500::/32T, 2405:8100::/32T, 2a06:98c0::/29T, 2c0f:f248::/32T</allow>|g' /usr/local/lsws/conf/httpd_config.xml
fi
if ! grep -m1 -q '<useIpInProxyHeader>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|<showVersionNumber>0</showVersionNumber>|<showVersionNumber>0</showVersionNumber>\n <useIpInProxyHeader>2</useIpInProxyHeader>|g' /usr/local/lsws/conf/httpd_config.xml
fi
if ! grep -m1 -q '<cgroups>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|</CGIRLimit>| <cgroups>2</cgroups>\n </CGIRLimit>|g' /usr/local/lsws/conf/httpd_config.xml
fi
echo "Restarting litespeed."
control_service litespeed reload
#Reload detached lsphp processes
touch /usr/local/lsws/admin/tmp/.lsphp_restart.txt
fi
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
#copy the new configs
cp -rf ${OPENLITESPEEDCONFDIR}/* ${LSWS_HOME}/conf
do_rewrite_openlitespeed_webapps
ensure_server_ca
#rewrite ips.conf
echo "action=rewrite&value=openlitespeed" >> ${TASK_QUEUE}
echo "action=rewrite&value=ips" >> ${TASK_QUEUE}
run_dataskq
doVhosts
if [ ! -e ${LSWS_HOME}/directadmin-ips.conf ]; then
touch ${LSWS_HOME}/directadmin-ips.conf
fi
if [ ! -e ${LSWS_HOME}/conf/httpd-includes.conf ]; then
touch ${LSWS_HOME}/conf/httpd-includes.conf
fi
if [ "${MODSECURITY_OPT}" = "yes" ]; then
echo -n '' > ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
echo 'module mod_security {' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
echo 'modsecurity on' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
echo 'modsecurity_rules_file /usr/local/lsws/conf/httpd-modsecurity.conf' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
create_global_modsecurity_rules
echo 'modsecurity_rules_file /usr/local/directadmin/data/admin/modsecurity_rules' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
echo '}' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
cp -pf ${MODSECURITY_OPENLITESPEED_INCLUDE} ${LSWS_HOME}/conf/httpd-modsecurity.conf
else
echo -n '' > ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
fi
if [ "${OPENLITESPEEDCUSTOMCONFDIR}" != "0" ]; then
cp -rf ${OPENLITESPEEDCUSTOMCONFDIR}/* ${LSWS_HOME}/conf
fi
tokenize_IP
tokenize_ports
doPhpConf
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${CAGEFS_OPT}" = "yes" ]; then
OLS_ENABLELVE=2
elif [ "${CLOUDLINUX_OPT}" = "yes" ]; then
OLS_ENABLELVE=1
else
OLS_ENABLELVE=0
fi
if ! grep -m1 -q "^enableLVE.*=${OLS_ENABLELVE}" ${LSWS_HOME}/conf/httpd-defaults.conf; then
perl -pi -e "s|^enableLVE.*|enableLVE ${OLS_ENABLELVE}|g" ${LSWS_HOME}/conf/httpd-defaults.conf
fi
doModSecurityAdj
doSslConfigurationWebserver
echo "Restarting openlitespeed."
control_service litespeed stop >/dev/null 2>&1
control_service litespeed start
#Reload detached lsphp processes
touch /usr/local/lsws/admin/tmp/.lsphp_restart.txt
fi
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
#copy the new configs
cp -rf ${NGINXCONFDIR}/* ${NGINXCONF}
if [ ! -d ${NGINXCONF}/templates ]; then
mkdir -p ${NGINXCONF}/templates
fi
cp -rf ${NGINXTEMPLATESDIR}/* ${NGINXCONF}/templates
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
perl -pi -e "s|/usr/local/php${php_shortrelease}/sockets/webapps.sock|/usr/local/php${PHP1_SHORTRELEASE}/sockets/webapps.sock|" ${NGINXCONF}/nginx.conf
done
do_rewrite_nginx_webapps
ensure_server_ca
if [ "${MODSECURITY_OPT}" = "yes" ]; then
doModSecurityRules norestart
fi
#rewrite ips.conf
echo "action=rewrite&value=ips" >> ${TASK_QUEUE}
run_dataskq
doVhosts
if [ ! -e ${NGINXCONF}/directadmin-settings.conf ]; then
touch ${NGINXCONF}/directadmin-settings.conf
fi
if [ ! -e ${NGINXCONF}/directadmin-ips.conf ]; then
touch ${NGINXCONF}/directadmin-ips.conf
fi
if [ ! -e ${NGINXCONF}/nginx-includes.conf ]; then
touch ${NGINXCONF}/nginx-includes.conf
fi
if [ "${MODSECURITY_OPT}" = "yes" ]; then
echo -n '' > /etc/nginx/nginx-modsecurity-enable.conf
echo 'modsecurity on;' >> /etc/nginx/nginx-modsecurity-enable.conf
echo 'modsecurity_rules_file /etc/nginx/nginx-modsecurity.conf;' >> /etc/nginx/nginx-modsecurity-enable.conf
create_global_modsecurity_rules
echo 'modsecurity_rules_file /usr/local/directadmin/data/admin/modsecurity_rules;' >> /etc/nginx/nginx-modsecurity-enable.conf
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
cp -pf ${MODSECURITY_NGINX_INCLUDE} /etc/nginx/nginx-modsecurity.conf
elif [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
cp -pf ${MODSECURITY_NGINX_REVERSE_INCLUDE} /etc/nginx/nginx-modsecurity.conf
fi
else
echo -n '' > ${NGINXCONF}/nginx-modsecurity-enable.conf
fi
doSslConfigurationWebserver
if [ "${NGINXCUSTOMCONFDIR}" != "0" ]; then
cp -rf ${NGINXCUSTOMCONFDIR}/* ${NGINXCONF}/
fi
if [ "${NGINXCUSTOMEMPLATESDIR}" != "0" ]; then
cp -rf ${NGINXCUSTOMEMPLATESDIR}/* ${NGINXCONF}/templates/
fi
chmod 710 ${NGINXCONF}
if [ "${IPV6}" = "0" ]; then
perl -pi -e 's| listen \[::1\]:| #listen \[::1\]:|' ${NGINXCONF}/nginx-vhosts.conf
perl -pi -e 's| listen \[::1\]:| #listen \[::1\]:|' ${NGINXCONF}/nginx.conf
else
perl -pi -e 's| #listen \[::1\]:| listen \[::1\]:|' ${NGINXCONF}/nginx-vhosts.conf
perl -pi -e 's| #listen \[::1\]:| listen \[::1\]:|' ${NGINXCONF}/nginx.conf
fi
tokenize_IP
tokenize_ports
# Disable UserDir access if userdir_access=no is set in the options.conf file
if [ "${USERDIR_ACCESS_OPT}" = "no" ]; then
perl -pi -e 's| include /etc/nginx/nginx-userdir.conf;| #include /etc/nginx/nginx-userdir.conf;|' /etc/nginx/nginx-vhosts.conf
else
perl -pi -e 's| #include /etc/nginx/nginx-userdir.conf;| include /etc/nginx/nginx-userdir.conf;|' /etc/nginx/nginx-vhosts.conf
fi
doPhpConf
doModSecurityAdj
echo "action=rewrite&value=nginx" >> ${TASK_QUEUE}
run_dataskq
echo "Restarting nginx."
control_service nginx stop >/dev/null 2>&1
control_service nginx start
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
setVal nginx 0 ${DACONF_TEMPLATE_FILE}
setVal nginx 0 ${DACONF_FILE}
setVal nginx_proxy 1 ${DACONF_TEMPLATE_FILE}
setVal nginx_proxy 1 ${DACONF_FILE}
fi
ensure_webapps_tmp
doRestartDA
removeLockfile
}
####################################################
dospamassassinCron() {
CRONFILE=/etc/cron.${SA_UPDATE_OPT}/sa-update
#remove bits which may exist.
rm -f /etc/cron.daily/sa-update
rm -f /etc/cron.weekly/sa-update
rm -f /etc/cron.monthly/sa-update
if [ "${SA_UPDATE_OPT}" != "no" ]; then
echo "Installing sa-update cronjob..."
getFile sa-update.sh sa-update-sh
if [ ! -d /etc/cron.${SA_UPDATE_OPT} ]; then
do_exit 1 "You cannot run cronjob, because you do not have /etc/cron.${SA_UPDATE_OPT} directory."
fi
mv -f sa-update.sh ${CRONFILE}
chmod 755 ${CRONFILE}
else
echo "${boldon}It's recommended to have sa_update set to daily in the options.conf file to get SpamAssassin rules updated every day.${boldoff}"
fi
}
####################################################
doCron() {
cd ${CWD}
CRONFILE=/etc/cron.${CRON_FREQUENCY_OPT}/custombuild
#remove bits which may exist.
rm -f /etc/cron.daily/custombuild
rm -f /etc/cron.weekly/custombuild
rm -f /etc/cron.monthly/custombuild
if [ "${CRON_OPT}" != "yes" ]; then
rm -f ${CRONFILE}
do_exit 1 "You cannot run cronjob, because you do not have it set in options.conf file."
fi
if [ ! -d /etc/cron.${CRON_FREQUENCY_OPT} ]; then
do_exit 1 "You cannot run cronjob, because you do not have /etc/cron.${CRON_FREQUENCY_OPT} directory."
fi
#ensure mail exists.
if [ "${NOTIFICATIONS_OPT}" = "yes" ]; then
if [ ! -x /bin/mail ] && [ ! -x /usr/bin/mail ] && [ ! -x /usr/local/bin/mail ]; then
echo "Did not find mail command, installing s-nail..."
doSnail
fi
fi
echo -n '' > ${CRONFILE}
echo '#!/bin/sh' >> ${CRONFILE}
echo 'if [ -d /usr/local/directadmin/custombuild/custom/hooks/cron_execute/pre ]; then' >> ${CRONFILE}
echo " find /usr/local/directadmin/custombuild/custom/hooks/cron_execute/pre -type f -name '*.sh' | while read line; do" >> ${CRONFILE}
echo ' . "$line"' >> ${CRONFILE}
echo ' done' >> ${CRONFILE}
echo ' HOOK_ERROR_CODE=$?' >> ${CRONFILE}
echo ' if [ ${HOOK_ERROR_CODE} -ne 0 ]; then' >> ${CRONFILE}
echo ' echo "Hook exited with error code: ${HOOK_ERROR_CODE}."' >> ${CRONFILE}
echo ' fi' >> ${CRONFILE}
echo 'fi' >> ${CRONFILE}
echo 'cd /usr/local/directadmin/custombuild' >> ${CRONFILE}
echo './build update >/dev/null 2>&1' >> ${CRONFILE}
if [ "${NOTIFICATIONS_OPT}" = "yes" ] || [ "${UPDATES_OPT}" = "yes" ] || [ "${WEBAPPS_UPDATES_OPT}" = "yes" ]; then
echo "AVAIL_UPDATES=\"\`./build versions_nobold | grep -c -e 'update is available.'\`\"" >> ${CRONFILE}
echo 'if [ "${AVAIL_UPDATES}" -gt 0 ]; then' >> ${CRONFILE}
if [ "${NOTIFICATIONS_OPT}" = "yes" ] && [ "${UPDATES_OPT}" = "no" ]; then
echo "./build versions_nobold | grep 'update is available.' | mail -s \"\${AVAIL_UPDATES} updates available for \`hostname\`\" ${EMAIL_OPT}" >> ${CRONFILE}
fi
if [ "${NOTIFICATIONS_OPT}" = "yes" ] && [ "${UPDATES_OPT}" = "yes" ]; then
echo "./build versions_nobold | grep 'update is available.' | mail -s \"\${AVAIL_UPDATES} updates running for \`hostname\`\" ${EMAIL_OPT}" >> ${CRONFILE}
fi
if [ "${UPDATES_OPT}" = "yes" ]; then
echo './build update_versions' >> ${CRONFILE}
fi
if [ "${UPDATES_OPT}" = "no" ] && [ "${WEBAPPS_UPDATES_OPT}" = "yes" ]; then
echo './build update_webapps' >> ${CRONFILE}
fi
echo 'fi' >> ${CRONFILE}
fi
echo 'if [ -d /usr/local/directadmin/custombuild/custom/hooks/cron_execute/post ]; then' >> ${CRONFILE}
echo " find /usr/local/directadmin/custombuild/custom/hooks/cron_execute/post -type f -name '*.sh' | while read line; do" >> ${CRONFILE}
echo ' . "$line"' >> ${CRONFILE}
echo ' done' >> ${CRONFILE}
echo ' HOOK_ERROR_CODE=$?' >> ${CRONFILE}
echo ' if [ ${HOOK_ERROR_CODE} -ne 0 ]; then' >> ${CRONFILE}
echo ' echo "Hook exited with error code: ${HOOK_ERROR_CODE}."' >> ${CRONFILE}
echo ' fi' >> ${CRONFILE}
echo 'fi' >> ${CRONFILE}
echo 'exit 0;' >> ${CRONFILE}
chmod 755 ${CRONFILE}
if [ "${NOTIFICATIONS_OPT}" = "yes" ]; then
echo "Cronjob is set for ${EMAIL_OPT}:"
fi
echo "Cronjob frequency: ${CRON_FREQUENCY_OPT}"
echo "Automatic notifications: ${NOTIFICATIONS_OPT}"
echo "Automatic updates: ${UPDATES_OPT}"
if [ "${SPAMD_OPT}" = "spamassassin" ]; then
dospamassassinCron
echo "Automatic SpamAssassin rule updates: ${SA_UPDATE_OPT}"
fi
}
####################################################
updateDovecot() {
cd ${CWD}
if [ "${DOVECOT_VER}" != "0" ]; then
getFile dovecot-${DOVECOT_VER}.tar.gz dovecot
fi
}
####################################################
doUpdateData() {
cd ${CWD}
getFile servers.txt servers
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
getFileCL cl-apache-patches.tar.gz cl-apache-patches
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
getFileCL mod_hostinglimits-${MOD_HOSTINGLIMITS_VER}.tar.gz mod_hostinglimits
getFileCL mod_proctitle-${MOD_PROCTITLE_VER}.tar.gz mod_proctitle
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
getFileCL mod_lsapi-${MOD_LSAPI_VER}.tar.gz mod_lsapi
fi
fi
if [ "${NGINX_VER}" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
getFile nginx-${NGINX_VER}.tar.gz nginx
fi
fi
if [ "${UNIT_VER}" != "0" ] && [ "${UNIT_OPT}" = "yes" ]; then
getFile unit/unit-${UNIT_VER}.tar.gz unit unit-${UNIT_VER}.tar.gz
fi
if [ "${APACHE2_VER}" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
getFile httpd-${APACHE2_VER}.tar.gz apache${APACHE_VER_OPT}
fi
fi
getFile apr-${APR_VER}.tar.gz apr
getFile apr-util-${APR_UTIL_VER}.tar.gz apr-util
if [ "${EASY_SPAM_FIGHTER_OPT}" = "yes" ]; then
if [ "${LIBSPF2_VER}" != "0" ]; then
getFile libspf2-${LIBSPF2_VER}.tar.gz libspf2
fi
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
getFileLSWS ${LITESPEED_NAME}.tar.gz ${LITESPEED_VER_NAME}
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
if [ "${B64}" = "2" ]; then
getFile openlitespeed/openlitespeed-${OPENLITESPEED_VER}.src.tgz openlitespeed_src openlitespeed-${OPENLITESPEED_VER}.src.tgz
else
getFile openlitespeed/openlitespeed-${OPENLITESPEED_VER}.tgz openlitespeed openlitespeed-${OPENLITESPEED_VER}.tgz
fi
fi
if [ "${HAVE_FCGID}" = "yes" ]; then
if [ "${MOD_FCGID_VER}" != "0" ]; then
getFile mod_fcgid-${MOD_FCGID_VER}.tar.gz mod_fcgid
fi
fi
if [ "${MODSECURITY_VER}" != "0" ] && [ "${MODSECURITY_OPT}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ]; then
getFile ${MODSECURITY_FILENAME}-${MODSECURITY_VER}.tar.gz ${MODSECURITY_FILENAME}
fi
if [ "${MODSECURITY_RULESET_OPT}" = "comodo" ]; then
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
getFileCWAF cwaf_rules_nginx_3-${CWAF_RULES_NGINX_VER}.tgz cwaf_rules_nginx_3
elif [ "${WEBSERVER_OPT}" = "litespeed" ]; then
getFileCWAF cwaf_rules_ls-${CWAF_RULES_LS_VER}.tgz cwaf_rules_ls
elif [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
getFileCWAF cwaf_rules_nginx_3-${CWAF_RULES_NGINX_VER}.tgz cwaf_rules_nginx_3
else
getFileCWAF cwaf_rules-${CWAF_RULES_VER}.tgz cwaf_rules
fi
elif [ "${MODSECURITY_RULESET_OPT}" = "owasp" ]; then
getFile owasp-modsecurity-crs-${OWASP_RULES_VER}.tar.gz owasp3_rules
fi
fi
if [ "${CURL_VER}" != "0" ] && [ "${CURL_OPT}" = "yes" ]; then
getFile curl-${CURL_VER}.tar.gz curl
fi
if [ "${PHP_IGBINARY_OPT}" = "yes" ]; then
if [ "${IGBINARY_VER}" != "0" ]; then
getFile php_extensions/igbinary/igbinary-${IGBINARY_VER}.tar.gz igbinary igbinary-${IGBINARY_VER}.tar.gz
fi
fi
if [ "${IMAGICK_OPT}" = "yes" ]; then
if [ "${IMAGICK_VER}" != "0" ]; then
getFile imagick/imagick-${IMAGICK_VER}.tgz imagick imagick-${IMAGICK_VER}.tar.gz
fi
if [ "${IMAGEMAGICK_VER}" != "0" ]; then
getFile imagick/ImageMagick-${IMAGEMAGICK_VER}.tar.gz imagemagick ImageMagick-${IMAGEMAGICK_VER}.tar.gz
fi
fi
if [ "${PHP_PHALCON_OPT}" = "yes" ]; then
if [ "${PHALCON_VER}" != "0" ]; then
getFile php_extensions/phalcon/phalcon-${PHALCON_VER}.tgz phalcon phalcon-${PHALCON_VER}.tar.gz
fi
if [ "${PSR_VER}" != "0" ]; then
getFile php_extensions/psr/psr-${PSR_VER}.tgz psr psr-${PSR_VER}.tar.gz
fi
fi
if [ "${PHP_SNUFFLEUPAGUS_OPT}" = "yes" ]; then
if [ "${SNUFFLEUPAGUS_VER}" != "0" ]; then
getFile php_extensions/snuffleupagus/snuffleupagus-${SNUFFLEUPAGUS_VER}.tar.gz snuffleupagus snuffleupagus-${SNUFFLEUPAGUS_VER}.tar.gz
fi
fi
if [ "${PHP_REDIS_OPT}" = "yes" ]; then
if [ "${PHPREDIS_VER}" != "0" ]; then
getFile php_extensions/redis/redis-${PHPREDIS_VER}.tgz phpredis redis-${PHPREDIS_VER}.tgz
fi
fi
if [ "${PHP_IMAP_OPT}" = "yes" ]; then
if [ "${IMAP_VER}" != "0" ]; then
getFile all/imap/imap-${IMAP_VER}.tar.gz imap imap-${IMAP_VER}.tar.gz
fi
fi
if [ "${LIBZIP_VER}" != "0" ]; then
getFile libzip-${LIBZIP_VER}.tar.gz libzip
fi
if [ "${SPAMD_OPT}" = "spamassassin" ]; then
if [ "${SPAMASSASSIN_VER}" != "0" ]; then
getFile Mail-SpamAssassin-${SPAMASSASSIN_VER}.tar.gz spamassassin
fi
fi
if [ "${SPAMD_OPT}" = "rspamd" ]; then
if [ "${RSPAMD_VER}" != "0" ]; then
getFile rspamd-${RSPAMD_VER}.tar.gz rspamd
fi
fi
if [ "${CLAMAV_OPT}" = "yes" ]; then
if [ "${CLAMAV_VER}" != "0" ]; then
getFile clamav-${CLAMAV_VER}.tar.gz clamav
fi
fi
if [ "${WEBALIZER_VER}" != "0" ]; then
getFile ${WEBALIZER_FILE} webalizer
fi
if [ "${FTPD_OPT}" = "proftpd" ]; then
if [ "${PROFTPD_VER}" != "0" ]; then
getFile proftpd-${PROFTPD_VER}.tar.gz proftpd
fi
fi
if [ "${SPAMD_OPT}" = "rspamd" ]; then
if [ "${RSPAMD_VER}" != "0" ]; then
getFile rspamd-${RSPAMD_VER}.tar.gz rspamd
fi
fi
if [ "${FTPD_OPT}" = "pureftpd" ]; then
if [ "${PUREFTPD_VER}" != "0" ]; then
getFile pure-ftpd-${PUREFTPD_VER}.tar.gz pureftpd
fi
fi
if [ "${ZEND_OPT}" = "yes" ]; then
if [ "${PHP1_RELEASE_OPT}" = "5.3" ] || [ "${PHP2_RELEASE_OPT}" = "5.3" ] || [ "${PHP3_RELEASE_OPT}" = "5.3" ] || [ "${PHP4_RELEASE_OPT}" = "5.3" ]; then
getFile ${ZENDFILE_GUARD53} ""
fi
if [ "${PHP1_RELEASE_OPT}" = "5.4" ] || [ "${PHP2_RELEASE_OPT}" = "5.4" ] || [ "${PHP3_RELEASE_OPT}" = "5.4" ] || [ "${PHP4_RELEASE_OPT}" = "5.4" ]; then
getFile ${ZENDFILE_GUARD54} ""
fi
fi
if [ "${PHP1_RELEASE_VER}" != "0" ]; then
getFile php-${PHP1_RELEASE_VER}.tar.gz php${PHP1_SHORTRELEASE}
fi
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
if [ "${PHP2_RELEASE_VER}" != "0" ]; then
getFile php-${PHP2_RELEASE_VER}.tar.gz php${PHP2_SHORTRELEASE}
fi
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
if [ "${PHP3_RELEASE_VER}" != "0" ]; then
getFile php-${PHP3_RELEASE_VER}.tar.gz php${PHP3_SHORTRELEASE}
fi
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
if [ "${PHP4_RELEASE_VER}" != "0" ]; then
getFile php-${PHP4_RELEASE_VER}.tar.gz php${PHP4_SHORTRELEASE}
fi
fi
if [ "${EXIM_OPT}" = "yes" ]; then
if [ "${EXIM_VER}" != "0" ]; then
getFile exim-${EXIM_VER}.tar.gz exim
fi
fi
if [ "${DOVECOT_OPT}" = "yes" ]; then
updateDovecot
fi
if [ "${IONCUBE_OPT}" = "yes" ]; then
getFile ${IONCUBEFILE} ${IONCUBENAME}
fi
if [ "${SUHOSIN_OPT}" = "yes" ]; then
if [ "${SUHOSIN_VER}" != "0" ]; then
getFile suhosin-${SUHOSIN_VER}.tar.gz suhosin
fi
fi
}
####################################################
dogeoipupdateCron() {
CRONFILE=/etc/cron.weekly/libmaxminddb-update
echo "Installing libmaxminddb-update cronjob..."
if [ ! -d /etc/cron.weekly ]; then
do_exit 1 "You cannot run cronjob, because you do not have /etc/cron.weekly directory."
fi
echo '#!/bin/bash' > ${CRONFILE}
echo 'if [ -x /usr/local/bin/geoipupdate ]; then' >> ${CRONFILE}
echo ' /usr/local/bin/geoipupdate' >> ${CRONFILE}
echo 'fi' >> ${CRONFILE}
chmod +x ${CRONFILE}
}
####################################################
doGeoipupdate() {
quitIfLocked Geoipupdate
cd ${CWD}
getFile geoipupdate-${GEOIPUPDATE_VER}.tar.gz geoipupdate
tar xzf geoipupdate-${GEOIPUPDATE_VER}.tar.gz --no-same-owner
cd geoipupdate-${GEOIPUPDATE_VER}
./configure --prefix=/usr/local
while echo "Trying to make geoipupdate"; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
make install
writeLog "geoipupdate ${GEOIPUPDATE_VER} installed"
dogeoipupdateCron
writeLog "geoipupdate cronjob setup, to update database every week"
removeLockfile
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
cd ${CWD}
}
####################################################
dolibmaxminddb() {
quitIfLocked dolibmaxminddb
cd ${CWD}
getFile libmaxminddb-${LIBMAXMINDDB_VER}.tar.gz libmaxminddb
tar xzf libmaxminddb-${LIBMAXMINDDB_VER}.tar.gz --no-same-owner
cd libmaxminddb-${LIBMAXMINDDB_VER}
./configure --prefix=/usr/local
while echo "Trying to make libmaxminddb"; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
make install
writeLog "libmaxminddb ${LIBMAXMINDDB_VER} installed"
removeLockfile
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
cd ${CWD}
}
####################################################
doApache2() {
if [ "${WEBSERVER_OPT}" != "apache" ] && [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ] && [ "${WEBSERVER_OPT}" != "nginx_apache" ]; then
do_exit 1 "You cannot install Apache, because you do not have it set in options.conf file."
fi
addUserGroup apache apache
addToAccess apache
#die die die!!
if [ -s /usr/sbin/apache2 ]; then
chmod 0 /usr/sbin/apache2
killall -9 apache2 2> /dev/null
fi
if [ -s /usr/lib/apache2/mpm-prefork/apache2 ]; then
chmod 0 /usr/lib/apache2/mpm-prefork/apache2
killall -9 apache2 2> /dev/null
fi
if [ ! -e /usr/include/systemd/sd-daemon.h ]; then
if [ -e ${DEBIAN_VERSION} ]; then
#This one might be needed for the next release of Debian/Ubuntu with systemd support
apt-get -y install libsystemd-dev
else
yum -y install systemd-devel
fi
fi
if [ ! -s /usr/include/expat.h ] && [ ! -s /usr/local/include/expat.h ]; then
if [ -e /etc/debian_version ]; then
apt-get -y install libexpat1-dev
else
yum -y install expat-devel
fi
fi
getFile httpd-${APACHE2_VER}.tar.gz apache${APACHE_VER_OPT}
set_http2
if [ "${APACHE_VER_OPT}" = "2.4" ]; then
#shouldn't be needed anymore, as we use --with-devrandom for APR now, thus getrandom() syscall should be used
#if [ -e /proc/user_beancounters ]; then
# echo "/proc/user_beancounters detected, downgrading APR."
# APR_VER=1.6.5
#elif [ -x /usr/bin/systemd-detect-virt ]; then
# if systemd-detect-virt | grep -m1 -q -E 'lxc|openvz'; then
# echo "LXC/OpenVZ detected, downgrading APR."
# APR_VER=1.6.5
# fi
#fi
getFile apr-${APR_VER}.tar.gz apr
getFile apr-util-${APR_UTIL_VER}.tar.gz apr-util
getFile patches/mod_suexec_directory.patch mod_suexec_directory.patch patches/mod_suexec_directory.patch hexan
getFile patches/suexec-safe.patch suexec-safe.patch patches/suexec-safe.patch hexan
getFile patches/sdbm_private.patch sdbm_private.patch patches/sdbm_private.patch hexan
getFile patches/fastcgi_children_cgroup.patch fastcgi_children_cgroup.patch patches/fastcgi_children_cgroup.patch hexan
fi
initHTTP2var
if [ ! -s /usr/include/nghttp2/nghttp2.h ] && [ ! -s /usr/local/include/nghttp2/nghttp2.h ]; then
echo "Cannot find nghttp2.h. Installing nghttp2.";
if [ -e ${DEBIAN_VERSION} ]; then
apt-get -y install libnghttp2-dev
elif [ "${OS_CENTOS_VER}" = "7" ]; then
if [ -s /etc/yum.repos.d/epel.repo ]; then
yum -y install libnghttp2-devel --enablerepo=${EPEL_REPO_NAME}
else
yum -y install libnghttp2-devel
fi
elif [ "${OS_CENTOS_VER}" = "8" ]; then
yum -y install libnghttp2-devel --enablerepo=${POWERTOOLS}
else
yum -y install libnghttp2-devel --enablerepo=crb
fi
fi
quitIfLocked doApache2
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
if [ ! -e /lib/libcap.so ] && [ ! -e /lib64/libcap.so ] && [ ! -e /usr/lib/libcap.so ] && [ ! -e /usr/lib64/libcap.so ] && [ ! -e /lib/x86_64-linux-gnu/libcap.so ] && [ ! -e /usr/lib/aarch64-linux-gnu/libcap.so ] && [ ! -e /lib/i386-linux-gnu/libcap.so ] && [ ! -e /usr/lib/x86_64-linux-gnu/libcap.so ]; then
echo "Cannot find libcap.so for apache. Please install libcap"
if [ -e /etc/debian_version ]; then
echo "apt-get install libcap-dev"
else
echo "yum -y install libcap-devel"
fi
removeLockfile
return
fi
fi
if [ ! -e /usr/bin/bzip2 ] && [ ! -e /bin/bzip2 ]; then
echo "Cannot find bzip2. Please install it."
if [ -e /etc/debian_version ]; then
echo "apt-get install bzip2"
else
echo "yum -y install bzip2"
fi
return
fi
ADMNHTTP=/usr/local/directadmin/data/users/admin/httpd.conf
if [ ! -e ${ADMNHTTP} ] && [ -d /usr/local/directadmin/data/users/admin ]; then
echo -n "" > ${ADMNHTTP}
chown diradmin:admin ${ADMNHTTP}
chmod 640 ${ADMNHTTP}
fi
set64
if [ ! -e /usr/bin/pcre-config ] && [ ! -e /usr/local/bin/pcre-config ]; then
if [ ! -e /usr/include/pcre.h ] && [ ! -e /usr/local/include/pcre.h ]; then
if [ -e /etc/debian_version ]; then
apt-get -y install libpcre3-dev
else
yum -y install pcre-devel
fi
fi
fi
if grep -m1 -q '^nginx:' /etc/group; then
usermod -a -G nginx apache 2>/dev/null
fi
if [ ! -d /var/log/httpd/domains ]; then
mkdir -p /var/log/httpd/domains
fi
chmod 710 /var/log/httpd
chmod 710 /var/log/httpd/domains
chown apache:${ROOT_GRP} /var/log/httpd
chown apache:${ROOT_GRP} /var/log/httpd/domains
backupHttp
cd ${CWD}
FILE=${CWD}/httpd-${APACHE2_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
if [ "${APACHE_VER_OPT}" = "2.4" ]; then
FILE2=${CWD}/apr-${APR_VER}.tar.gz
checkFile ${FILE2}
echo "Extracting ${FILE2}..."
tar xzf ${FILE2} --no-same-owner -C ${CWD}/httpd-${APACHE2_VER}/srclib
if [ -d ${CWD}/httpd-${APACHE2_VER}/srclib/apr ]; then
rm -rf ${CWD}/httpd-${APACHE2_VER}/srclib/apr
fi
mv -f ${CWD}/httpd-${APACHE2_VER}/srclib/apr-${APR_VER} ${CWD}/httpd-${APACHE2_VER}/srclib/apr
FILE3=${CWD}/apr-util-${APR_UTIL_VER}.tar.gz
checkFile ${FILE3}
echo "Extracting ${FILE3}..."
tar xzf ${FILE3} --no-same-owner -C ${CWD}/httpd-${APACHE2_VER}/srclib
if [ -d ${CWD}/httpd-${APACHE2_VER}/srclib/apr-util ]; then
rm -rf ${CWD}/httpd-${APACHE2_VER}/srclib/apr-util
fi
mv -f ${CWD}/httpd-${APACHE2_VER}/srclib/apr-util-${APR_UTIL_VER} ${CWD}/httpd-${APACHE2_VER}/srclib/apr-util
fi
if [ "$HARDEN_SYMLINKS_PATCH_OPT" = "yes" ]; then
if [ "${APACHE_VER_OPT}" = "2.4" ]; then
PATCH_NAME=harden-symlinks-2.4.patch
getFile ${PATCH_NAME} ${PATCH_NAME}
fi
if [ -s ${PATCH_NAME} ]; then
echo "Patching apache for hardened symlinks patch..."
if [ "${APACHE_VER_OPT}" = "2.4" ]; then
cd httpd-${APACHE2_VER}
patch -p0 < ../${PATCH_NAME}
cd ..
fi
else
echo "Cannot find ${PATCH_NAME} to for hardened symlinks patch."
fi
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
getFileCL cl-apache-patches.tar.gz cl-apache-patches
if [ ! -e /usr/include/lve/lve-ctl.h ]; then
yum -y install liblve-devel
fi
fi
cd httpd-${APACHE2_VER}
# A fix for apache not showing proxied IP address
perl -pi -e 's#RSRC_CONF | EXEC_ON_READ#RSRC_CONF#g' modules/metadata/mod_remoteip.c
if [ "${APACHE_VER_OPT}" = "2.4" ]; then
echo "Enabling mod_systemd..."
if ! grep -m1 -q "\-\-enable-systemd" ${WORKDIR}/${APACHE2_CONFIGURE}; then
perl -pi -e 's|"\./configure" \\\n|"./configure" \\\n\t"--enable-systemd" \\\n|' ${WORKDIR}/${APACHE2_CONFIGURE}
fi
fi
if [ "${HTTP2}" = "1" ]; then
echo "Enabling mod_http2...";
if ! grep -m1 -q "\-\-enable-http2" ${WORKDIR}/${APACHE2_CONFIGURE}; then
perl -pi -e 's|"--enable-rewrite" \\\n|"--enable-http2" \\\n\t"--enable-rewrite" \\\n|' ${WORKDIR}/${APACHE2_CONFIGURE}
fi
fi
#For ModSecurity
if [ -d srclib/apr-util ]; then
echo "Patching srclib/apr-util/dbm/sdbm/sdbm_private.h..."
cd srclib/apr-util
patch -p0 < ${WORKDIR}/patches/sdbm_private.patch
cd ../../
fi
if [ "${CLOUDLINUX_OPT}" = "no" ]; then
echo "Patching apache to suexec safedir path..."
if [ ! -s ../patches/suexec-safe.patch ]; then
echo "Error with patches/suexec-safe.patch. File is missing or empty"
else
patch -p1 < ../patches/suexec-safe.patch
fi
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
patch -p1 < ../apr-2.4-httpd.1.patch
patch -p1 < ../suexec_safe_bin.patch
fi
if [ -s support/suexec.c ]; then
echo "Patching suexec for per-user process grouping"
if [ ! -s ../patches/fastcgi_children_cgroup.patch ]; then
echo "${boldon}ERROR downloading patches/fastcgi_children_cgroup.patch${boldoff}"
else
patch -p0 < ../patches/fastcgi_children_cgroup.patch
fi
fi
echo "Patching apache to allow SuexecUserGroup in Directory context..."
if [ ! -s ../patches/mod_suexec_directory.patch ]; then
echo "Error with patches/mod_suexec_directory.patch. File is missing or empty"
else
patch -p1 < ../patches/mod_suexec_directory.patch
fi
setFDSETSIZE
if [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ ! -e /usr/sbin/httpd ]; then
#configure
echo "Configuring httpd-${APACHE2_VER}"
rm -f configure
autoreconf --force
if ! grep -m1 -q 'apr_configure_args="--with-devrandom ' configure; then
perl -pi -e 's|apr_configure_args="|apr_configure_args="--with-devrandom |g' configure
fi
if [ ! -e /usr/local/include/pcre.h ] && grep -m1 -q 'with-pcre=/usr/local' ${CWD}/${APACHE2_CONFIGURE}; then
perl -pi -e 's|with-pcre=/usr/local|with-pcre=/usr|g' ${CWD}/${APACHE2_CONFIGURE}
fi
CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib" ${CWD}/${APACHE2_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure Apache 2. Check the ${APACHE2_CONFIGURE} file\n"
do_exit 1
fi
echo "Done Configuration."
fi
fi
echo "increasing FD_SETSIZE in os/tpf/os.h .."
if [ -e ./os/tpf/os.h ]; then
perl -pi -e 's/\#define FD_SETSIZE.*2048/\#ifdef FD_SETSIZE\n\#undef FD_SETSIZE\n\#endif\n\#define FD_SETSIZE 32768/' ./os/tpf/os.h
fi
if [ -e ./srclib/apr/include/apr.hnw ]; then
perl -pi -e 's/FD_SETSIZE.*1024/FD_SETSIZE 32768/' ./srclib/apr/include/apr.hnw
fi
if [ -e ./srclib/apr/poll/unix/select.c ]; then
perl -pi -e 's/FD_SETSIZE.*1024/FD_SETSIZE 32768/' ./srclib/apr/poll/unix/select.c
fi
if [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ ! -e /usr/sbin/httpd ]; then
if [ -d httpd-${APACHE2_VER} ]; then
cd httpd-${APACHE2_VER}
fi
while echo "Trying to make Apache 2..."; do
C_INCLUDE_PATH=/usr/kerberos/include make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 0
fi
else
break
fi
done
echo "Make complete"
fi
fi
checkRPMS
#setup the directadmin.conf
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
setVal cloud_cache 1 ${DACONF_TEMPLATE_FILE}
setVal cloud_cache 1 ${DACONF_FILE}
echo "action=cache&value=showallusers" >> ${TASK_QUEUE}
run_dataskq d
elif [ "${CLOUDLINUX_OPT}" = "no" ]; then
setVal cloud_cache 0 ${DACONF_TEMPLATE_FILE}
setVal cloud_cache 0 ${DACONF_FILE}
fi
setVal nginx 0 ${DACONF_TEMPLATE_FILE}
setVal nginx 0 ${DACONF_FILE}
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
setVal nginx_proxy 1 ${DACONF_TEMPLATE_FILE}
setVal nginx_proxy 1 ${DACONF_FILE}
setVal litespeed 0 ${DACONF_TEMPLATE_FILE}
setVal litespeed 0 ${DACONF_FILE}
setVal openlitespeed 0 ${DACONF_TEMPLATE_FILE}
setVal openlitespeed 0 ${DACONF_FILE}
set_service litespeed delete
killall litespeed >/dev/null 2>&1
killall -9 litespeed >/dev/null 2>&1
doRestartDA
elif [ "${WEBSERVER_OPT}" = "apache" ]; then
setVal nginx_proxy 0 ${DACONF_TEMPLATE_FILE}
setVal nginx_proxy 0 ${DACONF_FILE}
setVal litespeed 0 ${DACONF_TEMPLATE_FILE}
setVal litespeed 0 ${DACONF_FILE}
setVal openlitespeed 0 ${DACONF_TEMPLATE_FILE}
setVal openlitespeed 0 ${DACONF_FILE}
killall nginx >/dev/null 2>&1
killall litespeed >/dev/null 2>&1
doRestartDA
set_service nginx delete
set_service litespeed delete
killall -9 nginx >/dev/null 2>&1
killall -9 litespeed >/dev/null 2>&1
fi
if [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ ! -e /usr/sbin/httpd ]; then
set_service httpd ON
rm -f /usr/sbin/apxs
echo "Installing Apache..."
make install
fi
else
set_service httpd delete
set_service nginx delete
fi
if [ ! -e /etc/mime.types ]; then
cp docs/conf/mime.types /etc/mime.types
fi
ln -sf /var/www/build /etc/httpd/build
chown webapps:apache /var/www
chmod 551 /var/www
removeLockfile
cd ${CWD}
restoreHttp
#fix for downgrades to let $1$ passwords version of apr-utils (1.4.1) work, if 1.5.1 was installed previously.
if [ "${APACHE_VER_OPT}" = "2.4" ] && [ "${APR_UTIL_VER}" = "1.4.1" ] && [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ ! -e /usr/sbin/httpd ]; then
APR_51_LIB=${HTTPDDIR}/lib/libaprutil-1.so.0.5.1
APR_41_LIB=${HTTPDDIR}/lib/libaprutil-1.so.0.4.1
APR_LIB_LINK=${HTTPDDIR}/lib/libaprutil-1.so.0
if [ -e "${APR_51_LIB}" ] && [ -e "${APR_41_LIB}" ]; then
rm -f ${APR_LIB_LINK}
rm -f ${APR_51_LIB}
ln -s libaprutil-1.so.0.4.1 ${APR_LIB_LINK}
fi
fi
fi
if [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ ! -e /usr/sbin/httpd ]; then
#ensure /usr/sbin/apxs
if [ ! -s /usr/sbin/apxs ] && [ -s /usr/bin/apxs ]; then
ln -s /usr/bin/apxs /usr/sbin/apxs
fi
#fresh install, add to System Backup
if [ ! -s ${SYSTEMDDIR}/httpd.service ]; then
add_to_system_backup dirs /etc/httpd
fi
echo "Enabling httpd in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/httpd.service ]; then
cp -f ${CB_CUST_SYSTEMD}/httpd.service ${SYSTEMDDIR}/httpd.service
else
cp -f ${CB_SYSTEMD}/httpd.service ${SYSTEMDDIR}/httpd.service
fi
chmod 644 ${SYSTEMDDIR}/httpd.service
DISABLE_PRIVATETMP=false
if [ "${CLAMAV_OPT}" = "yes" ]; then
if [ "${SUHOSIN_PHP_UPLOADSCAN_OPT}" = "yes" ] || [ "${MODSECURITY_UPLOADSCAN_OPT}" = "yes" ]; then
DISABLE_PRIVATETMP=true
fi
fi
if [ -e /proc/1/environ ]; then
if cat /proc/1/environ | tr '\0' '\n' | grep -q ^container=lxc; then
DISABLE_PRIVATETMP=true
fi
fi
if ${DISABLE_PRIVATETMP}; then
echo "Upload scan option detected in options.conf. Disabling PrivateTmp feature in httpd.service for ClamAV to be able to scan files in /tmp."
perl -pi -e 's#PrivateTmp\=true#PrivateTmp=false#' ${SYSTEMDDIR}/httpd.service
fi
systemctl daemon-reload
systemctl enable httpd.service
fi
fi
#Disable nginx & litespeed when switching to apache
if [ "${WEBSERVER_OPT}" = "apache" ]; then
if [ -e ${SYSTEMDDIR}/nginx.service ]; then
systemctl disable nginx.service 2> /dev/null
rm -f ${SYSTEMDDIR}/nginx.service
systemctl daemon-reload
fi
if [ -e ${SYSTEMDDIR}/litespeed.service ]; then
systemctl disable lshttpd.service 2> /dev/null
systemctl disable litespeed.service 2> /dev/null
systemctl disable lsws.service 2> /dev/null
rm -f ${SYSTEMDDIR}/lshttpd.service
rm -f ${SYSTEMDDIR}/lsws.service
rm -f ${SYSTEMDDIR}/litespeed.service
rm -f ${SYSTEMDDIR}/openlitespeed.service
systemctl daemon-reload
fi
fi
HAVE_DACONF=0
if [ -s ${DACONF_FILE} ]; then
HAVE_DACONF=1
fi
#check directadmin.conf file
if [ "`grep -m1 -c 'apacheconf=/etc/httpd/conf/httpd.conf' ${DACONF_TEMPLATE_FILE}`" = "1" ]; then
perl -pi -e 's#apacheconf=/etc/httpd/conf/httpd.conf#apacheconf=/etc/httpd/conf/extra/directadmin-vhosts.conf#' ${DACONF_TEMPLATE_FILE}
fi
if [ "${HAVE_DACONF}" = "1" ] && [ "`grep -m1 -c 'apacheconf=/etc/httpd/conf/httpd.conf' ${DACONF_FILE}`" = "1" ]; then
if [ "`grep -m1 -c 'apacheconf=/etc/httpd/conf/httpd.conf' ${DACONF_FILE}`" = "1" ]; then
perl -pi -e 's#apacheconf=/etc/httpd/conf/httpd.conf#apacheconf=/etc/httpd/conf/extra/directadmin-vhosts.conf#' ${DACONF_FILE}
doRestartDA
fi
mv -f ${HTTPDCONF} ${HTTPDCONF}.${APACHE_VER_OPT}.backup
cp -rf ${APCONFDIR} ${HTTPDDIR}
if [ "${APCUSTOMCONFDIR}" != "0" ]; then
cp -rf ${APCUSTOMCONFDIR} ${HTTPDDIR}
fi
cp -rf ${HTTPDCONF}.${APACHE_VER_OPT}.backup/ssl.key ${HTTPDCONF}
cp -rf ${HTTPDCONF}.${APACHE_VER_OPT}.backup/ssl.crt ${HTTPDCONF}
doRestartDA
fi
#copy the new configs if needed
if [ "`grep -m1 -c 'Include' ${HTTPDCONF}/extra/directadmin-vhosts.conf`" = "0" ] || [ ! -e ${HTTPDCONF}/extra/directadmin-vhosts.conf ]; then
cp -rf ${APCONFDIR} ${HTTPDDIR}
HDC=httpd-directories-old.conf
ln -sf $HDC ${HTTPDCONF}/extra/httpd-directories.conf
doApacheHostConf
fi
doPasswdServerStatus
if [ "${APCUSTOMCONFDIR}" != "0" ]; then
cp -rf ${APCUSTOMCONFDIR} ${HTTPDDIR}
fi
chmod 710 ${HTTPDDIR}/conf
if [ "${HTTP_METHODS_OPT}" != "ALL" ]; then
APACHE_HTTP_METHODS="`echo ${HTTP_METHODS_OPT} | tr ':' ' '`"
else
APACHE_HTTP_METHODS="reset"
fi
perl -pi -e "s#\|HTTP_METHODS\|#${APACHE_HTTP_METHODS}#g" ${HTTPDCONF}/extra/httpd-directories-old.conf
perl -pi -e "s#\|HTTP_METHODS\|#${APACHE_HTTP_METHODS}#g" ${HTTPDCONF}/extra/httpd-directories-new.conf
create_httpd_nginx
doSslConfigurationWebserver
#ensure we have the correct apache_ver
if [ "`grep -m1 -c apache_ver=2.0 ${DACONF_TEMPLATE_FILE}`" -eq "0" ]; then
echo "apache_ver=2.0" >> ${DACONF_TEMPLATE_FILE}
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
doRestartDA
elif [ "`grep -m1 -c apache_ver=2.0 ${DACONF_TEMPLATE_FILE}`" -ne "0" ]; then
perl -pi -e 's/`grep -m1 apache_ver= ${DACONF_TEMPLATE_FILE}`/apache_ver=2.0/' ${DACONF_TEMPLATE_FILE}
fi
if [ "${HAVE_DACONF}" = "1" ]; then
if [ "`grep -m1 -c apache_ver=2.0 ${DACONF_FILE}`" -eq "0" ]; then
echo "apache_ver=2.0" >> ${DACONF_FILE}
doRestartDA
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
elif [ "`grep -m1 -c apache_ver=2.0 ${DACONF_FILE}`" -ne "0" ]; then
perl -pi -e 's/`grep -m1 apache_ver= ${DACONF_FILE}`/apache_ver=2.0/' ${DACONF_FILE}
doRestartDA
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
fi
fi
fpmChecks
dovecotChecks
if [ "${HAVE_FPM_CGI}" = "yes" ]; then
perl -pi -e 's/nginx/apache/' /usr/local/directadmin/data/templates/php-fpm.conf
fi
ensure_server_ca
do_rewrite_httpd_alias
#rewrite ips.conf if needed
echo "action=rewrite&value=ips" >> ${TASK_QUEUE}
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
run_dataskq
#tokenize the IP and ports if needed
tokenize_IP
tokenize_ports
doVhosts
if [ ! -s /etc/httpd/conf/ssl.key/server.key ] || [ ! -s /etc/httpd/conf/ssl.crt/server.crt ]; then
cd ${WORKDIR}
mkdir -p /etc/httpd/conf/ssl.key
mkdir -p /etc/httpd/conf/ssl.crt
#install the cert/key
/usr/bin/openssl req -x509 -newkey rsa:2048 -keyout /etc/httpd/conf/ssl.key/server.key -out /etc/httpd/conf/ssl.crt/server.crt -days 9999 -nodes -config ./${APCERTCONF}
chmod 600 ${HTTPDCONF}/ssl.crt/server.crt
chmod 600 ${HTTPDCONF}/ssl.key/server.key
cd ${CWD}
fi
doApacheCheck
mkdir -p ${WWWDIR}
if [ ! -e ${WWWDIR}/index.html ]; then
if [ -e ${WWWDIR}/index.html.en ]; then
cp -f ${WWWDIR}/index.html.en ${WWWDIR}/index.html
else
echo "<html>Apache is functioning normally</html>" > ${WWWDIR}/index.html
fi
fi
perl -pi -e 's/[A-Za-z]* is functioning normally/Apache is functioning normally/' ${WWWDIR}/index.html
if [ ! -e /etc/logrotate.d/apache ]; then
safeDownloadWithMove /etc/logrotate.d/apache "${WEBPATH}/apache.logrotate"
fi
if [ ! -d /usr/local/safe-bin ]; then
mkdir -p /usr/local/safe-bin
chmod 511 /usr/local/safe-bin
chown apache:apache /usr/local/safe-bin
fi
# Make sure apr is linked correctly
if [ -e /usr/bin/apr-1-config ]; then
ln -sf /usr/bin/apr-1-config /usr/bin/apr-config
fi
rewrite_phpmodules
if [ "${MOD_RUID2_OPT}" = "yes" ] && [ ! -e /usr/lib/apache/mod_ruid2.so ] && [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ]; then
doModRuid2
fi
if [ "${MODSECURITY_OPT}" = "yes" ] && [ ! -e /usr/lib/apache/mod_security2.so ] && [ "${WEBSERVER_OPT}" = "apache" ]; then
doModSecurity
fi
if [ "${HTSCANNER_OPT}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ "${HAVE_FCGID}" = "yes" ] || [ "${HAVE_FPM_CGI}" = "yes" ] || [ "${HAVE_SUPHP_CGI}" = "yes" ]; then
doModHtscanner
fi
fi
fi
if [ "${HAVE_FCGID}" = "yes" ]; then
if [ ! -s /usr/lib/apache/mod_fcgid.so ]; then
doModFCGID
fi
fi
# Make sure there is no SSLMutex in /etc/httpd/conf/extra/httpd-ssl.conf
# Make sure there is no LockFile in /etc/httpd/conf/extra/httpd-mpm.conf
if [ "${APACHE_VER_OPT}" = "2.4" ]; then
perl -pi -e 's/^SSLMutex/#SSLMutex/' /etc/httpd/conf/extra/httpd-ssl.conf
perl -pi -e 's/^LockFile/#LockFile/' /etc/httpd/conf/extra/httpd-mpm.conf
fi
# Disable UserDir access if userdir_access=no is set in the options.conf file
if [ "${USERDIR_ACCESS_OPT}" = "no" ]; then
perl -pi -e 's#UserDir public_html#UserDir disabled#' /etc/httpd/conf/extra/httpd-vhosts.conf
#~username is enabled by default for litespeed, so explicitly turn it off.
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
perl -pi -e 's#^\#Include conf/extra/httpd-userdir.conf#Include conf/extra/httpd-userdir.conf#' ${HTTPD_CONF}
fi
else
perl -pi -e 's#UserDir disabled#UserDir public_html#' /etc/httpd/conf/extra/httpd-vhosts.conf
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
perl -pi -e 's#^Include conf/extra/httpd-userdir.conf#\#Include conf/extra/httpd-userdir.conf#' ${HTTPD_CONF}
fi
fi
doModProctitle 0
doModHostingLimits 0
doModLsapi 0
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
ldconfig
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
echo "Restarting apache."
control_service httpd stop
killall -9 httpd >/dev/null 2>&1
control_service httpd start
fi
writeLog "Apache ${APACHE2_VER} installed"
removeLockfile
}
####################################################
doRemoveUnit() {
if [ "${UNIT_OPT}" = "yes" ]; then
do_exit 1 "You cannot remove Nginx Unit, because you have it set in options.conf file."
fi
if [ ! -e /usr/sbin/unitd ]; then
do_exit 1 "/usr/sbin/unitd does not exist, cannot remove..."
fi
echo "Disabling unit in services.status..."
set_service unit delete
control_service unit stop
echo "Disabling unit in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/unit.service ]; then
systemctl disable unit.service
rm -f ${SYSTEMDDIR}/unit.service
systemctl daemon-reload
fi
if [ -e /etc/logrotate.d/unit ]; then
echo "Removing logrotate: /etc/logrotate.d/unit..."
rm -f /etc/logrotate.d/unit
fi
if [ -d /var/log/unit ]; then
echo "Removing unit logs: /var/log/unit..."
rm -rf /var/log/unit
fi
if [ -d /var/lib/unit ]; then
echo "Removing /var/lib/unit..."
rm -rf /var/lib/unit
fi
if [ -d /usr/lib/unit ]; then
echo "Removing /usr/lib/unit..."
rm -rf /usr/lib/unit
fi
if [ -e /usr/sbin/unitd ]; then
echo "Removing /usr/sbin/unitd..."
rm -f /usr/sbin/unitd
fi
if [ -e /usr/share/man/man8/unitd.8 ]; then
echo "Removing /usr/share/man/man8/unitd.8..."
rm -f /usr/share/man/man8/unitd.8
fi
ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "Unit has been successfully removed"
writeLog "Unit removed"
}
####################################################
doRemoveApache2() {
if [ "${WEBSERVER_OPT}" = "apache" ] && [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
do_exit 1 "You cannot remove Apache, because you have it set in options.conf file."
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
do_exit 1 "You cannot remove Apache, because you have LiteSpeed set in options.conf file, which depends on Apache configuration files."
fi
if [ ! -e /usr/sbin/httpd ]; then
do_exit 1 "/usr/sbin/httpd does not exist, cannot remove..."
fi
echo "Disabling httpd in services.status..."
set_service httpd delete
control_service httpd stop
echo "Disabling httpd in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/httpd.service ]; then
systemctl disable httpd.service
rm -f ${SYSTEMDDIR}/httpd.service
systemctl daemon-reload
fi
if [ -e /etc/logrotate.d/apache ]; then
echo "Removing logrotate: /etc/logrotate.d/apache..."
rm -f /etc/logrotate.d/apache
fi
if [ -d /var/log/httpd ]; then
echo "Removing httpd logs: /var/log/httpd..."
rm -rf /var/log/httpd
fi
if [ -d /var/www/icons ]; then
echo "Removing /var/www/icons..."
rm -rf /var/www/icons
fi
if [ -d /var/www/cgi-bin ]; then
echo "Removing /var/www/cgi-bin..."
rm -rf /var/www/cgi-bin
fi
if [ -d /var/www/error ]; then
echo "Removing /var/www/error..."
rm -rf /var/www/error
fi
if [ -d /var/www/manual ]; then
echo "Removing /var/www/manual..."
rm -rf /var/www/manual
fi
if [ -d /usr/lib/apache ]; then
echo "Removing /usr/lib/apache..."
rm -rf /usr/lib/apache
fi
if [ -d /usr/include/apache ]; then
echo "Removing /usr/include/apache..."
rm -rf /usr/include/apache
fi
echo "Removing httpd configuration files: /etc/httpd/..."
rm -rf /etc/httpd
echo "Removing /usr/sbin/apachectl..."
rm -f /usr/sbin/apachectl
echo "Removing /usr/sbin/htcacheclean..."
rm -f /usr/sbin/htcacheclean
echo "Removing /usr/sbin/httpd..."
rm -f /usr/sbin/httpd
echo "Removing /usr/sbin/rotatelogs..."
rm -f /usr/sbin/rotatelogs
echo "Removing /usr/sbin/suexec..."
rm -f /usr/sbin/suexec
echo "Removing /usr/sbin/apxs..."
rm -f /usr/sbin/apxs
echo "Removing /usr/bin/ab..."
rm -f /usr/bin/ab
echo "Removing /usr/bin/htdbm..."
rm -f /usr/bin/htdbm
echo "Removing /usr/bin/htdigest..."
rm -f /usr/bin/htdigest
echo "Removing /usr/bin/htpasswd..."
rm -f /usr/bin/htpasswd
echo "Removing /usr/bin/logresolve..."
rm -f /usr/bin/logresolve
ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "Apache has been successfully removed"
writeLog "Apache removed"
}
####################################################
doLiteSpeedLicense() {
if [ "${LITESPEED_SERIALNO_OPT}" = "trial" ]; then
echo "LiteSpeed serial number not found. Using a trial key."
if [ ! -e ${LITESPEED_TRIAL_KEY} ]; then
safeDownloadWithMove "${LSWS_HOME}/conf/trial.key" https://license.litespeedtech.com/da/trial.key
fi
if [ ! -e ${LITESPEED_TRIAL_KEY} ] && [ ! -s ${LSWS_HOME}/conf/trial.key ]; then
do_exit 1 "LiteSpeed trial key ${LITESPEED_TRIAL_KEY} is also not found. Exiting."
else
if [ ! -e ${LSWS_HOME}/conf/trial.key ]; then
cp -f ${LITESPEED_TRIAL_KEY} ${LSWS_HOME}/conf/trial.key
fi
fi
else
echo "Writing LiteSpeed serial number ${LITESPEED_SERIALNO_OPT} to ${LSWS_HOME}/conf/serial.no..."
echo "${LITESPEED_SERIALNO_OPT}" > ${LSWS_HOME}/conf/serial.no
fi
if [ -e ${LSWS_HOME}/conf/serial.no ]; then
echo "Contacting licensing server ..."
echo ""
if [ -e ${LSWS_HOME}/conf/license.key ]; then
mv -f ${LSWS_HOME}/conf/license.key ${LSWS_HOME}/conf/license.key.backup
fi
if [ -e ${LSWS_HOME}/conf/trial.key ]; then
rm -f ${LSWS_HOME}/conf/trial.key
fi
${LSWS_HOME}/bin/lshttpd -r
if [ $? -eq 0 ]; then
echo "[OK] License key received."
${LSWS_HOME}/bin/lshttpd -t
if [ $? -eq 0 ]; then
echo "The license key is correct."
else
echo "The license key received does not work."
fi
fi
fi
if [ "${1}" != "0" ]; then
echo "Restarting litespeed."
control_service litespeed reload
fi
}
####################################################
doLiteSpeed() {
if [ "${WEBSERVER_OPT}" != "litespeed" ]; then
do_exit 1 "You cannot install LiteSpeed, because you do not have it set in options.conf file."
fi
if [ -e /usr/local/lsws/bin/lshttpd ]; then
EXPIRED=`/usr/local/lsws/bin/lshttpd -V | grep -m1 -c expired`
if [ ${EXPIRED} -gt 0 ]; then
echo "Cannot install LiteSpeed, because the license is expired."
return
fi
fi
doApache2
getFileLSWS ${LITESPEED_NAME}.tar.gz ${LITESPEED_VER_NAME}
quitIfLocked doLiteSpeed
if [ ! -d /var/www/html ]; then
mkdir -p /var/www/html
fi
set64
addUserGroup apache apache
addToAccess apache
chown apache:apache /var/www
chmod 551 /var/www
cd ${CWD}
FILE=${CWD}/${LITESPEED_NAME}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
cd lsws-${LITESPEED_VER}
if [ ! -d "${LSWS_HOME}" ]; then
mkdir -p "${LSWS_HOME}"
chown -R apache:apache ${LSWS_HOME}
mkdir -p "${LSWS_HOME}/conf"
chown -R apache:apache ${LSWS_HOME}/conf
elif [ -d /usr/local/lsws/autoupdate ]; then
rm -rf /usr/local/lsws/autoupdate
fi
#configure
echo "Installing LiteSpeed ${LITESPEED_VER}..."
rm -rf ./add-ons/cpanel/lsws_whm_plugin
. ./functions.sh
init
export LSWS_HOME=${LSWS_HOME}
export LSINSTALL_DIR=`pwd`
export PHP_SUEXEC=2
export AP_PORT_OFFSET=0
export ADMIN_USER=admin
export ADMIN_PASS="`random_pass`"
if [ -e /usr/local/directadmin/data/users/admin/user.conf ]; then
export ADMIN_EMAIL=`grep -m1 '^email=' /usr/local/directadmin/data/users/admin/user.conf | cut -d= -f2`
fi
if [ -e /usr/local/lsws/bin/lshttpd ]; then
export INSTALL_TYPE="upgrade"
else
export INSTALL_TYPE="reinstall"
fi
export PHP_SUFFIX=php
export SETUP_PHP=0
export ADMIN_PORT=7080
export DEFAULT_PORT=80
export HOST_PANEL="directadmin"
export WS_USER=apache
export WS_GROUP=apache
export DIR_OWN="apache:apache"
export CONF_OWN="apache:apache"
echo ""
echo "Installing LiteSpeed web server, please wait... "
echo ""
if [ ! -s ${LSWS_HOME}/admin/conf/htpasswd ]; then
ADMIN_PHP=${LSINSTALL_DIR}/admin/fcgi-bin/admin_php5
if [ ! -e ${ADMIN_PHP} ]; then
ADMIN_PHP=${LSINSTALL_DIR}/admin/fcgi-bin/admin_php
fi
ENCRYPT_PASS=`${ADMIN_PHP} -q ${LSINSTALL_DIR}/admin/misc/htpasswd.php "${ADMIN_PASS}"`
echo "${ADMIN_USER}:${ENCRYPT_PASS}" > "${LSINSTALL_DIR}/admin/conf/htpasswd"
SHOWPASSWORD=1
else
SHOWPASSWORD=0
fi
if [ -e /usr/local/lsws/bin/lshttpd ]; then
readCurrentConfig
fi
configRuby
buildApConfigFiles
if [ ! -s ${LSWS_HOME}/admin/conf/htpasswd ]; then
admin_login
fi
chmod 711 /var/log/httpd/
chgrp apache /var/log/httpd/
chown apache:apache /var/log/httpd/domains
installation
echo ""
$LSWS_HOME/admin/misc/rc-inst.sh
removeLockfile
doLiteSpeedLicense 0
setVal nginx_proxy 0 ${DACONF_TEMPLATE_FILE}
setVal nginx_proxy 0 ${DACONF_FILE}
setVal nginx 0 ${DACONF_TEMPLATE_FILE}
setVal nginx 0 ${DACONF_FILE}
setVal litespeed 1 ${DACONF_TEMPLATE_FILE}
setVal litespeed 1 ${DACONF_FILE}
setVal openlitespeed 0 ${DACONF_TEMPLATE_FILE}
setVal openlitespeed 0 ${DACONF_FILE}
killall httpd >/dev/null 2>&1
killall nginx >/dev/null 2>&1
doRestartDA
set_service httpd delete
set_service nginx delete
killall -9 httpd >/dev/null 2>&1
killall -9 nginx >/dev/null 2>&1
if [ ! -L ${SYSTEMDDIR}/lshttpd.service ] && [ -e ${SYSTEMDDIR}/lshttpd.service ]; then
rm -f ${SYSTEMDDIR}/lshttpd.service
systemctl daemon-reload
fi
if [ ! -L ${SYSTEMDDIR}/lsws.service ] && [ -e ${SYSTEMDDIR}/lsws.service ]; then
rm -f ${SYSTEMDDIR}/lsws.service
systemctl daemon-reload
fi
echo "Enabling litespeed in systemd..."
if [ -L ${SYSTEMDDIR}/litespeed.service ]; then
rm -f ${SYSTEMDDIR}/litespeed.service
fi
if [ -e ${CB_CUST_SYSTEMD}/litespeed.service ]; then
cp -f ${CB_CUST_SYSTEMD}/litespeed.service ${SYSTEMDDIR}/litespeed.service
else
cp -f ${CB_SYSTEMD}/litespeed.service ${SYSTEMDDIR}/litespeed.service
fi
if [ -e /etc/systemd/system/multi-user.target.wants/lshttpd.service ]; then
rm -f /etc/systemd/system/multi-user.target.wants/lshttpd.service
fi
if [ -e /etc/systemd/system/multi-user.target.wants/lsws.service ]; then
rm -f /etc/systemd/system/multi-user.target.wants/lsws.service
fi
chmod 644 ${SYSTEMDDIR}/litespeed.service
systemctl daemon-reload
systemctl enable litespeed.service
set_service litespeed ON
PLUGIN_DIR=/usr/local/directadmin/plugins/litespeed_webconsole
mkdir -p ${PLUGIN_DIR}/hooks
mkdir -p ${PLUGIN_DIR}/admin
mkdir -p ${PLUGIN_DIR}/images
safeDownloadWithMove "${PLUGIN_DIR}/images/admin_icon.svg" https://www.litespeedtech.com/images/logos/lsws-icon.svg
echo '<a href="http://|SERVER_NAME|:7080" target="_blank">LiteSpeed WebAdmin Console</a>' > ${PLUGIN_DIR}/hooks/admin_img.html
echo '<a href="http://|SERVER_NAME|:7080" target="_blank">LiteSpeed WebAdmin Console</a>' > ${PLUGIN_DIR}/hooks/admin_txt.html
touch ${PLUGIN_DIR}/admin/index.html
echo 'active=yes' > ${PLUGIN_DIR}/plugin.conf
echo 'author=www.litespeedtech.com, Martynas Bendorius' >> ${PLUGIN_DIR}/plugin.conf
echo 'id=litespeed' >> ${PLUGIN_DIR}/plugin.conf
echo 'installed=yes' >> ${PLUGIN_DIR}/plugin.conf
echo 'name=LiteSpeed WebAdmin Console' >> ${PLUGIN_DIR}/plugin.conf
echo 'update_url=' >> ${PLUGIN_DIR}/plugin.conf
echo 'version=0.1' >> ${PLUGIN_DIR}/plugin.conf
echo 'version_url=' >> ${PLUGIN_DIR}/plugin.conf
chown -R diradmin:diradmin ${PLUGIN_DIR}
csf_enable_quic
#Disable nginx & apache when switching to litespeed
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
if [ -e ${SYSTEMDDIR}/nginx.service ]; then
systemctl disable nginx.service 2> /dev/null
rm -f ${SYSTEMDDIR}/nginx.service
systemctl daemon-reload
fi
if [ -e ${SYSTEMDDIR}/httpd.service ]; then
systemctl disable httpd.service 2> /dev/null
rm -f ${SYSTEMDDIR}/httpd.service
systemctl daemon-reload
fi
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
if [ "${CAGEFS_OPT}" = "yes" ]; then
/usr/sbin/cagefsctl --configure-litespeed
/usr/sbin/cagefsctl --remount-all
fi
if [ -d /tmp/lshttpd ]; then
rm -rf /tmp/lshttpd
fi
if ! grep -m1 -q '<cgroups>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|</CGIRLimit>| <cgroups>2</cgroups>\n </CGIRLimit>|g' /usr/local/lsws/conf/httpd_config.xml
fi
echo "Restarting litespeed."
control_service litespeed reload
#Reload detached lsphp processes
touch /usr/local/lsws/admin/tmp/.lsphp_restart.txt
echo "Installation of LiteSpeed ${LITESPEED_VER} is now complete."
echo "Admin panel address: http://${HOSTNAME}:7080. Please make sure that port 7080 is open in firewall."
if [ "${SHOWPASSWORD}" = "1" ]; then
if [ -e /usr/local/directadmin/scripts/setup.txt ]; then
if ! grep -m1 -q '^litespeedadmin=' /usr/local/directadmin/scripts/setup.txt; then
echo "litespeedadmin=${ADMIN_PASS}" >> /usr/local/directadmin/scripts/setup.txt
fi
fi
echo "Admin password: ${ADMIN_PASS}"
fi
writeLog "LiteSpeed ${LITESPEED_VER} installed"
removeLockfile
}
####################################################
doRemoveLiteSpeed() {
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
do_exit 1 "You cannot remove LiteSpeed, because you have it set in options.conf file."
fi
if [ ! -d /usr/local/lsws ]; then
do_exit 1 "/usr/local/lsws does not exist, cannot remove..."
fi
echo "Disabling litespeed in services.status..."
set_service litespeed delete
control_service litespeed stop
remove_directory /usr/local/directadmin/plugins/litespeed_webconsole
remove_directory /usr/local/lsws
echo "Disabling litespeed in systemd..."
if [ -e ${SYSTEMDDIR}/litespeed.service ]; then
systemctl disable lshttpd.service 2> /dev/null
systemctl disable litespeed.service 2> /dev/null
rm -f ${SYSTEMDDIR}/lshttpd.service
rm -f ${SYSTEMDDIR}/litespeed.service
rm -f ${SYSTEMDDIR}/openlitespeed.service
systemctl daemon-reload
fi
ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "LiteSpeed has been successfully removed"
writeLog "LiteSpeed removed"
}
####################################################
add_openlitespeed_alias_redirect() {
#A fake P real
F=$1
A=$2
P=$3
printf "\tcontext /${A}/ {\n" >> ${F}
if [ -d /var/www/html/${P} ]; then
printf "\t\tlocation /var/www/html/${P}/\n" >> ${F}
else
printf "\t\tlocation /var/www/html/${P}\n" >> ${F}
fi
printf "\t\tinclude /usr/local/lsws/conf/httpd-webapps-php.conf\n" >> ${F}
printf "\t}\n" >> ${F}
}
add_openlitespeed_alias() {
F=$1
A=$2
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
printf "\tcontext /${A}/ {\n" >> ${F}
if [ -d /var/www/html/${A} ]; then
printf "\t\tlocation /var/www/html/${A}/\n" >> ${F}
else
printf "\t\tlocation /var/www/html/${A}\n" >> ${F}
fi
printf "\t\tinclude /usr/local/lsws/conf/httpd-webapps-php.conf\n" >> ${F}
printf "\t}\n" >> ${F}
fi
}
do_rewrite_openlitespeed_webapps() {
if [ -e ${WORKDIR}/custom/openlitespeed/conf/httpd-alias.conf ] && [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
cp -pf ${WORKDIR}/custom/openlitespeed/conf/httpd-alias.conf /usr/local/lsws/conf/httpd-alias.conf
else
NW=/usr/local/lsws/conf/httpd-alias.conf
: > ${NW}
#For let's encrypt challenges
LETSENCRYPT=`getDA_Opt letsencrypt 1`
if [ "${LETSENCRYPT}" = "1" ]; then
add_openlitespeed_alias ${NW} .well-known/acme-challenge
fi
if [ "${SQUIRRELMAIL_OPT}" = "yes" ]; then
add_openlitespeed_alias ${NW} squirrelmail
fi
if [ "${ROUNDCUBE_OPT}" = "yes" ]; then
add_openlitespeed_alias ${NW} roundcube
fi
if [ "${PHPMYADMIN_OPT}" = "yes" ]; then
add_openlitespeed_alias ${NW} phpMyAdmin
add_openlitespeed_alias_redirect ${NW} phpmyadmin phpMyAdmin
add_openlitespeed_alias_redirect ${NW} pma phpMyAdmin
fi
WEBMAILLINK=`get_webmail_link`
if [ -e /var/www/html/${WEBMAILLINK} ]; then
if [ "${WEBMAILLINK}" = "webmail" ]; then
add_openlitespeed_alias ${NW} webmail
else
add_openlitespeed_alias_redirect ${NW} webmail ${WEBMAILLINK}
fi
fi
#protect other places
printf '\tcontext /roundcube/bin/ {\n' >> ${NW}
printf '\t\ttype NULL\n' >> ${NW}
printf '\t\tlocation /var/www/html/roundcube/bin\n' >> ${NW}
printf '\t\tallowBrowse 0\n' >> ${NW}
printf '\t\taddDefaultCharset off\n' >> ${NW}
printf '\t}\n' >> ${NW}
printf '\tcontext /roundcube/SQL/ {\n' >> ${NW}
printf '\t\ttype NULL\n' >> ${NW}
printf '\t\tlocation /var/www/html/roundcube/SQL\n' >> ${NW}
printf '\t\tallowBrowse 0\n' >> ${NW}
printf '\t\taddDefaultCharset off\n' >> ${NW}
printf '\t}\n' >> ${NW}
printf '\tcontext /roundcube/config/ {\n' >> ${NW}
printf '\t\ttype NULL\n' >> ${NW}
printf '\t\tlocation /var/www/html/roundcube/config\n' >> ${NW}
printf '\t\tallowBrowse 0\n' >> ${NW}
printf '\t\taddDefaultCharset off\n' >> ${NW}
printf '\t}\n' >> ${NW}
printf '\tcontext /roundcube/logs/ {\n' >> ${NW}
printf '\t\ttype NULL\n' >> ${NW}
printf '\t\tlocation /var/www/html/roundcube/logs\n' >> ${NW}
printf '\t\tallowBrowse 0\n' >> ${NW}
printf '\t\taddDefaultCharset off\n' >> ${NW}
printf '\t}\n' >> ${NW}
printf '\tcontext /roundcube/temp/ {\n' >> ${NW}
printf '\t\ttype NULL\n' >> ${NW}
printf '\t\tlocation /var/www/html/roundcube/temp\n' >> ${NW}
printf '\t\tallowBrowse 0\n' >> ${NW}
printf '\t\taddDefaultCharset off\n' >> ${NW}
printf '\t}\n' >> ${NW}
printf '\tcontext /phpMyAdmin/log/ {\n' >> ${NW}
printf '\t\ttype NULL\n' >> ${NW}
printf '\t\tlocation /var/www/html/phpMyAdmin/log\n' >> ${NW}
printf '\t\tallowBrowse 0\n' >> ${NW}
printf '\t\taddDefaultCharset off\n' >> ${NW}
printf '\t}\n' >> ${NW}
fi
if [ -s "${WEBAPPS_LIST}" ]; then
#https://forum.directadmin.com/showthread.php?t=48203&p=247343#post247343
echo "Adding custom webapps from ${WEBAPPS_LIST}"
cat ${WEBAPPS_LIST} | while read l; do
app=`echo "$l" | cut -d= -f1`
app_path=`echo "$l" | cut -d= -f2`
if [ "${app}" = "" ] || [ "${app_path}" = "" ]; then
echo "${boldon}Check your ${WEBAPPS_LIST}. A name or path is blank.${boldoff}"
echo "name=$app"
echo "path=$app_path"
continue
fi
if [ ! -e /var/www/html/${app_path} ]; then
echo "${boldon}Cannot find path /var/www/html/${app_path} for alias ${app}${boldoff}"
continue
fi
if [ -e /var/www/html/${app} ] && [ "${app}" = "${app_path}" ]; then
add_openlitespeed_alias ${NW} ${app}
else
add_openlitespeed_alias_redirect ${NW} ${app} ${app_path}
fi
echo "Added ${app} pointing to ${app_path}"
done
fi
}
doOpenLiteSpeed() {
if [ "${WEBSERVER_OPT}" != "openlitespeed" ]; then
do_exit 1 "You cannot install OpenLiteSpeed, because you do not have it set in options.conf file."
fi
if [ ! -e ${DEBIAN_VERSION} ] && [ "${OS_CENTOS_VER}" = "8" ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage libnsl` -ne 0 ]; then
yum -y install libnsl
fi
fi
if [ "${B64}" = "2" ]; then
getFile openlitespeed/openlitespeed-${OPENLITESPEED_VER}.src.tgz openlitespeed_src openlitespeed-${OPENLITESPEED_VER}.src.tgz
else
getFile openlitespeed/openlitespeed-${OPENLITESPEED_VER}.tgz openlitespeed openlitespeed-${OPENLITESPEED_VER}.tgz
fi
quitIfLocked doOpenLiteSpeed
#die die die!!
if [ -s /usr/sbin/apache2 ]; then
chmod 0 /usr/sbin/apache2
killall -9 apache2 2> /dev/null
fi
if [ -s /usr/lib/apache2/mpm-prefork/apache2 ]; then
chmod 0 /usr/lib/apache2/mpm-prefork/apache2
killall -9 apache2 2> /dev/null
fi
if [ ! -d /var/www/html ]; then
mkdir -p /var/www/html
fi
set64
addUserGroup lsadm lsadm
addUserGroup apache apache
addToAccess apache
chown apache:apache /var/www
chmod 551 /var/www
mkdir -p /var/log/httpd/domains
chmod 710 /var/log/httpd/
chgrp apache /var/log/httpd/
chown apache:apache /var/log/httpd/domains
find /var/log/httpd -user root -exec chown apache {} \;
cd ${CWD}
if [ "${B64}" = "2" ]; then
FILE=${CWD}/openlitespeed-${OPENLITESPEED_VER}.src.tgz
else
FILE=${CWD}/openlitespeed-${OPENLITESPEED_VER}.tgz
fi
checkFile ${FILE}
echo "Installing OpenLiteSpeed ${OPENLITESPEED_VER}..."
if [ ! -d "${LSWS_HOME}" ]; then
mkdir -p "${LSWS_HOME}/conf"
elif [ -d /usr/local/lsws/autoupdate ]; then
rm -rf /usr/local/lsws/autoupdate
fi
if [ -L /usr/local/lsws/admin/html ]; then
rm -f /usr/local/lsws/admin/html
fi
if [ "${B64}" = "2" ]; then
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
cd openlitespeed-${OPENLITESPEED_VER}
else
tar xzf ${FILE} -C /usr/local/lsws/ --strip-components=1 --no-same-owner
fi
if [ "${B64}" = "2" ]; then
setFDSETSIZE
#configure
echo "Configuring openlitespeed-${OPENLITESPEED_VER}"
${CWD}/${OPENLITESPEED_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure Apache 2. Check the ${APACHE2_CONFIGURE} file\n"
do_exit 1
fi
echo "Done Configuration."
while echo "Trying to make OpenLiteSpeed..."; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 0
fi
else
break
fi
done
echo "Make complete"
checkRPMS
fi
#setup the directadmin.conf
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
setVal cloud_cache 1 ${DACONF_TEMPLATE_FILE}
setVal cloud_cache 1 ${DACONF_FILE}
echo "action=cache&value=showallusers" >> ${TASK_QUEUE}
run_dataskq
elif [ "${CLOUDLINUX_OPT}" = "no" ]; then
setVal cloud_cache 0 ${DACONF_TEMPLATE_FILE}
setVal cloud_cache 0 ${DACONF_FILE}
fi
setVal nginx 0 ${DACONF_TEMPLATE_FILE}
setVal nginx 0 ${DACONF_FILE}
setVal nginx_proxy 0 ${DACONF_TEMPLATE_FILE}
setVal nginx_proxy 0 ${DACONF_FILE}
setVal litespeed 0 ${DACONF_TEMPLATE_FILE}
setVal litespeed 0 ${DACONF_FILE}
setVal openlitespeed 1 ${DACONF_TEMPLATE_FILE}
setVal openlitespeed 1 ${DACONF_FILE}
killall nginx >/dev/null 2>&1
killall litespeed >/dev/null 2>&1
killall httpd >/dev/null 2>&1
doRestartDA
set_service nginx delete
set_service httpd delete
killall -9 nginx >/dev/null 2>&1
killall -9 litespeed >/dev/null 2>&1
killall -9 httpd >/dev/null 2>&1
set_service litespeed ON
if [ "${B64}" = "2" ]; then
echo "Installing OpenLiteSpeed ${OPENLITESPEED_VER}..."
make install
fi
# Remove LiteSpeed Enterprise binary if it exists, symlink to OpenLiteSpeed
ln -sf /usr/local/lsws/bin/openlitespeed /usr/local/lsws/bin/litespeed
ln -sf /usr/local/lsws/bin/openlitespeed /usr/local/lsws/bin/lshttpd
rm -f /usr/local/lsws/bin/lscgid
cp -pf /usr/local/lsws/admin/conf/admin_config.conf.in /usr/local/lsws/admin/conf/admin_config.conf
perl -pi -e 's|%ADMIN_PORT%|7080|g' /usr/local/lsws/admin/conf/admin_config.conf
perl -pi -e 's|secure 0|secure 1\n keyFile\t/usr/local/lsws/ssl.key/server.key\n certFile\t/usr/local/lsws/ssl.crt/server.crt.combined \n clientVerify\t0|g' /usr/local/lsws/admin/conf/admin_config.conf
if [ -s /usr/local/lsws/admin/fcgi-bin/admin_php5 ] && [ ! -L /usr/local/lsws/admin/fcgi-bin/admin_php ]; then
ln -sf /usr/local/lsws/admin/fcgi-bin/admin_php5 /usr/local/lsws/admin/fcgi-bin/admin_php
fi
if [ -d /usr/local/lsws/admin/html.open ] && [ ! -L /usr/local/lsws/admin/html ]; then
ln -sf /usr/local/lsws/admin/html.open /usr/local/lsws/admin/html
fi
if [ ! -d /usr/local/lsws/admin/logs ]; then
mkdir -p /usr/local/lsws/admin/logs
fi
chmod 700 /usr/local/lsws/admin/conf
chown -R lsadm:lsadm /usr/local/lsws/admin/conf
chmod 600 /usr/local/lsws/admin/conf/*
if [ ! -s /usr/local/lsws/admin/conf/htpasswd ]; then
export ADMIN_USER=admin
export ADMIN_PASS="`random_pass`"
ENCRYPT_PASS="`/usr/local/lsws/admin/fcgi-bin/admin_php -q /usr/local/lsws/admin/misc/htpasswd.php \"${ADMIN_PASS}\"`"
echo "admin:${ENCRYPT_PASS}" > "/usr/local/lsws/admin/conf/htpasswd"
SHOWPASSWORD=1
else
SHOWPASSWORD=0
fi
if [ ! -d /usr/local/lsws/admin/tmp ]; then
mkdir -p /usr/local/lsws/admin/tmp
chown lsadm:apache /usr/local/lsws/admin/tmp
chmod 710 /usr/local/lsws/admin/tmp
fi
chown lsadm:apache /usr/local/lsws/admin
chmod 710 /usr/local/lsws/admin
if [ "${MODSECURITY_OPT}" = "yes" ]; then
if [ "${B64}" = "2" ]; then
echo "Installing ModSecurity module for OpenLiteSpeed ${OPENLITESPEED_VER}..."
cd ./src/modules/modsecurity-ls
gmake -f Makefile.f
cp -fp mod_security.so /usr/local/lsws/modules/mod_security.so
cd ${CWD}/openlitespeed-${OPENLITESPEED_VER}
fi
echo -n '' > ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
echo 'module mod_security {' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
echo 'modsecurity on' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
echo 'modsecurity_rules_file /usr/local/lsws/conf/httpd-modsecurity.conf' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
create_global_modsecurity_rules
echo 'modsecurity_rules_file /usr/local/directadmin/data/admin/modsecurity_rules' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
echo '}' >> ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
cp -pf ${MODSECURITY_OPENLITESPEED_INCLUDE} ${LSWS_HOME}/conf/httpd-modsecurity.conf
else
echo -n '' > ${LSWS_HOME}/conf/httpd-modsecurity-enable.conf
fi
removeLockfile
#fresh install, add to System Backup
if [ ! -s ${SYSTEMDDIR}/litespeed.service ]; then
add_to_system_backup dirs /usr/local/lsws
fi
echo "Enabling litespeed in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/litespeed.service ]; then
cp -f ${CB_CUST_SYSTEMD}/litespeed.service ${SYSTEMDDIR}/litespeed.service
else
cp -f ${CB_SYSTEMD}/litespeed.service ${SYSTEMDDIR}/litespeed.service
fi
if [ ! -L /etc/systemd/system/lshttpd.service ]; then
rm -f /etc/systemd/system/lshttpd.service
fi
if [ -e /etc/systemd/system/multi-user.target.wants/lshttpd.service ]; then
rm -f /etc/systemd/system/multi-user.target.wants/lshttpd.service
fi
chmod 644 ${SYSTEMDDIR}/litespeed.service
systemctl daemon-reload
systemctl enable litespeed.service
#Disable nginx & apache when switching to openlitespeed
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
if [ -e ${SYSTEMDDIR}/nginx.service ]; then
systemctl disable nginx.service 2> /dev/null
rm -f ${SYSTEMDDIR}/nginx.service
systemctl daemon-reload
fi
if [ -e ${SYSTEMDDIR}/httpd.service ]; then
systemctl disable httpd.service 2> /dev/null
rm -f ${SYSTEMDDIR}/httpd.service
systemctl daemon-reload
fi
fi
HAVE_DACONF=0
if [ -s ${DACONF_FILE} ]; then
HAVE_DACONF=1
fi
#copy the new configs if needed
if [ "`grep -m1 -c 'include' ${LSWS_HOME}/conf/directadmin-vhosts.conf`" = "0" ] || [ ! -e ${LSWS_HOME}/conf/directadmin-vhosts.conf ]; then
cp -rf ${OPENLITESPEEDCONFDIR} ${LSWS_HOME}
if [ "${OPENLITESPEEDCUSTOMCONFDIR}" != "0" ]; then
cp -rf ${OPENLITESPEEDCUSTOMCONFDIR} ${LSWS_HOME}
fi
fi
dovecotChecks
do_rewrite_openlitespeed_webapps
ensure_server_ca
csf_enable_quic
doModSecurityAdj
doSslConfigurationWebserver
#rewrite ips.conf if needed
echo "action=rewrite&value=ips" >> ${TASK_QUEUE}
echo "action=rewrite&value=openlitespeed" >> ${TASK_QUEUE}
run_dataskq
#tokenize the IP and ports if needed
tokenize_IP
tokenize_ports
doVhosts
if [ ! -s ${LSWS_HOME}/ssl.key/server.key ] || [ ! -s ${LSWS_HOME}/ssl.crt/server.crt.combined ]; then
cd ${WORKDIR}
mkdir -p ${LSWS_HOME}/ssl.key
mkdir -p ${LSWS_HOME}/ssl.crt
if [ -e /etc/httpd/conf/ssl.crt/server.crt ] && [ -e /etc/httpd/conf/ssl.key/server.key ]; then
cat /etc/httpd/conf/ssl.key/server.key > ${LSWS_HOME}/ssl.key/server.key
cat /etc/httpd/conf/ssl.crt/server.crt >> ${LSWS_HOME}/ssl.crt/server.crt.combined
if [ -e /etc/httpd/conf/ssl.crt/server.ca ]; then
cat /etc/httpd/conf/ssl.crt/server.ca >> ${LSWS_HOME}/ssl.crt/server.crt.combined
fi
elif [ -e /etc/nginx/ssl.crt/server.crt.combined ] && [ -e /etc/nginx/ssl.key/server.key ]; then
cat /etc/nginx/ssl.key/server.key > ${LSWS_HOME}/ssl.crt/server.crt
cat /etc/nginx/ssl.crt/server.crt.combined >> ${LSWS_HOME}/ssl.crt/server.crt.combined
else
#install the cert/key
/usr/bin/openssl req -x509 -newkey rsa:2048 -keyout ${LSWS_HOME}/ssl.key/server.key -out ${LSWS_HOME}/ssl.crt/server.crt.combined -days 9999 -nodes -config ./${APCERTCONF}
fi
chmod 600 ${LSWS_HOME}/ssl.crt/server.crt.combined
chmod 600 ${LSWS_HOME}/ssl.key/server.key
cd ${CWD}
fi
if [ ! -e ${WWWDIR}/index.html ]; then
if [ -e ${WWWDIR}/index.html.en ]; then
cp -f ${WWWDIR}/index.html.en ${WWWDIR}/index.html
else
echo "<html>OpenLiteSpeed is functioning normally</html>" > ${WWWDIR}/index.html
fi
fi
perl -pi -e 's/[A-Za-z]* is functioning normally/OpenLiteSpeed is functioning normally/' ${WWWDIR}/index.html
if [ ! -e /etc/logrotate.d/apache ]; then
safeDownloadWithMove /etc/logrotate.d/apache "${WEBPATH}/apache.logrotate"
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
if [ "${CAGEFS_OPT}" = "yes" ]; then
/usr/sbin/cagefsctl --remount-all
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${CAGEFS_OPT}" = "yes" ]; then
OLS_ENABLELVE=2
elif [ "${CLOUDLINUX_OPT}" = "yes" ]; then
OLS_ENABLELVE=1
else
OLS_ENABLELVE=0
fi
if ! grep -m1 -q "^enableLVE.*=${OLS_ENABLELVE}" ${LSWS_HOME}/conf/httpd-defaults.conf; then
perl -pi -e "s|^enableLVE.*|enableLVE ${OLS_ENABLELVE}|g" ${LSWS_HOME}/conf/httpd-defaults.conf
fi
ldconfig
if [ ! -d ${LSWS_HOME}/logs ]; then
mkdir -p ${LSWS_HOME}/logs
fi
# lsadm owner needed for WebAdmin to work (disabled by default) + "make install" to succeed
chown -R lsadm:lsadm /usr/local/lsws/conf
mkdir -p ${LSWS_HOME}/cachedata
chown apache:apache ${LSWS_HOME}/cachedata
# chmod lsws directory 750
if ! stat ${LSWS_HOME}/conf | grep -m1 Access | grep -m1 -q -o "\---"; then
chmod 750 ${LSWS_HOME}/conf
fi
if [ -d /tmp/lshttpd ]; then
rm -rf /tmp/lshttpd
fi
echo "Restarting OpenLiteSpeed."
control_service litespeed reload
#Reload detached lsphp processes
touch /usr/local/lsws/admin/tmp/.lsphp_restart.txt
echo "Installation of OpenLiteSpeed ${OPENLITESPEED_VER} is now complete."
echo "Admin panel address: http://${HOSTNAME}:7080. Please make sure that port 7080 is open in firewall. Panel is read-only."
if [ "${SHOWPASSWORD}" = "1" ]; then
if [ -e /usr/local/directadmin/scripts/setup.txt ]; then
if ! grep -m1 -q '^litespeedadmin=' /usr/local/directadmin/scripts/setup.txt; then
echo "litespeedadmin=${ADMIN_PASS}" >> /usr/local/directadmin/scripts/setup.txt
fi
fi
echo "Admin password: ${ADMIN_PASS}"
fi
writeLog "OpenLiteSpeed ${OPENLITESPEED_VER} installed"
removeLockfile
}
doModSecurityAdj() {
if [ "${MODSECURITY_OPT}" = "yes" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ]; then
MODSECURITY_CONF_FILE=/etc/httpd/conf/extra/httpd-modsecurity.conf
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
if ! grep -m1 -q '<enableCensorship>0</enableCensorship>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|<enableCensorship>0</enableCensorship>|<enableCensorship>1</enableCensorship>|g' /usr/local/lsws/conf/httpd_config.xml
fi
if ! grep -m1 -q '<uploadTmpDir>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|</enableCensorship>|</enableCensorship>\n <uploadTmpDir>/tmp</uploadTmpDir>|g' /usr/local/lsws/conf/httpd_config.xml
fi
if ! grep -m1 -q '<secAuditLog>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|</enableCensorship>|</enableCensorship>\n <secAuditLog>/var/log/httpd/modsec_audit.log</secAuditLog>|g' /usr/local/lsws/conf/httpd_config.xml
fi
fi
elif [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
MODSECURITY_CONF_FILE=/usr/local/lsws/conf/httpd-modsecurity.conf
else
MODSECURITY_CONF_FILE=/etc/nginx/nginx-modsecurity.conf
fi
if [ "${MODSECURITY_UPLOADSCAN_OPT}" = "yes" ] && [ "${CLAMAV_OPT}" = "yes" ]; then
if [ ! -e /usr/local/bin/clamdscan ]; then
removeLockfile
doclamav
fi
if [ ! -e /usr/local/bin/clamdscan ]; then
do_exit 1 "Cannot enable upload scan in ProFTPd because there is no ClamAV (/usr/local/bin/clamdscan) on the system."
fi
cp -pf ${RUNAV_PL} /usr/local/bin/runav.pl
chmod 755 /usr/local/bin/runav.pl
cp -pf ${RUNAV_CONF} /etc/modsecurity.d/runav.conf
else
rm -f /usr/local/bin/runav.pl
rm -f /etc/modsecurity.d/runav.conf
fi
if [ -d ${MODSECURITY_CUSTOM_RULES} ]; then
echo "Copying custom ModSecurity rules to /etc/modsecurity.d/..."
cp -Rpf ${MODSECURITY_CUSTOM_RULES}/* /etc/modsecurity.d/
fi
if [ -s /etc/modsecurity.d/000_i360_0.conf ]; then
echo "Defaulting to Imunify 360 SecDefaultAction..."
perl -pi -e 's|^SecDefaultAction|#SecDefaultAction|g' ${MODSECURITY_CONF_FILE}
fi
if [ "${MODSECURITY_RULESET_OPT}" = "comodo" ]; then
echo "Defaulting to Comodo WAF SecDefaultAction..."
perl -pi -e 's|^SecDefaultAction|#SecDefaultAction|g' ${MODSECURITY_CONF_FILE}
fi
else
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
if ! grep -m1 -q '<enableCensorship>1</enableCensorship>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|<enableCensorship>1</enableCensorship>|<enableCensorship>0</enableCensorship>|g' /usr/local/lsws/conf/httpd_config.xml
fi
fi
fi
}
####################################################
doModSecurityRules() {
cd ${CWD}
if [ ! -d /etc/modsecurity.d ]; then
mkdir -p /etc/modsecurity.d
fi
rm -f /etc/modsecurity.d/*
if [ "${MODSECURITY_RULESET_OPT}" = "" ]; then
echo "";
echo "";
echo "";
echo "**********************";
echo "";
echo "The setting modsecurity_ruleset is blank. This will cause rewrite issues.";
echo "Please set it to something, eg:";
echo " ./build set modsecurity_ruleset ${MODSECURITY_RULESET_DEF}";
echo "";
echo "**********************";
echo "";
echo "";
echo "";
sleep 5;
fi
if [ "${MODSECURITY_RULESET_OPT}" = "comodo" ]; then
echo "Installing Comodo Rule Set for ModSecurity..."
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
# Generate empty files, so that nginx would still be able to start
if [ ! -e /etc/modsecurity.d/comodo_rules.conf.main ]; then
touch /etc/modsecurity.d/comodo_rules.conf.main
fi
if [ ! -e /etc/modsecurity.d/comodo_rules.conf ]; then
touch /etc/modsecurity.d/comodo_rules.conf
fi
getFileCWAF cwaf_rules_nginx_3-${CWAF_RULES_NGINX_VER}.tgz
CWAF_PLATFORM=Nginx
elif [ "${WEBSERVER_OPT}" = "litespeed" ]; then
getFileCWAF cwaf_rules_ls-${CWAF_RULES_LS_VER}.tgz cwaf_rules_ls
CWAF_PLATFORM=LiteSpeed
else
getFileCWAF cwaf_rules-${CWAF_RULES_VER}.tgz cwaf_rules
CWAF_PLATFORM=Apache
fi
if [ ! -e /usr/local/cwaf/scripts/updater.pl ]; then
safeDownloadWithMove "${CWD}/cwaf_client_install.sh" "${WEBPATH_CWAF}/cpanel/cwaf_client_install.sh"
chmod 700 cwaf_client_install.sh
HOME=/root TERM=xterm ./cwaf_client_install.sh -- --batch --login=nologin --password=nopassword --platform=${CWAF_PLATFORM}
#### plugin was not installed exit ###
if [ $? -ne 0 ]; then
rm -f cwaf_client_install.sh
do_exit 1 "Installation of Comodo WAF plugin failed"
fi
cd ${WORKDIR}
rm -f cwaf_client_install.sh
else
echo 'Updating to latest CWAF client version'
/usr/local/cwaf/scripts/update-client.pl
fi
echo "Include /etc/cwaf/cwaf.conf" > /etc/modsecurity.d/comodo_rules.conf.main
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
perl -pi -e 's/cwaf_platform="Apache"/cwaf_platform="Nginx"/' /etc/cwaf/main.conf
perl -pi -e 's/cwaf_platform="LiteSpeed"/cwaf_platform="Nginx"/' /etc/cwaf/main.conf
/usr/local/cwaf/scripts/updater.pl -p /usr/local/directadmin/custombuild/cwaf_rules_nginx_3-${CWAF_RULES_NGINX_VER}.tgz
cd ${WORKDIR}
rm -f cwaf_rules_nginx_3-${CWAF_RULES_NGINX_VER}.tgz cwaf_rules_nginx_3
if [ -s /etc/cwaf/cwaf.conf ]; then
if grep -m1 -q '^IncludeOptional' /etc/cwaf/cwaf.conf; then
perl -pi -e 's|IncludeOptional|Include|g' /etc/cwaf/cwaf.conf
fi
fi
elif [ "${WEBSERVER_OPT}" = "litespeed" ]; then
perl -pi -e 's/cwaf_platform="Nginx"/cwaf_platform="LiteSpeed"/' /etc/cwaf/main.conf
perl -pi -e 's/cwaf_platform="Apache"/cwaf_platform="LiteSpeed"/' /etc/cwaf/main.conf
/usr/local/cwaf/scripts/updater.pl -p /usr/local/directadmin/custombuild/cwaf_rules_ls-${CWAF_RULES_LS_VER}.tgz
cd ${WORKDIR}
rm -f cwaf_rules_ls-${CWAF_RULES_LS_VER}.tgz
else
perl -pi -e 's/cwaf_platform="Nginx"/cwaf_platform="Apache"/' /etc/cwaf/main.conf
perl -pi -e 's/cwaf_platform="LiteSpeed"/cwaf_platform="Apache"/' /etc/cwaf/main.conf
/usr/local/cwaf/scripts/updater.pl -p /usr/local/directadmin/custombuild/cwaf_rules-${CWAF_RULES_VER}.tgz
cd ${WORKDIR}
rm -f cwaf_rules-${CWAF_RULES_VER}.tgz
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
if grep -m1 -q 'Include [0-9].' /etc/modsecurity.d/comodo_rules.conf.main; then
sed -i '/Include \//! s/Include /Include \/usr\/local\/cwaf\/rules\//g' /etc/modsecurity.d/comodo_rules.conf.main
fi
fi
fi
if [ "${MODSECURITY_RULESET_OPT}" = "owasp" ]; then
echo "Installing OWASP Core Rule Set for ModSecurity..."
getFile owasp-modsecurity-crs-${OWASP_RULES_VER}.tar.gz owasp3_rules
tar xzf owasp-modsecurity-crs-${OWASP_RULES_VER}.tar.gz -C /etc/modsecurity.d/ owasp-modsecurity-crs-${OWASP_RULES_VER}/crs-setup.conf.example --strip-components=1 --no-same-owner
tar xzf owasp-modsecurity-crs-${OWASP_RULES_VER}.tar.gz -C /etc/modsecurity.d/ owasp-modsecurity-crs-${OWASP_RULES_VER}/rules --strip-components=2 --no-same-owner
echo ${OWASP_RULES_VER} > /etc/modsecurity.d/owasp_rules_version
if [ -e /etc/modsecurity.d/crs-setup.conf.example ]; then
mv -f /etc/modsecurity.d/crs-setup.conf.example /etc/modsecurity.d/crs-setup.conf.main
fi
perl -pi -e 's|^SecDefaultAction|#SecDefaultAction|' /etc/modsecurity.d/crs-setup.conf.main
fi
doModSecurityAdj
echo "Installation of ModSecurity Rule Set has been finished."
if [ ! -e /etc/modsecurity.d/comodo_rules.conf.main ]; then
touch /etc/modsecurity.d/comodo_rules.conf.main
fi
if [ ! -e /etc/modsecurity.d/comodo_rules.conf ]; then
touch /etc/modsecurity.d/comodo_rules.conf
fi
if [ "$1" != "norestart" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service httpd restart
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ "${WEBSERVER_OPT}" = "nginx" ]; then
control_service nginx restart
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
control_service litespeed reload
fi
fi
cd ${CWD}
}
####################################################
doModSecsdbmutil() {
cd ${CWD}
if [ "${MODSECURITY_OPT}" = "no" ]; then
do_exit 1 "Cannot build ModSecurity, because you do not have it set in options.conf file."
fi
#We don't expect version to change, so, hardcoding it here
MODSECSDBMUTIL_VER=1.0
MODSECSDBMUTIL_FILENAME=modsec-sdbm-util
getFile ${MODSECSDBMUTIL_FILENAME}-${MODSECSDBMUTIL_VER}.tar.gz ${MODSECSDBMUTIL_FILENAME}
quitIfLocked doModSecsdbmutil
FILE=${CWD}/${MODSECSDBMUTIL_FILENAME}-${MODSECSDBMUTIL_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
cd ${MODSECSDBMUTIL_FILENAME}-${MODSECSDBMUTIL_VER}
./autogen.sh
echo "Configuring ${MODSECSDBMUTIL_FILENAME}-${MODSECSDBMUTIL_VER}..."
./configure
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure ModSecurity\n"
do_exit 1
fi
echo "Done Configuration."
while echo "Trying to make ModSec-sdbm-util..."; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
echo -n -e "\n*** The make has failed, would you like to try to make again? (y,n): "
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make Complete"
while echo "Installing ModSec-sdbm-util..."; do
make install
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The install has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "ModSec-sdbm-util has been installed successfully."
writeLog "ModSec-sdbm-util ${MODSECSDBMUTIL_VER} installed"
removeLockfile
cd ${CWD}
}
doModSecurity() {
cd ${CWD}
if [ "${MODSECURITY_OPT}" = "no" ]; then
do_exit 1 "Cannot build ModSecurity, because you do not have it set in options.conf file."
fi
if [ ! -e /usr/include/libxslt/xslt.h ] && [ ! -e /usr/local/include/libxslt/xslt.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libxslt, installing using apt-get..."
apt-get -y install libxslt-dev
else
echo "Cannot find libxslt, installing using yum..."
yum -y install libxslt-devel
fi
fi
if [ ! -e /usr/include/lua.h ] && [ ! -e /usr/local/include/lua.h ]; then
if [ ! -e /etc/debian_version ]; then
if [ "${OS_CENTOS_VER}" = "8" ]; then
yum -y install lua-devel --enablerepo=${POWERTOOLS}
elif [ "${OS_CENTOS_VER}" = "9" ]; then
yum -y install lua-devel --enablerepo=crb
else
yum -y install lua-devel
fi
fi
fi
if [ ! -e /usr/lib64/libyajl.so ] && [ ! -e /usr/lib/x86_64-linux-gnu/libyajl.so ] && [ ! -e /usr/lib/aarch64-linux-gnu/libyajl.so ] && [ ! -e /usr/local/lib/libyajl.so ]; then
if [ -e ${DEBIAN_VERSION} ]; then
apt-get -y install libyajl-dev
else
if [ "${OS_CENTOS_VER}" = "8" ]; then
yum -y install yajl-devel --enablerepo=${POWERTOOLS}
elif [ "${OS_CENTOS_VER}" = "9" ]; then
yum -y install yajl-devel --enablerepo=crb
else
yum -y install yajl-devel
fi
fi
fi
ldconfig
if [ "${WEBSERVER_OPT}" = "apache" ]; then
if [ ! -e /usr/sbin/apxs ]; then
echo "/usr/sbin/apxs is not found, skipping ModSecurity for now."
return
fi
if [ ! -e /usr/lib/apache/libaprutil-1.so ]; then
echo "/usr/lib/apache/libaprutil-1.so is not found, skipping ModSecurity for now. Please run './build apache' to get the libraries in place."
return
fi
elif [ "${WEBSERVER_OPT}" = "litespeed" ]; then
echo "ModSecurity is built-in with LiteSpeed, there is no need to install it."
elif [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
removeLockfile
./build openlitespeed
else
echo "ModSecurity is not needed for Nginx, please check LibModSecurity (ModSecurity 3.0)."
return
fi
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
mkdir -p /var/log/modsec_audit
chmod 1733 /var/log/modsec_audit
fi
if [ "${WEBSERVER_OPT}" = "apache" ]; then
getFile ${MODSECURITY_FILENAME}-${MODSECURITY_VER}.tar.gz ${MODSECURITY_FILENAME}
quitIfLocked doModSecurity
FILE=${CWD}/${MODSECURITY_FILENAME}-${MODSECURITY_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
cd ${MODSECURITY_FILENAME}-${MODSECURITY_VER}
echo "Installing ${MODSECURITY_FILENAME}-${MODSECURITY_VER}..."
if [ ! -e ./configure ]; then
echo "calling aclocal:"
aclocal
echo "calling libtoolize:"
libtoolize --force
echo "calling automake:"
automake --add-missing
echo "calling autoreconf:"
autoreconf
fi
echo "Configuring ${MODSECURITY_FILENAME}-${MODSECURITY_VER}..."
${CWD}/${MODSECURITY_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure ModSecurity\n"
do_exit 1
fi
echo "Done Configuration."
while echo "Trying to make ModSecurity..."; do
make CPPFLAGS="-I/usr/include/apache -L/usr/lib/apache -DDEFAULT_USER='\"nginx\"' -DDEFAULT_GROUP='\"nginx\"'" CFLAGS="-I/usr/include/apache -L/usr/lib/apache -DDEFAULT_USER='\"nginx\"' -DDEFAULT_GROUP='\"nginx\"'" -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
echo -n -e "\n*** The make has failed, would you like to try to make again? (y,n): "
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 0
fi
else
break
fi
done
echo "Make Complete"
fi
mkdir -p /etc/modsecurity.d
chmod 700 /etc/modsecurity.d
if [ "${WEBSERVER_OPT}" = "apache" ]; then
if [ -e /usr/lib/apache/mod_security2.so ]; then
rm -f /usr/lib/apache/mod_security2.so
fi
while echo "Installing ModSecurity..."; do
make install
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The install has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 0
fi
else
break
fi
done
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ]; then
#Add mod_security include in apache
if [ -e ${PHPMODULES} ]; then
perl -pi -e 's|^LoadModule security2_module|#LoadModule security2_module|' /etc/httpd/conf/httpd.conf
if ! grep -m1 -q 'httpd-modsecurity' ${PHPMODULES}; then
echo "Include /etc/httpd/conf/extra/httpd-modsecurity.conf" >> ${PHPMODULES}
fi
cp -pf ${MODSECURITY_APACHE_INCLUDE} /etc/httpd/conf/extra/httpd-modsecurity.conf
if [ -e /usr/lib/libxml2.so ] && [ ! -e /usr/local/lib/libxml2.so ]; then
perl -pi -e 's|LoadFile /usr/local/lib/libxml2.so|LoadFile /usr/lib/libxml2.so|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
elif [ -e /usr/lib64/libxml2.so ] && [ ! -e /usr/local/lib/libxml2.so ]; then
perl -pi -e 's|LoadFile /usr/local/lib/libxml2.so|LoadFile /usr/lib64/libxml2.so|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
elif [ -e /usr/lib/x86_64-linux-gnu/libxml2.so ] && [ ! -e /usr/local/lib/libxml2.so ]; then
perl -pi -e 's|LoadFile /usr/local/lib/libxml2.so|LoadFile /usr/lib/x86_64-linux-gnu/libxml2.so|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
elif [ -e /usr/lib/aarch64-linux-gnu/libxml2.so ] && [ ! -e /usr/local/lib/libxml2.so ]; then
perl -pi -e 's|LoadFile /usr/local/lib/libxml2.so|LoadFile /usr/lib/aarch64-linux-gnu/libxml2.so|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
perl -pi -e 's|^Load|#Load|g' /etc/httpd/conf/extra/httpd-modsecurity.conf
fi
fi
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
if ! grep -m1 -q '<enableCensorship>0</enableCensorship>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|<enableCensorship>0</enableCensorship>|<enableCensorship>1</enableCensorship>|g' /usr/local/lsws/conf/httpd_config.xml
fi
if ! grep -m1 -q '<uploadTmpDir>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|</enableCensorship>|</enableCensorship>\n <uploadTmpDir>/tmp</uploadTmpDir>|g' /usr/local/lsws/conf/httpd_config.xml
fi
if ! grep -m1 -q '<secAuditLog>' /usr/local/lsws/conf/httpd_config.xml; then
perl -pi -e 's|</enableCensorship>|</enableCensorship>\n <secAuditLog>/var/log/httpd/modsec_audit.log</secAuditLog>|g' /usr/local/lsws/conf/httpd_config.xml
fi
fi
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
run_dataskq
if [ -s /usr/local/modsecurity/lib/mod_security2.so ]; then
cp -pf /usr/local/modsecurity/lib/mod_security2.so /usr/lib/apache/mod_security2.so
fi
echo "ModSecurity has been installed successfully."
writeLog "ModSecurity ${MODSECURITY_VER} installed"
removeLockfile
#For initial comodo ruleset installation we need to restart webserver
#So that it detects installation of modsecurity
if [ "${MODSECURITY_RULESET_OPT}" = "comodo" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ]; then
control_service httpd restart
elif [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
control_service litespeed reload
fi
fi
doModSecurityRules norestart
if [ "${WEBSERVER_OPT}" = "apache" ]; then
control_service httpd restart
elif [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
control_service litespeed reload
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
cd ${CWD}
}
####################################################
doModSecurityConnector() {
cd ${CWD}
#For nginx we need to rebuild it, because ModSecurity is added as a static module
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
getFile ${MODSECURITY_NGINX_CONNECTOR_FILENAME}-${MODSECURITY_NGINX_CONNECTOR_VER}.tar.gz modsecurity3_nginx
tar xzf ${MODSECURITY_NGINX_CONNECTOR_FILENAME}-${MODSECURITY_NGINX_CONNECTOR_VER}.tar.gz
echo -n '' > /etc/nginx/nginx-modsecurity-enable.conf
echo 'modsecurity on;' >> /etc/nginx/nginx-modsecurity-enable.conf
echo 'modsecurity_rules_file /etc/nginx/nginx-modsecurity.conf;' >> /etc/nginx/nginx-modsecurity-enable.conf
create_global_modsecurity_rules
echo 'modsecurity_rules_file /usr/local/directadmin/data/admin/modsecurity_rules;' >> /etc/nginx/nginx-modsecurity-enable.conf
if [ -s /etc/httpd/conf/extra/nginx-modsecurity-enable.conf ]; then
echo -n '' > /etc/httpd/conf/extra/nginx-modsecurity-enable.conf
fi
if nginx -V 2>&1 | grep -q -o -m1 'modsecurity-nginx-v[^ ]*'; then
MODSECURITY_NGINX_CONNECTORV=`nginx -V 2>&1 | grep -o -m1 'modsecurity-nginx-v[^ ]*' | cut -d- -f3`
else
MODSECURITY_NGINX_CONNECTORV=0
fi
#Recompile nginx only if connector's version is different
if [ "${MODSECURITY_NGINX_CONNECTORV}" != "${MODSECURITY_NGINX_CONNECTOR_VER}" ]; then
if [ "$1" = "1" ]; then
cd ${CWD}
# Build nginx to enable the module statically (./configure --add-module=../mod_security/nginx/modsecurity)
echo "Building Nginx to enable ModSecurity module statically."
removeLockfile
./build nginx
fi
fi
elif [ "${WEBSERVER_OPT}" = "apache" ]; then
getFile ${MODSECURITY_APACHE_CONNECTOR_FILENAME}-${MODSECURITY_APACHE_CONNECTOR_VER}.tar.gz modsecurity3_nginx
tar xzf ${MODSECURITY_APACHE_CONNECTOR_FILENAME}-${MODSECURITY_APACHE_CONNECTOR_VER}.tar.gz
if [ -d "${MODSECURITY_APACHE_CONNECTOR_FILENAME}-${MODSECURITY_APACHE_CONNECTOR_VER}" ]; then
rm -rf "${MODSECURITY_APACHE_CONNECTOR_FILENAME}-${MODSECURITY_APACHE_CONNECTOR_VER}"
fi
cd ${MODSECURITY_APACHE_CONNECTOR_FILENAME}-${MODSECURITY_APACHE_CONNECTOR_VER}
./autogen.sh
./configure
make -j ${CPU_CORES}
make install
if [ -s ./src/.libs/mod_security3.so ]; then
cp -pf ./src/.libs/mod_security3.so /usr/lib/apache/mod_security3.so
fi
echo -n '' > /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
echo '<IfModule mod_security3.c>' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
echo 'modsecurity on' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
echo 'modsecurity_rules_file /etc/nginx/nginx-modsecurity.conf' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
create_global_modsecurity_rules
echo 'modsecurity_rules_file /usr/local/directadmin/data/admin/modsecurity_rules' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
echo '</IfModule>' >> /etc/httpd/conf/extra/httpd-modsecurity-enable.conf
cp -pf ${MODSECURITY_APACHE_INCLUDE} /etc/httpd/conf/extra/httpd-modsecurity.conf
else
if [ -d /etc/nginx ]; then
echo -n '' > /etc/nginx/nginx-modsecurity-enable.conf
fi
fi
if [ ! -d /etc/nginx ]; then
mkdir -p /etc/nginx
fi
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
cp -pf ${MODSECURITY_NGINX_INCLUDE} /etc/nginx/nginx-modsecurity.conf
elif [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
cp -pf ${MODSECURITY_NGINX_REVERSE_INCLUDE} /etc/nginx/nginx-modsecurity.conf
fi
echo "ModSecurity Connector ${MODSECURITY_NGINX_CONNECTOR_VER} is now enabled in Nginx"
}
doLibModSecurity() {
cd ${CWD}
if [ "${MODSECURITY_OPT}" = "no" ]; then
do_exit 1 "Cannot build ModSecurity, because you do not have it set in options.conf file."
fi
if [ ! -e /usr/include/libxslt/xslt.h ] && [ ! -e /usr/local/include/libxslt/xslt.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find libxslt, installing using apt-get..."
apt-get -y install libxslt-dev
else
echo "Cannot find libxslt, installing using yum..."
yum -y install libxslt-devel
fi
fi
if [ ! -e /usr/lib64/libyajl.so ] && [ ! -e /usr/lib/x86_64-linux-gnu/libyajl.so ] && [ ! -e /usr/lib/aarch64-linux-gnu/libyajl.so ] && [ ! -e /usr/local/lib/libyajl.so ]; then
if [ -e ${DEBIAN_VERSION} ]; then
apt-get -y install libyajl-dev
else
yum -y install yajl-devel
fi
fi
if [ ! -s /usr/local/include/maxminddb.h ] && [ "${LIBMAXMINDDB_VER}" != "0" ]; then
echo "Installing latest version of libmaxminddb to provide /usr/local/lib/libmaxminddb.so for LibModSecurity."
dolibmaxminddb
fi
# if [ ! -e /usr/local/bin/geoipupdate ] && [ "${GEOIPUPDATE_VER}" != "0" ]; then
# echo "Installing latest version of geoipupdate to provide /usr/local/bin/geoipupdate for LibModSecurity."
# doGeoipupdate
# fi
if [ ! -e /usr/local/lib/liblua.so ] && [ "${LUA_VER}" != "0" ]; then
echo "Installing latest version of lua to provide /usr/local/bin/geoipupdate for LibModSecurity."
doLua
fi
if [ "${WEBSERVER_OPT}" != "nginx" ] && [ "${WEBSERVER_OPT}" != "nginx_apache" ] && [ "${WEBSERVER_OPT}" != "apache" ]; then
do_exit 1 "LibModSecurity connector is only available for nginx and apache right now."
fi
ldconfig
getFile ${LIBMODSECURITY_FILENAME}-v${LIBMODSECURITY_VER}.tar.gz modsecurity3
quitIfLocked doModSecurity
FILE=${CWD}/${LIBMODSECURITY_FILENAME}-v${LIBMODSECURITY_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
cd ${LIBMODSECURITY_FILENAME}-v${LIBMODSECURITY_VER}
echo "Configuring ${LIBMODSECURITY_FILENAME}-v${LIBMODSECURITY_VER}..."
${CWD}/${MODSECURITY_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure LibModSecurity\n"
do_exit 1
fi
echo "Done Configuration."
while echo "Trying to make LibModSecurity..."; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
echo -n -e "\n*** The make has failed, would you like to try to make again? (y,n): "
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make Complete"
mkdir -p /etc/modsecurity.d
chmod 700 /etc/modsecurity.d
while echo "Installing LibModSecurity..."; do
make install
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The install has failed, would you like to try to install it again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
removeLockfile
#For nginx we need to rebuild it, because ModSecurity is added as a static module
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ] || [ "${WEBSERVER_OPT}" = "apache" ] ; then
if [ "$1" = "0" ]; then
doModSecurityConnector 0
else
doModSecurityConnector 1
fi
fi
echo "action=rewrite&value=httpd" >> ${TASK_QUEUE}
run_dataskq
echo "LibModSecurity has been installed successfully."
writeLog "LibModSecurity ${LIBMODSECURITY_VER} installed"
#For initial comodo ruleset installation we need to restart webserver
#So that it detects installation of modsecurity
if [ "${MODSECURITY_RULESET_OPT}" = "comodo" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ]; then
control_service httpd restart
elif [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
control_service litespeed reload
elif [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service nginx restart
fi
fi
doModSecurityRules norestart
if [ "${WEBSERVER_OPT}" = "apache" ]; then
control_service httpd restart
elif [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
control_service litespeed reload
elif [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
control_service nginx restart
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
cd ${CWD}
}
####################################################
doNginx() {
if [ "${WEBSERVER_OPT}" != "nginx" ] && [ "${WEBSERVER_OPT}" != "nginx_apache" ]; then
do_exit 1 "You cannot install Nginx, because you do not have it set in options.conf file."
fi
getFile nginx-${NGINX_VER}.tar.gz nginx
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
NGX_CACHE_PURGE_VER=`getVer ngx_cache_purge`
getFile ngx_cache_purge-${NGX_CACHE_PURGE_VER}.tar.gz ngx_cache_purge
mkdir -p ngx_cache_purge/
tar xzf ngx_cache_purge-${NGX_CACHE_PURGE_VER}.tar.gz -C ngx_cache_purge/ --strip-components=1 --no-same-owner
fi
quitIfLocked doNginx
ADMNNGINX=/usr/local/directadmin/data/users/admin/nginx.conf
if [ ! -e ${ADMNNGINX} ] && [ -d /usr/local/directadmin/data/users/admin ]; then
echo -n "" > ${ADMNNGINX}
chown diradmin:admin ${ADMNNGINX}
chmod 640 ${ADMNNGINX}
fi
if [ ! -d /var/www/html ]; then
mkdir -p /var/www/html
fi
set64
set_http2
addUserGroup nginx nginx
addToAccess nginx
if grep -m1 -q '^apache:' /etc/group; then
usermod -a -G apache nginx 2>/dev/null
fi
chown webapps:nginx /var/www
chmod 551 /var/www
cd ${CWD}
FILE=${CWD}/nginx-${NGINX_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
cd nginx-${NGINX_VER}
setFDSETSIZE
#copy the new configs
if [ ! -d ${NGINXCONF} ]; then
mkdir -p ${NGINXCONF}
fi
cp -rf ${NGINXCONFDIR}/* ${NGINXCONF}
if [ ! -d ${NGINXCONF}/templates ]; then
mkdir -p ${NGINXCONF}/templates
fi
cp -rf ${NGINXTEMPLATESDIR}/* ${NGINXCONF}/templates
if [ ! -e ${NGINXCONF}/directadmin-settings.conf ]; then
touch ${NGINXCONF}/directadmin-settings.conf
fi
if [ ! -e ${NGINXCONF}/directadmin-ips.conf ]; then
touch ${NGINXCONF}/directadmin-ips.conf
fi
if [ ! -e ${NGINXCONF}/nginx-includes.conf ]; then
touch ${NGINXCONF}/nginx-includes.conf
fi
if [ ! -e ${NGINXCONF}/nginx-modsecurity-enable.conf ]; then
touch ${NGINXCONF}/nginx-modsecurity-enable.conf
elif [ "${MODSECURITY_OPT}" = "no" ]; then
echo -n '' > ${NGINXCONF}/nginx-modsecurity-enable.conf
fi
MODSEC_APPENDED=0
if [ "${MODSECURITY_OPT}" = "yes" ]; then
removeLockfile
if [ ! -s /usr/local/modsecurity/lib/pkgconfig/modsecurity.pc ]; then
echo "LibModSecurity has not been installed, installing..."
doLibModSecurity 0
fi
cd ${CWD}/nginx-${NGINX_VER}
MODSEC_DIR=../${MODSECURITY_NGINX_CONNECTOR_FILENAME}-${MODSECURITY_NGINX_CONNECTOR_VER}
if [ ! -d ${MODSEC_DIR} ]; then
removeLockfile
cd ${CWD}
doModSecurityConnector 0
cd nginx-${NGINX_VER}
fi
if ! grep -q \"\-\-add-module=${MODSEC_DIR}\" ${CWD}/${NGINX_CONFIGURE}; then
MODSEC_APPENDED=1
perl -pi -e "s#./configure \\\#./configure --add-module=${MODSEC_DIR} \\\#" ${CWD}/${NGINX_CONFIGURE}
fi
fi
#configure
echo "Configuring nginx-${NGINX_VER}"
${CWD}/${NGINX_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure Nginx. Check the ${NGINX_CONFIGURE} file\n"
do_exit 1
fi
echo "Done Configuration."
if [ "${MODSEC_APPENDED}" = "1" ]; then
perl -pi -e "s#./configure --add-module=${MODSEC_DIR} \\\#./configure \\\#" ${CWD}/${NGINX_CONFIGURE}
fi
echo "increasing FD_SETSIZE in os/tpf/os.h .."
if [ -e ./os/tpf/os.h ]; then
perl -pi -e 's/\#define FD_SETSIZE.*2048/\#ifdef FD_SETSIZE\n\#undef FD_SETSIZE\n\#endif\n\#define FD_SETSIZE 32768/' ./os/tpf/os.h
fi
while echo "Trying to make Nginx..."; do
C_INCLUDE_PATH=/usr/kerberos/include make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
checkRPMS
echo "Installing Nginx..."
control_service nginx stop >/dev/null 2>&1
# A fix for "cp: cannot create regular file `/usr/sbin/nginx': Text file busy"
killall nginx
sleep 2
killall -9 nginx >/dev/null 2>&1
sleep 1
make install
cd ${CWD}
#fresh install, add to System Backup
if [ ! -s ${SYSTEMDDIR}/nginx.service ]; then
add_to_system_backup dirs /etc/nginx
fi
echo "Enabling nginx in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/nginx.service ]; then
cp -f ${CB_CUST_SYSTEMD}/nginx.service ${SYSTEMDDIR}/nginx.service
else
cp -f ${CB_SYSTEMD}/nginx.service ${SYSTEMDDIR}/nginx.service
fi
chmod 644 ${SYSTEMDDIR}/nginx.service
systemctl daemon-reload
systemctl enable nginx.service
#Disable httpd & litespeed, when switching to nginx
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
if [ -e ${SYSTEMDDIR}/httpd.service ]; then
systemctl disable httpd.service 2> /dev/null
rm -f ${SYSTEMDDIR}/httpd.service
systemctl daemon-reload
fi
if [ -e ${SYSTEMDDIR}/litespeed.service ]; then
systemctl disable lshttpd.service 2> /dev/null
systemctl disable litespeed.service 2> /dev/null
rm -f ${SYSTEMDDIR}/lshttpd.service
rm -f ${SYSTEMDDIR}/litespeed.service
systemctl daemon-reload
fi
fi
#Disable litespeed, when switching to nginx_apache
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -e ${SYSTEMDDIR}/litespeed.service ]; then
systemctl disable lshttpd.service 2> /dev/null
systemctl disable litespeed.service 2> /dev/null
rm -f ${SYSTEMDDIR}/lshttpd.service
rm -f ${SYSTEMDDIR}/litespeed.service
systemctl daemon-reload
fi
fi
for php_shortrelease in `echo ${PHP1_SHORTRELEASE_SET}`; do
perl -pi -e "s|/usr/local/php${php_shortrelease}/sockets/webapps.sock|/usr/local/php${PHP1_SHORTRELEASE}/sockets/webapps.sock|" ${NGINXCONF}/nginx.conf
done
tokenize_IP
tokenize_ports
if [ "${IPV6}" = "0" ]; then
perl -pi -e 's| listen \[::1\]:| #listen \[::1\]:|' ${NGINXCONF}/nginx-vhosts.conf
perl -pi -e 's| listen \[::1\]:| #listen \[::1\]:|' ${NGINXCONF}/nginx.conf
else
perl -pi -e 's| #listen \[::1\]:| listen \[::1\]:|' ${NGINXCONF}/nginx-vhosts.conf
perl -pi -e 's| #listen \[::1\]:| listen \[::1\]:|' ${NGINXCONF}/nginx.conf
fi
# Disable UserDir access if userdir_access=no is set in the options.conf file
if [ "${USERDIR_ACCESS_OPT}" = "no" ]; then
perl -pi -e 's| include /etc/nginx/nginx-userdir.conf;| #include /etc/nginx/nginx-userdir.conf;|' /etc/nginx/nginx-vhosts.conf
else
perl -pi -e 's| #include /etc/nginx/nginx-userdir.conf;| include /etc/nginx/nginx-userdir.conf;|' /etc/nginx/nginx-vhosts.conf
fi
fpmChecks
dovecotChecks
do_rewrite_nginx_webapps
#rewrite ips.conf if needed
echo "action=rewrite&value=ips" >> ${TASK_QUEUE}
echo "action=rewrite&value=nginx" >> ${TASK_QUEUE}
run_dataskq
doVhosts
doSslConfigurationWebserver
if [ ! -s ${NGINXCONF}/ssl.key/server.key ] || [ ! -s ${NGINXCONF}/ssl.crt/server.crt ]; then
cd ${WORKDIR}
mkdir -p ${NGINXCONF}/ssl.key
mkdir -p ${NGINXCONF}/ssl.crt
if [ -s ${HTTPDCONF}/ssl.key/server.key ] && [ -s ${HTTPDCONF}/ssl.crt/server.crt ]; then
cp -pf ${HTTPDCONF}/ssl.key/server.key ${NGINXCONF}/ssl.key
cp -pf ${HTTPDCONF}/ssl.crt/server.crt ${NGINXCONF}/ssl.crt/server.crt
else
#install the cert/key
/usr/bin/openssl req -x509 -newkey rsa:2048 -keyout ${NGINXCONF}/ssl.key/server.key -out ${NGINXCONF}/ssl.crt/server.crt -days 9999 -nodes -config ./${APCERTCONF}
fi
chmod 600 ${NGINXCONF}/ssl.crt/server.crt
chmod 600 ${NGINXCONF}/ssl.key/server.key
cd ${CWD}
fi
ensure_server_ca
if [ "${NGINXCUSTOMCONFDIR}" != "0" ]; then
cp -rf ${NGINXCUSTOMCONFDIR}/* ${NGINXCONF}/
fi
if [ "${NGINXCUSTOMEMPLATESDIR}" != "0" ]; then
cp -rf ${NGINXCUSTOMEMPLATESDIR}/* ${NGINXCONF}/templates/
fi
tokenize_IP
tokenize_ports
if [ "${MODSECURITY_OPT}" = "yes" ]; then
doModSecurityRules norestart
fi
mkdir -p ${WWWDIR}
if [ ! -e ${WWWDIR}/index.html ]; then
echo "<html>Nginx is functioning normally</html>" > ${WWWDIR}/index.html
fi
perl -pi -e 's/[A-Za-z]* is functioning normally/Nginx is functioning normally/' ${WWWDIR}/index.html
if [ ! -e /etc/logrotate.d/nginx ]; then
safeDownloadWithMove /etc/logrotate.d/nginx "${WEBPATH}/nginx.logrotate"
fi
if [ ! -d /var/log/nginx/domains ]; then
mkdir -p /var/log/nginx/domains
fi
chmod 710 /var/log/nginx
chown nginx:${ROOT_GRP} /var/log/nginx
#setup the directadmin.conf
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
setVal cloud_cache 1 ${DACONF_TEMPLATE_FILE}
setVal cloud_cache 1 ${DACONF_FILE}
echo "action=cache&value=showallusers" >> ${TASK_QUEUE}
run_dataskq d
elif [ "${CLOUDLINUX_OPT}" = "no" ]; then
setVal cloud_cache 0 ${DACONF_TEMPLATE_FILE}
setVal cloud_cache 0 ${DACONF_FILE}
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
setVal nginx_proxy 1 ${DACONF_TEMPLATE_FILE}
setVal nginx_proxy 1 ${DACONF_FILE}
setVal nginx 0 ${DACONF_TEMPLATE_FILE}
setVal nginx 0 ${DACONF_FILE}
setVal litespeed 0 ${DACONF_TEMPLATE_FILE}
setVal litespeed 0 ${DACONF_FILE}
killall litespeed >/dev/null 2>&1
setVal openlitespeed 0 ${DACONF_TEMPLATE_FILE}
setVal openlitespeed 0 ${DACONF_FILE}
doRestartDA
set_service litespeed delete
killall -9 litespeed >/dev/null 2>&1
else
setVal nginx_proxy 0 ${DACONF_TEMPLATE_FILE}
setVal nginx_proxy 0 ${DACONF_FILE}
setVal nginx 1 ${DACONF_TEMPLATE_FILE}
setVal nginx 1 ${DACONF_FILE}
setVal litespeed 0 ${DACONF_TEMPLATE_FILE}
setVal litespeed 0 ${DACONF_FILE}
setVal openlitespeed 0 ${DACONF_TEMPLATE_FILE}
setVal openlitespeed 0 ${DACONF_FILE}
killall httpd >/dev/null 2>&1
killall litespeed >/dev/null 2>&1
doRestartDA
set_service httpd delete
set_service litespeed delete
killall -9 httpd >/dev/null 2>&1
killall -9 litespeed >/dev/null 2>&1
fi
set_service nginx ON
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "Restarting nginx."
control_service nginx stop >/dev/null 2>&1
control_service nginx start
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
rm -rf ${CWD}/ngx_cache_purge
fi
writeLog "Nginx ${NGINX_VER} installed"
removeLockfile
}
doRemoveNginx() {
if [ "${WEBSERVER_OPT}" = "nginx" ] && [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
do_exit 1 "You cannot remove Nginx, because you have it set in options.conf file."
fi
if [ ! -e /usr/sbin/nginx ]; then
do_exit 1 "/usr/sbin/nginx does not exist, cannot remove..."
fi
echo "Disabling nginx in services.status..."
set_service nginx delete
control_service nginx stop >/dev/null 2>&1
# A fix for "cp: cannot create regular file `/usr/sbin/nginx': Text file busy"
sleep 2
killall -9 nginx >/dev/null 2>&1
echo "Disabling nginx in systemd..."
if [ -e ${SYSTEMDDIR}/nginx.service ]; then
systemctl disable nginx.service
rm -f ${SYSTEMDDIR}/nginx.service
systemctl daemon-reload
fi
remove_file /etc/logrotate.d/nginx
remove_file /usr/sbin/nginx
remove_directory /var/log/nginx
remove_directory /etc/nginx
ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "Nginx has been successfully removed"
writeLog "Nginx removed"
}
####################################################
doJailshell() {
if [ ! -x /usr/bin/bwrap ] && [ ! -x /usr/local/bin/bwrap ]; then
echo "Bubblewrap is needed for Jail Shell, it's not installed. Please run: ./build bubblewrap."
fi
if [ ! -x /usr/local/bin/msmtp ]; then
doMsmtp
fi
if [ ! -d /etc/exim.jail ]; then
echo "action=rewrite&value=jail" >> ${TASK_QUEUE}
echo "Executing the task.queue cotents now, please be patient ..."
run_dataskq d
fi
echo "Downloading jailshell to /usr/bin/jailshell..."
getFile bubblewrap/jailshell-${JAILSHELL_SH_VER}.sh jailshell_sh jailshell-${JAILSHELL_SH_VER}
if grep -m1 -q 'bwrap' jailshell-${JAILSHELL_SH_VER}; then
mv -f jailshell-${JAILSHELL_SH_VER} /usr/bin/jailshell
chmod 755 /usr/bin/jailshell
fi
if [ ! -d /usr/lib/modules ]; then
mkdir -p /usr/lib/modules
fi
echo "/usr/bin/jailshell has been installed."
}
doBubblewrap() {
quitIfLocked doBubblewrap
LXC_SKIP_BWRAP=true
if [ -e /dev/.lxc/proc/self/uid_map ]; then
if ! cat /dev/.lxc/proc/self/uid_map >/dev/null 2>&1; then
LXC_SKIP_BWRAP=false
fi
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
echo "Please rely on CloudLinux CageFS for isolation of the users (cloudlinux=yes detected in the settings)."
return
elif systemd-detect-virt | grep -m1 -q -E 'lxc|openvz'; then
if ${LXC_SKIP_BWRAP}; then
echo "Your container virtualization does not support Linux namespaces for user isolation, please switch to XEN/KVM/VMware or other non-container virtualization.."
return
fi
fi
cd ${CWD}
getFile bubblewrap/bubblewrap-${BUBBLEWRAP_VER}.tar.xz bubblewrap bubblewrap-${BUBBLEWRAP_VER}.tar.xz
tar xJf bubblewrap-${BUBBLEWRAP_VER}.tar.xz --no-same-owner
cd bubblewrap-${BUBBLEWRAP_VER}
if [ "${OS_CENTOS_VER}" = "7" ] || [ -s /etc/debian_version ]; then
./configure --prefix=/usr --sysconfdir=/etc --disable-man --with-priv-mode=setuid
else
./configure --prefix=/usr --sysconfdir=/etc --disable-man
fi
while echo "Trying to make bubblewrap"; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
make install
#enable jail=1
if [ -s ${DACONF_FILE} ]; then
if ! grep -q -m1 'jail=0' ${DACONF_FILE}; then
setVal jail 1 ${DACONF_TEMPLATE_FILE}
setVal jail 1 ${DACONF_FILE}
doRestartDA
fi
fi
writeLog "bubblewrap ${BUBBLEWRAP_VER} installed"
removeLockfile
cd ${CWD}
doJailshell
}
####################################################
doXapian() {
quitIfLocked doXapian
cd ${CWD}
getFile xapian/xapian-core-${XAPIAN_CORE_VER}.tar.xz xapian-core xapian-core-${XAPIAN_CORE_VER}.tar.xz
tar xJf xapian-core-${XAPIAN_CORE_VER}.tar.xz --no-same-owner
cd xapian-core-${XAPIAN_CORE_VER}
./configure
while echo "Trying to make xapian-core"; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
make install
writeLog "xapian-core ${XAPIAN_CORE_VER} installed"
removeLockfile
cd ${CWD}
}
####################################################
doFTSXapian() {
if [ ! -x /usr/local/bin/xapian-config ]; then
doXapian
fi
if [ ! -e /usr/include/sqlite3.h ] && [ ! -e /usr/local/include/sqlite3.h ]; then
if [ -e /etc/debian_version ]; then
echo "Cannot find /usr/include/sqlite3.h, installing using apt-get..."
apt-get -y install libsqlite3-dev
else
echo "Cannot find /usr/include/sqlite3.h, installing using yum..."
yum -y install sqlite-devel
fi
fi
quitIfLocked doFTSXapian
cd ${CWD}
getFile xapian/fts-xapian-${FTS_XAPIAN_VER}.tar.gz fts-xapian fts-xapian-${FTS_XAPIAN_VER}.tar.gz
tar xzf fts-xapian-${FTS_XAPIAN_VER}.tar.gz --no-same-owner
cd fts-xapian-${FTS_XAPIAN_VER}
if [ -d /usr/lib64/dovecot ]; then
DOVECOT_FLAG="--with-dovecot=/usr/lib64/dovecot"
elif [ -d /usr/lib/dovecot ]; then
DOVECOT_FLAG="--with-dovecot=/usr/lib/dovecot"
else
DOVECOT_FLAG=""
fi
autoreconf -i
./configure --prefix=/usr ${DOVECOT_FLAG}
while echo "Trying to make fts-xapian ${FTS_XAPIAN_VER}"; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
make install
if [ "${DOVECOT_CONF_OPT}" = "yes" ]; then
cp -f ${DOVECTCONFFTS} /etc/dovecot/conf.d/90-fts-xapian.conf
echo 'mail_plugins = $mail_plugins fts fts_xapian quota zlib' > /etc/dovecot/conf/mail_plugins.conf
fi
ldconfig
cd ${WORKDIR}
removeLockfile
echo "Restarting dovecot."
control_service dovecot restart
}
####################################################
doPigeonhole() {
if [ "${PIGEONHOLE_OPT}" = "no" ]; then
do_exit 1 "Cannot install pigeonhole, because there is no version available for Dovecot ${DOVECOT_VER}."
fi
quitIfLocked doPigeonhole
cd ${CWD}
getFile dovecot-${DOVECOT_REL}-pigeonhole-${PIGEONHOLE_VER}.tar.gz pigeonhole${DOVECOT_SHORTREL}
tar xzf dovecot-${DOVECOT_REL}-pigeonhole-${PIGEONHOLE_VER}.tar.gz --no-same-owner
cd dovecot-${DOVECOT_REL}-pigeonhole-${PIGEONHOLE_VER}
if [ -d /usr/lib64/dovecot ]; then
DOVECOT_FLAG="--with-dovecot=/usr/lib64/dovecot"
elif [ -d /usr/lib/dovecot ]; then
DOVECOT_FLAG="--with-dovecot=/usr/lib/dovecot"
else
DOVECOT_FLAG=""
fi
./configure --prefix=/usr ${DOVECOT_FLAG}
while echo "Trying to make pigeonhole ${PIGEONHOLE_VER}"; do
make
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
make install
mkdir -p /var/lib/dovecot/sieve >/dev/null 2>&1
touch /var/lib/dovecot/sieve/default.sieve
sievec /var/lib/dovecot/sieve/default.sieve
chown root:${ROOT_GRP} /var/lib/dovecot/sieve/default.sieve
getFile patches/dovecot.conf.pigeonhole.patch dovecot.conf.pigeonhole.patch patches/dovecot.conf.pigeonhole.patch hexan
perl -pi -e 's#transport = virtual_localdelivery#transport = dovecot_lmtp_udp#' /etc/exim.conf
if [ "${DOVECOT_CONF_OPT}" = "no" ]; then
COUNT="`grep -m1 -c managesieve /etc/dovecot/dovecot.conf`"
if [ "${COUNT}" -eq 0 ] && [ -e ${WORKDIR}/patches/dovecot.conf.pigeonhole.patch ]; then
cd /etc/dovecot
patch -p0 < ${WORKDIR}/patches/dovecot.conf.pigeonhole.patch
fi
perl -pi -e "s|hostname #req|${HOSTNAME} #req|" /etc/dovecot/dovecot.conf
else
cp -f ${DOVECTCONFSIEVE} /etc/dovecot/conf.d/90-sieve.conf
echo 'protocols = imap pop3 lmtp sieve' > /etc/dovecot/conf/protocols.conf
echo 'mail_plugins = $mail_plugins quota sieve zlib' > /etc/dovecot/conf/lmtp_mail_plugins.conf
fi
cd ${WORKDIR}
removeLockfile
echo "Restarting dovecot."
control_service dovecot restart
echo "Restarting exim."
control_service exim restart
}
ensure_dovecot_dh() {
D_SSL=/etc/dovecot/conf/ssl.conf
SSL_DH=/etc/dovecot/dh.pem
echo "ensuring ssl_dh for dovecot: ${SSL_DH}";
NEED_SSL_DH=false
if [ ! -s ${SSL_DH} ]; then
NEED_SSL_DH=true
fi
if [ -s ${SSL_DH} ]; then
DH_FILE_SIZE=`stat -c %s ${SSL_DH}`
if [ "${DH_FILE_SIZE}" = "245" ]; then
echo "${SSL_DH} is only 1024 bits. Upgrading to 2048 bits."
NEED_SSL_DH=true
fi
fi
if ${NEED_SSL_DH}; then
ensure_dhparam ${SSL_DH}
if [ ! -s ${SSL_DH} ] && [ -s /var/lib/dovecot/ssl-parameters.dat ]; then
#this is only 1024 bits, backup if above fails.
dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dh -inform der > ${SSL_DH}
fi
chmod 600 ${SSL_DH}
fi
if [ -e $D_SSL ]; then
C=`grep -c ssl_dh ${D_SSL}`
if [ -s ${SSL_DH} ] && [ "$C" -eq 0 ]; then
echo "adding ssl_dh to ${D_SSL}";
echo "ssl_dh=<${SSL_DH}" >> ${D_SSL}
fi
C=`grep -c ssl_protocols ${D_SSL}`
if [ "${C}" -gt 0 ]; then
echo "swapping ssl_protocols to be ssl_min_protocols in ${D_SSL}"
perl -pi -e 's/^ssl_protocols = .*/ssl_min_protocol = TLSv1.1/' ${D_SSL}
fi
fi
}
doDovecotConf() {
if [ "${DOVECOT_CONF_OPT}" != "yes" ]; then
do_exit 1 "You cannot update Dovecot configuration files, because you do not have it set in options.conf file."
fi
echo "Updating dovecot configuration files..."
#Enable dovecot quota by default
COUNT=0
if [ -e ${DACONF_FILE} ]; then
COUNT="`grep -m1 -c -e '^add_userdb_quota=1' ${DACONF_FILE}`"
fi
if [ "${COUNT}" = "0" ] && [ -e ${DACONF_FILE} ]; then
echo "Adding add_userdb_quota=1 to the ${DACONF_FILE} file to enable dovecot quota..."
echo "add_userdb_quota=1" >> ${DACONF_FILE}
doRestartDA
echo "action=rewrite&value=email_passwd" >> ${TASK_QUEUE}
run_dataskq d
fi
COUNT_TEMPLATE="`grep -m1 -c -e '^add_userdb_quota=1' ${DACONF_TEMPLATE_FILE}`"
if [ "${COUNT_TEMPLATE}" = "0" ] && [ -e ${DACONF_TEMPLATE_FILE} ]; then
echo "Adding add_userdb_quota=1 to the ${DACONF_TEMPLATE_FILE} (template) file ..."
echo "add_userdb_quota=1" >> ${DACONF_TEMPLATE_FILE}
fi
if [ ! -d /etc/dovecot/conf ]; then
mkdir -p /etc/dovecot/conf
fi
if [ ! -d /etc/dovecot/conf.d ]; then
mkdir -p /etc/dovecot/conf.d
fi
cp -rf ${DOVECOTCONFDIR} /etc/dovecot/
doSslConfigurationEmail
#remove SSLv2 from dovecot config for openssl 1.1+
OV=`openssl_version | cut -d. -f1,2`
OPENSSL_11_OR_HIGHER=false
if [ "${OV}" != "" ] && [ "`version_cmp ${OV} 1.1 'dovecot SSLv2 support for openssl 1.1.0 ver check'`" -ge 0 ]; then
OPENSSL_11_OR_HIGHER=true
fi
if ${OPENSSL_11_OR_HIGHER}; then
perl -pi -e 's|ssl_protocols \= !SSLv2 !SSLv3|ssl_protocols = !SSLv3|g' /etc/dovecot/conf/ssl.conf
fi
ensure_dovecot_dh
if [ "${IPV6}" = "1" ]; then
echo "listen = *, ::" > /etc/dovecot/conf/ip.conf
fi
if [ "${DOVECOTCUSTOMCONFDIR}" != "0" ]; then
cp -rf ${DOVECOTCUSTOMCONFDIR} /etc/dovecot/
fi
cp -f ${DOVECTCONFFILE} /etc/dovecot/dovecot.conf
cp -f ${DOVECTCONFQUOTA} /etc/dovecot/conf.d/90-quota.conf
if [ "${PIGEONHOLE_OPT}" = "yes" ]; then
cp -f ${DOVECTCONFSIEVE} /etc/dovecot/conf.d/90-sieve.conf
echo 'protocols = imap pop3 lmtp sieve' > /etc/dovecot/conf/protocols.conf
echo 'mail_plugins = $mail_plugins quota sieve zlib' > /etc/dovecot/conf/lmtp_mail_plugins.conf
else
rm -f /etc/dovecot/conf.d/90-sieve.conf
echo 'mail_plugins = $mail_plugins quota zlib' > /etc/dovecot/conf/lmtp_mail_plugins.conf
fi
if [ "${MAIL_COMPRESS_OPT}" = "yes" ]; then
cp -f ${DOVECOTCONFZLIB} /etc/dovecot/conf.d/90-zlib.conf
else
rm -f /etc/dovecot/conf.d/90-zlib.conf
fi
if [ -e /etc/dovecot/conf/lmtp.conf ]; then
perl -pi -e "s|HOSTNAME|${HOSTNAME}|" /etc/dovecot/conf/lmtp.conf
fi
if [ ! -L /etc/dovecot.conf ]; then
mv -f /etc/dovecot.conf /etc/dovecot.conf.old
ln -s ${DOVECOT_CONFIG} /etc/dovecot.conf
fi
if [ ! -e /usr/lib/dovecot/lib21_fts_xapian_plugin.a ] && [ ! -e /usr/lib64/dovecot/lib21_fts_xapian_plugin.a ]; then
echo 'mail_plugins = $mail_plugins quota zlib' > /etc/dovecot/conf/mail_plugins.conf
else
cp -f ${DOVECTCONFFTS} /etc/dovecot/conf.d/90-fts-xapian.conf
echo 'mail_plugins = $mail_plugins fts fts_xapian quota zlib' > /etc/dovecot/conf/mail_plugins.conf
fi
echo 'mail_plugins = $mail_plugins quota imap_quota zlib' > /etc/dovecot/conf/imap_mail_plugins.conf
#SSO alternate passwd file
if [ -x ${DA_BIN} ] && [ -s ${DACONF_FILE} ]; then
if ${DA_BIN} c | grep -m1 -q '^one_click_webmail_login=1$'; then
safeDownloadWithMove /etc/dovecot/conf/alternate_passwd.conf "${WEBPATH_SERVICES}/all/auto_login/dovecot/alternate_passwd.conf"
elif [ -s /etc/dovecot/conf/alternate_passwd.conf ]; then
rm -f /etc/dovecot/conf/alternate_passwd.conf
fi
fi
MAIL_SNI_OPT=`getDA_Opt mail_sni 1`
if [ "${MAIL_SNI_OPT}" -eq 0 ]; then
rm -f /etc/dovecot/conf.d/95-sni.conf
else
if [ ! -d /etc/dovecot/conf/sni ]; then
mkdir /etc/dovecot/conf/sni
chmod 755 /etc/dovecot/conf/sni
chown mail:mail /etc/dovecot/conf/sni
fi
rm -f /etc/dovecot/conf/sni/*.conf
echo "action=rewrite&value=mail_sni" >> ${TASK_QUEUE}
if [ -x /usr/local/directadmin/dataskq ]; then
run_dataskq
fi
echo '!include_try /etc/dovecot/conf/sni/*.conf' > /etc/dovecot/conf.d/95-sni.conf
fi
#If customized configs - overwrite existing ones, which we modified above
if [ "${DOVECOTCUSTOMCONFDIR}" != "0" ]; then
if [ -e ${DOVECOTCUSTOMCONFDIR}/protocols.conf ]; then
cp -f ${DOVECOTCUSTOMCONFDIR}/protocols.conf /etc/dovecot/conf/protocols.conf
fi
if [ -e ${DOVECOTCUSTOMCONFDIR}/lmtp_mail_plugins.conf ]; then
cp -f ${DOVECOTCUSTOMCONFDIR}/lmtp_mail_plugins.conf /etc/dovecot/conf/lmtp_mail_plugins.conf
fi
if [ -e ${DOVECOTCUSTOMCONFDIR}/mail_plugins.conf ]; then
cp -f ${DOVECOTCUSTOMCONFDIR}/mail_plugins.conf /etc/dovecot/conf/mail_plugins.conf
fi
if [ -e ${DOVECOTCUSTOMCONFDIR}/imap_mail_plugins.conf ]; then
cp -f ${DOVECOTCUSTOMCONFDIR}/imap_mail_plugins.conf /etc/dovecot/conf/imap_mail_plugins.conf
fi
if [ -e ${DOVECOTCUSTOMCONFDIR}/lmtp.conf ]; then
cp -f ${DOVECOTCUSTOMCONFDIR}/lmtp.conf /etc/dovecot/conf/lmtp.conf
fi
fi
if [ "$1" != "norestart" ]; then
echo "Restarting dovecot."
control_service dovecot restart
fi
echo "Dovecot configuration files have been updated successfully."
writeLog "dovecot.conf installed"
}
ensure_dovecot_logrotate() {
cd ${CWD}
WL=/etc/logrotate.d/dovecot
if [ ! -s ${WL} ]; then
getFile dovecot.logrotate dovecot_logrotate
CWL=${CWD}/dovecot.logrotate
if [ ! -s ${CWL} ]; then
echo "Download of $CWL failed"
return
fi
cp -f ${CWL} ${WL}
chmod 644 ${WL}
fi
}
doDovecot() {
updateDovecot
if [ "${DOVECOT_OPT}" != "yes" ]; then
do_exit 1 "You cannot install Dovecot, because you do not have it set in options.conf file."
fi
if [ ! -e /usr/include/zstd.h ] && [ ! -e /usr/local/include/zstd.h ]; then
if [ -e ${DEBIAN_VERSION} ]; then
apt-get -y install zstd libzstd-dev
else
if [ "${OS_CENTOS_VER}" = "7" ] ; then
yum -y install zstd libzstd-devel --enablerepo=${EPEL_REPO_NAME}
else
yum -y install zstd libzstd-devel
fi
fi
fi
quitIfLocked doDovecot
if [ "${DOVECOT_OPT}" = "no" ]; then
do_exit 1 "Dovecot is not set in options.conf."
fi
if [ ! -e ${WORKDIR}/dovecot-${DOVECOT_VER}.tar.gz ]; then
do_exit 1 "File dovecot-${DOVECOT_VER}.tar.gz does not exist. Try running ${boldon}./build update.${boldoff}"
fi
if [ -e ${DACONF_FILE} ]; then
if ! grep -m1 -q -e '^dovecot=1' ${DACONF_FILE}; then
echo "Adding dovecot=1 to the ${DACONF_FILE} file..."
echo "dovecot=1" >> ${DACONF_FILE}
set_service dovecot ON
set_service vm-pop3d delete
doRestartDA
fi
fi
if [ -e ${DACONF_TEMPLATE_FILE} ]; then
if ! grep -m1 -q -e '^dovecot=1' ${DACONF_TEMPLATE_FILE}; then
echo "Adding dovecot=1 to the ${DACONF_TEMPLATE_FILE} (template) file ..."
echo "dovecot=1" >> ${DACONF_TEMPLATE_FILE}
set_service dovecot ON
fi
fi
echo "Installing dovecot ${DOVECOT_VER} ..."
addUserGroup dovecot dovecot
cd ${CWD}
FILE=${CWD}/dovecot-${DOVECOT_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
# if [ "${DOVECOT_VER}" = "2.3.6" ]; then
getFile patches/maildirlock-crash.patch maildirlock-crash.patch patches/maildirlock-crash.patch hexan
# fi
cd dovecot-${DOVECOT_VER}
echo "Patching syslog with LOG_PID ..."
perl -pi -e 's/LOG_NDELAY/LOG_NDELAY|LOG_PID/' src/auth/main.c
perl -pi -e 's/LOG_NDELAY/LOG_NDELAY|LOG_PID/' src/imap/main.c
perl -pi -e 's/LOG_NDELAY/LOG_NDELAY|LOG_PID/' src/master/main.c
perl -pi -e 's/LOG_NDELAY/LOG_NDELAY|LOG_PID/' src/pop3/main.c
perl -pi -e 's/LOG_NDELAY/LOG_NDELAY|LOG_PID/' src/lib-master/master-service.c
if ! grep -m1 -q 'this should never be reached anyways' src/util/maildirlock.c; then
if [ -s ${WORKDIR}/patches/maildirlock-crash.patch ]; then
echo "Patching maildirlock utility..."
patch -p1 < ${WORKDIR}/patches/maildirlock-crash.patch
fi
fi
echo "Configuring dovecot ${DOVECOT_VER} ..."
CONF_FILE=${CWD}/${DOVECOT_CONFIGURE}
${CONF_FILE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure dovecot. Please check ${DOVECOT_CONFIGURE} file.\n"
do_exit 1
fi
echo "Done Configuration."
while echo "Trying to make dovecot..."; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing ..."
make install
removeLockfile
touch /var/log/dovecot-lmtp.log /var/log/dovecot-lmtp-errors.log
chown root:${ROOT_GRP} /var/log/dovecot-lmtp.log /var/log/dovecot-lmtp-errors.log
chmod 600 /var/log/dovecot-lmtp.log /var/log/dovecot-lmtp-errors.log
cd ${CWD}
if [ ! -d /etc/dovecot ]; then
mkdir -p /etc/dovecot
fi
if [ "${DOVECOT_CONF_OPT}" = "no" ]; then
CONF_VER=0
INST_CONF=0
if [ -e /etc/dovecot.conf ]; then
CONF_VER=`grep -m1 '## Dovecot' /etc/dovecot.conf | awk '{print $3}'`
else
INST_CONF=1
fi
if [ ! -e ${DOVECOT_CONFIG} ]; then
INST_CONF=1
elif [ "$CONF_VER" != "2.0" ]; then
INST_CONF=1
fi
if [ ! -L /etc/dovecot.conf ]; then
mv -f /etc/dovecot.conf /etc/dovecot.conf.old
ln -s ${DOVECOT_CONFIG} /etc/dovecot.conf
fi
#install the dovecot.conf
if [ "$INST_CONF" -eq 1 ]; then
if [ "$INST_VER" = "2" ]; then
getFile dovecot.conf.2.0
mv -f ${CWD}/dovecot.conf.2.0 ${DOVECOT_CONFIG}
if [ ! -L /etc/dovecot.conf ]; then
mv -f /etc/dovecot.conf /etc/dovecot.conf.1.2
ln -s ${DOVECOT_CONFIG} /etc/dovecot.conf
fi
fi
fi
else
doDovecotConf norestart
fi
if [ ! -L /etc/dovecot.conf ]; then
mv -f /etc/dovecot.conf /etc/dovecot.conf.old
ln -s ${DOVECOT_CONFIG} /etc/dovecot.conf
fi
if [ "${PIGEONHOLE_OPT}" = "yes" ]; then
doPigeonhole
perl -pi -e 's#transport = virtual_localdelivery#transport = dovecot_lmtp_udp#' /etc/exim.conf
else
if [ -d /var/lib/dovecot/sieve ]; then
echo "Dovecot's Sieve/Pigeonhole is not enabled, but the directroy /var/lib/dovecot/sieve exists. Removing it."
rm -rf /var/lib/dovecot/sieve
fi
fi
if [ -s /usr/lib/dovecot/lib21_fts_xapian_plugin.so ] || [ -s /usr/lib64/dovecot/lib21_fts_xapian_plugin.so ]; then
doFTSXapian
fi
if [ "${IPV6}" = "1" ]; then
perl -pi -e 's|^listen = \*$|#listen = \*|' ${DOVECOT_CONFIG}
perl -pi -e 's|^#listen = \*, ::$|listen = \*, ::|' ${DOVECOT_CONFIG}
else
perl -pi -e 's|^#listen = \*$|listen = \*|' ${DOVECOT_CONFIG}
perl -pi -e 's|^listen = \*, ::$|#listen = \*, ::|' ${DOVECOT_CONFIG}
fi
#remove SSLv2 from dovecot config for openssl 1.1+
OV=`openssl_version | cut -d. -f1,2`
OPENSSL_11_OR_HIGHER=false
if [ "${OV}" != "" ] && [ "`version_cmp ${OV} 1.1 'dovecot SSLv2 support for openssl 1.1.0 ver check'`" -ge 0 ]; then
OPENSSL_11_OR_HIGHER=true
fi
if ${OPENSSL_11_OR_HIGHER}; then
perl -pi -e 's|ssl_protocols \= !SSLv2 !SSLv3|ssl_protocols = !SSLv3|g' ${DOVECOT_CONFIG}
fi
ensure_dovecot_dh
# Dovecot's "make install" overwrites these scripts, so we need to re-enable them everytime
#echo "Enabling dovecot.socket in systemd..."
if [ -e ${SYSTEMDDIR}/dovecot.socket ]; then
echo "Disabling dovecot.socket in systemd..."
systemctl disable dovecot.socket 2> /dev/null
rm -f ${SYSTEMDDIR}/dovecot.socket
systemctl daemon-reload
fi
# Dovecot's "make install" overwrites these scripts, so we need to re-enable them everytime
echo "Enabling dovecot in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/dovecot.service ]; then
cp -f ${CB_CUST_SYSTEMD}/dovecot.service ${SYSTEMDDIR}/dovecot.service
else
cp -f ${CB_SYSTEMD}/dovecot.service ${SYSTEMDDIR}/dovecot.service
fi
chmod 644 ${SYSTEMDDIR}/dovecot.service
systemctl daemon-reload
systemctl enable dovecot.service
if [ ! -e /etc/exim.cert ] && [ ! -e /etc/exim.key ]; then
getFile da_exim-cert-config
/usr/bin/openssl req -x509 -newkey rsa:2048 -keyout /etc/exim.key -out /etc/exim.cert -days 9999 -nodes -config ${WORKDIR}/da_exim-cert-config
fi
chmod 600 /etc/exim.cert /etc/exim.key
chown mail:mail /etc/exim.cert /etc/exim.key
if [ ! -d ${SYSTEMD_SCRIPTS}/dovecot ]; then
mkdir -p ${SYSTEMD_SCRIPTS}/dovecot
fi
if [ ! -e ${SYSTEMD_SCRIPTS}/dovecot/dovecot_prestartscript ]; then
if [ -e ${CB_CUST_SYSTEMD}/scripts/dovecot_prestartscript ]; then
cp -f ${CB_CUST_SYSTEMD}/scripts/dovecot_prestartscript ${SYSTEMD_SCRIPTS}/dovecot/prestartscript
else
cp -f ${CB_SYSTEMD}/scripts/dovecot_prestartscript ${SYSTEMD_SCRIPTS}/dovecot/prestartscript
fi
chmod 755 ${SYSTEMD_SCRIPTS}/dovecot/prestartscript
fi
ensure_dovecot_logrotate
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
/sbin/ldconfig
echo "Restarting dovecot."
systemctl daemon-reload
control_service dovecot restart
set_service dovecot ON
set_service vm-pop3d delete
writeLog "Dovecot ${DOVECOT_VER} installed"
}
####################################################
doRemoveDovecot() {
if [ "${DOVECOT_OPT}" != "no" ]; then
do_exit 1 "Cannot remove Dovecot, because it is enabled in options.conf file."
fi
echo "Disabling dovecot in services.status"
set_service dovecot delete
control_service dovecot stop
echo "Disabling dovecot in systemd..."
systemctl disable dovecot.service
rm -f ${SYSTEMDDIR}/dovecot.service
systemctl daemon-reload
remove_directory /usr/share/doc/dovecot
remove_directory /etc/dovecot
remove_directory /usr/lib/dovecot
remove_directory /usr/lib64/dovecot
remove_directory /usr/libexec/dovecot
remove_directory /usr/include/dovecot
remove_file /usr/sbin/dovecot
remove_file /etc/dovecot.conf
remove_file ${DOVECOT_CONFIG}
ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
writeLog "Dovecot removed"
}
dospamassassin() {
if [ "${SPAMD_OPT}" != "spamassassin" ]; then
do_exit 1 "SpamAssassin is not set in options.conf."
fi
#Install dependencies
if [ ! -x /usr/bin/spamd ]; then
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ "${OS_CENTOS_VER}" = "7" ]; then
PACKAGES="perl-Archive-Tar perl-Carp perl-DB_File perl-Data-Dumper perl-Digest-SHA perl-Encode-Detect perl-Exporter perl-File-Path perl-Getopt-Long perl-HTML-Parser perl-HTTP-Date perl-IO-Socket-SSL perl-IO-Zlib perl-Mail-DKIM perl-Mail-SPF perl-Net-DNS perl-NetAddr-IP perl-PathTools perl-Pod-Usage perl-Scalar-List-Utils perl-Socket perl-Sys-Syslog perl-Time-HiRes perl-Time-Local perl-constant perl-interpreter perl-libs perl-libwww-perl perl-version perl-DBI perl-Digest-SHA perl-ExtUtils-MakeMaker perl-IO-Socket-INET6 pyzor"
else
PACKAGES="perl-Archive-Tar perl-Carp perl-DB_File perl-Data-Dumper perl-Digest-SHA perl-Encode-Detect perl-Errno perl-Exporter perl-File-Path perl-Getopt-Long perl-HTML-Parser perl-HTTP-Date perl-IO perl-IO-Socket-SSL perl-IO-Zlib perl-Net-DNS perl-NetAddr-IP perl-PathTools perl-Pod-Usage perl-Scalar-List-Utils perl-Socket perl-Sys-Syslog perl-Time-HiRes perl-Time-Local perl-constant perl-interpreter perl-libs perl-libwww-perl perl-version perl-DBI perl-Digest-SHA perl-ExtUtils-MakeMaker perl-IO-Socket-INET6 pyzor"
fi
MISSING_PACKAGES=" "
for package in ${PACKAGES}; do {
PACKAGE_TEST=`checkRPMPackage ${package}`
if [ ${PACKAGE_TEST} -ne 0 ]; then
MISSING_PACKAGES="${package} ${MISSING_PACKAGES}"
fi
}
done
if [ ! -z "${MISSING_PACKAGES}" ]; then
yum -y install ${MISSING_PACKAGES}
fi
elif [ -e ${DEBIAN_VERSION} ]; then
if [ -x /usr/bin/dpkg-query ]; then
MISSING_PACKAGES=" "
for package in libhtml-parser-perl libsocket6-perl libsys-hostname-long-perl libnet-dns-perl libnetaddr-ip-perl libhttp-date-perl libmail-dkim-perl libwww-perl; do {
PACKAGE_TEST=`checkDebianPackage ${package}`
if [ ${PACKAGE_TEST} -ne 0 ]; then
MISSING_PACKAGES="${package} ${MISSING_PACKAGES}"
fi
}
done
if [ ! -z "${MISSING_PACKAGES}" ]; then
apt-get update
apt-get -y install ${MISSING_PACKAGES}
fi
fi
fi
fi
getFile Mail-SpamAssassin-${SPAMASSASSIN_VER}.tar.gz spamassassin
getFile patches/spamc-configure-version-h.patch spamc-configure-version-h.patch patches/spamc-configure-version-h.patch hexan
rm -f /etc/exim.spamassassin.conf
quitIfLocked dospamassassin
if [ ! -e ${WORKDIR}/Mail-SpamAssassin-${SPAMASSASSIN_VER}.tar.gz ]; then
do_exit 1 "File Mail-SpamAssassin-${SPAMASSASSIN_VER}.tar.gz does not exist. Try running ${boldon}./build update.${boldoff}"
fi
echo "Installing spamassassin ${SPAMASSASSIN_VER}..."
cd ${CWD}
FILE=${CWD}/Mail-SpamAssassin-${SPAMASSASSIN_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd Mail-SpamAssassin-${SPAMASSASSIN_VER}
echo "Configuring SpamAssassin ${SPAMASSASSIN_VER}..."
export LANG=C
perl Makefile.PL PREFIX=/usr CONTACT_ADDRESS="the administrator of that system" RUN_NET_TESTS="no" INSTALL_BASE=""
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure SpamAssassin.\n"
do_exit 1
fi
echo "Done Configuration."
while echo "Trying to make SpamAssassin..."; do
make
if [ $? -ne 0 ]; then
echo ""
echo "If needed, use cpan to install the missing modules, eg:"
echo " cpan -i Archive::Tar Digest::SHA Mail::SPF IP::Country Net::Ident IO::Socket::INET6 Compress::Zlib Mail::DKIM LWP::UserAgent HTTP::Date Encode::Detect ExtUtils::MakeMaker"
echo ""
echo "Press enter to answer [yes] if it asks you to install dependencies (it will prepend them to the queue)"
echo "Answer no if it asks: Are you ready for manual configuration? [yes] no"
echo ""
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing ..."
#It's not able to overwrite spamd binary sometimes, if process is still running
killall spamd >/dev/null 2>&1
killall -9 spamd >/dev/null 2>&1
make install
echo "Enabling spamassassin in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/spamassassin.service ]; then
cp -f ${CB_CUST_SYSTEMD}/spamassassin.service ${SYSTEMDDIR}/spamassassin.service
else
cp -f ${CB_SYSTEMD}/spamassassin.service ${SYSTEMDDIR}/spamassassin.service
fi
chmod 644 ${SYSTEMDDIR}/spamassassin.service
systemctl daemon-reload
systemctl enable spamassassin.service
removeLockfile
cd ${CWD}
dospamassassinCron
perl -pi -e 's|#.include_if_exists /etc/exim.spamassassin.conf|.include_if_exists /etc/exim.spamassassin.conf|' /etc/exim.conf
V342PRE=/etc/mail/spamassassin/v342.pre
if [ -s ${V342PRE} ]; then
echo "Enabling new SA plugins"
# loadplugin Mail::SpamAssassin::Plugin::HashBL
perl -pi -e 's/^# loadplugin Mail::SpamAssassin::Plugin::HashBL$/loadplugin Mail::SpamAssassin::Plugin::HashBL/' ${V342PRE}
# loadplugin Mail::SpamAssassin::Plugin::ResourceLimits
# perl -pi -e 's/^# loadplugin Mail::SpamAssassin::Plugin::ResourceLimits$/loadplugin Mail::SpamAssassin::Plugin::ResourceLimits/' ${V342PRE}
# Can't locate BSD/Resource.pm in @INC
# loadplugin Mail::SpamAssassin::Plugin::FromNameSpoof
perl -pi -e 's/^# loadplugin Mail::SpamAssassin::Plugin::FromNameSpoof$/loadplugin Mail::SpamAssassin::Plugin::FromNameSpoof/' ${V342PRE}
# loadplugin Mail::SpamAssassin::Plugin::Phishing
perl -pi -e 's/^# loadplugin Mail::SpamAssassin::Plugin::Phishing$/loadplugin Mail::SpamAssassin::Plugin::Phishing/' ${V342PRE}
fi
echo "Running sa-update."
if [ -e /usr/bin/sa-update ]; then
#/usr/bin/sa-update --nogpg --channel sought.rules.yerp.org --channel updates.spamassassin.org
/usr/bin/sa-update --nogpg --channel updates.spamassassin.org
else
echo "Cannot find /usr/bin/sa-update after install. Check for errors above."
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
set_service rspamd delete
if [ -d /etc/exim/rspamd ]; then
if [ ! -d /etc/exim/rspamd_disabled ]; then
echo "Renaming /etc/exim/rspamd to /etc/exim/rspamd_disabled..."
mv /etc/exim/rspamd /etc/exim/rspamd_disabled
else
echo "Removing old /etc/exim/rspamd directory..."
rm -rf /etc/exim/rspamd
fi
fi
echo "Starting SpamAssassin."
systemctl restart spamassassin.service
set_service spamd ON
if ! grep -m1 -q '/etc/exim.spamd.conf' /etc/exim.conf; then
perl -pi -e 's|\.include_if_exists /etc/exim\.clamav\.conf|.include_if_exists /etc/exim.spamd.conf\n .include_if_exists /etc/exim.clamav.conf|g' /etc/exim.conf
fi
if ! grep -m1 -q '/etc/exim.spamd.load.conf' /etc/exim.conf; then
perl -pi -e 's|\.include_if_exists /etc/exim\.clamav\.load\.conf|.include_if_exists /etc/exim.spamd.load.conf\n .include_if_exists /etc/exim.clamav.load.conf|g' /etc/exim.conf
fi
if [ "`version_cmp ${EXIMCONF_RELEASE_OPT} 4.6 'exim.conf ver check for ACL spam check'`" -lt 0 ]; then
perl -pi -e 's|#.include_if_exists /etc/exim.spamassassin.conf|.include_if_exists /etc/exim.spamassassin.conf|' /etc/exim.conf
if [ ! -s /etc/exim.spamassassin.conf ]; then
safeDownloadWithMove /etc/exim.spamassassin.conf "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/exim.spamassassin.conf"
chmod 644 /etc/exim.spamassassin.conf
fi
rm -f /etc/exim.spamd.conf
#disabling rspamd
echo -n '' > /etc/exim.spamd.load.conf
echo -n '' > /etc/exim.spamd.conf
else
echo "Enabling SpamAssassin in /etc/exim.spamd.load.conf..."
echo 'spamd_address = 127.0.0.1 783 retry=20s' > /etc/exim.spamd.load.conf
cp -fv ${SPAMD_CONF} /etc/exim.spamd.conf
fi
echo "Restarting exim."
control_service exim restart
ldconfig
writeLog "SpamAssassin ${SPAMASSASSIN_VER} installed"
}
doRemoveSpamassassin() {
if [ "${SPAMD_OPT}" = "spamassassin" ]; then
do_exit 1 "Cannot remove SpamAssassin because it is enabled in options.conf."
fi
RESTART_EXIM=0
if [ -e /etc/exim.spamassassin.conf ]; then
RESTART_EXIM=1
fi
if [ -e ${SYSTEMDDIR}/spamassassin.service ]; then
echo "Disabling spamassassin in systemd..."
systemctl disable spamassassin.service
rm -f ${SYSTEMDDIR}/spamassassin.service
systemctl daemon-reload
fi
set_service spamd delete
remove_directory /var/lib/spamassassin
remove_directory /usr/share/perl5/Mail/SpamAssassin
remove_directory /usr/lib64/perl5/auto/Mail/SpamAssassin
remove_directory /usr/share/spamassassin
remove_directory /etc/mail/spamassassin
remove_directory /root/.spamassassin
remove_file /usr/bin/spamassassin
remove_file /usr/bin/sa-check_spamd
remove_file /usr/bin/spamc
remove_file /usr/bin/sa-learn
remove_file /usr/bin/spamd
remove_file /usr/bin/sa-awl
remove_file /usr/bin/sa-update
remove_file /usr/bin/sa-compile
remove_file /etc/exim.spamassassin.conf
#remove bits which may exist.
remove_file /etc/cron.daily/sa-update
remove_file /etc/cron.weekly/sa-update
remove_file /etc/cron.monthly/sa-update
ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
if [ "${RESTART_EXIM}" = "1" ]; then
control_service exim restart
fi
echo "SpamAssassin has been successfully removed"
writeLog "SpamAssassin removed"
}
doRspamd() {
if [ "${SPAMD_OPT}" != "rspamd" ]; then
do_exit 1 "Rspamd is not set in options.conf."
fi
if [ -e /etc/debian_version ]; then
if [ ! -x /usr/bin/lsb_release ]; then
apt-get -y install lsb-release
fi
CODENAME=`lsb_release -c -s`
if [ ! -s /etc/apt/sources.list.d/rspamd.list ]; then
curl ${CURL_CONNECT_OPTIONS} -o - https://rspamd.com/apt-stable/gpg.key | apt-key add -
echo "deb [arch=amd64] https://rspamd.com/apt-stable/ $CODENAME main" > /etc/apt/sources.list.d/rspamd.list
echo "deb-src [arch=amd64] https://rspamd.com/apt-stable/ $CODENAME main" >> /etc/apt/sources.list.d/rspamd.list
fi
apt-get -y update
apt-get -y --no-install-recommends install rspamd
if [ $? -ne 0 ]; then
do_exit 1 "Apt-get failed to install rspamd."
fi
else
if [ ! -s /etc/yum.repos.d/rspamd.repo ]; then
RSPAMD_REPO_URL=https://rspamd.com/rpm-stable/centos-${OS_CENTOS_VER}/rspamd.repo
if ! curl --silent --fail ${RSPAMD_REPO_URL}; then
do_exit 1 "Cannot download rspamd repo file ${RSPAMD_REPO_URL}."
fi
curl --fail ${RSPAMD_REPO_URL} > /etc/yum.repos.d/rspamd.repo
rpm --import https://rspamd.com/rpm-stable/gpg.key
fi
yum -y install rspamd
if [ $? -ne 0 ]; then
do_exit 1 "Yum failed to install rspamd."
fi
fi
#Add _rspamd user/group if it doesn't exist after installation
addUserGroup _rspamd _rspamd
if [ ! -x /usr/bin/redis-server ] && [ ! -x /usr/local/bin/redis-server ]; then
if [ "${REDIS_OPT}" = "no" ]; then
setOpt redis yes
REDIS_OPT="yes"
fi
doRedis
else
echo "Enabling redis-rspamd in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/redis-rspamd.service ]; then
cp -f ${CB_CUST_SYSTEMD}/redis-rspamd.service ${SYSTEMDDIR}/redis-rspamd.service
else
cp -f ${CB_SYSTEMD}/redis-rspamd.service ${SYSTEMDDIR}/redis-rspamd.service
fi
chmod 644 ${SYSTEMDDIR}/redis-rspamd.service
systemctl daemon-reload
systemctl enable --now redis-rspamd
fi
#disable greylisting by default, as no redis server back-end (yet?).
if [ ! -e /etc/rspamd/local.d/greylist.conf ]; then
if [ ! -d /etc/rspamd/local.d ]; then
mkdir /etc/rspamd/local.d
chmod 755 /etc/rspamd/local.d
fi
echo "enabled = false;" > /etc/rspamd/local.d/greylist.conf
fi
#copy custom configs here? TODO
#end custom configs
echo "Enabling rspamd in systemd..."
if [ -e ${SYSTEMDDIR}/rspamd.service ]; then
systemctl enable rspamd.service
if [ -e ${SYSTEMDDIR}/spamassassin.service ]; then
systemctl stop spamassassin.service
systemctl disable spamassassin.service
rm -f ${SYSTEMDDIR}/spamassassin.service
systemctl daemon-reload
fi
fi
set_service spamd delete
if [ -e /usr/bin/spamd ]; then
doRemoveSpamassassin
fi
killall -9 spamd >/dev/null 2>&1
removeLockfile
cd ${CWD}
mkdir -p /var/log/rspamd
if [ ! -d /etc/rspamd/local.d ]; then
mkdir -p /etc/rspamd/local.d
chmod 755 /etc/rspamd/local.d
fi
echo 'servers = "/var/lib/rspamd/.redis/redis.sock";' > /etc/rspamd/local.d/redis.conf
#set permissions
if [ -e /etc/rspamd/local.d/settings.conf ]; then
if ! grep -m1 -q ".include \"\$CONFDIR/directadmin-users.conf\"" /etc/rspamd/local.d/settings.conf; then
echo ".include \"\$CONFDIR/directadmin-users.conf\"" >> /etc/rspamd/local.d/settings.conf
fi
else
echo ".include \"\$CONFDIR/directadmin-users.conf\"" > /etc/rspamd/local.d/settings.conf
fi
#listen on UDS instead of localhost TCP/IP
if [ -e /etc/rspamd/local.d/worker-normal.inc ]; then
sed -i '/bind_socket =/d' /etc/rspamd/local.d/worker-normal.inc
echo 'bind_socket = "localhost:11333";' >> /etc/rspamd/local.d/worker-normal.inc
else
echo 'bind_socket = "localhost:11333";' > /etc/rspamd/local.d/worker-normal.inc
fi
#listen on UDS instead of localhost TCP/IP
if [ -e /etc/rspamd/local.d/worker-controller.inc ]; then
sed -i '/bind_socket =/d' /etc/rspamd/local.d/worker-controller.inc
echo 'bind_socket = "/var/run/rspamd/rspamd_controller.sock mode=0600 owner=_rspamd";' >> /etc/rspamd/local.d/worker-controller.inc
else
echo 'bind_socket = "/var/run/rspamd/rspamd_controller.sock mode=0600 owner=_rspamd";' > /etc/rspamd/local.d/worker-controller.inc
fi
#listen on UDS instead of localhost TCP/IP
if [ -e /etc/rspamd/local.d/worker-proxy.inc ]; then
sed -i '/bind_socket =/d' /etc/rspamd/local.d/worker-proxy.inc
echo 'bind_socket = "/var/run/rspamd/rspamd_proxy.sock mode=0600 owner=_rspamd";' >> /etc/rspamd/local.d/worker-proxy.inc
else
echo 'bind_socket = "/var/run/rspamd/rspamd_proxy.sock mode=0600 owner=_rspamd";' > /etc/rspamd/local.d/worker-proxy.inc
fi
#prevent: cfg; rspamd_config_read: failed to load config: ucl parser error: cannot open file /etc/rspamd/directadmin-users.conf: No such file or directory
if [ ! -e /etc/rspamd/directadmin-users.conf ]; then
touch /etc/rspamd/directadmin-users.conf
fi
mkdir -p /etc/rspamd/users.d
chown _rspamd:_rspamd /etc/rspamd/local.d/settings.conf /etc/rspamd/users.d /etc/rspamd/directadmin-users.conf /etc/rspamd
# generate user prefs
echo "action=rewrite&value=rspamd" >> ${TASK_QUEUE}
run_dataskq d
csf_enable_rspamd
echo "Restarting rspamd."
control_service rspamd restart
set_service rspamd ON
# Not needed, as we load it elsewhere
# if ! grep -m1 -q '^\.include_if_exists /etc/exim.spamd.conf' /etc/exim.conf; then
# if grep -m1 -q '^#\.include_if_exists /etc/exim.spamd.conf' /etc/exim.conf; then
# perl -pi -e 's|#\.include_if_exists /etc/exim\.spamd\.conf|.include_if_exists /etc/exim.clamav.conf|g' /etc/exim.conf
# else
# perl -pi -e 's|\.include_if_exists /etc/exim\.clamav\.conf|.include_if_exists /etc/exim.spamd.conf\n .include_if_exists /etc/exim.clamav.conf|g' /etc/exim.conf
# fi
# fi
#
# if ! grep -m1 -q '^\.include_if_exists /etc/exim.spamd.load.conf' /etc/exim.conf; then
# if grep -m1 -q '^#\.include_if_exists /etc/exim.spamd.load.conf' /etc/exim.conf; then
# perl -pi -e 's|#\.include_if_exists /etc/exim\.spamd\.load\.conf|.include_if_exists /etc/exim.spamd.load.conf|g' /etc/exim.conf
# else
# perl -pi -e 's|\.include_if_exists /etc/exim\.clamav\.conf|.include_if_exists /etc/exim.spamd.conf\n .include_if_exists /etc/exim.spamd.load.conf|g' /etc/exim.conf
# fi
# fi
#
# echo "Enabling rspamd in /etc/exim.spamd.load.conf..."
# echo 'spamd_address = 127.0.0.1 11333 retry=20s variant=rspamd' > /etc/exim.spamd.load.conf
#
# cp -fv ${SPAMD_CONF} /etc/exim.spamd.conf
echo "Restarting exim."
control_service exim restart
ldconfig
if [ ! -s /etc/logrotate.d/rspamd ]; then
safeDownloadWithMove /etc/logrotate.d/rspamd "${WEBPATH}/rspamd.logrotate"
fi
writeLog "Rspamd has been installed successfully."
}
doNetdata() {
curl ${CURL_CONNECT_OPTIONS} -o netdata.sh https://my-netdata.io/kickstart-static64.sh && bash ./netdata.sh --dont-wait --disable-telemetry && rm -f netdata.sh
if [ -e /opt/netdata/etc/netdata/netdata.conf ] && [ ! -e /etc/netdata/netdata.conf ]; then
NETDATA_CONF=/opt/netdata/etc/netdata/netdata.conf
else
NETDATA_CONF=/etc/netdata/netdata.conf
fi
if [ -s ${WORKDIR}/custom/netdata/netdata.conf ]; then
cp -pf ${WORKDIR}/custom/netdata/netdata.conf ${NETDATA_CONF}
else
printf "[web]\nbind to = unix:/var/run/netdata/netdata.sock\nweb files owner = root\nweb files group = netdata\n[global]\nrun as user = netdata\nprocess scheduling policy = keep\nOOM score = keep\n" > ${NETDATA_CONF}
fi
if [ -s /usr/lib/systemd/system/netdata.service ]; then
if grep -m1 -q '^RuntimeDirectoryMode=0775$' /usr/lib/systemd/system/netdata.service; then
perl -pi -e 's|^RuntimeDirectoryMode=0775$|RuntimeDirectoryMode=0700|g' /usr/lib/systemd/system/netdata.service
systemctl daemon-reload
fi
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ]; then
usermod -a -G clsupergid netdata
fi
killall netdata
sleep 10
control_service netdata start
set_service netdata ON
}
do_remove_rspamd() {
if [ "${SPAMD_OPT}" = "rspamd" ]; then
do_exit 1 "Cannot remove Rspamd because it is enabled in options.conf."
fi
if [ -e /etc/debian_version ]; then
apt-get -y purge rspamd
else
yum -y remove rspamd
fi
if [ -e ${SYSTEMDDIR}/rspamd.service ]; then
echo "Disabling rspamd in systemd..."
systemctl disable rspamd.service
remove_file ${SYSTEMDDIR}/rspamd.service
systemctl daemon-reload
fi
if [ -d /etc/rspamd ]; then
remove_directory /etc/rspamd
fi
echo "Rspamd has been successfully removed"
writeLog "Rspamd removed"
}
####################################################
create_symlinks_for_binaries() {
if [ -e $1 ] && [ -e $2 ] && [ ! -h $2 ]; then
echo "Symlinking $1 to $2..."
mv -f $2 $2_backup
ln -sf $1 $2
fi
}
doclamav() {
if [ "${CLAMAV_OPT}" = "no" ]; then
do_exit 1 "ClamAV is not set in options.conf."
fi
getFile clamav-${CLAMAV_VER}.tar.gz clamav
if [ "${CLAMAV_EXIM_OPT}" = "yes" ]; then
safeDownloadWithMove /etc/exim.clamav.load.conf "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/exim.clamav.load.conf"
safeDownloadWithMove /etc/exim.clamav.conf "${DOWNLOADSERVER_SCHEME}://${DOWNLOADSERVER_OPT}/services/exim.clamav.conf"
chmod 644 /etc/exim.clamav.load.conf
chmod 644 /etc/exim.clamav.conf
fi
quitIfLocked doclamav
if [ ! -e ${WORKDIR}/clamav-${CLAMAV_VER}.tar.gz ]; then
do_exit 1 "File clamav-${CLAMAV_VER}.tar.gz does not exist. Try running ${boldon}./build update.${boldoff}"
fi
echo "Installing clamav ${CLAMAV_VER} ..."
CLAMD_CONF=1
if [ ! -e /etc/clamd.conf ]; then
CLAMD_CONF=0
fi
FRESHCLAM_CONF=1
if [ ! -e /etc/freshclam.conf ]; then
FRESHCLAM_CONF=0
fi
addUserGroup clamav clamav
mkdir -p /var/run/clamd
chown -R clamav.clamav /var/run/clamd
chmod 700 /var/run/clamd
cd ${CWD}
FILE=${CWD}/clamav-${CLAMAV_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd clamav-${CLAMAV_VER}
echo "Configuring clamav ${CLAMAV_VER} ..."
mkdir -p build
cd build
if [ ! -d /usr/local/include/curl ] && grep -m1 -q 'with-libcurl=/usr/local' ${CWD}/${CLAMAV_CONFIGURE}; then
perl -pi -e 's|with-libcurl=/usr/local|with-libcurl=/usr|g' ${CWD}/${CLAMAV_CONFIGURE}
fi
if [ "${OS_CENTOS_VER}" = "7" ]; then
CMAKE_NAME="cmake3"
if grep -m1 -q "^cmake " ${CWD}/${CLAMAV_CONFIGURE}; then
perl -pi -e 's|^cmake |cmake3 |g' ${CWD}/${CLAMAV_CONFIGURE}
fi
else
CMAKE_NAME="cmake"
fi
if [ "${CMAKE_NAME}" = "cmake" ]; then
if [ ! -e /usr/local/cmake ] && [ ! -e /usr/local/bin/cmake ] && [ ! -e /usr/bin/cmake ] && [ ! -e /usr/bin/cmake3 ]; then
echo "Cannot find ${CMAKE_NAME}, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install ${CMAKE_NAME}
else
yum -y install ${CMAKE_NAME}
fi
fi
elif [ ! -e /usr/bin/cmake3 ]; then
yum -y install ${CMAKE_NAME} --enablerepo=${EPEL_REPO_NAME}
fi
if [ "${OS_DEBIAN_VER}" = "9" ]; then
CMAKE_MINOR_VER=`cmake --version | head -n1 | grep -o '[0-9]\.[^ ]*' | cut -d. -f2`
if [ ${CMAKE_MINOR_VER} -lt 14 ]; then
if ! grep -r --include '*.list' '^deb ' /etc/apt/sources.list /etc/apt/sources.list.d | grep -m1 -q 'stretch-backports'; then
echo 'deb http://deb.debian.org/debian stretch-backports main' >> /etc/apt/sources.list.d/stretch-backports.list
apt-get update
fi
apt-get -y install -t stretch-backports ${CMAKE_NAME}
fi
fi
if [ "${OS_DEBIAN_VER}" = "10" ]; then
CMAKE_MINOR_VER=`cmake --version | head -n1 | grep -o '[0-9]\.[^ ]*' | cut -d. -f2`
if [ ${CMAKE_MINOR_VER} -lt 14 ]; then
if ! grep -r --include '*.list' '^deb ' /etc/apt/sources.list /etc/apt/sources.list.d | grep -m1 -q 'buster-backports'; then
echo 'deb http://deb.debian.org/debian buster-backports main' >> /etc/apt/sources.list.d/buster-backports.list
apt-get update
fi
apt-get -y install -t buster-backports ${CMAKE_NAME}
fi
fi
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage libxml2-devel` -ne 0 ]; then
yum -y install libxml2-devel
ldconfig
fi
if [ `checkRPMPackage bzip2-devel` -ne 0 ]; then
yum -y install bzip2-devel
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage libxml2-dev` -ne 0 ]; then
apt-get -y install libxml2-dev
ldconfig
fi
if [ `checkDebianPackage libbz2-dev` -ne 0 ]; then
apt-get -y install libbz2-dev
ldconfig
fi
fi
if [ ! -e /usr/include/pcre2.h ] && [ ! -e /usr/local/include/pcre2.h ]; then
echo "Cannot find pcre2, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install libpcre2-dev
else
yum -y install pcre2-devel
fi
fi
if [ ! -e /usr/include/json/json.h ] && [ ! -e /usr/local/include/json/json.h ] && [ ! -e /usr/include/json-c/json.h ] && [ ! -e /usr/local/include/json-c/json.h ]; then
echo "Cannot find json-c, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install libjson-c-dev
else
yum -y install json-c-devel
fi
fi
if [ ! -e /usr/include/curses.h ] && [ ! -e /usr/local/include/curses.h ]; then
echo "Cannot find ncurses, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install libncurses-dev
else
yum -y install ncurses-devel
fi
fi
${CWD}/${CLAMAV_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure clamav.\n"
do_exit 1
fi
echo "Done Configuration."
while echo "Trying to make clamav..."; do
make CPPFLAGS=-I/usr/kerberos/include -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, do you want to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Cleaning old libraries up..."
if [ "${B64}" = "1" ]; then
rm -f /usr/local/lib64/libclam*
fi
rm -f /usr/local/lib/libclam*
echo "Installing ..."
make install
removeLockfile
ldconfig
cd ${CWD}
if [ ${CLAMD_CONF} -eq 0 ]; then
if [ ! -s /etc/clamd.conf ] && [ -s /etc/clamd.conf.sample ]; then
cp -f /etc/clamd.conf.sample /etc/clamd.conf
fi
perl -pi -e 's|Example|#Example|' /etc/clamd.conf
perl -pi -e 's|#PidFile /var/run/clamd.pid|PidFile /var/run/clamd/clamd.pid|' /etc/clamd.conf
perl -pi -e 's|#TCPSocket 3310|TCPSocket 3310|' /etc/clamd.conf
perl -pi -e 's|#TCPAddr 127.0.0.1|TCPAddr 127.0.0.1|' /etc/clamd.conf
perl -pi -e 's|^LocalSocket|#LocalSocket|' /etc/clamd.conf
fi
if [ ${FRESHCLAM_CONF} -eq 0 ]; then
if [ ! -s /etc/freshclam.conf ] && [ -s /etc/freshclam.conf.sample ]; then
cp -f /etc/freshclam.conf.sample /etc/freshclam.conf
fi
perl -pi -e 's|Example|#Example|' /etc/freshclam.conf
perl -pi -e 's|#LogSyslog yes|LogSyslog yes|' /etc/freshclam.conf
perl -pi -e 's|#PidFile /var/run/freshclam.pid|PidFile /var/run/clamd/freshclam.pid|' /etc/freshclam.conf
perl -pi -e 's|#Checks 24|#Checks 24|' /etc/freshclam.conf
perl -pi -e 's|#NotifyClamd /path/to/clamd.conf|#NotifyClamd /etc/clamd.conf|' /etc/freshclam.conf
fi
#Deprecated in 0.100
perl -pi -e 's|^AllowSupplementaryGroups|#AllowSupplementaryGroups|' /etc/clamd.conf
if [ -e ${WORKDIR}/custom/clamav/clamd.conf ]; then
cp -f ${WORKDIR}/custom/clamav/clamd.conf /etc/clamd.conf
fi
if [ -e ${WORKDIR}/custom/clamav/freshclam.conf ]; then
cp -f ${WORKDIR}/custom/clamav/freshclam.conf /etc/freshclam.conf
fi
if [ "${CLAMAV_EXIM_OPT}" = "yes" ]; then
perl -pi -e 's|#.include_if_exists /etc/exim.clamav.load.conf|.include_if_exists /etc/exim.clamav.load.conf|' /etc/exim.conf
perl -pi -e 's|#.include_if_exists /etc/exim.clamav.conf|.include_if_exists /etc/exim.clamav.conf|' /etc/exim.conf
fi
echo "Enabling clamd in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/clamd.service ]; then
cp -f ${CB_CUST_SYSTEMD}/clamd.service ${SYSTEMDDIR}/clamd.service
else
if [ -e /etc/debian_version ]; then
cp -f ${CB_SYSTEMD}/clamd.service.debian ${SYSTEMDDIR}/clamd.service
else
cp -f ${CB_SYSTEMD}/clamd.service ${SYSTEMDDIR}/clamd.service
fi
fi
chmod 644 ${SYSTEMDDIR}/clamd.service
DISABLE_PRIVATETMP=false
if [ "${CLAMAV_OPT}" = "yes" ]; then
if [ "${SUHOSIN_PHP_UPLOADSCAN_OPT}" = "yes" ] || [ "${MODSECURITY_UPLOADSCAN_OPT}" = "yes" ]; then
DISABLE_PRIVATETMP=true
fi
fi
if [ -e /proc/1/environ ]; then
if cat /proc/1/environ | tr '\0' '\n' | grep -q ^container=lxc; then
DISABLE_PRIVATETMP=true
fi
fi
if ${DISABLE_PRIVATETMP}; then
echo "Upload scan option detected in options.conf. Disabling PrivateTmp feature in clamd.service for ClamAV to be able to scan files in /tmp."
perl -pi -e 's#PrivateTmp \= true#PrivateTmp = false#' ${SYSTEMDDIR}/clamd.service
fi
systemctl daemon-reload
systemctl enable clamd.service
echo "Enabling freshclam in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/freshclam.service ]; then
cp -f ${CB_CUST_SYSTEMD}/freshclam.service ${SYSTEMDDIR}/freshclam.service
else
cp -f ${CB_SYSTEMD}/freshclam.service ${SYSTEMDDIR}/freshclam.service
fi
chmod 644 ${SYSTEMDDIR}/freshclam.service
systemctl daemon-reload
systemctl enable freshclam.service
if [ ! -d /var/run/clamd ]; then
mkdir /var/run/clamd
fi
#Ensure ClamAV Database
USC=/usr/local/share/clamav
if [ -s /etc/freshclam.conf ]; then
if grep -m1 -q ^DatabaseDirectory /etc/freshclam.conf; then
USC=`grep -m1 ^DatabaseDirectory /etc/freshclam.conf | awk '{print $2}'`
fi
fi
if [ ! -d $USC ]; then
echo "Creating DatabaseDirectory $USC ..."
mkdir -p $USC
chown clamav:clamav $USC
fi
if [ ! -s $USC/daily.cld ]; then
/usr/local/bin/freshclam -v
fi
#Symlink /usr/bin binaries to /usr/local/bin
create_symlinks_for_binaries /usr/local/bin/clamav-config /usr/bin/clamav-config
create_symlinks_for_binaries /usr/local/bin/clambc /usr/bin/clambc
create_symlinks_for_binaries /usr/local/bin/clamconf /usr/bin/clamconf
create_symlinks_for_binaries /usr/local/bin/clamdscan /usr/bin/clamdscan
create_symlinks_for_binaries /usr/local/bin/clamscan /usr/bin/clamscan
create_symlinks_for_binaries /usr/local/bin/freshclam /usr/bin/freshclam
create_symlinks_for_binaries /usr/local/sbin/clamd /usr/sbin/clamd
set_service clamd ON
set_service freshclam ON
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "Restarting freshclam."
control_service freshclam restart
echo "Restarting clamd."
control_service clamd restart
if [ "${CLAMAV_EXIM_OPT}" = "yes" ]; then
echo "Restarting exim."
control_service exim restart
fi
echo "Done ClamAV."
writeLog "ClamAV ${CLAMAV_VER} installed"
}
doRemoveClamav() {
if [ ! -e /usr/local/sbin/clamd ]; then
do_exit 1 "/usr/local/sbin/clamd wasn't found on the system, exiting..."
fi
if [ "${CLAMAV_OPT}" = "yes" ]; then
do_exit 1 "ClamAV is still set in options.conf, cannot remove."
fi
getFile clamav-${CLAMAV_VER}.tar.gz clamav
quitIfLocked doRemoveClamav
if [ ! -e ${WORKDIR}/clamav-${CLAMAV_VER}.tar.gz ]; then
do_exit 1 "File clamav-${CLAMAV_VER}.tar.gz does not exist. Try running ${boldon}./build update.${boldoff}"
fi
echo "Removing clamav ${CLAMAV_VER}..."
cd ${CWD}
FILE=${CWD}/clamav-${CLAMAV_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ..."
tar xzf ${FILE} --no-same-owner
echo "Done."
cd clamav-${CLAMAV_VER}
mkdir -p build
cd build
if [ ! -d /usr/local/include/curl ] && grep -m1 -q 'with-libcurl=/usr/local' ${CWD}/${CLAMAV_CONFIGURE}; then
perl -pi -e 's|with-libcurl=/usr/local|with-libcurl=/usr|g' ${CWD}/${CLAMAV_CONFIGURE}
fi
if [ "${OS_CENTOS_VER}" = "7" ]; then
CMAKE_NAME="cmake3"
if grep -m1 -q "^cmake " ${CWD}/${CLAMAV_CONFIGURE}; then
perl -pi -e 's|^cmake |cmake3 |g' ${CWD}/${CLAMAV_CONFIGURE}
fi
else
CMAKE_NAME="cmake"
fi
if [ "${CMAKE_NAME}" = "cmake" ]; then
if [ ! -e /usr/local/cmake ] && [ ! -e /usr/local/bin/cmake ] && [ ! -e /usr/bin/cmake ] && [ ! -e /usr/bin/cmake3 ]; then
echo "Cannot find ${CMAKE_NAME}, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install ${CMAKE_NAME}
else
yum -y install ${CMAKE_NAME}
fi
fi
elif [ ! -e /usr/bin/cmake3 ]; then
yum -y install ${CMAKE_NAME} --enablerepo=${EPEL_REPO_NAME}
fi
if [ "${OS_DEBIAN_VER}" = "9" ]; then
CMAKE_MINOR_VER=`cmake --version | head -n1 | grep -o '[0-9]\.[^ ]*' | cut -d. -f2`
if [ ${CMAKE_MINOR_VER} -lt 14 ]; then
if ! grep -r --include '*.list' '^deb ' /etc/apt/sources.list /etc/apt/sources.list.d | grep -m1 -q 'stretch-backports'; then
echo 'deb http://deb.debian.org/debian stretch-backports main' >> /etc/apt/sources.list.d/stretch-backports.list
apt-get update
fi
apt-get -y install -t stretch-backports ${CMAKE_NAME}
fi
fi
if [ "${OS_DEBIAN_VER}" = "10" ]; then
CMAKE_MINOR_VER=`cmake --version | head -n1 | grep -o '[0-9]\.[^ ]*' | cut -d. -f2`
if [ ${CMAKE_MINOR_VER} -lt 14 ]; then
if ! grep -r --include '*.list' '^deb ' /etc/apt/sources.list /etc/apt/sources.list.d | grep -m1 -q 'buster-backports'; then
echo 'deb http://deb.debian.org/debian buster-backports main' >> /etc/apt/sources.list.d/buster-backports.list
apt-get update
fi
apt-get -y install -t buster-backports ${CMAKE_NAME}
fi
fi
if [ ! -e ${DEBIAN_VERSION} ] && [ -x /usr/bin/rpm ]; then
if [ `checkRPMPackage libxml2-devel` -ne 0 ]; then
yum -y install libxml2-devel
ldconfig
fi
if [ `checkRPMPackage bzip2-devel` -ne 0 ]; then
yum -y install bzip2-devel
ldconfig
fi
elif [ -x /usr/bin/dpkg-query ]; then
if [ `checkDebianPackage libxml2-dev` -ne 0 ]; then
apt-get -y install libxml2-dev
ldconfig
fi
if [ `checkDebianPackage libbz2-dev` -ne 0 ]; then
apt-get -y install libbz2-dev
ldconfig
fi
fi
if [ ! -e /usr/include/pcre2.h ] && [ ! -e /usr/local/include/pcre2.h ]; then
echo "Cannot find pcre2, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install libpcre2-dev
else
yum -y install pcre2-devel
fi
fi
if [ ! -e /usr/include/json/json.h ] && [ ! -e /usr/local/include/json/json.h ] && [ ! -e /usr/include/json-c/json.h ] && [ ! -e /usr/local/include/json-c/json.h ]; then
echo "Cannot find json-c, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install libjson-c-dev
else
yum -y install json-c-devel
fi
fi
if [ ! -e /usr/include/curses.h ] && [ ! -e /usr/local/include/curses.h ]; then
echo "Cannot find ncurses, installing it..."
if [ -e /etc/debian_version ]; then
apt-get -y install libncurses-dev
else
yum -y install ncurses-devel
fi
fi
echo "Configuring clamav ${CLAMAV_VER} for removal..."
${CWD}/${CLAMAV_CONFIGURE}
if [ $? -ne 0 ]; then
printf "\n*** There was an error while trying to configure clamav.\n"
do_exit 1
fi
echo "Done Configuration."
echo "Uninstalling ..."
while echo "Trying to make clamav..."; do
make CPPFLAGS=-I/usr/kerberos/include -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, do you want to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
make install
xargs rm -f < install_manifest.txt
removeLockfile
ldconfig
cd ${CWD}
echo "Removing clamav/freshclam from services.status..."
set_service clamd delete
set_service freshclam delete
if [ -e ${SYSTEMDDIR}/clamd.service ]; then
echo "Removing clamd systemd script..."
systemctl stop clamd.service
systemctl disable clamd.service
rm -f ${SYSTEMDDIR}/clamd.service
systemctl daemon-reload
fi
if [ -e ${SYSTEMDDIR}/freshclam.service ]; then
echo "Removing freshclam systemd script..."
systemctl stop freshclam.service
systemctl disable freshclam.service
rm -f ${SYSTEMDDIR}/freshclam.service
systemctl daemon-reload
fi
echo "Removing ClamAV configuration files: /etc/clamd.conf.sample and /etc/clamd.conf..."
rm -f /etc/clamd.conf.sample
rm -f /etc/clamd.conf
echo "Removing Freshclam configuration files: /etc/freshclam.conf.sample and /etc/freshclam.conf..."
rm -f /etc/freshclam.conf.sample
rm -f /etc/freshclam.conf
EXIMRESTART=0
if [ -e /etc/exim.clamav.load.conf ] || [ -e /etc/exim.clamav.conf ]; then
EXIMRESTART=1
echo "Disabling ClamAV in exim.conf..."
rm -f /etc/exim.clamav.load.conf
rm -f /etc/exim.clamav.conf
fi
#Remove ClamAV Database
echo "Removing ClamAV Database: /usr/local/share/clamav..."
rm -rf /usr/local/share/clamav
#Rempove symlinks of /usr/bin binaries to /usr/local/bin
echo "Removing ClamAV symlins from /usr/bin..."
rm -f /usr/bin/clamav-config
rm -f /usr/bin/clambc
rm -f /usr/bin/clamconf
rm -f /usr/bin/clamdscan
rm -f /usr/bin/clamscan
rm -f /usr/bin/freshclam
rm -f /usr/sbin/clamd
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
if [ "${EXIMRESTART}" = "1" ]; then
echo "Restarting exim..."
control_service exim restart
fi
echo "ClamAV has been successfully removed."
writeLog "ClamAV removed"
}
####################################################
doPhp() {
doPhp_build ${PHP1_RELEASE_OPT} ${PHP1_MODE_OPT}
if [ "${PHP2_RELEASE_OPT}" != "no" ]; then
doPhp_build ${PHP2_RELEASE_OPT} ${PHP2_MODE_OPT}
fi
if [ "${PHP3_RELEASE_OPT}" != "no" ]; then
doPhp_build ${PHP3_RELEASE_OPT} ${PHP3_MODE_OPT}
fi
if [ "${PHP4_RELEASE_OPT}" != "no" ]; then
doPhp_build ${PHP4_RELEASE_OPT} ${PHP4_MODE_OPT}
fi
if [ -x /usr/share/i360-php/native_da.hook ]; then
/usr/share/i360-php/native_da.hook --install-i360
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ] || [ "${WEBSERVER_OPT}" = "litespeed" ]; then
#Reload detached lsphp processes
touch /usr/local/lsws/admin/tmp/.lsphp_restart.txt
fi
writeLog "PHP built"
}
####################################################
doRemovePhp() {
if [ "$1" = "" ]; then
do_exit 1 "No arguments given (PHP release), exiting..."
fi
REMOVE_SHORTRELEASE=`echo $1 | tr -d '.'`
if [ "${PHP1_RELEASE_OPT}" = "$1" ] || [ "${PHP2_RELEASE_OPT}" = "$1" ] || [ "${PHP3_RELEASE_OPT}" = "$1" ] || [ "${PHP4_RELEASE_OPT}" = "$1" ]; then
do_exit 1 "Cannot remove PHP $1, because you have it set in options.conf file."
fi
if [ ! -d /usr/local/php${REMOVE_SHORTRELEASE} ]; then
do_exit 1 "/usr/local/php${REMOVE_SHORTRELEASE} does not exist, cannot remove..."
fi
echo "Removing /usr/local/php${REMOVE_SHORTRELEASE}"
rm -rf /usr/local/php${REMOVE_SHORTRELEASE}
remove_file /var/log/php-fpm${REMOVE_SHORTRELEASE}.log
ldconfig
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
echo "PHP $1 has been successfully removed"
writeLog "PHP $1 removed"
}
####################################################
doFtpCleanup() {
if grep -q "^pure-ftpd" ${SERVICES} 2>/dev/null || grep -q "^proftpd" ${SERVICES} 2>/dev/null; then
return
fi
#Clean up FTP env
#Get out of here! We don't want any of this (wu-ftpd)!
if [ -s /etc/debian_version ]; then
dpkg -r --force-all gadmin-proftpd gforge-ftp-proftpd gproftpd proftpd-basic proftpd-doc proftpd-mod-ldap proftpd-mod-mysql proftpd-mod-pgsql pure-ftpd pure-ftpd-common 2> /dev/null
dpkg -P gadmin-proftpd gforge-ftp-proftpd gproftpd proftpd-basic proftpd-doc proftpd-mod-ldap proftpd-mod-mysql proftpd-mod-pgsql pure-ftpd pure-ftpd-common 2> /dev/null
else
rpm -e --nodeps wu-ftp 2> /dev/null
rpm -e --nodeps wu-ftpd 2> /dev/null
rpm -e --nodeps anonftp 2> /dev/null
rpm -e --nodeps pure-ftpd 2> /dev/null
rpm -e --nodeps vsftpd 2> /dev/null
rpm -e --nodeps psa-proftpd 2> /dev/null
rpm -e --nodeps psa-proftpd-xinetd 2> /dev/null
rpm -e --nodeps psa-proftpd-start 2> /dev/null
rm -f /etc/xinetd.d/proftpd
rm -f /etc/xinetd.d/wu-ftpd.rpmsave
rm -f /etc/xinetd.d/wu-ftpd
rm -f /etc/xinetd.d/ftp_psa
rm -f /etc/xinetd.d/gssftp
rm -f /etc/xinetd.d/xproftpd
fi
if [ -x /usr/local/sbin/pure-ftpd ]; then
if ! grep -q "^pure-ftpd" ${SERVICES} 2>/dev/null; then
killall -9 pure-ftpd 2> /dev/null > /dev/null
rm -f /usr/local/sbin/pure-ftpd 2> /dev/null > /dev/null
fi
fi
#while we're doing it, lets get rid of pop stuff too
rm -f /etc/xinetd.d/pop*
#in case they it still holds port 21
if [ -s /usr/lib/systemd/system/xinetd.service ]; then
systemctl restart xinetd.service
fi
}
####################################################
doProftpd() {
if [ "${FTPD_OPT}" != "proftpd" ]; then
do_exit 1 "You cannot install ProFTPD, because you do not have it set in options.conf file."
fi
doFtpCleanup
addUserGroup ftp ftp
addToAccess ftp
getFile proftpd-${PROFTPD_VER}.tar.gz proftpd
quitIfLocked doProftpd
# Setting a new temp dir (in case /tmp is noexec,nosuid)
cd ${CWD}
FILE=${CWD}/proftpd-${PROFTPD_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
chown -R root:${ROOT_GRP} proftpd-${PROFTPD_VER}
cd proftpd-${PROFTPD_VER}
# Backup ProFTPD config
if [ -e /etc/proftpd.conf ]; then
cp -pf /etc/proftpd.conf /etc/proftpd.conf.old
fi
cp -pf ${CWD}/${PROFTPD_CONF} /etc/proftpd.conf
if [ -s /etc/proftpd.sftp.conf ] && ! grep -m1 -q '^Include /etc/proftpd.sftp.conf' /etc/proftpd.conf; then
echo 'Include /etc/proftpd.sftp.conf' >> /etc/proftpd.conf
elif [ ! -s /etc/proftpd.sftp.conf ] && grep -m1 -q '^Include /etc/proftpd.sftp.conf' /etc/proftpd.conf; then
sed -i '/^Include /etc/proftpd.sftp.conf/d' /etc/proftpd.conf
fi
if [ -d /usr/local/directadmin/data/admin/ips ]; then
IP="`grep -r -l -m1 '^status=server$' /usr/local/directadmin/data/admin/ips | cut -d/ -f8`"
fi
if [ "${IP}" = "" ]; then
IP="`grep -im1 ${HOSTNAME} /etc/hosts | awk '{print $1}'`"
if [ "${IP}" = "" ]; then
echo "Unable to detect your server IP in /etc/hosts. Please enter it: "
read IP
fi
fi
if [ "${IP}" = "" ]; then
echo "Unable to detect your server IP. Exiting..."
do_exit 0
fi
if [ "`echo ${IP} | grep -m1 -c ':'`" -gt 0 ]; then
IP="[${IP}]"
fi
echo "Using $IP for your server IP"
if [ -e /etc/proftpd.conf ]; then
if [ "`grep -m1 -c '|IP|' /etc/proftpd.conf`" -gt "0" ]; then
STR="perl -pi -e 's/\|IP\|/$IP/' /etc/proftpd.conf"
eval ${STR}
fi
fi
if [ -e /etc/proftpd.sftp.conf ]; then
if [ "`grep -m1 -c '|IP|' /etc/proftpd.sftp.conf`" -gt "0" ]; then
STR="perl -pi -e 's/\|IP\|/$IP/' /etc/proftpd.sftp.conf"
eval ${STR}
fi
fi
echo "Configuring proftpd-${PROFTPD_VER}..."
${CWD}/${PROFTPD_CONFIGURE}
echo "Done. Making proftpd-${PROFTPD_VER}..."
while echo "Trying to make ProFTPD..."; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing proftpd-${PROFTPD_VER}..."
make install
if [ ! -e /etc/proftpd.passwd ]; then
touch /etc/proftpd.passwd
chmod 640 /etc/proftpd.passwd
fi
if [ ! -d /var/log/proftpd ]; then
mkdir -p /var/log/proftpd
fi
if [ ! -e /etc/proftpd.vhosts.conf ]; then
touch /etc/proftpd.vhosts.conf
fi
echo "Enabling proftpd in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/proftpd.service ]; then
cp -f ${CB_CUST_SYSTEMD}/proftpd.service ${SYSTEMDDIR}/proftpd.service
else
cp -f ${CB_SYSTEMD}/proftpd.service ${SYSTEMDDIR}/proftpd.service
fi
chmod 644 ${SYSTEMDDIR}/proftpd.service
if [ -e /etc/debian_version ]; then
perl -pi -e 's#/usr/bin/mkdir#/bin/mkdir#' ${SYSTEMDDIR}/proftpd.service
fi
systemctl daemon-reload
if [ -e ${SYSTEMDDIR}/proftpd.service ]; then
systemctl enable proftpd.service
if [ -e ${SYSTEMDDIR}/pure-ftpd.service ]; then
systemctl stop pure-ftpd.service
systemctl disable pure-ftpd.service
rm -f ${SYSTEMDDIR}/pure-ftpd.service
if [ -e ${SYSTEMDDIR}/pure-certd.service ]; then
systemctl stop pure-certd.service
systemctl disable pure-certd.service
rm -f ${SYSTEMDDIR}/pure-certd.service
fi
if [ -e ${SYSTEMDDIR}/pure-uploadscript.service ]; then
systemctl stop pure-uploadscript.service
systemctl disable pure-uploadscript.service
rm -f ${SYSTEMDDIR}/pure-uploadscript.service
fi
systemctl daemon-reload
fi
fi
mkdir -p /run/proftpd
killall -9 pure-ftpd >/dev/null 2>&1
echo "Done proftpd."
writeLog "Proftpd ${PROFTPD_VER} installed"
removeLockfile
# Linking configs
rm -f /usr/local/etc/proftpd.conf
ln -sf /etc/proftpd.conf /usr/local/etc/proftpd.conf
perl -pi -e 's/DisplayFirstChdir/DisplayChdir/' /etc/proftpd.conf
#setup the directadmin.conf
setVal pureftp 0 ${DACONF_TEMPLATE_FILE}
setVal pureftp 0 ${DACONF_FILE}
set_service pure-ftpd delete
set_service proftpd ON
killall pure-ftpd >/dev/null 2>&1
if [ "${PROFTPD_UPLOADSCAN_OPT}" = "yes" ] && [ "${CLAMAV_OPT}" = "yes" ]; then
if [ ! -e /usr/local/bin/clamdscan ]; then
removeLockfile
doclamav
fi
if [ ! -e /usr/local/bin/clamdscan ]; then
do_exit 1 "Cannot enable upload scan in ProFTPd because there is no ClamAV (/usr/local/bin/clamdscan) on the system."
fi
echo "Enabling ProFTPd ClamAV module for upload scanning"
getFile mod_clamav.c mod_clamav_c
getFile mod_clamav.h mod_clamav_h
if ! grep -m1 -q '^Include /etc/proftpd.clamav.conf' /etc/proftpd.conf; then
perl -pi -e 's#</Global>#</Global>\n\nInclude /etc/proftpd.clamav.conf#' /etc/proftpd.conf
fi
/usr/bin/prxs -c -i -d mod_clamav.c
echo -n '' > /etc/proftpd.clamav.conf
echo '<IfModule mod_dso.c>' >> /etc/proftpd.clamav.conf
echo 'LoadModule mod_clamav.c' >> /etc/proftpd.clamav.conf
echo '</IfModule>' >> /etc/proftpd.clamav.conf
echo '<IfModule mod_clamav.c>' >> /etc/proftpd.clamav.conf
echo 'ClamAV on' >> /etc/proftpd.clamav.conf
echo 'ClamServer 127.0.0.1' >> /etc/proftpd.clamav.conf
echo 'ClamPort 3310' >> /etc/proftpd.clamav.conf
echo 'ClamMaxSize 5 Mb' >> /etc/proftpd.clamav.conf
echo '</IfModule>' >> /etc/proftpd.clamav.conf
else
echo '' > /etc/proftpd.clamav.conf
fi
doSslConfigurationFtp
if [ ! -e /etc/logrotate.d/proftpd ]; then
safeDownloadWithMove /etc/logrotate.d/proftpd "${WEBPATH}/proftpd.logrotate"
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
cd ${CWD}
echo "Restarting ProFTPd."
control_service proftpd restart
}
####################################################
doRemoveProftpd() {
if [ "${FTPD_OPT}" = "proftpd" ]; then
do_exit 1 "Cannot remove Pure-FTPd, because it is enabled in options.conf file."
fi
echo "Disabling proftpd in services.status"
set_service proftpd delete
control_service proftpd stop
echo "Disabling proftpd in systemd..."
systemctl disable proftpd.service
rm -f ${SYSTEMDDIR}/proftpd.service
systemctl daemon-reload
remove_directory /etc/logrotate.d/proftpd
remove_directory /usr/include/proftpd
remove_directory /usr/log/proftpd
remove_file /usr/lib/pkgconfig/proftpd.pc
remove_file /usr/lib64/pkgconfig/proftpd.pc
remove_file /etc/ftpusers
remove_file /etc/pam.d/proftpd
remove_file /etc/proftpd.conf
remove_file /usr/bin/ftpasswd
remove_file /usr/bin/ftpcount
remove_file /usr/bin/ftpdctl
remove_file /usr/bin/ftpmail
remove_file /usr/bin/ftpquota
remove_file /usr/bin/ftptop
remove_file /usr/bin/ftpwho
remove_file /usr/bin/prxs
remove_file /usr/share/man/man5/proftpd.conf.5
remove_file /usr/share/man/man8/proftpd.8
remove_file /usr/share/man/man8/proftpd.8.gz
remove_file /usr/share/locale/bg_BG/LC_MESSAGES/proftpd.mo
remove_file /usr/share/locale/en_US/LC_MESSAGES/proftpd.mo
remove_file /usr/share/locale/fr_FR/LC_MESSAGES/proftpd.mo
remove_file /usr/share/locale/it_IT/LC_MESSAGES/proftpd.mo
remove_file /usr/share/locale/ja_JP/LC_MESSAGES/proftpd.mo
remove_file /usr/share/locale/ko_KR/LC_MESSAGES/proftpd.mo
remove_file /usr/share/locale/ru_RU/LC_MESSAGES/proftpd.mo
remove_file /usr/share/locale/zh_CN/LC_MESSAGES/proftpd.mo
remove_file /usr/share/locale/zh_TW/LC_MESSAGES/proftpd.mo
remove_file /usr/local/etc/proftpd.conf
remove_file /usr/sbin/in.proftpd
remove_file /usr/sbin/proftpd
remove_file /usr/sbin/ftpscrub
remove_file /usr/sbin/ftpshut
remove_file /etc/proftpd.clamav.conf
remove_file /etc/proftpd.vhosts.conf
ldconfig
echo "ProFTPd has been successfully removed"
writeLog "Proftpd removed"
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
}
####################################################
doPureftpd() {
if [ "${FTPD_OPT}" != "pureftpd" ]; then
do_exit 1 "You cannot install Pure-FTPd, because you do not have it set in options.conf file."
fi
doFtpCleanup
addUserGroup ftp ftp
addToAccess ftp
getFile pure-ftpd-${PUREFTPD_VER}.tar.gz pureftpd
getFile patches/pure-ftpd-logjam.patch pure-ftpd-logjam.patch patches/pure-ftpd-logjam.patch hexan
quitIfLocked doPureftpd
cd ${CWD}
FILE=${CWD}/pure-ftpd-${PUREFTPD_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
chown -R root:${ROOT_GRP} pure-ftpd-${PUREFTPD_VER}
cd pure-ftpd-${PUREFTPD_VER}
patch -p0 < ../patches/pure-ftpd-logjam.patch
perl -pi -e 's|/etc/ssl/private|/etc|g' ./src/ftpd.h
# add --without-capabilities on LXC containers to fix "Unable to switch capabilities"
DISABLE_CAPABILITIES=false
if [ -e /proc/1/environ ]; then
if cat /proc/1/environ | tr '\0' '\n' | grep -q ^container=lxc; then
DISABLE_CAPABILITIES=true
fi
fi
if ${DISABLE_CAPABILITIES}; then
echo "Adding --without-capabilities, to solve \"Unable to switch capabilities\" on LXC containers..."
perl -pi -e 's|\./configure \\|./configure --without-capabilities \|g' ${CWD}/${PUREFTPD_CONFIGURE}
fi
echo "Configuring pure-ftpd-${PUREFTPD_VER}..."
${CWD}/${PUREFTPD_CONFIGURE}
echo "Done. Making pure-ftpd-${PUREFTPD_VER}..."
while echo "Trying to make Pure-FTPd..."; do
make -j ${CPU_CORES}
if [ $? -ne 0 ]; then
if [ ${USER_INPUT} -eq 1 ]; then
printf "\n*** The make has failed, would you like to try to make again? (y,n): \n"
read yesno
echo ""
else
if [ "${INPUT_VALUE}" != "y" ]; then
yesno=n
else
yesno=${INPUT_VALUE}
fi
fi
if [ "${yesno}" = "n" ]; then
do_exit 1
fi
else
break
fi
done
echo "Make complete"
echo "Installing pure-ftpd-${PUREFTPD_VER}..."
make install
if [ ! -e /etc/proftpd.passwd ]; then
touch /etc/proftpd.passwd
chmod 640 /etc/proftpd.passwd
fi
if [ ! -e /etc/pure-ftpd.pem ] && [ "${WEBSERVER_OPT}" = "nginx" ]; then
if [ -e /etc/nginx/ssl.crt/server.crt.combined ] && [ -e /etc/nginx/ssl.key/server.key ]; then
cat /etc/nginx/ssl.key/server.key > /etc/pure-ftpd.pem
cat /etc/nginx/ssl.crt/server.crt.combined >> /etc/pure-ftpd.pem
fi
fi
if [ ! -e /etc/pure-ftpd.pem ]; then
if [ -e /etc/httpd/conf/ssl.crt/server.crt ] && [ -e /etc/httpd/conf/ssl.key/server.key ]; then
cat /etc/httpd/conf/ssl.key/server.key > /etc/pure-ftpd.pem
cat /etc/httpd/conf/ssl.crt/server.crt >> /etc/pure-ftpd.pem
if [ -e /etc/httpd/conf/ssl.crt/server.ca ]; then
cat /etc/httpd/conf/ssl.crt/server.ca >> /etc/pure-ftpd.pem
fi
fi
fi
if [ ! -e /etc/pure-ftpd.pem ]; then
if [ -e /etc/exim.cert ] && [ -e /etc/exim.key ]; then
cat /etc/exim.key > /etc/pure-ftpd.pem
cat /etc/exim.cert >> /etc/pure-ftpd.pem
fi
fi
if grep -m1 -q -- "----------" /etc/pure-ftpd.pem; then
perl -pi -e 's|----------|-----\n-----|g' /etc/pure-ftpd.pem
fi
if [ ! -s /etc/pure-ftpd-dhparams.pem ]; then
ensure_dhparam /etc/pure-ftpd-dhparams.pem
fi
chmod 600 /etc/pure-ftpd-dhparams.pem
chmod 600 /etc/pure-ftpd.pem
echo "Copying ${PUREFTPD_CONF} to /etc/pure-ftpd.conf..."
cp -f ${CWD}/${PUREFTPD_CONF} /etc/pure-ftpd.conf
PATH_TO_UPLOADSCAN=/usr/local/bin/pureftpd_uploadscan.sh
if [ "${PUREFTPD_UPLOADSCAN_OPT}" = "yes" ]; then
if [ ! -e /usr/local/bin/clamdscan ] && [ "${CLAMAV_OPT}" = "yes" ]; then
removeLockfile
doclamav
fi
if [ ! -e /usr/local/bin/clamdscan ] && [ "${CLAMAV_OPT}" = "yes" ]; then
do_exit 1 "Cannot enable upload scan in Pure-FTPd because there is no ClamAV (/usr/local/bin/clamdscan) on the system."
fi
echo "Enabling PureFTPd upload scanning script..."
cp -f ${PUREFTPD_UPLOADSCAN_SCRIPT} ${PATH_TO_UPLOADSCAN}
chmod 711 ${PATH_TO_UPLOADSCAN}
perl -pi -e 's|^CallUploadScript no|CallUploadScript yes|' /etc/pure-ftpd.conf
echo "Enabling pure-uploadscript in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/pure-uploadscript.service ]; then
cp -f ${CB_CUST_SYSTEMD}/pure-uploadscript.service ${SYSTEMDDIR}/pure-uploadscript.service
else
cp -f ${CB_SYSTEMD}/pure-uploadscript.service ${SYSTEMDDIR}/pure-uploadscript.service
fi
chmod 644 ${SYSTEMDDIR}/pure-uploadscript.service
systemctl daemon-reload
if [ -e ${SYSTEMDDIR}/pure-uploadscript.service ]; then
systemctl start pure-uploadscript.service
fi
else
rm -f ${PATH_TO_UPLOADSCAN}
perl -pi -e 's|^CallUploadScript yes|CallUploadScript no|' /etc/pure-ftpd.conf
if [ -e ${SYSTEMDDIR}/pure-uploadscript.service ]; then
echo "Disabling pure-uploadscript in systemd..."
systemctl stop pure-uploadscript.service
rm -f ${SYSTEMDDIR}/pure-uploadscript.service
systemctl daemon-reload
fi
fi
PATH_TO_PURE_CERTD=/usr/local/bin/pureftpd_sni.sh
echo "Enabling pure-certd script for SNI certificates..."
if ! grep -m1 -q 'ExtCert /var/run/pure-certd.sock' /etc/pure-ftpd.conf; then
echo 'ExtCert /var/run/pure-certd.sock' >> /etc/pure-ftpd.conf
fi
cp -f ${PUREFTPD_PURE_CERTD_SCRIPT} ${PATH_TO_PURE_CERTD}
chmod 711 ${PATH_TO_PURE_CERTD}
echo "Enabling pure-certd in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/pure-certd.service ]; then
cp -f ${CB_CUST_SYSTEMD}/pure-certd.service ${SYSTEMDDIR}/pure-certd.service
else
cp -f ${CB_SYSTEMD}/pure-certd.service ${SYSTEMDDIR}/pure-certd.service
fi
chmod 644 ${SYSTEMDDIR}/pure-certd.service
systemctl daemon-reload
if [ -e ${SYSTEMDDIR}/pure-certd.service ]; then
systemctl start pure-certd.service
fi
echo "Enabling pure-ftpd in systemd..."
if [ -e ${CB_CUST_SYSTEMD}/pure-ftpd.service ]; then
cp -f ${CB_CUST_SYSTEMD}/pure-ftpd.service ${SYSTEMDDIR}/pure-ftpd.service
else
cp -f ${CB_SYSTEMD}/pure-ftpd.service ${SYSTEMDDIR}/pure-ftpd.service
fi
chmod 644 ${SYSTEMDDIR}/pure-ftpd.service
if [ "${PUREFTPD_UPLOADSCAN_OPT}" = "yes" ] && [ "${CLAMAV_OPT}" = "yes" ]; then
if ! grep -m1 -q '^After=pure-uploadscript.service' ${SYSTEMDDIR}/pure-ftpd.service; then
perl -pi -e 's|^After\=syslog.target|Requires=pure-uploadscript.service\nAfter=pure-uploadscript.service syslog.target|g' ${SYSTEMDDIR}/pure-ftpd.service
fi
else
perl -pi -e 's|^Requires\=pure-uploadscript.service\nAfter\=pure-uploadscript.service |After=|g' ${SYSTEMDDIR}/pure-ftpd.service
fi
systemctl daemon-reload
if [ -e ${SYSTEMDDIR}/pure-ftpd.service ]; then
systemctl enable pure-ftpd.service
if [ -e ${SYSTEMDDIR}/proftpd.service ]; then
systemctl stop proftpd.service
systemctl disable proftpd.service
rm -f ${SYSTEMDDIR}/proftpd.service
systemctl daemon-reload
fi
fi
doSslConfigurationFtp
killall -9 proftpd >/dev/null 2>&1
echo "Done pure-ftpd."
writeLog "Pure-ftpd ${PUREFTPD_VER} installed"
removeLockfile
#setup the directadmin.conf
setVal pureftp 1 ${DACONF_TEMPLATE_FILE}
setVal pureftp 1 ${DACONF_FILE}
killall proftpd >/dev/null 2>&1
doRestartDA
set_service proftpd delete
set_service pure-ftpd ON
killall proftpd >/dev/null 2>&1
pure-pw mkdb /etc/pureftpd.pdb -f /etc/proftpd.passwd
if [ ! -e /etc/logrotate.d/pure-ftpd ]; then
safeDownloadWithMove /etc/logrotate.d/pure-ftpd "${WEBPATH}/pure-ftpd.logrotate"
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
cd ${CWD}
echo "Restarting Pure-FTPd."
control_service pure-ftpd restart
}
####################################################
doRemovePureftpd() {
if [ "${FTPD_OPT}" = "pureftpd" ]; then
do_exit 1 "Cannot remove Pure-FTPd, because it is enabled in options.conf file."
fi
getFile pure-ftpd-${PUREFTPD_VER}.tar.gz pureftpd
quitIfLocked doRemovePureftpd
echo "Disabling pure-ftpd in services.status"
set_service pure-ftpd delete
cd ${CWD}
FILE=${CWD}/pure-ftpd-${PUREFTPD_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
chown -R root:${ROOT_GRP} pure-ftpd-${PUREFTPD_VER}
cd pure-ftpd-${PUREFTPD_VER}
echo "Configuring pure-ftpd-${PUREFTPD_VER} for removal..."
${CWD}/${PUREFTPD_CONFIGURE}
echo "Done. Removing pure-ftpd-${PUREFTPD_VER}..."
make uninstall
if [ -e /etc/pure-ftpd.pem ]; then
echo "Removing /etc/pure-ftpd.pem..."
rm -f /etc/pure-ftpd.pem
fi
if [ -e /usr/local/bin/pureftpd_uploadscan.sh ]; then
echo "Removing /usr/local/bin/pureftpd_uploadscan.sh..."
rm -f /usr/local/bin/pureftpd_uploadscan.sh
fi
control_service pure-ftpd stop
echo "Disabling pure-ftpd in systemd..."
systemctl disable pure-ftpd.service
rm -f ${SYSTEMDDIR}/pure-ftpd.service
if [ -e ${SYSTEMDDIR}/pure-certd.service ]; then
systemctl stop pure-certd.service
systemctl disable pure-certd.service
rm -f ${SYSTEMDDIR}/pure-certd.service
fi
if [ -e ${SYSTEMDDIR}/pure-uploadscript.service ]; then
systemctl stop pure-uploadscript.service
systemctl disable pure-uploadscript.service
rm -f ${SYSTEMDDIR}/pure-uploadscript.service
fi
systemctl daemon-reload
rm -f /usr/libexec/pureftpd_startscript
if [ -e /etc/pureftpd.pdb ]; then
echo "Removing pure-ftpd password database: /etc/pureftpd.pdb..."
rm -f /etc/pureftpd.pdb
fi
if [ -e /etc/logrotate.d/pure-ftpd ]; then
echo "Removing /etc/logrotate.d/pure-ftpd..."
rm -f /etc/logrotate.d/pure-ftpd
fi
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
cd ${CWD}
writeLog "Pure-ftpd removed"
}
####################################################
doNoFtpd() {
echo "No ftpd server set. Adding basic ftp:ftp account setup."
addUserGroup ftp ftp
addToAccess ftp
}
####################################################
doRemoveNghttp2() {
initHTTP2var
NGHTTP2_VER=1.48.0
getFile nghttp2-${NGHTTP2_VER}.tar.gz nghttp2
quitIfLocked doRemoveNghttp2
cd ${CWD}
FILE=${CWD}/nghttp2-${NGHTTP2_VER}.tar.gz
checkFile ${FILE}
echo "Extracting ${FILE}..."
tar xzf ${FILE} --no-same-owner
cd nghttp2-${NGHTTP2_VER}
echo "Configuring nghttp2-${NGHTTP2_VER} for removal..."
./configure
echo "Done. Removing nghttp2-${NGHTTP2_VER}..."
make uninstall
if ! ${EXEC_CL_COMMANDS_ONCE}; then
cagefsctl_update
else
CL_COMPONENT_UPDATE=true
fi
cd ${CWD}
writeLog "nghttp2 removed"
}
####################################################
doUpdateDA() {
echo "${boldon}Updating DirectAdmin${boldoff}"
echo "action=update&value=program" >> ${TASK_QUEUE}
run_dataskq
writeLog "DirectAdmin update requested"
}
####################################################
doLetsEncrypt() {
if [ ! -x /usr/local/bin/lego ]; then
doLego
fi
cd ${CWD}
LETSENCRYPT_SH=/usr/local/directadmin/scripts/letsencrypt.sh
getFile all/letsencrypt/letsencrypt.sh.${LETSENCRYPT_VER} letsencrypt_sh letsencrypt.sh
mv -f ${CWD}/letsencrypt.sh ${LETSENCRYPT_SH}
chown diradmin:diradmin ${LETSENCRYPT_SH}
chmod 700 ${LETSENCRYPT_SH}
echo "Let's encrypt client ${LETSENCRYPT_VER} has been installed."
writeLog "Let's Encrypt client update requested"
}
####################################################
checkSecurity() {
MYSQL_IS_EOL=false
if [ -e /usr/bin/mysql ]; then
MYSQLV=`mysql_main`
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
MYSQL_NAME="MySQL"
else
MYSQL_NAME="MariaDB"
fi
if [ "${MYSQLV}" = "5.5" ] || [ "${MYSQLV}" = "10.0" ] || [ "${MYSQLV}" = "10.1" ]; then
MYSQL_IS_EOL=true
fi
fi
LIST_JSON_SECURITY=false
if ${MYSQL_IS_EOL}; then
LIST_JSON_SECURITY=true
fi
#0 update items
#1 show available updates
#2 just webapps N/A here.
#json similar to #1, but in json format.
VERSIONS=$1
if [ "${VERSIONS}" = "2" ]; then
return;
fi
if [ "${VERSIONS}" = "0" ]; then
#found cases where bind9.service boot of named, and named.serivce both running,
#so bind9 instance never gets reloaded, so randomly serves stale data.
ensure_not_debian_bind9_boot
fi
if [ "${VERSIONS}" = "json" ] && ${LIST_JSON_SECURITY}; then
printf "\t\"security\": {\n"
fi
SECURITY_ITEM_ADDED=0
if ${MYSQL_IS_EOL}; then
if [ "${VERSIONS}" = "json" ]; then
if [ "${SECURITY_ITEM_ADDED}" -eq 1 ]; then
echo ","
fi
SECURITY_ITEM_ADDED=1
printf "\t\t\"${MYSQL_NAME} EOL\": {\n"
printf "\t\t\t\"name\": \"${MYSQL_NAME} is EOL\",\n"
printf "\t\t\t\"description\": \"${MYSQL_NAME} version on the system is end of life, please upgrade\",\n"
printf "\t\t\t\"url\": \"https://endoflife.software/applications/databases\"\n"
printf "\t\t}"
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Security update is available.${boldoff}: ${MYSQL_NAME}: https://endoflife.software/applications/databases"
echo ""
fi
fi
if [ "${VERSIONS}" = "json" ] && ${LIST_JSON_SECURITY}; then
printf "\n\t},\n"
fi
}
####################################################
ensure_not_debian_bind9_boot() {
if [ ! -e /etc/debian_version ]; then
return;
fi
if [ ! -e /lib/systemd/system/bind9.service ] || [ ! -e /etc/systemd/system/named.service ]; then
return;
fi
if [ -h /lib/systemd/system/bind9.service ]; then
return;
fi
if [ ! -s ${SERVICES} ]; then
return;
fi
NAMED_ON=`grep -c 'named=ON' ${SERVICES}`
if [ "${NAMED_ON}" != "1" ]; then
return
fi
B9ON=`systemctl is-enabled bind9.service`
if [ "${B9ON}" != "enabled" ]; then
return;
fi
NAMEDON=`systemctl is-enabled named.service`
if [ "${NAMEDON}" != "enabled" ]; then
return;
fi
#only applies if named was already running as we don't want to start it up later, if it was never supposed to be running.
NAMED_COUNT=`ps ax | grep -v grep | grep -c named`
if [ "${NAMED_COUNT}" = "0" ]; then
return;
fi
echo "${boldon}Both bind9.service and named.service are enabled. This could lead to random stale dns data being serviced. Disabling bind9.service${boldoff}"
writeLog "disabling bind9 as both it and named were enabled."
control_service bind9 stop
control_service named stop
killall -9 named
sleep 1
systemctl disable bind9.service
control_service named start
sleep 1
NAMED_COUNT=`ps ax | grep -v grep | grep -c named`
SUBJECT="bind9.service disabled, named.service still enabled"
MESSAGE="CustomBuild has noticed both bind9.service and named.service were enabled.%0AThis could lead to bind9 serving stale data as it is never reloaded.%0AThe bind9.service boot script has been disabled, and named.service has been left as it was.%0ACustomBuild does see a new named process, you can likely disregard this message."
if [ "${NAMED_COUNT}" = "0" ]; then
#double check that.
sleep 5;
NAMED_COUNT=`ps ax | grep -v grep | grep -c named`
if [ "${NAMED_COUNT}" = "0" ]; then
#yikes, its broken.
SUBJECT="bind9.service has been disabled but there is an issue with named starting up."
MESSAGE="CustomBuild has noticed both bind9.service and named.service were enabled.%0AThis could lead to bind9 serving stale data as it is never reloaded.%0AThe bind9.service boot script has been disabled, and named.service has been left as it was.%0AHowever CustomBuild does not see a new named process, so investigation of /var/log/messages might be need if it's not running."
fi
fi
echo "action=notify&value=admin&subject=${SUBJECT}&message=${MESSAGE}" >> /usr/local/directadmin/data/task.queue
}
####################################################
doVersions() {
cd ${CWD}
if [ "$2" = "full" ]; then
if [ -e ${DEBIAN_VERSION} ]; then
apt-get update
apt-get -y upgrade
else
yum -y update
fi
doUpdate
fi
VERSIONS=$1
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${VERSIONS}" = "2" ]; then
#Skip executing CL commands like "cagefsctl --force update" on every component update
EXEC_CL_COMMANDS_ONCE=true
fi
WEBAPPS_UPDATED=false
if [ "${VERSIONS}" = "1" ]; then
if [ -s ${VERSIONS_FILE_CUSTOM} ]; then
echo -n "${boldon}NOTE${boldoff}: Some custom versions are set in ${VERSIONS_FILE_CUSTOM}, this may prevent showing the actual latest version of the software: "
cat ${VERSIONS_FILE_CUSTOM} | cut -d: -f1,2 | perl -p0 -e 's|:| (|g' | perl -p0 -e 's|\n|), |g' | perl -p0 -e 's|, $||g'
echo ""
echo ""
fi
fi
if [ "${VERSIONS}" = "json" ]; then
echo "{"
fi
if [ $(is_os_eol) -eq 0 ] && [ -e ${DA_BIN} ]; then
DOWNGRADE_CASE=false
UPDATE_DATA=`curl -s -k -L $(/usr/local/directadmin/directadmin --root-auth-url)/CMD_API_LICENSE?json=yes 2>/dev/null | perl -ne 'print if /"(update_available|latest_commit_sha|commit_sha|version|current_version)":[^,]*/'`
if [ ! -z "${UPDATE_DATA}" ]; then
DIRECTADMIN_UPDATE_AVAIL="`echo "${UPDATE_DATA}" | grep -o '"update_available"[^,]*' | cut -d'"' -f4`"
DIRECTADMIN_UPDATE_LATEST_SHA="`echo "${UPDATE_DATA}" | grep -o '"latest_commit_sha"[^,]*' | cut -d'"' -f4`"
DIRECTADMIN_UPDATE_SHA="`echo "${UPDATE_DATA}" | grep -o '"commit_sha"[^,]*' | cut -d'"' -f4`"
DIRECTADMIN_UPDATE_VER="`echo "${UPDATE_DATA}" | grep -o '"version"[^,]*' | cut -d'"' -f4`"
DIRECTADMIN_UPDATE_CURRENT_VER="`echo "${UPDATE_DATA}" | grep -o '"current_version"[^,]*' | cut -d'"' -f4`"
else
DIRECTADMIN_UPDATE_AVAIL="0"
DIRECTADMIN_UPDATE_LATEST_SHA="0"
DIRECTADMIN_UPDATE_SHA="0"
DIRECTADMIN_UPDATE_VER="0"
DIRECTADMIN_UPDATE_CURRENT_VER="0"
fi
if [ -z "${DIRECTADMIN_UPDATE_LATEST_SHA}" ]; then
DIRECTADMIN_UPDATE_LATEST_SHA="0"
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of DirectAdmin: ${DIRECTADMIN_UPDATE_VER} build ${DIRECTADMIN_UPDATE_LATEST_SHA}"
echo "Installed version of DirectAdmin: ${DIRECTADMIN_UPDATE_CURRENT_VER} build ${DIRECTADMIN_UPDATE_SHA}"
echo ""
fi
if [ "${DIRECTADMIN_UPDATE_AVAIL}" = "1" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "3" ]; then
doUpdateDA
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}DirectAdmin ${DIRECTADMIN_UPDATE_VER} build ${DIRECTADMIN_UPDATE_SHA} to ${DIRECTADMIN_UPDATE_CURRENT_VER} build ${DIRECTADMIN_UPDATE_LATEST_SHA} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"update_da\": {\n"
printf "\t\t\"name\": \"DirectAdmin\",\n"
printf "\t\t\"current\": \"${DIRECTADMIN_UPDATE_VER} build ${DIRECTADMIN_UPDATE_SHA}\",\n"
printf "\t\t\"offered\": \"${DIRECTADMIN_UPDATE_CURRENT_VER} build ${DIRECTADMIN_UPDATE_LATEST_SHA}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
LETSENCRYPT=`getDA_Opt letsencrypt 1`
if [ "${LETSENCRYPT}" -ge 1 ] && [ -e /usr/local/directadmin/scripts/letsencrypt.sh ]; then
if grep -q -m1 'VERSION=' /usr/local/directadmin/scripts/letsencrypt.sh; then
LETSENCRYPTV="`grep -m1 'VERSION=' /usr/local/directadmin/scripts/letsencrypt.sh | cut -d'=' -f2`"
else
LETSENCRYPTV="0"
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of LetsEncrypt: ${LETSENCRYPT_VER}"
echo "Installed version of LetsEncrypt: ${LETSENCRYPTV}"
echo ""
fi
if [ "${LETSENCRYPT_VER}" != "${LETSENCRYPTV}" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating LetsEncrypt${boldoff}"
doLetsEncrypt
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}LetsEncrypt ${LETSENCRYPTV} to ${LETSENCRYPT_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"letsencrypt\": {\n"
printf "\t\t\"name\": \"LetsEncrypt\",\n"
printf "\t\t\"current\": \"${LETSENCRYPTV}\",\n"
printf "\t\t\"offered\": \"${LETSENCRYPT_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ -x /usr/bin/bwrap ] && [ "${CLOUDLINUX_OPT}" != "yes" ]; then
BUBBLEWRAPV="`/usr/bin/bwrap --version | awk '{print $2}'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Bubblewrap: ${BUBBLEWRAP_VER}"
echo "Installed version of Bubblewrap: ${BUBBLEWRAPV}"
echo ""
fi
if [ "${BUBBLEWRAP_VER}" != "${BUBBLEWRAPV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Bubblewrap${boldoff}"
doBubblewrap
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Bubblewrap ${BUBBLEWRAPV} to ${BUBBLEWRAP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"bubblewrap\": {\n"
printf "\t\t\"name\": \"Bubblewrap\",\n"
printf "\t\t\"current\": \"${BUBBLEWRAPV}\",\n"
printf "\t\t\"offered\": \"${BUBBLEWRAP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
if [ -s /usr/bin/jailshell ]; then
if grep -q -m1 'VERSION=' /usr/bin/jailshell; then
JAILSHELL_SHV="`grep -m1 'VERSION=' /usr/bin/jailshell | cut -d'=' -f2`"
else
JAILSHELL_SHV="0"
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Jailshell: ${JAILSHELL_SH_VER}"
echo "Installed version of Jailshell: ${JAILSHELL_SHV}"
echo ""
fi
if [ "${JAILSHELL_SH_VER}" != "${JAILSHELL_SHV}" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating Jailshell${boldoff}"
doJailshell
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Jailshell ${JAILSHELL_SHV} to ${JAILSHELL_SH_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"jailshell\": {\n"
printf "\t\t\"name\": \"Jailshell\",\n"
printf "\t\t\"current\": \"${JAILSHELL_SHV}\",\n"
printf "\t\t\"offered\": \"${JAILSHELL_SH_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${CUSTOMBUILD_PLUGIN_OPT}" = "yes" ]; then
if [ -s /usr/local/directadmin/plugins/custombuild/plugin.conf ]; then
CB_PLUGINV="`grep '^version=' /usr/local/directadmin/plugins/custombuild/plugin.conf | cut -d= -f2`"
else
CB_PLUGINV=0
fi
if [ -s /usr/local/directadmin/plugins/custombuild/available_version.txt ]; then
CB_PLUGIN_VER="`cat /usr/local/directadmin/plugins/custombuild/available_version.txt`"
else
CB_PLUGIN_VER=`curl -s ${WEBPATH}/plugin/version.html | head -n1`
if ! echo "${CB_PLUGIN_VER}" | grep -m1 -q '^[0-9]\.'; then
CB_PLUGIN_VER=0
fi
fi
DOWNGRADE_CASE=false
if [ "`version_cmp ${CB_PLUGIN_VER} $CB_PLUGINV`" -lt 0 ]; then
DOWNGRADE_CASE=true
fi
if ! ${DOWNGRADE_CASE}; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of CustomBuild plugin: ${CB_PLUGIN_VER}"
echo "Installed version of CustomBuild plugin: ${CB_PLUGINV}"
echo ""
fi
if [ "${CB_PLUGIN_VER}" != "${CB_PLUGINV}" ] && [ "${CB_PLUGINV}" != "0" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating CustomBuild plugin${boldoff}"
doCustombuildPlugin
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}CustomBuild plugin ${CB_PLUGINV} to ${CB_PLUGIN_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"custombuild_plugin\": {\n"
printf "\t\t\"name\": \"CustomBuild plugin\",\n"
printf "\t\t\"current\": \"${CB_PLUGINV}\",\n"
printf "\t\t\"offered\": \"${CB_PLUGIN_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ] && [ "${LITESPEED_VER}" != "0" ]; then
if [ -e /usr/local/lsws/bin/lshttpd ]; then
LITESPEEDV="`/usr/local/lsws/bin/lshttpd -v | cut -d/ -f2 | awk '{print $1}'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of LiteSpeed: ${LITESPEED_VER}"
echo "Installed version of LiteSpeed: ${LITESPEEDV}"
echo ""
fi
if [ "${LITESPEED_VER}" != "${LITESPEEDV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating LiteSpeed${boldoff}"
doLiteSpeed
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}LiteSpeed ${LITESPEEDV} to ${LITESPEED_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"litespeed\": {\n"
printf "\t\t\"name\": \"LiteSpeed\",\n"
printf "\t\t\"current\": \"${LITESPEEDV}\",\n"
printf "\t\t\"offered\": \"${LITESPEED_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ] && [ "${OPENLITESPEED_VER}" != "0" ]; then
if [ -e /usr/local/lsws/bin/lshttpd ]; then
OPENLITESPEEDV="`/usr/local/lsws/bin/lshttpd -v | head -n1 | cut -d/ -f2 | awk '{print $1}'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of OpenLiteSpeed: ${OPENLITESPEED_VER}"
echo "Installed version of OpenLiteSpeed: ${OPENLITESPEEDV}"
echo ""
fi
if [ "${OPENLITESPEED_VER}" != "${OPENLITESPEEDV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating OpenLiteSpeed${boldoff}"
doOpenLiteSpeed
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}OpenLiteSpeed ${OPENLITESPEEDV} to ${OPENLITESPEED_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"openlitespeed\": {\n"
printf "\t\t\"name\": \"OpenLiteSpeed\",\n"
printf "\t\t\"current\": \"${OPENLITESPEEDV}\",\n"
printf "\t\t\"offered\": \"${OPENLITESPEED_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${APACHE2_VER}" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -e /usr/sbin/httpd ]; then
APACHEV="`/usr/sbin/httpd -v | grep -m1 'Server version:' | awk '{ print $3 }' | cut -d/ -f2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Apache: ${APACHE2_VER}"
echo "Installed version of Apache: ${APACHEV}"
echo ""
fi
if [ "${APACHE2_VER}" != "${APACHEV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Apache${boldoff}"
doApache2
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Apache ${APACHEV} to ${APACHE2_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"apache\": {\n"
printf "\t\t\"name\": \"Apache\",\n"
printf "\t\t\"current\": \"${APACHEV}\",\n"
printf "\t\t\"offered\": \"${APACHE2_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
fi
NGINX_UPDATE_AVAILABLE=0
if [ "${NGINX_VER}" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -e /usr/sbin/nginx ]; then
NGINXV="`/usr/sbin/nginx -v 2>&1 | grep -m1 'nginx version:' | cut -d'/' -f2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Nginx: ${NGINX_VER}"
echo "Installed version of Nginx: ${NGINXV}"
echo ""
fi
if [ "${NGINX_VER}" != "${NGINXV}" ]; then
NGINX_UPDATE_AVAILABLE=1
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Nginx${boldoff}"
doNginx
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Nginx ${NGINXV} to ${NGINX_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"nginx\": {\n"
printf "\t\t\"name\": \"Nginx\",\n"
printf "\t\t\"current\": \"${NGINXV}\",\n"
printf "\t\t\"offered\": \"${NGINX_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
fi
if [ "${MODSECURITY_OPT}" = "yes" ] && [ "${MODSECURITY_RULESET_OPT}" = "owasp" ] && [ "${OWASP_RULES_VER}" != "0" ]; then
OWASP_RULESV=0
if [ -e /etc/modsecurity.d/owasp_rules_version ]; then
OWASP_RULESV=`cat /etc/modsecurity.d/owasp_rules_version`
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of OWASP ModSecurity Rule Set: ${OWASP_RULES_VER}"
echo "Installed version of OWASP ModSecurity Rule Set: ${OWASP_RULESV}"
echo ""
fi
if [ "${OWASP_RULES_VER}" != "${OWASP_RULESV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating OWASP ModSecurity Rule Set${boldoff}"
doModSecurityRules
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}OWASP ModSecurity Rule Set ${OWASP_RULESV} to ${OWASP_RULES_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"modsecurity_rules\": {\n"
printf "\t\t\"name\": \"OWASP ModSecurity Rule Set\",\n"
printf "\t\t\"current\": \"${OWASP_RULESV}\",\n"
printf "\t\t\"offered\": \"${OWASP_RULES_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ -s /usr/local/include/maxminddb.h ]; then
LIBMAXMINDDBV=`grep -m1 'PACKAGE_VERSION' /usr/local/include/maxminddb.h | cut -d'"' -f2`
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of libmaxminddb: ${LIBMAXMINDDB_VER}"
echo "Installed version of libmaxminddb: ${LIBMAXMINDDBV}"
echo ""
fi
if [ "${LIBMAXMINDDB_VER}" != "${LIBMAXMINDDBV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating libmaxminddb${boldoff}"
dolibmaxminddb
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}libmaxminddb ${LIBMAXMINDDBV} to ${LIBMAXMINDDB_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"libmaxminddb\": {\n"
printf "\t\t\"name\": \"libmaxminddb\",\n"
printf "\t\t\"current\": \"${LIBMAXMINDDBV}\",\n"
printf "\t\t\"offered\": \"${LIBMAXMINDDB_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ -x /usr/local/bin/geoipupdate ]; then
GEOIPUPDATEV="`/usr/local/bin/geoipupdate -V | awk '{print $2}'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of geoipupdate: ${GEOIPUPDATE_VER}"
echo "Installed version of geoipupdate: ${GEOIPUPDATEV}"
echo ""
fi
if [ "${GEOIPUPDATE_VER}" != "${GEOIPUPDATEV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating geoipupdate${boldoff}"
doGeoipupdate
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}geoipupdate ${GEOIPUPDATEV} to ${GEOIPUPDATE_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"geoipupdate\": {\n"
printf "\t\t\"name\": \"geoipupdate\",\n"
printf "\t\t\"current\": \"${GEOIPUPDATEV}\",\n"
printf "\t\t\"offered\": \"${GEOIPUPDATE_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${MODSECURITY_OPT}" = "yes" ] && [ "${MODSECURITY_RULESET_OPT}" = "comodo" ]; then
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
CURRENT_CWAF_RULES_VER=${CWAF_RULES_LS_VER}
elif [ "${WEBSERVER_OPT}" = "apache" ]; then
CURRENT_CWAF_RULES_VER=${CWAF_RULES_VER}
else
CURRENT_CWAF_RULES_VER=${CWAF_RULES_NGINX_VER}
fi
if [ "${CURRENT_CWAF_RULES_VER}" != "0" ]; then
CWAF_RULESV=0
if [ -e /usr/local/cwaf/rules/rules.dat ]; then
CWAF_RULESV=`cat /usr/local/cwaf/rules/rules.dat`
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Comodo ModSecurity Rule Set: ${CURRENT_CWAF_RULES_VER}"
echo "Installed version of Comodo ModSecurity Rule Set: ${CWAF_RULESV}"
echo ""
fi
if [ "${CURRENT_CWAF_RULES_VER}" != "${CWAF_RULESV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Comodo ModSecurity Rule Set${boldoff}"
doModSecurityRules
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Comodo ModSecurity Rule Set ${CWAF_RULESV} to ${CURRENT_CWAF_RULES_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"modsecurity_rules\": {\n"
printf "\t\t\"name\": \"Comodo ModSecurity Rule Set\",\n"
printf "\t\t\"current\": \"${CWAF_RULESV}\",\n"
printf "\t\t\"offered\": \"${CURRENT_CWAF_RULES_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${FTPD_OPT}" = "proftpd" ] && [ "${PROFTPD_VER}" != "0" ]; then
if [ -e $PROFTPD_PREFIX/sbin/proftpd ]; then
PROFTPDV="`$PROFTPD_PREFIX/sbin/proftpd -v 2>&1 | awk '{ print $3 }'`"
if [ "$PROFTPDV" = "Version" ]; then
PROFTPDV="`$PROFTPD_PREFIX/sbin/proftpd -v 2>&1 | awk '{ print $4 }'`"
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of ProFTPD: ${PROFTPD_VER}"
echo "Installed version of ProFTPD: ${PROFTPDV}"
echo ""
fi
if [ "${PROFTPD_VER}" != "${PROFTPDV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating ProFTPD${boldoff}"
doProftpd
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}ProFTPD ${PROFTPDV} to ${PROFTPD_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"proftpd\": {\n"
printf "\t\t\"name\": \"ProFTPd\",\n"
printf "\t\t\"current\": \"${PROFTPDV}\",\n"
printf "\t\t\"offered\": \"${PROFTPD_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${FTPD_OPT}" = "pureftpd" ] && [ "${PUREFTPD_VER}" != "0" ]; then
if [ -e /usr/sbin/pure-ftpd ]; then
PUREFTPDV="`/usr/sbin/pure-ftpd -h | grep -m1 pure-ftpd | awk '{print $2}' | cut -dv -f2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Pure-FTPD: ${PUREFTPD_VER}"
echo "Installed version of Pure-FTPd: ${PUREFTPDV}"
echo ""
fi
if [ "${PUREFTPD_VER}" != "${PUREFTPDV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Pure-FTPd${boldoff}"
doPureftpd
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Pure-FTPD ${PUREFTPDV} to ${PUREFTPD_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"pureftpd\": {\n"
printf "\t\t\"name\": \"Pure-FTPd\",\n"
printf "\t\t\"current\": \"${PUREFTPDV}\",\n"
printf "\t\t\"offered\": \"${PUREFTPD_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${REDIS_OPT}" = "yes" ]; then
REDISV=0
if [ -x /usr/local/bin/redis-server ]; then
REDISV="`/usr/local/bin/redis-server -v | grep -o -m1 'v=[^ ]*' | cut -d= -f2`"
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Redis: ${REDIS_VER}"
echo "Installed version of Redis: ${REDISV}"
echo ""
fi
if [ "${REDIS_VER}" != "${REDISV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Redis${boldoff}"
doRedis
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Redis ${REDISV} to ${REDIS_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"redis\": {\n"
printf "\t\t\"name\": \"Redis\",\n"
printf "\t\t\"current\": \"${REDISV}\",\n"
printf "\t\t\"offered\": \"${REDIS_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${IMAGICK_OPT}" = "yes" ] && [ "${IMAGEMAGICK_VER}" != "0" ]; then
IMAGEMAGICKV=0
if [ -x /usr/local/bin/magick ]; then
IMAGEMAGICKV="`/usr/local/bin/magick -version | head -n1 | awk '{print $3}'`"
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of ImageMagick: ${IMAGEMAGICK_VER}"
echo "Installed version of ImageMagick: ${IMAGEMAGICKV}"
echo ""
fi
if [ "${IMAGEMAGICK_VER}" != "${IMAGEMAGICKV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating ImageMagick${boldoff}"
doImageMagick
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}ImageMagick ${IMAGEMAGICKV} to ${IMAGEMAGICK_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"imagemagick\": {\n"
printf "\t\t\"name\": \"ImageMagick\",\n"
printf "\t\t\"current\": \"${IMAGEMAGICKV}\",\n"
printf "\t\t\"offered\": \"${IMAGEMAGICK_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${IMAGICK_OPT}" = "yes" ] && [ "${IMAGICK_VER}" != "0" ] && [ -x /usr/local/bin/php ]; then
IMAGICKV=0
if /usr/local/bin/php -i | grep -m1 -q 'imagick module version'; then
IMAGICKV="`/usr/local/bin/php -i | grep -m1 'imagick module version' | awk '{print $5}'`"
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of imagick: ${IMAGICK_VER}"
echo "Installed version of imagick: ${IMAGICKV}"
echo ""
fi
if [ "${IMAGICK_VER}" != "${IMAGICKV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating imagick${boldoff}"
doIMagick
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Imagick ${IMAGICKV} to ${IMAGICK_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"imagick\": {\n"
printf "\t\t\"name\": \"imagick\",\n"
printf "\t\t\"current\": \"${IMAGICKV}\",\n"
printf "\t\t\"offered\": \"${IMAGICK_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${WEBSERVER}" = "nginx" ] || [ "${WEBSERVER}" = "nginx_apache" ]; then
if [ "${MODSECURITY_OPT}" = "yes" ] && [ "${LIBMODSECURITY_VER}" != "0" ]; then
if [ -s /usr/local/modsecurity/lib/pkgconfig/modsecurity.pc ]; then
LIBMODSECURITYV=`grep 'Version: ' /usr/local/modsecurity/lib/pkgconfig/modsecurity.pc | awk '{print $2}'`
else
LIBMODSECURITYV=0
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of LibModSecurity: ${LIBMODSECURITYV}"
echo "Installed version of LibModSecurity: ${LIBMODSECURITY_VER}"
echo ""
fi
if [ "${LIBMODSECURITYV}" != "${LIBMODSECURITY_VER}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating LibModSecurity${boldoff}"
doLibModSecurity
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}LibModSecurity ${LIBMODSECURITYV} to ${LIBMODSECURITY_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"libmodsecurity\": {\n"
printf "\t\t\"name\": \"LibModSecurity\",\n"
printf "\t\t\"current\": \"${LIBMODSECURITYV}\",\n"
printf "\t\t\"offered\": \"${LIBMODSECURITY_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
# Check ModSecurity connector version
if nginx -V 2>&1 | grep -q -o -m1 'modsecurity-nginx-v[^ ]*'; then
MODSECURITY_NGINX_CONNECTORV=`nginx -V 2>&1 | grep -o -m1 'modsecurity-nginx-v[^ ]*' | cut -d- -f3`
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of ModSecurity Nginx Connector: ${MODSECURITY_NGINX_CONNECTORV}"
echo "Installed version of ModSecurity Nginx Connector: ${MODSECURITY_NGINX_CONNECTOR_VER}"
echo ""
fi
if [ "${MODSECURITY_NGINX_CONNECTORV}" != "${MODSECURITY_NGINX_CONNECTOR_VER}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating ModSecurity Nginx Connector${boldoff}"
doModSecurityConnector 1
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}ModSecurity Nginx Connector ${MODSECURITY_NGINX_CONNECTORV} to ${MODSECURITY_NGINX_CONNECTOR_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"modsecurity_connector\": {\n"
printf "\t\t\"name\": \"ModSecurity Nginx Connector\",\n"
printf "\t\t\"current\": \"${MODSECURITY_NGINX_CONNECTORV}\",\n"
printf "\t\t\"offered\": \"${MODSECURITY_NGINX_CONNECTOR_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
fi
if [ -x /usr/local/bin/wp ]; then
WPV="`/usr/local/bin/wp --version --allow-root | cut -d" " -f2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of WP-CLI: ${WP_VER}"
echo "Installed version of WP-CLI: ${WPV}"
echo ""
fi
if [ "${WP_VER}" != "${WPV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating WP-CLI${boldoff}"
doWP
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}WP-CLI ${WPV} to ${WP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"wp\": {\n"
printf "\t\t\"name\": \"wp-cli\",\n"
printf "\t\t\"current\": \"${WPV}\",\n"
printf "\t\t\"offered\": \"${WP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ -x /usr/local/bin/imapsync ]; then
IMAPSYNCV="`/usr/local/bin/imapsync --version`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Imapsync: ${IMAPSYNC_VER}"
echo "Installed version of Imapsync: ${IMAPSYNCV}"
echo ""
fi
if [ "${IMAPSYNC_VER}" != "${IMAPSYNCV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Imapsync${boldoff}"
doImapsync
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Imapsync ${IMAPSYNCV} to ${IMAPSYNC_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"imapsync\": {\n"
printf "\t\t\"name\": \"Imapsync\",\n"
printf "\t\t\"current\": \"${IMAPSYNCV}\",\n"
printf "\t\t\"offered\": \"${IMAPSYNC_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ -s ${STRINGS} ]; then
if [ -x /usr/local/bin/composer ]; then
COMPOSERV="`strings /usr/local/bin/composer | grep -m1 'const VERSION = ' | cut -d"'" -f2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of composer: ${COMPOSER_VER}"
echo "Installed version of composer: ${COMPOSERV}"
echo ""
fi
if [ "${COMPOSER_VER}" != "${COMPOSERV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating composer${boldoff}"
doComposer
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Composer ${COMPOSERV} to ${COMPOSER_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"composer\": {\n"
printf "\t\t\"name\": \"composer\",\n"
printf "\t\t\"current\": \"${COMPOSERV}\",\n"
printf "\t\t\"offered\": \"${COMPOSER_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${PHP1_MODE_OPT}" = "lsphp" ] && [ "${MOD_LSAPI_VER}" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -s /usr/lib/apache/mod_lsapi.so ]; then
MODLSAPIV="`${STRINGS} /usr/lib/apache/mod_lsapi.so | grep -m1 'version' | awk '{print $3}' | cut -d: -f1 | grep -o '.*[0-9][^a-z]'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of mod_lsapi: ${MOD_LSAPI_VER}"
echo "Installed version of mod_lsapi: ${MODLSAPIV}"
echo ""
fi
if [ "${MODLSAPIV}" != "${MOD_LSAPI_VER}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating mod_lsapi${boldoff}"
doModLsapi 1
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}mod_lsapi ${MODLSAPIV} to ${MOD_LSAPI_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"mod_lsapi\": {\n"
printf "\t\t\"name\": \"mod_lsapi\",\n"
printf "\t\t\"current\": \"${MODLSAPIV}\",\n"
printf "\t\t\"offered\": \"${MOD_LSAPI_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${MOD_PROCTITLE_VER}" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -s /usr/lib/apache/mod_proctitle.so ]; then
MODPROCTITLEV="`${STRINGS} /usr/lib/apache/mod_proctitle.so | grep -m1 'version' | awk '{print $3}' | cut -d. -f1,2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of mod_proctitle: ${MODPROCTITLEV}"
echo "Installed version of mod_proctitle: ${MOD_PROCTITLE_VER}"
echo ""
fi
if [ "${MODPROCTITLEV}" != "${MOD_PROCTITLE_VER}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating mod_proctitle${boldoff}"
doModProctitle 1
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}mod_proctitle ${MODPROCTITLEV} to ${MOD_PROCTITLE_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"mod_proctitle\": {\n"
printf "\t\t\"name\": \"mod_proctitle\",\n"
printf "\t\t\"current\": \"${MODPROCTITLEV}\",\n"
printf "\t\t\"offered\": \"${MOD_PROCTITLE_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
fi
if [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${MOD_HOSTINGLIMITS_VER}" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
if [ -s /usr/lib/apache/mod_hostinglimits.so ]; then
MODHOSTINGLIMITSV="`${STRINGS} /usr/lib/apache/mod_hostinglimits.so | grep -m1 'version' | awk '{print $3}' | cut -d. -f1,2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of mod_hostinglimits: ${MODHOSTINGLIMITSV}"
echo "Installed version of mod_hostinglimits: ${MOD_HOSTINGLIMITS_VER}"
echo ""
fi
if [ "${MODHOSTINGLIMITSV}" != "${MOD_HOSTINGLIMITS_VER}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating mod_hostinglimits${boldoff}"
doModHostingLimits 1
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}mod_hostinglimits ${MODHOSTINGLIMITSV} to ${MOD_HOSTINGLIMITS_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"mod_hostinglimits\": {\n"
printf "\t\t\"name\": \"mod_hostinglimits\",\n"
printf "\t\t\"current\": \"${MODHOSTINGLIMITSV}\",\n"
printf "\t\t\"offered\": \"${MOD_HOSTINGLIMITS_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
fi
if [ "${MODSECURITY_OPT}" = "yes" ] && [ "${WEBSERVER_OPT}" = "apache" ] && [ "${MODSECURITY_VER}" != "0" ]; then
if [ -s /usr/lib/apache/mod_security2.so ]; then
MODSECURITYV="`${STRINGS} /usr/lib/apache/mod_security2.so | grep -m1 'ModSecurity for Apache/' | cut -d/ -f2 | awk '{print $1}'`"
if ! ${STRINGS} /usr/lib/apache/mod_security2.so | grep -m1 -q 'libyajl'; then
MODSECURITYV="0"
fi
else
MODSECURITYV="0"
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of ModSecurity: ${MODSECURITYV}"
echo "Installed version of ModSecurity: ${MODSECURITY_VER}"
echo ""
fi
if [ "${MODSECURITYV}" != "${MODSECURITY_VER}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating ModSecurity${boldoff}"
doModSecurity
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}ModSecurity ${MODSECURITYV} to ${MODSECURITY_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"modsecurity\": {\n"
printf "\t\t\"name\": \"ModSecurity\",\n"
printf "\t\t\"current\": \"${MODSECURITYV}\",\n"
printf "\t\t\"offered\": \"${MODSECURITY_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${MOD_RUID2_OPT}" = "yes" ] && [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ] && [ "${MOD_RUID2_VER}" != "0" ]; then
if [ -s /usr/lib/apache/mod_ruid2.so ]; then
MODRUID2V="`${STRINGS} /usr/lib/apache/mod_ruid2.so | grep -m1 'mod_ruid2/' | awk '{print $1}' | cut -d/ -f2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of mod_ruid2: ${MOD_RUID2_VER}"
echo "Installed version of mod_ruid2: ${MODRUID2V}"
echo ""
fi
if [ "${MODRUID2V}" != "${MOD_RUID2_VER}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating mod_ruid2${boldoff}"
doModRuid2
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}mod_ruid2 ${MODRUID2V} to ${MOD_RUID2_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"mod_ruid2\": {\n"
printf "\t\t\"name\": \"mod_ruid2\",\n"
printf "\t\t\"current\": \"${MODRUID2V}\",\n"
printf "\t\t\"offered\": \"${MOD_RUID2_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
fi
if [ "${CURL_OPT}" = "yes" ] && [ -e /usr/local/bin/curl ]; then
if [ -e /usr/local/bin/curl ] && [ "${CURL_VER}" != "0" ]; then
CURLV="`/usr/local/bin/curl --version | grep -m1 'libcurl' | awk '{ print $2}'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of curl: ${CURL_VER}"
echo "Installed version of curl: ${CURLV}"
echo ""
fi
if [ "${CURL_VER}" != "${CURLV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating cURL${boldoff}"
doCURL
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}cURL ${CURLV} to ${CURL_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"curl\": {\n"
printf "\t\t\"name\": \"cURL\",\n"
printf "\t\t\"current\": \"${CURLV}\",\n"
printf "\t\t\"offered\": \"${CURL_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${AWSTATS_OPT}" = "yes" ] && [ "${AWSTATS_VER}" != "0" ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of AWstats: ${AWSTATS_VER}"
fi
AWSTATSV=0
if [ -e /usr/local/awstats ]; then
AWSTATSV="`ls -ld /usr/local/awstats | cut -d\> -f2 | cut -d- -f2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of AWstats: ${AWSTATSV}"
echo ""
fi
fi
if [ "${AWSTATS_VER}" != "${AWSTATSV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating AWstats.${boldoff}"
doawstats
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}AWstats ${AWSTATSV} to ${AWSTATS_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"awstats\": {\n"
printf "\t\t\"name\": \"AWstats\",\n"
printf "\t\t\"current\": \"${AWSTATSV}\",\n"
printf "\t\t\"offered\": \"${AWSTATS_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
if [ "${AWSTATS_PROCESS_VER}" != "0" ]; then
AWS_PROCESS_V=0
AWS_PROCESS_SH=/usr/local/directadmin/scripts/awstats_process.sh
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of awstats_process.sh: ${AWSTATS_PROCESS_VER}"
fi
if [ -s "${AWS_PROCESS_SH}" ]; then
AWS_PROCESS_V=`grep ^VERSION= ${AWS_PROCESS_SH} | cut -d= -f2`
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of awstats_process.sh: ${AWS_PROCESS_V}"
echo ""
fi
fi
if [ "${AWSTATS_PROCESS_VER}" != "${AWS_PROCESS_V}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating awstats_process.sh.${boldoff}"
doawstats_process
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}awstats_process.sh ${AWS_PROCESS_V} to ${AWSTATS_PROCESS_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"awstats_process\": {\n"
printf "\t\t\"name\": \"awstats_process.sh\",\n"
printf "\t\t\"current\": \"${AWS_PROCESS_V}\",\n"
printf "\t\t\"offered\": \"${AWSTATS_PROCESS_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${DOVECOT_OPT}" = "yes" ] && [ "${DOVECOT_VER}" != "0" ]; then
if [ -e /usr/sbin/dovecot ]; then
DOVECOTV="`/usr/sbin/dovecot --version | cut -d\ -f1`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of dovecot: ${DOVECOT_VER}"
echo "Installed version of dovecot: ${DOVECOTV}"
echo ""
fi
if [ "${DOVECOT_VER}" != "${DOVECOTV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Dovecot${boldoff}"
doDovecot
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Dovecot ${DOVECOTV} to ${DOVECOT_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"dovecot\": {\n"
printf "\t\t\"name\": \"Dovecot\",\n"
printf "\t\t\"current\": \"${DOVECOTV}\",\n"
printf "\t\t\"offered\": \"${DOVECOT_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${DOVECOT_CONF_OPT}" = "yes" ]; then
COUNT=0
if [ -e /etc/dovecot/dovecot.conf ]; then
COUNT=`head -n1 /etc/dovecot/dovecot.conf | grep -c '^#'`
fi
if [ "${COUNT}" -gt 0 ]; then
DOVECOT_CONFV="`head -n1 /etc/dovecot/dovecot.conf | cut -d'#' -f2`"
else
DOVECOT_CONFV=0
fi
if [ "${DOVECOT_CONFV}" = "" ]; then
DOVECOT_CONFV=0
fi
COUNT=0
if [ -e ${DOVECTCONFFILE} ]; then
COUNT=`head -n1 ${DOVECTCONFFILE} | grep -c '^#'`
fi
if [ "${COUNT}" -gt 0 ]; then
DOVECOT_CONF_VER="`head -n1 ${DOVECTCONFFILE} | cut -d'#' -f2`"
else
DOVECOT_CONF_VER=0
fi
if [ "${DOVECOT_CONF_VER}" != "0" ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of dovecot.conf: ${DOVECOT_CONF_VER}"
echo "Installed version of dovecot.conf: ${DOVECOT_CONFV}"
echo ""
fi
if [ "${DOVECOT_CONF_VER}" != "${DOVECOT_CONFV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating dovecot.conf${boldoff}"
doDovecotConf
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}dovecot.conf ${DOVECOT_CONFV} to ${DOVECOT_CONF_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"dovecot_conf\": {\n"
printf "\t\t\"name\": \"dovecot.conf\",\n"
printf "\t\t\"current\": \"${DOVECOT_CONFV}\",\n"
printf "\t\t\"offered\": \"${DOVECOT_CONF_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${EXIM_OPT}" = "yes" ] && [ "${EXIM_VER}" != "0" ]; then
if [ -e /usr/sbin/exim ]; then
EXIMV="`exim_version`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Exim: ${EXIM_VER}"
echo "Installed version of Exim: ${EXIMV}"
echo ""
fi
if [ "${EXIM_VER}" != "${EXIMV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Exim${boldoff}"
doExim
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Exim ${EXIMV} to ${EXIM_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"exim\": {\n"
printf "\t\t\"name\": \"Exim\",\n"
printf "\t\t\"current\": \"${EXIMV}\",\n"
printf "\t\t\"offered\": \"${EXIM_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ -x /usr/local/bin/lego ]; then
LEGOV="`/usr/local/bin/lego -v 2>/dev/null | awk '{print $3}'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of lego: ${LEGO_VER}"
echo "Installed version of lego: ${LEGOV}"
echo ""
fi
if [ "${LEGO_VER}" != "${LEGOV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating lego${boldoff}"
doLego
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Lego ${LEGOV} to ${LEGO_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"lego\": {\n"
printf "\t\t\"name\": \"lego\",\n"
printf "\t\t\"current\": \"${LEGOV}\",\n"
printf "\t\t\"offered\": \"${LEGO_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ -x /usr/local/bin/lua ]; then
LUAV="`/usr/local/bin/lua -v 2>/dev/null | awk '{print $2}'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of lua: ${LUA_VER}"
echo "Installed version of lua: ${LUAV}"
echo ""
fi
if [ "${LUA_VER}" != "${LUAV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating lue${boldoff}"
doLua
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}lua ${LUAV} to ${LUA_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"lua\": {\n"
printf "\t\t\"name\": \"lua\",\n"
printf "\t\t\"current\": \"${LUAV}\",\n"
printf "\t\t\"offered\": \"${LUA_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ -x /usr/local/bin/s-nail ]; then
SNAILV="`/usr/local/bin/s-nail -V 2>/dev/null | awk '{print $2}' | grep -m1 -o '[0-9][^,]*'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of s-nail: ${S_NAIL_VER}"
echo "Installed version of s-nail: ${SNAILV}"
echo ""
fi
if [ "${S_NAIL_VER}" != "${SNAILV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating s-nail${boldoff}"
doSnail
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}s-nail ${SNAILV} to ${S_NAIL_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"s-nail\": {\n"
printf "\t\t\"name\": \"s-nail\",\n"
printf "\t\t\"current\": \"${SNAILV}\",\n"
printf "\t\t\"offered\": \"${S_NAIL_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ -x /usr/local/bin/msmtp ]; then
MSMTPV="`/usr/local/bin/msmtp --version 2>/dev/null | head -n1 | grep -m1 -o '[0-9][^,]*'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of msmtp: ${MSMTP_VER}"
echo "Installed version of msmtp: ${MSMTPV}"
echo ""
fi
if [ "${MSMTP_VER}" != "${MSMTPV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating msmtp${boldoff}"
doMsmtp
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}msmtp ${MSMTPV} to ${MSMTP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"msmtp\": {\n"
printf "\t\t\"name\": \"msmtp\",\n"
printf "\t\t\"current\": \"${MSMTPV}\",\n"
printf "\t\t\"offered\": \"${MSMTP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${EXIMCONF_OPT}" = "yes" ] && [ "${EXIM_CONF_VER}" != "0" ]; then
EXIMCONFV=`exim_conf_version`
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of exim.conf: ${EXIM_CONF_VER}"
echo "Installed version of exim.conf: ${EXIMCONFV}"
echo ""
fi
if [ "${EXIM_CONF_VER}" != "${EXIMCONFV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating exim.conf${boldoff}"
doEximConf
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}exim.conf ${EXIMCONFV} to ${EXIM_CONF_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"exim_conf\": {\n"
printf "\t\t\"name\": \"exim.conf\",\n"
printf "\t\t\"current\": \"${EXIMCONFV}\",\n"
printf "\t\t\"offered\": \"${EXIM_CONF_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${EXIMCONF_OPT}" = "yes" ] && [ "${BLOCKCRACKING_OPT}" = "yes" ] && [ "${BLOCKCRACKING_VER}" != "0" ]; then
COUNT=0
if [ -e /etc/exim.blockcracking/README.txt ]; then
COUNT=`head -n1 /etc/exim.blockcracking/README.txt | grep -c '^#'`
fi
if [ "${COUNT}" -gt 0 ]; then
BLOCKCRACKINGV="`head -n1 /etc/exim.blockcracking/README.txt | cut -d'#' -f2`"
else
BLOCKCRACKINGV=0
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of BlockCracking: ${BLOCKCRACKING_VER}"
echo "Installed version of BlockCracking: ${BLOCKCRACKINGV}"
echo ""
fi
if [ "${BLOCKCRACKING_VER}" != "${BLOCKCRACKINGV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating BlockCracking${boldoff}"
doBlockCracking
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}BlockCracking ${BLOCKCRACKINGV} to ${BLOCKCRACKING_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"blockcracking\": {\n"
printf "\t\t\"name\": \"BlockCracking\",\n"
printf "\t\t\"current\": \"${BLOCKCRACKINGV}\",\n"
printf "\t\t\"offered\": \"${BLOCKCRACKING_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${EXIMCONF_OPT}" = "yes" ] && [ "${EASY_SPAM_FIGHTER_OPT}" = "yes" ] && [ "${EASY_SPAM_FIGHTER_VER}" != "0" ]; then
COUNT=0
if [ -e /etc/exim.easy_spam_fighter/README.txt ]; then
COUNT=`head -n1 /etc/exim.easy_spam_fighter/README.txt | grep -c '^#'`
fi
if [ "${COUNT}" -gt 0 ]; then
EASY_SPAM_FIGHTERV="`head -n1 /etc/exim.easy_spam_fighter/README.txt | cut -d'#' -f2`"
else
EASY_SPAM_FIGHTERV=0
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Easy Spam Fighter: ${EASY_SPAM_FIGHTER_VER}"
echo "Installed version of Easy Spam Fighter: ${EASY_SPAM_FIGHTERV}"
echo ""
fi
if [ "${EASY_SPAM_FIGHTER_VER}" != "${EASY_SPAM_FIGHTERV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Easy Spam Fighter${boldoff}"
doEasySpamFighter
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Easy Spam Fighter ${EASY_SPAM_FIGHTERV} to ${EASY_SPAM_FIGHTER_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"easy_spam_fighter\": {\n"
printf "\t\t\"name\": \"Easy Spam Fighter\",\n"
printf "\t\t\"current\": \"${EASY_SPAM_FIGHTERV}\",\n"
printf "\t\t\"offered\": \"${EASY_SPAM_FIGHTER_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${SPAMD_OPT}" = "spamassassin" ] && [ "${SPAMASSASSIN_VER}" != "0" ]; then
if [ -e /usr/bin/spamd ]; then
SPAMASSASSINV=`/usr/bin/spamd --version | grep -m1 'version' | awk '{print $4}'`
else
SPAMASSASSINV=0
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of SpamAssassin: ${SPAMASSASSIN_VER}"
echo "Installed version of SpamAssassin: ${SPAMASSASSINV}"
echo ""
fi
if [ "${SPAMASSASSIN_VER}" != "${SPAMASSASSINV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating SpamAssassin.${boldoff}"
dospamassassin
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}SpamAssassin ${SPAMASSASSINV} to ${SPAMASSASSIN_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"spamassassin\": {\n"
printf "\t\t\"name\": \"SpamAssassin\",\n"
printf "\t\t\"current\": \"${SPAMASSASSINV}\",\n"
printf "\t\t\"offered\": \"${SPAMASSASSIN_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${SPAMD_OPT}" = "rspamd" ]; then
if [ "${RSPAMD_VER}" != "0" ]; then
#rspamd_config
if [ "${RSPAMD_CONF_VER}" != "0" ]; then
RSD_CONF_V=`rspamd_conf_version`
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Rspamd Config: ${RSPAMD_CONF_VER}"
echo "Installed version of Rspamd Config: ${RSD_CONF_V}"
echo ""
fi
if [ "${RSPAMD_CONF_VER}" != "${RSD_CONF_V}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Rspamd Config${boldoff}"
do_rspamd_conf
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Rspamd Config ${RSD_CONF_V} to ${RSPAMD_CONF_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"rspamd_conf\": {\n"
printf "\t\t\"name\": \"Rspamd Config\",\n"
printf "\t\t\"current\": \"${RSD_CONF_V}\",\n"
printf "\t\t\"offered\": \"${RSPAMD_CONF_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
fi
if [ "${CLAMAV_OPT}" = "yes" ] && [ "${CLAMAV_VER}" != "0" ]; then
CLAMAVV=0
if [ -e /usr/local/sbin/clamd ]; then
CLAMAVV=`/usr/local/sbin/clamd --version | cut -d/ -f1 | awk '{print $2}'`
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of ClamAV: ${CLAMAV_VER}"
echo "Installed version of ClamAV: ${CLAMAVV}"
echo ""
fi
if [ "${CLAMAV_VER}" != "${CLAMAVV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating ClamAV.${boldoff}"
doclamav
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}ClamAV ${CLAMAVV} to ${CLAMAV_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"clamav\": {\n"
printf "\t\t\"name\": \"ClamAV\",\n"
printf "\t\t\"current\": \"${CLAMAVV}\",\n"
printf "\t\t\"offered\": \"${CLAMAV_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${MYSQL_INST_OPT}" != "no" ] && [ -e $MYSQL_BIN ] && [ "${MYSQL_VER}" != "0" ] && [ "${MARIADB_VER}" != "0" ]; then
if [ "${MYSQL_INST_OPT}" = "mysql" ]; then
MYSQLV="`mysql_version`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of ${MYSQLNAME}: ${MYSQL_VER}"
echo "Installed version of ${MYSQLNAME}: ${MYSQLV}"
echo ""
fi
if [ "${MYSQL_VER}" != "${MYSQLV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating ${MYSQLNAME}.${boldoff}"
doMySQL
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}${MYSQLNAME} ${MYSQLV} to ${MYSQL_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"mysql\": {\n"
printf "\t\t\"name\": \"${MYSQLNAME}\",\n"
printf "\t\t\"current\": \"${MYSQLV}\",\n"
printf "\t\t\"offered\": \"${MYSQL_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
else
MYSQLV="`$MYSQL_BIN --version | awk '{ print $5 }' | cut -d , -f1 | cut -d- -f1`"
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of ${MYSQLNAME}: ${MARIADB_VER}"
echo "Installed version of ${MYSQLNAME}: ${MYSQLV}"
echo ""
fi
if [ "${MARIADB_VER}" != "${MYSQLV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating ${MYSQLNAME}.${boldoff}"
doMySQL
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}${MYSQLNAME} ${MYSQLV} to ${MARIADB_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"mysql\": {\n"
printf "\t\t\"name\": \"${MYSQLNAME}\",\n"
printf "\t\t\"current\": \"${MYSQLV}\",\n"
printf "\t\t\"offered\": \"${MARIADB_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
for php_release in `echo ${PHP1_RELEASE_SET}`; do
php_shortrelease="`echo ${php_release} | tr -d '.'`"
PHP_VER_VAR=PHP${php_shortrelease}_VER
PHP_VER=$(eval_var ${PHP_VER_VAR})
HAVE_FPM_CGI_VAR=HAVE_FPM${php_shortrelease}_CGI
HAVE_SUPHP_CGI_VAR=HAVE_SUPHP${php_shortrelease}_CGI
HAVE_FCGID_VAR=HAVE_FCGID${php_shortrelease}
HAVE_LSPHP_VAR=HAVE_LSPHP${php_shortrelease}
HAVE_CLI_VAR=HAVE_CLI${php_shortrelease}
HAVE_FPM_CGI=$(eval_var ${HAVE_FPM_CGI_VAR})
HAVE_SUPHP_CGI=$(eval_var ${HAVE_SUPHP_CGI_VAR})
HAVE_FCGID=$(eval_var ${HAVE_FCGID_VAR})
HAVE_LSPHP=$(eval_var ${HAVE_LSPHP_VAR})
HAVE_CLI=$(eval_var ${HAVE_CLI_VAR})
if [ "${PHP_VER}" != "0" ]; then
if [ "${HAVE_FPM_CGI}" = "yes" ] || [ "${HAVE_SUPHP_CGI}" = "yes" ] || [ "${HAVE_FCGID}" = "yes" ] || [ "${HAVE_LSPHP}" = "yes" ] || [ "${HAVE_CLI}" = "yes" ]; then
if [ -e /usr/local/php${php_shortrelease}/bin/php${php_shortrelease} ]; then
PHPV="`/usr/local/php${php_shortrelease}/bin/php${php_shortrelease} -r 'echo phpversion();'`"
elif [ -e /usr/local/bin/php ] && [ ! -L /usr/local/bin/php ]; then
PHPV="`/usr/local/bin/php -r 'echo phpversion();'`"
else
PHPV=0
fi
if [ -z "${PHPV}" ]; then
PHPV=0
fi
#Checks for general build-in PHP extensions, they have no updates, so, just let them appear after showing up
if [ -x /usr/local/php${php_shortrelease}/bin/php-config ]; then
EXTENSION_INT_EXT_DIR=`/usr/local/php${php_shortrelease}/bin/php-config --extension-dir`
#check php-imap
if [ "${PHP_IMAP_OPT}" = "yes" ] && [ ! -s ${EXTENSION_INT_EXT_DIR}/imap.so ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of PHP-IMAP ${php_release}: ${PHP_VER}"
echo "Installed version of PHP-IMAP ${php_release}: 0"
echo ""
fi
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating PHP-IMAP ${php_release}${boldoff}"
doPHPImap ${php_release}
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}PHP-IMAP ${php_release}: 0 to ${PHP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_imap ${php_release}\": {\n"
printf "\t\t\"name\": \"PHP-IMAP ${php_release}\",\n"
printf "\t\t\"current\": \"0\",\n"
printf "\t\t\"offered\": \"${PHP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
#check php-bz2
if [ "${PHP_BZ2_OPT}" = "yes" ] && [ ! -s ${EXTENSION_INT_EXT_DIR}/bz2.so ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of PHP-Bz2 ${php_release}: ${PHP_VER}"
echo "Installed version of PHP-Bz2 ${php_release}: 0"
echo ""
fi
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating PHP-Bz2 ${php_release}${boldoff}"
doPHPBz2 ${php_release}
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}PHP-Bz2 ${php_release}: 0 to ${PHP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_bz2 ${php_release}\": {\n"
printf "\t\t\"name\": \"PHP-Bz2 ${php_release}\",\n"
printf "\t\t\"current\": \"0\",\n"
printf "\t\t\"offered\": \"${PHP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
#check php-xmlrpc
if [ "${PHP_XMLRPC_OPT}" = "yes" ] && [ ! -s ${EXTENSION_INT_EXT_DIR}/xmlrpc.so ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of PHP-XMLRPC ${php_release}: ${PHP_VER}"
echo "Installed version of PHP-XMLRPC ${php_release}: 0"
echo ""
fi
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating PHP-XMLRPC ${php_release}${boldoff}"
doPHPXmlrpc ${php_release}
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}PHP-XMLRPC ${php_release}: 0 to ${PHP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_xmlrpc ${php_release}\": {\n"
printf "\t\t\"name\": \"PHP-XMLRPC ${php_release}\",\n"
printf "\t\t\"current\": \"0\",\n"
printf "\t\t\"offered\": \"${PHP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
#check php-gmp
if [ "${PHP_GMP_OPT}" = "yes" ] && [ ! -s ${EXTENSION_INT_EXT_DIR}/gmp.so ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of PHP-GMP ${php_release}: ${PHP_VER}"
echo "Installed version of PHP-GMP ${php_release}: 0"
echo ""
fi
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating PHP-GMP ${php_release}${boldoff}"
doPHPGmp ${php_release}
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}PHP-GMP ${php_release}: 0 to ${PHP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_gmp ${php_release}\": {\n"
printf "\t\t\"name\": \"PHP-GMP ${php_release}\",\n"
printf "\t\t\"current\": \"0\",\n"
printf "\t\t\"offered\": \"${PHP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
#check php-readline
if [ "${PHP_READLINE_OPT}" = "yes" ] && [ ! -s ${EXTENSION_INT_EXT_DIR}/readline.so ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of PHP-readline ${php_release}: ${PHP_VER}"
echo "Installed version of PHP-readline ${php_release}: 0"
echo ""
fi
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating PHP-readline ${php_release}${boldoff}"
doPHPReadline ${php_release}
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}PHP-readline ${php_release}: 0 to ${PHP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_readline ${php_release}\": {\n"
printf "\t\t\"name\": \"PHP-readline ${php_release}\",\n"
printf "\t\t\"current\": \"0\",\n"
printf "\t\t\"offered\": \"${PHP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
#check php-ldap
if [ "${PHP_LDAP_OPT}" = "yes" ] && [ ! -s ${EXTENSION_INT_EXT_DIR}/ldap.so ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of PHP-LDAP ${php_release}: ${PHP_VER}"
echo "Installed version of PHP-LDAP ${php_release}: 0"
echo ""
fi
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating PHP-LDAP ${php_release}${boldoff}"
doPHPLDAP ${php_release}
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}PHP-LDAP ${php_release}: 0 to ${PHP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_ldap ${php_release}\": {\n"
printf "\t\t\"name\": \"PHP-LDAP ${php_release}\",\n"
printf "\t\t\"current\": \"0\",\n"
printf "\t\t\"offered\": \"${PHP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of PHP ${php_release}: ${PHP_VER}"
echo "Installed version of PHP ${php_release}: ${PHPV}"
echo ""
fi
FPM_SECURITY_PATCH=false
if [ "${HAVE_FPM_CGI}" = "yes" ]; then
if [ "${php_release}" = "5.6" ] || [ "${php_release}" = "7.0" ] || [ "${php_release}" = "7.1" ] || [ "${php_release}" = "7.2" ]; then
if ! /usr/local/php${php_shortrelease}/bin/php${php_shortrelease} -i 2>&1 | grep -m1 -q 'PHP-FPM security patch'; then
FPM_SECURITY_PATCH=true
fi
fi
fi
if [ "${PHP_VER}" != "${PHPV}" ] || ${FPM_SECURITY_PATCH}; then
if [ "${HAVE_SUPHP_CGI}" = "yes" ]; then
BUILD_PHP_COMMAND="php_expert ${php_release} suphp"
elif [ "${HAVE_FPM_CGI}" = "yes" ]; then
BUILD_PHP_COMMAND="php_expert ${php_release} php-fpm"
elif [ "${HAVE_FCGID}" = "yes" ]; then
BUILD_PHP_COMMAND="php_expert ${php_release} fastcgi"
elif [ "${HAVE_LSPHP}" = "yes" ]; then
BUILD_PHP_COMMAND="php_expert ${php_release} lsphp"
elif [ "${HAVE_CLI}" = "yes" ]; then
BUILD_PHP_COMMAND="php_expert ${php_release} mod_php"
fi
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating PHP ${php_release}${boldoff}"
./build ${BUILD_PHP_COMMAND}
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}PHP ${php_release}: ${PHPV} to ${PHP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"${BUILD_PHP_COMMAND}\": {\n"
printf "\t\t\"name\": \"PHP ${php_release}\",\n"
printf "\t\t\"current\": \"${PHPV}\",\n"
printf "\t\t\"offered\": \"${PHP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
done
if [ "${HAVE_SUPHP_CGI}" = "yes" ] && [ "${SUPHP_VER}" != "0" ]; then
if [ -e /usr/local/suphp/sbin/suphp ]; then
SUPHPV="`/usr/local/suphp/sbin/suphp 2>&1 | grep -m1 'suPHP version' | awk '{print $3}'`"
else
SUPHPV=0
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of suPHP: ${SUPHP_VER}"
echo "Installed version of suPHP: ${SUPHPV}"
echo ""
fi
if [ "${SUPHP_VER}" != "${SUPHPV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating suPHP.${boldoff}"
doSuPhp
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}suPHP ${SUPHPV} to ${SUPHP_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"suphp\": {\n"
printf "\t\t\"name\": \"suPHP\",\n"
printf "\t\t\"current\": \"${SUPHPV}\",\n"
printf "\t\t\"offered\": \"${SUPHP_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${ROUNDCUBE_OPT}" = "yes" ] && [ "${ROUNDCUBE_VER}" != "0" ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of RoundCube: ${ROUNDCUBE_VER}"
fi
ROUNDCUBEV=0
if [ -e ${WWWDIR}/roundcube ]; then
ROUNDCUBEV="`roundcube_version`"
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of RoundCube: ${ROUNDCUBEV}"
echo ""
fi
fi
if [ "${ROUNDCUBE_VER}" != "${ROUNDCUBEV}" ] && [ "${PHP1_RELEASE_OPT}" != "5.3" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating RoundCube.${boldoff}"
doroundcube
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}RoundCube ${ROUNDCUBEV} to ${ROUNDCUBE_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"roundcube\": {\n"
printf "\t\t\"name\": \"RoundCube\",\n"
printf "\t\t\"current\": \"${ROUNDCUBEV}\",\n"
printf "\t\t\"offered\": \"${ROUNDCUBE_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${UNIT_OPT}" = "yes" ] && [ "${UNIT_VER}" != "0" ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of Nginx Unit: ${UNIT_VER}"
fi
UNITV=0
if [ -x /usr/sbin/unitd ]; then
UNITV="`/usr/sbin/unitd --version 2>&1 | grep '^unit version:' | awk '{print $3}'`"
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of Nginx Unit: ${UNITV}"
echo ""
fi
fi
if [ "${UNIT_VER}" != "${UNITV}" ]; then
if [ "${VERSIONS}" = "0" ]; then
echo "${boldon}Updating Nginx Unit.${boldoff}"
doNginxUnit
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}AWstats ${UNITV} to ${UNIT_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"unit\": {\n"
printf "\t\t\"name\": \"Nginx Unit\",\n"
printf "\t\t\"current\": \"${UNITV}\",\n"
printf "\t\t\"offered\": \"${UNIT_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${PHPMYADMIN_OPT}" = "yes" ] && [ "${PHPMYADMIN_VER}" != "0" ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of phpMyAdmin: ${PHPMYADMIN_VER}"
fi
PHPMYADMINV=0
if [ -e ${WWWDIR}/phpMyAdmin ]; then
PHPMYADMINV="`ls -ld ${WWWDIR}/phpMyAdmin | cut -d\> -f2 | cut -d- -f2,3,4`"
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of phpMyAdmin: ${PHPMYADMINV}"
echo ""
fi
fi
# phpMyAdmin does not support PHP 5.3 & PHP 5.4 anymore so there will be no updates available for them
if [ "${PHP1_RELEASE_OPT}" != "5.3" ] && [ "${PHP1_RELEASE_OPT}" != "5.4" ]; then
if [ "${PHPMYADMIN_VER}" != "${PHPMYADMINV}" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating phpMyAdmin.${boldoff}"
dophpMyAdmin
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}phpMyAdmin ${PHPMYADMINV} to ${PHPMYADMIN_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"phpmyadmin\": {\n"
printf "\t\t\"name\": \"phpMyAdmin\",\n"
printf "\t\t\"current\": \"${PHPMYADMINV}\",\n"
printf "\t\t\"offered\": \"${PHPMYADMIN_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
fi
if [ "${PHP_IGBINARY_OPT}" = "yes" ] && [ "${IGBINARY_VER}" != "0" ] && [ -x /usr/local/bin/php ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of igbinary: ${IGBINARY_VER}"
fi
IGBIANRYV=0
if /usr/local/bin/php -i | grep -m1 'igbinary version' | tail -n1 | grep -m1 -q -o '[0-9.]*' 2>/dev/null; then
IGBINARYV="`/usr/local/bin/php -i | grep -m1 'igbinary version' | tail -n1 | grep -m1 -o '[0-9.]*' 2>/dev/null`"
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of igbinary: ${IGBINARYV}"
echo ""
fi
fi
if [ "${IGBINARY_VER}" != "${IGBINARYV}" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating igbinary.${boldoff}"
doIgbinary
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Igbinary ${IGBINARYV} to ${IGBINARY_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_igbinary\": {\n"
printf "\t\t\"name\": \"Igbinary\",\n"
printf "\t\t\"current\": \"${IGBINARYV}\",\n"
printf "\t\t\"offered\": \"${IGBINARY_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${IONCUBE_OPT}" = "yes" ] && [ "${IONCUBE_VER}" != "0" ] && [ -x /usr/local/bin/php ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of ionCube: ${IONCUBE_VER}"
fi
IONCUBEV=0
if /usr/local/bin/php -v | grep ionCube | grep -m1 -q -o ' v[^,]*'; then
IONCUBEV="`/usr/local/bin/php -v | grep ionCube | grep -m1 -o ' v[^,]*' | cut -dv -f2`"
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of ionCube: ${IONCUBEV}"
echo ""
fi
fi
if [ "${IONCUBE_VER}" != "${IONCUBEV}" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating ionCube loader.${boldoff}"
doIoncube
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}ionCube loader ${IONCUBEV} to ${IONCUBE_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"ioncube\": {\n"
printf "\t\t\"name\": \"ionCube\",\n"
printf "\t\t\"current\": \"${IONCUBEV}\",\n"
printf "\t\t\"offered\": \"${IONCUBE_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${PHP_SNUFFLEUPAGUS_OPT}" = "yes" ] && [ "${SNUFFLEUPAGUS_VER}" != "0" ] && [ -x /usr/local/bin/php ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of snuffleupagus: ${SNUFFLEUPAGUS_VER}"
fi
SNUFFLEUPAGUSV=0
if /usr/local/bin/php -i | grep -m1 'snuffleupagus support' -A1 | tail -n1 | grep -m1 -q -o '[0-9.]*' 2>/dev/null; then
SNUFFLEUPAGUSV="`/usr/local/bin/php -i | grep -m1 'snuffleupagus support' -A1 | tail -n1 | grep -m1 -o '[0-9.]*' 2>/dev/null`"
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of snuffleupagus: ${SNUFFLEUPAGUSV}"
echo ""
fi
fi
if [ "${SNUFFLEUPAGUS_VER}" != "${SNUFFLEUPAGUSV}" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating snuffleupagus.${boldoff}"
doSnuffleupagus
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}Snuffleupagus ${SNUFFLEUPAGUSV} to ${SNUFFLEUPAGUS_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_snuffleupagus\": {\n"
printf "\t\t\"name\": \"Snuffleupagus\",\n"
printf "\t\t\"current\": \"${SNUFFLEUPAGUSV}\",\n"
printf "\t\t\"offered\": \"${SNUFFLEUPAGUS_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${PHP_REDIS_OPT}" = "yes" ] && [ "${PHPREDIS_VER}" != "0" ] && [ -x /usr/local/bin/php ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of PHP-Redis: ${PHPREDIS_VER}"
fi
PHPREDISV=0
if /usr/local/bin/php -i | grep -m1 -q 'Redis Version' 2>/dev/null; then
PHPREDISV="`/usr/local/bin/php -i | grep -m1 'Redis Version' | awk '{print $4}' 2>/dev/null`"
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of PHP-Redis: ${PHPREDISV}"
echo ""
fi
fi
if [ "${PHPREDIS_VER}" != "${PHPREDISV}" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating PHP-Redis.${boldoff}"
doPHPRedis
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}PHP-Redis ${PHPREDISV} to ${PHPREDIS_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_redis\": {\n"
printf "\t\t\"name\": \"PHP-Redis\",\n"
printf "\t\t\"current\": \"${PHPREDISV}\",\n"
printf "\t\t\"offered\": \"${PHPREDIS_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${PHP_PHALCON_OPT}" = "yes" ] && [ "${PHALCON_VER}" != "0" ] && [ -x /usr/local/bin/php ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of phalcon: ${PHALCON_VER}"
fi
PHALCONV="`/usr/local/bin/php -r "echo Phalcon\Version::get();" 2>/dev/null | grep -v 'error'`"
if [ -z "${PHALCONV}" ]; then
PHALCONV=0
fi
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of phalcon: ${PHALCONV}"
echo ""
fi
if [ "${PHALCON_VER}" != "${PHALCONV}" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating phalcon.${boldoff}"
doPhalcon
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}phalcon ${PHALCONV} to ${PHALCON_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"php_phalcon\": {\n"
printf "\t\t\"name\": \"phalcon\",\n"
printf "\t\t\"current\": \"${PHALCONV}\",\n"
printf "\t\t\"offered\": \"${PHALCON_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
if [ "${SQUIRRELMAIL_OPT}" = "yes" ] && [ "${SQUIRRELMAIL_VER}" != "0" ]; then
if [ "${VERSIONS}" = "1" ]; then
echo "Latest version of SquirrelMail: ${SQUIRRELMAIL_VER}"
fi
SQUIRRELMAILV=0
if [ -e ${WWWDIR}/squirrelmail ]; then
SQUIRRELMAILV="`ls -ld ${WWWDIR}/squirrelmail | cut -d\> -f2 | cut -d- -f2,3`"
if [ "${VERSIONS}" = "1" ]; then
echo "Installed version of SquirrelMail: ${SQUIRRELMAILV}"
echo ""
fi
fi
if [ "${SQUIRRELMAIL_VER}" != "${SQUIRRELMAILV}" ]; then
if [ "${VERSIONS}" = "0" ] || [ "${VERSIONS}" = "2" ]; then
echo "${boldon}Updating SquirrelMail.${boldoff}"
doSquirrelmail
WEBAPPS_UPDATED=true
elif [ "${VERSIONS}" = "1" ]; then
echo "${boldon}SquirrelMail ${SQUIRRELMAILV} to ${SQUIRRELMAIL_VER} update is available.${boldoff}"
echo ""
elif [ "${VERSIONS}" = "json" ]; then
printf "\t\"squirrelmail\": {\n"
printf "\t\t\"name\": \"SquirrelMail\",\n"
printf "\t\t\"current\": \"${SQUIRRELMAILV}\",\n"
printf "\t\t\"offered\": \"${SQUIRRELMAIL_VER}\"\n"
printf "\t},\n"
fi
EXIT_CODE=$((EXIT_CODE+1))
fi
fi
checkSecurity ${VERSIONS}
if [ "${VERSIONS}" = "1" ]; then
echo "If you want to update all the available versions run: ${boldon}$0 update_versions${boldoff}"
elif [ "${VERSIONS}" = "0" ]; then
#update_versions 0 for success, reset to 0 from count. Compile failures would have already exited.
EXIT_CODE=0
elif [ "${VERSIONS}" = "json" ]; then
echo "}"
fi
if ${EXEC_CL_COMMANDS_ONCE} && [ "${VERSIONS}" != "2" ]; then
cagefsctl_update
elif ${WEBAPPS_UPDATED} && [ "${CLOUDLINUX_OPT}" = "yes" ] && [ "${VERSIONS}" = "2" ]; then
cagefsctl_update
fi
}
doVersions_ajax() {
echo "HTTP/1.1 200 OK"
echo "Content-Type: text/plain"
echo ""
COUNT=`doVersions 1 | grep -c 'is available'`
if [ "${COUNT}" -gt 0 ]; then
echo "document.getElementById(\"cb_updates\").innerHTML=\"${COUNT}\";"
echo "document.getElementById(\"cb_updates\").style.visibility=\"visible\";"
fi
}
####################################################
SPEED_FILE_SMALL=10.kb
SPEED_FILE_LARGE=100.kb
#max time for small file test allowed to proceed with large file test.
LARGE_TEST_MAX=35
SPEED_VERBOSE=1
BEST=0
BEST_SEVER=""
test_server() {
i=$1
VALUE=`curl -o /dev/null -w "%{speed_download}" --silent --connect-timeout 2 http://${1}/services/${2} 2>&1`
#can be MB/s or KB/s or B/s
if [ "${VALUE}" = "" ]; then
echo "$i is too slow, skipping."
continue
fi
#chop off any decimal bytes.. we dont care about 0.5 byte/second
VALUE=`echo $VALUE | cut -d. -f1`
if [ ${SPEED_VERBOSE} -eq 1 ]; then
printf "$VALUE B/s \t- $i\n"
fi
if [ "${VALUE}" -gt "${BEST}" ]; then
BEST=$VALUE
BEST_SERVER=$i
fi
}
speed_test() {
if [ ${SPEED_VERBOSE} -eq 1 ]; then
echo "Testing with file $1:"
fi
BEST=0
BEST_SERVER=""
SPEED_START=`date +%s`
for s in ${DOWNLOADSERVER_SET}; do
test_server $s $1
done
SPEED_END=`date +%s`
DURATION=`expr $SPEED_END - $SPEED_START`
if [ ${SPEED_VERBOSE} -eq 1 ]; then
echo "Total test duration: $DURATION seconds"
echo ""
fi
}
set_fastest() {
#quiet mode. Will only output the quickest server.
if [ "$1" -eq 1 ]; then
SPEED_VERBOSE=0
fi
getFile servers.txt servers
if [ "${UNOFFICIAL_MIRRORS_OPT}" = "yes" ]; then
DOWNLOADSERVER_SET="da-mirror.wpcloud.vn `awk '{ printf "%s ", $0 }' ${WORKDIR}/servers.txt`"
else
DOWNLOADSERVER_SET="${DOWNLOADSERVERS_OFFICIAL_LIST}"
fi
speed_test ${SPEED_FILE_SMALL}
#try and get a more accurate reading with larger file.
if [ "${DURATION}" -lt ${LARGE_TEST_MAX} ]; then
speed_test ${SPEED_FILE_LARGE}
else
if [ ${SPEED_VERBOSE} -eq 1 ]; then
echo "Small file test took longer than ${LARGE_TEST_MAX} seconds. Not proceeding with large file test."
fi
fi
if [ ${SPEED_VERBOSE} -eq 1 ]; then
echo "Fastest server is $BEST_SERVER at $BEST B/s"
else
echo "${BEST_SERVER}"
fi
if [ "${BEST_SERVER}" != "" ]; then
setOpt downloadserver ${BEST_SERVER}
writeLog "set_fastest set downloadserver to ${BEST_SERVER}"
else
echo "Unable to determine fastest server"
fi
}
fix_curl_link_for_yum() {
#check for broken yums on CentOS 6.
if [ -e /usr/bin/yum ]; then
BROKEN=`yum --version 2>&1 | head -n 2 | grep -m1 -c CRITICAL`
if [ "$BROKEN" -eq 1 ]; then
CURLLIB=/usr/local/lib/libcurl.so.4.2.0
if [ -e $CURLLIB ]; then
echo "*** Re-linking curl to fix the yum issue: https://help.directadmin.com/item.php?id=385 ***"
mv $CURLLIB /root/libcurl.so.4.2.0.moved
ln -s /usr/lib/libcurl.so $CURLLIB
echo "*** done curl re-link ***"
else
echo "*** yum is broken, but cannot find $CURLLIB. See https://help.directadmin.com/item.php?id=385 ***"
fi
fi
fi
}
####################################################
doRemoveSuggest() {
REMOVAL_MODE=$1
if [ "${REMOVAL_MODE}" = "json" ]; then
echo "{"
fi
if [ -e /usr/sbin/httpd ]; then
if [ "${WEBSERVER_OPT}" != "apache" ] && [ "${WEBSERVER_OPT}" != "nginx_apache" ] && [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ] && [ "${APACHE2_VER}" != "0" ]; then
if [ "${WEBSERVER_OPT}" = "nginx" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "Apache installed, but not enabled in options.conf: './build remove_apache'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveApache2
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_apache\": {\n"
printf "\t\t\"name\": \"Apache\"\n"
printf "\t},\n"
fi
fi
fi
fi
if [ -e /usr/sbin/unitd ] && [ "${UNIT_OPT}" != "yes" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "Nginx Unit installed, but not enabled in options.conf: './build remove_unit'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveUnit
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_unit\": {\n"
printf "\t\t\"name\": \"Nginx Unit\"\n"
printf "\t},\n"
fi
fi
if [ -e /usr/sbin/nginx ]; then
if [ "${WEBSERVER_OPT}" != "nginx" ] && [ "${WEBSERVER_OPT}" != "nginx_apache" ] && [ "${NGINX_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "Nginx installed, but not enabled in options.conf: './build remove_nginx'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveNginx
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_nginx\": {\n"
printf "\t\t\"name\": \"Nginx\"\n"
printf "\t},\n"
fi
fi
fi
initHTTP2var
if [ -e /usr/local/lib/libnghttp2.a ]; then
if [ "${WEBSERVER_OPT}" != "apache" ] && [ "${WEBSERVER_OPT}" != "nginx_apache" ] && [ "${CURL_OPT}" != "yes" ] && [ "${APACHE2_VER}" != "0" ] && [ "${HTTP2}" != "1" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "Nghttp2 installed, but Apache/cURL are not enabled in options.conf: './build remove_nghttp2'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveNghttp2
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_nghttp2\": {\n"
printf "\t\t\"name\": \"Nghttp2\"\n"
printf "\t},\n"
fi
fi
fi
if [ -d /usr/local/lsws ]; then
if [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ] && [ "${LITESPEED_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "LiteSpeed installed, but not enabled in options.conf: './build remove_litespeed'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveLiteSpeed
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_litespeed\": {\n"
printf "\t\t\"name\": \"LiteSpeed\"\n"
printf "\t},\n"
fi
fi
fi
for php_release in `echo ${PHP1_RELEASE_SET}`; do
php_shortrelease="`echo ${php_release} | tr -d '.'`"
if [ -d /usr/local/php${php_shortrelease} ] && [ "${PHP1_RELEASE_OPT}" != "${php_release}" ] && [ "${PHP2_RELEASE_OPT}" != "${php_release}" ] && [ "${PHP3_RELEASE_OPT}" != "${php_release}" ] && [ "${PHP4_RELEASE_OPT}" != "${php_release}" ]; then
PHP_REMOVAL_VERSION_NUMBER=`getVer php${php_shortrelease}`
if [ "${PHP_REMOVAL_VERSION_NUMBER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "PHP ${php_release} installed, but not enabled in options.conf: './build remove_php ${php_release}'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemovePhp ${php_release}
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_php ${php_release}\": {\n"
printf "\t\t\"name\": \"PHP ${php_release}\"\n"
printf "\t},\n"
fi
fi
fi
done
if [ -e /usr/local/suphp/sbin ] && [ "${PHP1_MODE_OPT}" != "suphp" ] && [ "${SUPHP_VER}" != "0" ]; then
if [ "${PHP2_MODE_OPT}" != "suphp" ] && [ "${PHP3_MODE_OPT}" != "suphp" ] && [ "${PHP4_MODE_OPT}" != "suphp" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "suPHP installed, but not enabled in options.conf: './build remove_suphp'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveSuPhp
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_suphp\": {\n"
printf "\t\t\"name\": \"suPHP\"\n"
printf "\t},\n"
fi
fi
fi
if [ -e /usr/local/bin/curl ] && [ "${CURL_OPT}" = "no" ] && [ "${CURL_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "cURL installed, but not enabled in options.conf: './build remove_curl'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveCURL
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_curl\": {\n"
printf "\t\t\"name\": \"cURL\"\n"
printf "\t},\n"
fi
fi
if [ -e /usr/sbin/dovecot ] && [ "${DOVECOT_OPT}" != "yes" ] && [ "${DOVECOT_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "Dovecot installed, but not enabled in options.conf: './build remove_dovecot'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveDovecot
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_dovecot\": {\n"
printf "\t\t\"name\": \"Dovecot\"\n"
printf "\t},\n"
fi
fi
if [ -e /usr/sbin/proftpd ] && [ "${FTPD_OPT}" != "proftpd" ] && [ "${PROFTPD_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "ProFTPd installed, but not enabled in options.conf: './build remove_proftpd'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveProftpd
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_proftpd\": {\n"
printf "\t\t\"name\": \"ProFTPd\"\n"
printf "\t},\n"
fi
fi
if [ -e /usr/sbin/pure-ftpd ] && [ "${FTPD_OPT}" != "pureftpd" ] && [ "${PUREFTPD_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "Pure-FTPd installed, but not enabled in options.conf: './build remove_pureftpd'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemovePureftpd
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_pureftpd\": {\n"
printf "\t\t\"name\": \"Pure-FTPd\"\n"
printf "\t},\n"
fi
fi
if [ -d /etc/exim.easy_spam_fighter ] && [ "${EASY_SPAM_FIGHTER_OPT}" != "yes" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "Easy Spam Fighter installed, but not enabled in options.conf: './build remove_easy_spam_fighter'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveEasySpamFighter
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_easy_spam_fighter\": {\n"
printf "\t\t\"name\": \"Easy Spam Fighter\"\n"
printf "\t},\n"
fi
fi
if [ -d /etc/exim.blockcracking ] && [ "${BLOCKCRACKING_OPT}" != "yes" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "BlockCracking installed, but not enabled in options.conf: './build remove_blockcracking'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveBlockCracking
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_blockcracking\": {\n"
printf "\t\t\"name\": \"BlockCracking\"\n"
printf "\t},\n"
fi
fi
if [ -e /usr/local/bin/rspamd ] && [ "${SPAMD_OPT}" != "rspamd" ] && [ "${RSPAMD_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "Rspamd installed, but not enabled in options.conf: './build remove_rspamd'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
do_remove_rspamd
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_rspamd\": {\n"
printf "\t\t\"name\": \"Rspamd\"\n"
printf "\t},\n"
fi
fi
if [ -d /etc/exim/rspamd ] && [ "${SPAMD_OPT}" != "rspamd" ] && [ "${RSPAMD_CONF_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "Rspamd_conf installed, but not enabled in options.conf: './build remove_rspamd_conf'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
do_remove_rspamd_conf
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_rspamd_conf\": {\n"
printf "\t\t\"name\": \"Rspamd Conf\"\n"
printf "\t},\n"
fi
fi
if [ -e /usr/bin/spamd ] && [ "${SPAMD_OPT}" != "spamassassin" ] && [ "${SPAMASSASSIN_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "SpamAssassin installed, but not enabled in options.conf: './build remove_spamassassin'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveSpamassassin
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_spamassassin\": {\n"
printf "\t\t\"name\": \"SpamAssassin\"\n"
printf "\t},\n"
fi
fi
if [ -e /usr/local/sbin/clamd ] && [ "${CLAMAV_OPT}" != "yes" ] && [ "${CLAMAV_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "ClamAV installed, but not enabled in options.conf: './build remove_clamav'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveClamav
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_clamav\": {\n"
printf "\t\t\"name\": \"ClamAV\"\n"
printf "\t},\n"
fi
fi
if [ -e /var/www/html/roundcube ] && [ "${ROUNDCUBE_OPT}" != "yes" ] && [ "${ROUNDCUBE_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "RoundCube webmail installed, but not enabled in options.conf: './build remove_roundcube'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveRoundcube
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_roundcube\": {\n"
printf "\t\t\"name\": \"RoundCube\"\n"
printf "\t},\n"
fi
fi
if [ -e /var/www/html/squirrelmail ] && [ "${SQUIRRELMAIL_OPT}" != "yes" ] && [ "${SQUIRRELMAIL_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "SquirrelMail webmail installed, but not enabled in options.conf: './build remove_squirrelmail'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemoveSquirrelmail
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_squirrelmail\": {\n"
printf "\t\t\"name\": \"SquirrelMail\"\n"
printf "\t},\n"
fi
fi
if [ -e /var/www/html/phpMyAdmin ] && [ "${PHPMYADMIN_OPT}" != "yes" ] && [ "${PHPMYADMIN_VER}" != "0" ]; then
if [ "${REMOVAL_MODE}" = "1" ]; then
echo "phpMyAdmin installed, but not enabled in options.conf: './build remove_phpmyadmin'"
elif [ "${REMOVAL_MODE}" = "0" ]; then
doRemovephpMyAdmin
elif [ "${REMOVAL_MODE}" = "json" ]; then
printf "\t\"remove_phpmyadmin\": {\n"
printf "\t\t\"name\": \"phpMyAdmin\"\n"
printf "\t},\n"
fi
fi
if [ "${REMOVAL_MODE}" = "1" ]; then
echo ""
echo "If you want to remove all the suggested programs above, run: ${boldon}$0 remove_items${boldoff}"
elif [ "${REMOVAL_MODE}" = "json" ]; then
echo "}"
fi
}
####################################################
doAll() {
FORCE=1
if ${NEW_INSTALL}; then
#We need to have /etc/virtual ready for new installs of DA
createEtcVirtual
doSysbk
doBind
if [ "${CSF_OPT}" = "yes" ]; then
doCSF
fi
fi
doMajordomo
if [ ! -e /usr/include/pcre.h ] && [ ! -e /usr/local/include/pcre.h ]; then
if [ -e /etc/debian_version ]; then
apt-get -y install libpcre3-dev
else
yum -y install pcre-devel
fi
fi
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
doApache2
if [ "${HAVE_SUPHP_CGI}" = "yes" ]; then
doSuPhp
fi
if [ "${HAVE_FCGID}" = "yes" ]; then
doModFCGID
fi
if [ "${MOD_RUID2_OPT}" = "yes" ]; then
doModRuid2
fi
fi
if [ "${WEBSERVER_OPT}" = "litespeed" ]; then
doLiteSpeed
fi
if [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
doOpenLiteSpeed
fi
if [ "${WEBSERVER_OPT}" = "nginx" ] || [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
doNginx
fi
if [ "${WEBSERVER_OPT}" = "nginx_apache" ]; then
doModAclr2
fi
if [ "${MODSECURITY_OPT}" = "yes" ] && [ "${WEBSERVER_OPT}" != "nginx" ] && [ "${WEBSERVER_OPT}" != "nginx_apache" ] && [ "${MODSECURITY_VER}" != "0" ]; then
doModSecurity
fi
if [ "${MODSECURITY_OPT}" = "yes" ] && [ "${WEBSERVER_OPT}" != "apache" ] && [ "${WEBSERVER_OPT}" != "litespeed" ] && [ "${WEBSERVER_OPT}" != "openlitespeed" ] && [ "${MODSECURITY_VER}" != "0" ]; then
doLibModSecurity
fi
if [ "${CURL_OPT}" = "yes" ] && [ "${CURL_VER}" != "0" ]; then
doCURL
elif [ ! -e /usr/include/curl/curl.h ] && [ ! -e /usr/local/include/curl/curl.h ] && [ ! -e /usr/include/x86_64-linux-gnu/curl/curl.h ] && [ ! -e /usr/include/aarch64-linux-gnu/curl/curl.h ]; then
if [ -e /etc/debian_version ]; then
apt-get -y install libcurl4-openssl-dev
else
yum -y install libcurl-devel
fi
fi
if [ "${CLOUDLINUX_OPT}" != "yes" ]; then
SKIP_BRWAP=false
if systemd-detect-virt | grep -m1 -q -E 'lxc|openvz'; then
if [ -e /dev/.lxc/proc/self/uid_map ]; then
if ! cat /dev/.lxc/proc/self/uid_map >/dev/null 2>&1; then
SKIP_BRWAP=false
else
SKIP_BRWAP=true
fi
else
SKIP_BRWAP=true
fi
fi
if ! ${SKIP_BRWAP}; then
doBubblewrap
fi
fi
if [ "${MYSQL_INST_OPT}" != "no" ]; then
doMySQL
fi
if [ "${CLAMAV_OPT}" = "yes" ] && [ "${CLAMAV_VER}" != "0" ]; then
doclamav
fi
if [ ! -e /usr/include/zstd.h ] && [ ! -e /usr/local/include/zstd.h ]; then
if [ -e ${DEBIAN_VERSION} ]; then
apt-get -y install zstd libzstd-dev
else
if [ "${OS_CENTOS_VER}" = "7" ] ; then
yum -y install zstd libzstd-devel --enablerepo=${EPEL_REPO_NAME}
else
yum -y install zstd libzstd-devel
fi
fi
fi
doPhp n
if [ "${IMAGICK_OPT}" != "no" ]; then
doImageMagick
fi
if [ "${WEBALIZER_OPT}" = "yes" ] && [ "${WEBALIZER_VER}" != "0" ]; then
doWebalizer
fi
if [ "${AWSTATS_OPT}" = "yes" ] && [ "${AWSTATS_VER}" != "0" ]; then
doawstats
fi
if [ "${EXIM_OPT}" = "yes" ] && [ "${EXIM_VER}" != "0" ]; then
doExim
fi
if [ "${DOVECOT_OPT}" = "yes" ] && [ "${DOVECOT_VER}" != "0" ]; then
doDovecot
fi
if [ "${FTPD_OPT}" = "proftpd" ] && [ "${PROFTPD_VER}" != "0" ]; then
doProftpd
fi
if [ "${FTPD_OPT}" = "pureftpd" ] && [ "${PUREFTPD_VER}" != "0" ]; then
doPureftpd
fi
if [ "${FTPD_OPT}" = "no" ]; then
doNoFtpd
fi
if [ "${SPAMD_OPT}" = "spamassassin" ] && [ "${SPAMASSASSIN_VER}" != "0" ]; then
dospamassassin
fi
if [ "${REDIS_OPT}" = "yes" ]; then
doRedis
fi
if [ "${SPAMD_OPT}" = "rspamd" ] && [ "${SPAMASSASSIN_VER}" != "0" ]; then
doRspamd
do_rspamd_conf
fi
chown -R root:${ROOT_GRP} ${WORKDIR}
if [ "${UNIT_OPT}" = "yes" ] && [ "${UNIT_VER}" != "0" ]; then
doNginxUnit
fi
if [ "${ROUNDCUBE_OPT}" = "yes" ] && [ "${ROUNDCUBE_VER}" != "0" ]; then
doroundcube
fi
if [ "${PHPMYADMIN_OPT}" = "yes" ] && [ "${PHPMYADMIN_VER}" != "0" ]; then
dophpMyAdmin
fi
if [ "${SQUIRRELMAIL_OPT}" = "yes" ] && [ "${SQUIRRELMAIL_VER}" != "0" ]; then
doSquirrelmail
fi
if [ "${EXIMCONF_OPT}" = "yes" ]; then
doEximConf
fi
if [ "${BLOCKCRACKING_OPT}" = "yes" ]; then
doBlockCracking
fi
if [ "${EASY_SPAM_FIGHTER_OPT}" = "yes" ]; then
doEasySpamFighter
fi
if [ "${PHP_INI_OPT}" = "yes" ]; then
doPhpIni
fi
if [ "${CUSTOMBUILD_PLUGIN_OPT}" = "yes" ]; then
doCustombuildPlugin
fi
doLetsEncrypt
if [ -s /usr/local/directadmin/scripts/letsencrypt.sh ] && [ -x ${DA_BIN} ]; then
if ${DA_BIN} c | grep '^ssl=0' && ${DA_BIN} c | grep '^ssl_port=0'; then
/usr/local/directadmin/scripts/letsencrypt.sh request `hostname` >/dev/null 2>&1
fi
fi
if [ "${CRON_OPT}" = "yes" ]; then
doCron
fi
fix_curl_link_for_yum
if [ -s /usr/local/directadmin/scripts/setup.txt ]; then
if grep -m1 -q '^hostname=$' /usr/local/directadmin/scripts/setup.txt; then
echo "Fixing empty hostname in /usr/local/directadmin/scripts/setup.txt..."
perl -pi -e 's|^hostname=$|hostname=server.yourdirectadminserver.com|g' /usr/local/directadmin/scripts/setup.txt
fi
if grep -m1 -q '^ns1=ns1\.$' /usr/local/directadmin/scripts/setup.txt; then
perl -pi -e 's|^ns1=ns1\.$|ns1=ns1.yourdirectadminserver.com|g' /usr/local/directadmin/scripts/setup.txt
fi
if grep -m1 -q '^ns2=ns2\.$' /usr/local/directadmin/scripts/setup.txt; then
perl -pi -e 's|^ns2=ns2\.$|ns2=ns2.yourdirectadminserver.com|g' /usr/local/directadmin/scripts/setup.txt
fi
if grep -m1 -q '^email=admin@$' /usr/local/directadmin/scripts/setup.txt; then
perl -pi -e 's|^email=admin@$|email=admin@yourdirectadminserver.com|g' /usr/local/directadmin/scripts/setup.txt
fi
fi
printf "\n\n\n"
echo "*************************************"
echo "* *"
echo "* All parts have been installed *"
echo "* *"
echo "*************************************"
echo ""
doGrubConf
if ${NEW_INSTALL}; then
echo "action=notify&value=admin&subject=CustomBuild installation has finished&message=CustomBuild installation has finished, to check the full log please check:%0A/usr/local/directadmin/custombuild/install.txt" >> ${TASK_QUEUE}
run_dataskq
fi
}
####################################################
if [ $# -eq 2 ]; then
USER_INPUT=0
INPUT_VALUE=$2
fi
doHook ${1} pre
case "$1" in
all) doChecks; doAll;
;;
options) doChecks; options
;;
options_nobold) BOLD_OPT=no; boldon=""; boldoff=""; doChecks; options
;;
create_options) create_options
;;
used_configs) used_configs
;;
remove_nghttp2) doRemoveNghttp2
;;
apache) doChecks; doApache2
;;
majordomo) doMajordomo
;;
bind) doBind
;;
csf) doCSF
;;
sysbk) doSysbk
;;
letsencrypt) doLetsEncrypt
;;
litespeed) doChecks; doLiteSpeed
;;
openlitespeed) doChecks; doOpenLiteSpeed
;;
litespeed_license) doChecks; doLiteSpeedLicense 1
;;
litespeed_license_migrate) ${LSWS_HOME}/bin/lshttpd -r
;;
libmaxminddb) dolibmaxminddb
;;
geoipupdate) doGeoipupdate
;;
cron) doCron
;;
curl) doCURL
;;
php_imagick|imagick) doIMagick
;;
php_phalcon) doPhalcon
;;
php_psr) doPsr
;;
php_bz2) doPHPBz2
;;
php_imap) doPHPImap
;;
php_redis) doPHPRedis
;;
php_xmlrpc) doPHPXmlrpc
;;
php_gmp) doPHPGmp
;;
php_readline) doPHPReadline
;;
php_ldap) doPHPLDAP
;;
redis) doRedis
;;
imagemagick) doImageMagick
;;
nginx) doChecks; doNginx
;;
nginx_apache) doChecks; doApache2; doNginx
;;
libzip) doLibzip
;;
mod_lsapi) doModLsapi 1
;;
mod_hostinglimits) doModHostingLimits 1
;;
mod_proctitle) doModProctitle 1
;;
modsecurity) doChecks
if [ "${WEBSERVER_OPT}" = "apache" ] || [ "${WEBSERVER_OPT}" = "litespeed" ] || [ "${WEBSERVER_OPT}" = "openlitespeed" ]; then
doModSecurity 1
else
doLibModSecurity 1
fi
;;
modsecurity_connector) doChecks; doModSecurityConnector 1
;;
libmodsecurity) doChecks; doLibModSecurity 1
;;
modsec-sdbm-util) doModSecsdbmutil
;;
modsecurity_rules|modsecurity_ruleset) doChecks; doModSecurityRules
;;
mod_ruid2) doModRuid2
;;
mod_aclr2) doModAclr2
;;
mod_htscanner2) doModHtscanner
;;
php_htscanner2) doPHPHtscanner $2 1
;;
suhosin|php_suhosin) doSuhosin
;;
php_snuffleupagus) doSnuffleupagus
;;
php_igbinary) doIgbinary
;;
opcache|php_opcache) doOpcache
;;
mod_fcgid) doModFCGID
;;
clean) doClean
;;
clean_old_webapps) doclean_old_webapps
;;
clean_old_tarballs) doclean_old_tarballs
;;
update) doUpdate
;;
phpMyAdmin|phpmyadmin|pma) dophpMyAdmin
;;
roundcube) doroundcube
;;
squirrelmail) doSquirrelmail
;;
update_script) doUpdateScript
;;
update_data) doUpdateData
;;
rewrite_confs) doChecks; doRewriteConfs
;;
secure_php) secure_php
;;
update_da) doUpdateDA
;;
versions) doChecks; doVersions 1
;;
versions_nobold) BOLD_OPT=no; boldon=""; boldoff=""; doChecks; doVersions 1
;;
update_versions) doChecks; doVersions 0 $3
;;
update_versions_full|update_full) doChecks; doUpdate; ./build update_versions 0 full
;;
update_webapps) doVersions 2
;;
awstats) doawstats
;;
unit) doNginxUnit
;;
unit_modules) doNginxUnit_modules
;;
unit_module) doNginxUnit_module $2 $3
;;
awstats_process|awstats_process.sh) doawstats_process
;;
webalizer) doWebalizer
;;
proftpd) doChecks; doProftpd
;;
pureftpd|pure-ftpd) doChecks; doPureftpd
;;
noftpd) doChecks; doNoFtpd
;;
zend|php_zend) doZend
;;
ioncube|php_ioncube) doIoncube
;;
mysql) doChecks; doMySQL
;;
mariadb) doChecks; doMySQL
;;
compile_mysql_binary) compile_mysql_binary
;;
setup_my_cnf) setup_my_cnf
;;
s-nail|snail) doSnail
;;
msmtp) doMsmtp
;;
lua) doLua
;;
exim) doExim
;;
eximconf|exim_conf) doEximConf
;;
dovecotconf|dovecot_conf) doDovecotConf
;;
grubconf|grub_conf) doGrubConf
;;
php_extensions) doExtensionsSetup
;;
blockcracking) doBlockCracking
;;
easy_spam_fighter) doEasySpamFighter
;;
rspamd_conf) do_rspamd_conf
;;
php) doChecks; doPhp
;;
php_expert) doChecks; doPhp_build $2 $3
;;
php_ini) doChecks; doPhpIni
;;
php_cacert) ensure_curl_cacert 1
;;
suphp) doChecks; doSuPhp
;;
dovecot) doDovecot
;;
xapian) doXapian
;;
fts-xapian) doFTSXapian
;;
bubblewrap) doBubblewrap
;;
jailshell) doJailshell
;;
pigeonhole) doPigeonhole
;;
spamassassin|spamd) doChecks; dospamassassin
;;
plugin|custombuild_plugin) doCustombuildPlugin
;;
rspamd) doChecks; doRspamd
;;
netdata) doNetdata
;;
spamassassin_cron) dospamassassinCron
;;
clamav) doclamav
;;
set_fastest) set_fastest 0
;;
set_fastest_quiet) set_fastest 1
;;
set) setOpt $2 $3
;;
set_php) setPhpOpt $2 $3
;;
csfpingore) doCSFpignore
;;
composer) doComposer
;;
wp) doWP
;;
imapsync) doImapsync
;;
lego) doLego
;;
check_options) doChecks
;;
version) showVersion
;;
set_service) set_service $2 $3
;;
opt_help) allSettings $2
;;
settings_json) allSettingsJSON; #used for CustomBuild plugin only
;;
gen_help) generateHelp
;;
gen_help_json) generateHelpJSON $2; #used for CustomBuild plugin only
;;
versions_json) echo "$(doVersions json)" | perl -0p -e 's/\},\n\}/\}\n\}/'; #used for CustomBuild plugin only
;;
versions_ajax) doVersions_ajax
;;
get_versions_txt) downloadVersionsTxt; #will probably be used for CustomBuild plugin
;;
kill) doKill
;;
mysql_backup|backup_mysql) doMySQLback
;;
custom_config) customize_config $2; #used for CustomBuild plugin only
;;
set_versions_txt) set_versions $2; #used for CustomBuild plugin only
;;
show_component_config) showComponentConfig $2; #used for CustomBuild plugin only
;;
remove_customized_config) removeComponentConfig $2; #used for CustomBuild plugin only
;;
list_configs_json) listConfigsJSON; #used for CustomBuild plugin only
;;
show_file) showFile $2; #used for CustomBuild plugin only
;;
get_timezone) getTimezone
;;
#Removal functions
remove_clamav) doRemoveClamav
;;
remove_suphp) doRemoveSuPhp
;;
remove_curl) doRemoveCURL
;;
remove_unit) doRemoveUnit
;;
remove_apache) doRemoveApache2
;;
remove_nginx) doRemoveNginx
;;
remove_litespeed) doRemoveLiteSpeed
;;
remove_php) doRemovePhp $2
;;
remove_easy_spam_fighter) doRemoveEasySpamFighter
;;
remove_blockcracking) doRemoveBlockCracking
;;
remove_spamassassin) doRemoveSpamassassin
;;
remove_rspamd) do_remove_rspamd
;;
remove_rspamd_conf) do_remove_rspamd_conf
;;
remove_dovecot) doRemoveDovecot
;;
remove_proftpd) doRemoveProftpd
;;
remove_pureftpd) doRemovePureftpd
;;
remove_squirrelmail) doRemoveSquirrelmail
;;
remove_phpmyadmin) doRemovephpMyAdmin
;;
remove_roundcube) doRemoveRoundcube
;;
remove_items) doRemoveSuggest 0
;;
list_removals) doRemoveSuggest 1
;;
list_removals_json) echo "$(doRemoveSuggest json)" | perl -0p -e 's/\},\n\}/\}\n\}/'; #used for CustomBuild plugin only
;;
* ) showHelp
exit 0
;;
esac
doHook $1 post
DOCLEAN_CASE=1
case "$1" in
update) doclean_toggle ;;
update_data) doclean_toggle ;;
"") doclean_toggle ;;
gen_help_json) doclean_toggle ;;
opt_help) doclean_toggle ;;
set) doclean_toggle ;;
set_php) doclean_toggle ;;
get_versions_txt) doclean_toggle ;;
update_script) doclean_toggle ;;
versions_json) doclean_toggle ;;
list_removals) doclean_toggle ;;
list_removals_json) doclean_toggle ;;
remove_items) doclean_toggle ;;
versions_ajax) doclean_toggle ;;
gen_help) doclean_toggle ;;
version) doclean_toggle ;;
versions) doclean_toggle ;;
set_fastest) doclean_toggle ;;
set_fastest_quiet) doclean_toggle ;;
kill) doclean_toggle ;;
update_da) doclean_toggle ;;
versions_nobold) doclean_toggle ;;
list_configs_json) doclean_toggle ;;
settings_json) doclean_toggle ;;
get_timezone) doclean_toggle ;;
custom_config) doclean_toggle ;;
set_versions_txt) doclean_toggle ;;
show_component_config) doclean_toggle ;;
remove_customized_config) doclean_toggle ;;
show_file) doclean_toggle ;;
check_options) doclean_toggle ;;
esac
if [ "${CLEAN_OPT}" = "yes" ] && [ "${DOCLEAN_CASE}" = "1" ]; then
doClean
fi
if [ "${DOCLEAN_CASE}" = "1" ]; then
if [ "${CLEAN_OPT}" = "yes" ]; then
if [ ! -e ${LOCKFILE} ]; then
doClean
fi
fi
writeLog "called: $@"
fi
exit ${EXIT_CODE}
Reference in New Issue View Git Blame Copy Permalink