Skip to content

Commit a04011a

Browse files
author
Till Brehm
committed
Merge branch '5656-improve-fcgi-starter-scripts' into 'stable-3.1'
Resolve "Improve FCGI starter scripts" See merge request ispconfig/ispconfig3!1064
2 parents 3931f36 + b1cedcd commit a04011a

File tree

8 files changed

+271
-225
lines changed

8 files changed

+271
-225
lines changed

install/dist/lib/fedora.lib.php

Lines changed: 36 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@
3030

3131
class installer_dist extends installer_base {
3232
protected $mailman_group = 'mailman';
33-
33+
3434
public function __construct() {
3535
//** check apache modules */
3636
$mods = getapachemodules();
@@ -42,7 +42,7 @@ public function __construct() {
4242
swriteln($inst->lng(' AllowOverride None'));
4343
swriteln($inst->lng(' Require all denied'));
4444
swriteln($inst->lng(' </Directory>'."\n"));
45-
45+
4646
swriteln($inst->lng(' If it uses the old syntax (deny from all) ISPConfig would fail to work.'));
4747
}
4848
}
@@ -80,7 +80,7 @@ function configure_postfix($options = '')
8080

8181
//* mysql-virtual_sender_login_maps.cf
8282
$this->process_postfix_config('mysql-virtual_sender_login_maps.cf');
83-
83+
8484
//* mysql-virtual_client.cf
8585
$this->process_postfix_config('mysql-virtual_client.cf');
8686

@@ -89,7 +89,7 @@ function configure_postfix($options = '')
8989

9090
//* mysql-virtual_relayrecipientmaps.cf
9191
$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
92-
92+
9393
//* mysql-virtual_outgoing_bcc.cf
9494
$this->process_postfix_config('mysql-virtual_outgoing_bcc.cf');
9595

@@ -142,19 +142,19 @@ function configure_postfix($options = '')
142142
}
143143
}
144144
unset($rbl_hosts);
145-
145+
146146
//* If Postgrey is installed, configure it
147147
$greylisting = '';
148148
if($conf['postgrey']['installed'] == true) {
149149
$greylisting = ', check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf';
150150
}
151-
151+
152152
$reject_sender_login_mismatch = '';
153153
if(isset($server_ini_array['mail']['reject_sender_login_mismatch']) && ($server_ini_array['mail']['reject_sender_login_mismatch'] == 'y')) {
154154
$reject_sender_login_mismatch = ', reject_authenticated_sender_login_mismatch';
155155
}
156156
unset($server_ini_array);
157-
157+
158158
$postconf_placeholders = array('{config_dir}' => $config_dir,
159159
'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
160160
'{vmail_userid}' => $cf['vmail_userid'],
@@ -163,7 +163,7 @@ function configure_postfix($options = '')
163163
'{greylisting}' => $greylisting,
164164
'{reject_slm}' => $reject_sender_login_mismatch,
165165
);
166-
166+
167167
$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_postfix.conf.master', 'tpl/fedora_postfix.conf.master');
168168
$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
169169
$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
@@ -368,13 +368,13 @@ public function configure_dovecot()
368368
$virtual_transport = 'dovecot';
369369

370370
$configure_lmtp = false;
371-
371+
372372
// check if virtual_transport must be changed
373373
if ($this->is_update) {
374374
$tmp = $this->db->queryOneRecord("SELECT * FROM ?? WHERE server_id = ?", $conf["mysql"]["database"] . ".server", $conf['server_id']);
375375
$ini_array = ini_to_array(stripslashes($tmp['config']));
376376
// ini_array needs not to be checked, because already done in update.php -> updateDbAndIni()
377-
377+
378378
if(isset($ini_array['mail']['mailbox_virtual_uidgid_maps']) && $ini_array['mail']['mailbox_virtual_uidgid_maps'] == 'y') {
379379
$virtual_transport = 'lmtp:unix:private/dovecot-lmtp';
380380
$configure_lmtp = true;
@@ -452,7 +452,7 @@ public function configure_dovecot()
452452
if(version_compare($dovecot_version,2.3) >= 0) {
453453
// Remove deprecated setting(s)
454454
removeLine($config_dir.'/'.$configfile, 'ssl_protocols =');
455-
455+
456456
// Check if we have a dhparams file and if not, create it
457457
if(!file_exists('/etc/dovecot/dh.pem')) {
458458
swriteln('Creating new DHParams file, this takes several minutes. Do not interrupt the script.');
@@ -475,7 +475,7 @@ public function configure_dovecot()
475475
$content = str_replace('#2.3+','',$content);
476476
file_put_contents($config_dir.'/'.$configfile,$content);
477477
unset($content);
478-
478+
479479
} else {
480480
// remove settings which are not supported in Dovecot < 2.3
481481
removeLine($config_dir.'/'.$configfile, 'ssl_min_protocol =');
@@ -502,7 +502,7 @@ public function configure_dovecot()
502502
copy("$config_dir/$configfile", "$config_dir/$configfile~");
503503
exec("chmod 400 $config_dir/$configfile~");
504504
}
505-
505+
506506
if(!@file_exists('/etc/dovecot-sql.conf')) exec('ln -s /etc/dovecot/dovecot-sql.conf /etc/dovecot-sql.conf');
507507

508508
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/fedora_dovecot-sql.conf.master', "tpl/fedora_dovecot-sql.conf.master");
@@ -520,7 +520,7 @@ public function configure_dovecot()
520520

521521
exec("chmod 600 $config_dir/$configfile");
522522
exec("chown root:root $config_dir/$configfile");
523-
523+
524524
// Dovecot shall ignore mounts in website directory
525525
if(is_installed('doveadm')) exec("doveadm mount add '/var/www/*' ignore > /dev/null 2> /dev/null");
526526

@@ -543,12 +543,12 @@ public function configure_amavis() {
543543
$content = str_replace('{amavis_config_dir}', $conf['amavis']['config_dir'], $content);
544544
wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
545545
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0640);
546-
546+
547547
if(!is_file($conf['amavis']['config_dir'].'/60-dkim')) {
548548
touch($conf['amavis']['config_dir'].'/60-dkim');
549549
chmod($conf['amavis']['config_dir'].'/60-dkim', 0640);
550550
}
551-
551+
552552
// for CentOS 7.2 only
553553
if($dist['confid'] == 'centos72') {
554554
chmod($conf['amavis']['config_dir'].'/amavisd.conf', 0750);
@@ -752,16 +752,16 @@ public function configure_apache()
752752

753753
$tpl = new tpl('apache_ispconfig.conf.master');
754754
$tpl->setVar('apache_version',getapacheversion());
755-
755+
756756
if($this->is_update == true) {
757757
$tpl->setVar('logging',get_logging_state());
758758
} else {
759759
$tpl->setVar('logging','yes');
760760
}
761-
761+
762762
$records = $this->db->queryAllRecords("SELECT * FROM ?? WHERE server_id = ? AND virtualhost = 'y'", $conf['mysql']['master_database'] . '.server_ip', $conf['server_id']);
763763
$ip_addresses = array();
764-
764+
765765
if(is_array($records) && count($records) > 0) {
766766
foreach($records as $rec) {
767767
if($rec['ip_type'] == 'IPv6') {
@@ -780,7 +780,7 @@ public function configure_apache()
780780
}
781781
}
782782
}
783-
783+
784784
if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);
785785

786786
wf($vhost_conf_dir.'/ispconfig.conf', $tpl->grab());
@@ -843,7 +843,7 @@ public function configure_nginx(){
843843
//* add a sshusers group
844844
$command = 'groupadd sshusers';
845845
if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
846-
846+
847847
// add anonymized log option to nginxx.conf file
848848
$nginx_conf_file = $conf['nginx']['config_dir'].'/nginx.conf';
849849
if(is_file($nginx_conf_file)) {
@@ -853,7 +853,7 @@ public function configure_nginx(){
853853
replaceLine($nginx_conf_file, 'http {', "http {\n\n".file_get_contents('tpl/nginx_anonlog.master'), 0, 0);
854854
}
855855
}
856-
856+
857857
}
858858

859859
public function configure_bastille_firewall()
@@ -946,14 +946,14 @@ public function install_ispconfig()
946946
//* copy the ISPConfig server part
947947
$command = "cp -rf ../server $install_dir";
948948
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
949-
949+
950950
//* Make a backup of the security settings
951951
if(is_file('/usr/local/ispconfig/security/security_settings.ini')) copy('/usr/local/ispconfig/security/security_settings.ini','/usr/local/ispconfig/security/security_settings.ini~');
952-
952+
953953
//* copy the ISPConfig security part
954954
$command = 'cp -rf ../security '.$install_dir;
955955
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
956-
956+
957957
$configfile = 'security_settings.ini';
958958
if(is_file($install_dir.'/security/'.$configfile)) {
959959
copy($install_dir.'/security/'.$configfile, $install_dir.'/security/'.$configfile.'~');
@@ -1100,15 +1100,15 @@ public function install_ispconfig()
11001100
//* chown the interface files to the ispconfig user and group
11011101
$command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
11021102
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
1103-
1103+
11041104
//* chown the server files to the root user and group
11051105
$command = 'chown -R root:root '.$install_dir.'/server';
11061106
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
1107-
1107+
11081108
//* chown the security files to the root user and group
11091109
$command = 'chown -R root:root '.$install_dir.'/security';
11101110
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
1111-
1111+
11121112
//* chown the security directory and security_settings.ini to root:ispconfig
11131113
$command = 'chown root:ispconfig '.$install_dir.'/security/security_settings.ini';
11141114
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
@@ -1163,12 +1163,12 @@ public function install_ispconfig()
11631163
exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
11641164
exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
11651165
}
1166-
1166+
11671167
if(is_dir($install_dir.'/interface/invoices')) {
11681168
exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
11691169
exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
11701170
}
1171-
1171+
11721172
exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
11731173

11741174
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
@@ -1199,7 +1199,7 @@ public function install_ispconfig()
11991199
$sql = "UPDATE sys_user SET passwort = md5(?) WHERE username = 'admin';";
12001200
$this->db->query($sql, $conf['interface_password']);
12011201
}
1202-
1202+
12031203
if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
12041204
//* Copy the ISPConfig vhost for the controlpanel
12051205
// TODO: These are missing! should they be "vhost_dist_*_dir" ?
@@ -1228,7 +1228,7 @@ public function install_ispconfig()
12281228
} else {
12291229
$tpl->setVar('ssl_bundle_comment','#');
12301230
}
1231-
1231+
12321232
$tpl->setVar('apache_version',getapacheversion());
12331233

12341234
wf($vhost_conf_dir.'/ispconfig.vhost', $tpl->grab());
@@ -1241,24 +1241,16 @@ public function install_ispconfig()
12411241
exec("ln -s $vhost_conf_dir/ispconfig.vhost $vhost_conf_enabled_dir/000-ispconfig.vhost");
12421242
}
12431243

1244-
/*
1245-
exec('mkdir -p /var/www/php-fcgi-scripts/ispconfig');
1246-
exec('cp tpl/apache_ispconfig_fcgi_starter.master /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
1247-
exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
1248-
exec('ln -s /usr/local/ispconfig/interface/web /var/www/ispconfig');
1249-
exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
1250-
1251-
replaceLine('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter','PHPRC=','PHPRC=/etc/',0,0);
1252-
*/
1253-
//if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
12541244
$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
12551245
$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
12561246
$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
12571247
if(!is_dir('/var/www/php-fcgi-scripts/ispconfig')) exec('mkdir -p /var/www/php-fcgi-scripts/ispconfig');
1248+
$this->set_immutable('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', false);
12581249
wf('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
12591250
exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
12601251
if(!is_link('/var/www/ispconfig')) exec('ln -s /usr/local/ispconfig/interface/web /var/www/ispconfig');
12611252
exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
1253+
$this->set_immutable('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', true);
12621254
//}
12631255
//}
12641256
}
@@ -1373,10 +1365,10 @@ public function install_ispconfig()
13731365

13741366
//* Remove Domain module as its functions are available in the client module now
13751367
if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
1376-
1368+
13771369
// Add symlink for patch tool
13781370
if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
1379-
1371+
13801372
// Change mode of a few files from amavisd
13811373
if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user', 0640);
13821374
if(is_file($conf['amavis']['config_dir'].'/50-user~')) chmod($conf['amavis']['config_dir'].'/50-user~', 0400);

0 commit comments

Comments
 (0)