Update 'installer.sh'

2019-09-10 12:40:21 +02:00 · 2019-08-31 19:28:43 +02:00
12 changed files with 25 additions and 624 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +1 @@
-## 29-08-2019 / 31-08-2019:  
+## 29-08-2019:  
 Dev = done.  
 PostixAdmin, Postfix, Dovecot and Sieve working!  
 ## 31-08-2019  
 Started Alpha Branch.  
 PHP7.3 working!  
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 # Ubuntu-Mail
 **Get Started**:  
-wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/alpha/installer.sh  
+wget https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/dev/installer.sh  
 bash installer.sh 2>&1 | tee output.log  
 ### Sources
--- a/config/fail2ban/dovecot-pop3imap.conf
+++ b/config/fail2ban/dovecot-pop3imap.conf
@@ -1,3 +0,0 @@
 [Definition]
 failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P<host>\S*),.*
 ignoreregex =
--- a/config/fail2ban/jail.local
+++ b/config/fail2ban/jail.local
@@ -1,52 +0,0 @@
 [dovecot-pop3imap]
 enabled = true
 filter = dovecot-pop3imap
 action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp]
 logpath = /var/log/mail.log
 maxretry = 3
 findtime = 600
 bantime = 3600
 [postfix-sasl]
 enabled  = true
 port     = smtp
 filter   = postfix-sasl
 logpath  = /var/log/mail.log
 maxretry = 3
 findtime = 600
 bantime = 3600
 [rainloop]
 enabled = true
 port = http,https
 logpath = /opt/rainloop/data/_data_/_default_/logs/fail2ban/auth-fail.txt
 maxretry = 3
 findtime = 600
 bantime = 3600
 [nginx-http-auth]
 enabled = false
 filter  = nginx-http-auth
 action  = iptables-multiport[name=nginx-http-auth,port="80,443"]
 logpath = /var/log/nginx/error.log
 maxretry = 3
 findtime = 600
 bantime = 3600
 [sieve]
 enabled = false
 filter  = sieve
 action  = iptables-multiport[name=sieve,port="25,465,587"]
 logpath = /var/log/mail*log
 maxretry = 3
 findtime = 600
 bantime = 3600
 [ssh]
 enabled  = true
 port     = ssh
 filter   = sshd
 logpath  = /var/log/auth.log
 maxretry = 5
 findtime = 600
 bantime = 3600
--- a/config/fail2ban/postfix-sasl.conf
+++ b/config/fail2ban/postfix-sasl.conf
@@ -1,6 +0,0 @@
    # Fail2Ban filter for postfix authentication failures
    [INCLUDES]
    before = common.conf
    [Definition]
    _daemon = postfix/smtpd
    failregex = ^%(__prefix_line)swarning: [-._\w]+\[<HOST>\]: SASL (?:LOGIN|PLAIN|(?:CRAM|DIGEST)-MD5) authentication failed(: [ A-Za-z0-9+/]*={0,2})?\s*$
--- a/config/fail2ban/rainloop.conf
+++ b/config/fail2ban/rainloop.conf
@@ -1,3 +0,0 @@
 [Definition]
 failregex = Auth failed: ip=<HOST> user=.* host=.* port=.*$
 ignoreregex =
--- a/config/rainloop/application.ini
+++ b/config/rainloop/application.ini
@@ -1,351 +0,0 @@
 ; RainLoop Webmail configuration file
 ; Please don't add custom parameters here, those will be overwritten
 [webmail]
 ; Text displayed as page title
 title = "ICT Maatwerk Webmail"
 ; Text displayed on startup
 loading_description = "ICT Maatwerk Webmail"
 favicon_url = ""
 ; Theme used by default
 theme = "Blurred"
 ; Allow theme selection on settings screen
 allow_themes = On
 allow_user_background = Off
 ; Language used by default
 language = "nl_NL"
 ; Admin Panel interface language
 language_admin = "en"
 ; Allow language selection on settings screen
 allow_languages_on_settings = On
 allow_additional_accounts = Off
 allow_additional_identities = Off
 ;  Number of messages displayed on page by default
 messages_per_page = 20
 ; File size limit (MB) for file upload on compose screen
 ; 0 for unlimited.
 attachment_size_limit = 25
 [interface]
 show_attachment_thumbnail = On
 use_native_scrollbars = Off
 new_move_to_folder_button = On
 [branding]
 login_logo = ""
 login_background = ""
 login_desc = ""
 login_css = ""
 login_powered = Off
 user_css = ""
 user_logo = ""
 user_logo_title = ""
 user_logo_message = ""
 user_iframe_message = ""
 welcome_page_url = ""
 welcome_page_display = "none"
 [contacts]
 ; Enable contacts
 enable = On
 allow_sync = Off
 sync_interval = 20
 type = "mysql"
 pdo_dsn = "mysql:host=127.0.0.1;port=3306;dbname=MYSQLNAME"
 pdo_user = "MYSQLUSER"
 pdo_password = "MYSQLPASS"
 suggestions_limit = 30
 [security]
 ; Enable CSRF protection (http://en.wikipedia.org/wiki/Cross-site_request_forgery)
 csrf_protection = On
 custom_server_signature = "RainLoop"
 x_frame_options_header = ""
 openpgp = Off
 ; Login and password for web admin panel
 admin_login = "admin"
 admin_password = "12345"
 ; Access settings
 allow_admin_panel = Off
 allow_two_factor_auth = Off
 force_two_factor_auth = Off
 hide_x_mailer_header = Off
 admin_panel_host = ""
 admin_panel_key = "admin"
 content_security_policy = ""
 core_install_access_domain = ""
 [ssl]
 ; Require verification of SSL certificate used.
 verify_certificate = Off
 ; Allow self-signed certificates. Requires verify_certificate.
 allow_self_signed = On
 ; Location of Certificate Authority file on local filesystem (/etc/ssl/certs/ca-certificates.crt)
 cafile = ""
 ; capath must be a correctly hashed certificate directory. (/etc/ssl/certs/)
 capath = ""
 [capa]
 folders = On
 composer = On
 contacts = On
 settings = On
 quota = On
 help = On
 reload = On
 search = On
 search_adv = On
 filters = On
 x-templates = Off
 dangerous_actions = On
 message_actions = On
 messagelist_actions = On
 attachments_actions = On
 [login]
 default_domain = ""
 ; Allow language selection on webmail login screen
 allow_languages_on_login = On
 determine_user_language = On
 determine_user_domain = Off
 welcome_page = Off
 hide_submit_button = On
 forgot_password_link_url = ""
 registration_link_url = ""
 login_lowercase = On
 ; This option allows webmail to remember the logged in user
 ; once they closed the browser window.
 ; 
 ; Values:
 ;   "DefaultOff" - can be used, disabled by default;
 ;   "DefaultOn"  - can be used, enabled by default;
 ;   "Unused"     - cannot be used
 sign_me_auto = "DefaultOff"
 [plugins]
 ; Enable plugin support
 enable = Off
 ; List of enabled plugins
 enabled_list = ""
 [defaults]
 ; Editor mode used by default (Plain, Html, HtmlForced or PlainForced)
 view_editor_type = "Html"
 ; layout: 0 - no preview, 1 - side preview, 2 - bottom preview
 view_layout = 1
 view_use_checkboxes = On
 autologout = 30
 show_images = Off
 contacts_autosave = On
 mail_use_threads = Off
 allow_draft_autosave = On
 mail_reply_same_folder = Off
 [logs]
 ; Enable logging
 enable = On
 ; Logs entire request only if error occured (php requred)
 write_on_error_only = Off
 ; Logs entire request only if php error occured
 write_on_php_error_only = Off
 ; Logs entire request only if request timeout (in seconds) occured.
 write_on_timeout_only = 0
 ; Required for development purposes only.
 ; Disabling this option is not recommended.
 hide_passwords = On
 time_offset = "0"
 session_filter = ""
 ; Log filename.
 ; For security reasons, some characters are removed from filename.
 ; Allows for pattern-based folder creation (see examples below).
 ; 
 ; Patterns:
 ;   {date:Y-m-d}  - Replaced by pattern-based date
 ;                   Detailed info: http://www.php.net/manual/en/function.date.php
 ;   {user:email}  - Replaced by user's email address
 ;                   If user is not logged in, value is set to "unknown"
 ;   {user:login}  - Replaced by user's login (the user part of an email)
 ;                   If user is not logged in, value is set to "unknown"
 ;   {user:domain} - Replaced by user's domain name (the domain part of an email)
 ;                   If user is not logged in, value is set to "unknown"
 ;   {user:uid}    - Replaced by user's UID regardless of account currently used
 ; 
 ;   {user:ip}
 ;   {request:ip}  - Replaced by user's IP address
 ; 
 ; Others:
 ;   {imap:login} {imap:host} {imap:port}
 ;   {smtp:login} {smtp:host} {smtp:port}
 ; 
 ; Examples:
 ;   filename = "log-{date:Y-m-d}.txt"
 ;   filename = "{date:Y-m-d}/{user:domain}/{user:email}_{user:uid}.log"
 ;   filename = "{user:email}-{date:Y-m-d}.txt"
 filename = "log-{date:Y-m-d}.txt"
 ; Enable auth logging in a separate file (for fail2ban)
 auth_logging = On
 auth_logging_filename = "fail2ban/auth-fail.txt"
 auth_logging_format = "[{date:Y-m-d H:i:s T}] Auth failed: ip={request:ip} user={imap:login} host={imap:host} port={imap:port}"
 [debug]
 ; Special option required for development purposes
 enable = Off
 [social]
 ; Google
 google_enable = Off
 google_enable_auth = Off
 google_enable_auth_fast = Off
 google_enable_drive = Off
 google_enable_preview = Off
 google_client_id = ""
 google_client_secret = ""
 google_api_key = ""
 ; Facebook
 fb_enable = Off
 fb_app_id = ""
 fb_app_secret = ""
 ; Twitter
 twitter_enable = Off
 twitter_consumer_key = ""
 twitter_consumer_secret = ""
 ; Dropbox
 dropbox_enable = Off
 dropbox_api_key = ""
 [cache]
 ; The section controls caching of the entire application.
 ; 
 ; Enables caching in the system
 enable = On
 ; Additional caching key. If changed, cache is purged
 index = "v1"
 ; Can be: files, APC, memcache, redis (beta)
 fast_cache_driver = "files"
 ; Additional caching key. If changed, fast cache is purged
 fast_cache_index = "v1"
 ; Browser-level cache. If enabled, caching is maintainted without using files
 http = On
 ; Browser-level cache time (seconds, Expires header)
 http_expires = 3600
 ; Caching message UIDs when searching and sorting (threading)
 server_uids = On
 [labs]
 ; Experimental settings. Handle with care.
 ; 
 allow_mobile_version = On
 ignore_folders_subscription = Off
 check_new_password_strength = On
 update_channel = "stable"
 allow_gravatar = On
 allow_prefetch = On
 allow_smart_html_links = On
 cache_system_data = On
 date_from_headers = On
 autocreate_system_folders = On
 allow_message_append = Off
 disable_iconv_if_mbstring_supported = Off
 login_fault_delay = 1
 log_ajax_response_write_limit = 300
 allow_html_editor_source_button = Off
 allow_html_editor_biti_buttons = Off
 allow_ctrl_enter_on_compose = On
 try_to_detect_hidden_images = Off
 hide_dangerous_actions = Off
 use_app_debug_js = Off
 use_mobile_version_for_tablets = Off
 use_app_debug_css = Off
 use_imap_sort = On
 use_imap_force_selection = Off
 use_imap_list_subscribe = On
 use_imap_thread = On
 use_imap_move = Off
 use_imap_expunge_all_on_delete = Off
 imap_forwarded_flag = "$Forwarded"
 imap_read_receipt_flag = "$ReadReceipt"
 imap_body_text_limit = 555000
 imap_message_list_fast_simple_search = On
 imap_message_list_count_limit_trigger = 0
 imap_message_list_date_filter = 0
 imap_message_list_permanent_filter = ""
 imap_message_all_headers = Off
 imap_large_thread_limit = 50
 imap_folder_list_limit = 200
 imap_show_login_alert = On
 imap_use_auth_plain = On
 imap_use_auth_cram_md5 = Off
 smtp_show_server_errors = Off
 smtp_use_auth_plain = On
 smtp_use_auth_cram_md5 = Off
 sieve_allow_raw_script = Off
 sieve_utf8_folder_name = On
 sieve_auth_plain_initial = On
 sieve_allow_fileinto_inbox = Off
 imap_timeout = 300
 smtp_timeout = 60
 sieve_timeout = 10
 domain_list_limit = 99
 mail_func_clear_headers = On
 mail_func_additional_parameters = Off
 favicon_status = On
 folders_spec_limit = 50
 owncloud_save_folder = "Attachments"
 owncloud_suggestions = On
 curl_proxy = ""
 curl_proxy_auth = ""
 in_iframe = Off
 force_https = Off
 custom_login_link = ""
 custom_logout_link = ""
 allow_external_login = Off
 allow_external_sso = Off
 external_sso_key = ""
 http_client_ip_check_proxy = Off
 fast_cache_memcache_host = "127.0.0.1"
 fast_cache_memcache_port = 11211
 fast_cache_redis_host = "127.0.0.1"
 fast_cache_redis_port = 6379
 use_local_proxy_for_external_images = Off
 detect_image_exif_orientation = On
 cookie_default_path = ""
 cookie_default_secure = Off
 check_new_messages = On
 replace_env_in_configuration = ""
 startup_url = ""
 strict_html_parser = Off
 allow_cmd = Off
 dev_email = ""
 dev_password = ""
--- a/config/rainloop/domains-default.ini
+++ b/config/rainloop/domains-default.ini
@@ -1,16 +0,0 @@
 imap_host = "localhost"
 imap_port = 993
 imap_secure = "SSL"
 imap_short_login = Off
 sieve_use = Off
 sieve_allow_raw = Off
 sieve_host = ""
 sieve_port = 4190
 sieve_secure = "None"
 smtp_host = "localhost"
 smtp_port = 465
 smtp_secure = "SSL"
 smtp_short_login = Off
 smtp_auth = On
 smtp_php_mail = Off
 white_list = ""
--- a/config/rainloop/update-tools.sh
+++ b/config/rainloop/update-tools.sh
@@ -1,33 +0,0 @@
 #!/usr/bin/env bash
 ### Begin update tool script
 new_signature=$(curl -s "https://www.rainloop.net/repository/webmail/rainloop-community-latest.zip.asc")
 old_signature=$(cat "/var/log/rainloop-installed.asc" || true)
 TMPDIR=$(mktemp -d) 
 printf "RainLoop: checking for upgrades... "
 if [ "$new_signature" != "$old_signature" ];
 then
  echo "found"
  echo "RainLoop: upgrading..." 
  wget http://www.rainloop.net/repository/webmail/rainloop-community-latest.zip -O $TMPDIR/rlcl.zip
  unzip -q $TMPDIR/rlcl.zip -d $TMPDIR
  cp -r $TMPDIR/rainloop /opt/rainloop/
  cp -r $TMPDIR/data/EMPTY /opt/rainloop/data/EMPTY
  cp -r $TMPDIR/data/VERSION /opt/rainloop/data/VERSION
  cp -r $TMPDIR/index.php /opt/rainloop/index.php
  rm -rf $TMPDIR
  chown -R www-data:www-data  /opt/rainloop
  find /opt/rainloop/ -type d -exec chmod 755 {} \;
  find /opt/rainloop/ -type f -exec chmod 644 {} \;
  echo "$new_signature" > /var/log/rainloop-installed.asc
  echo "RainLoop: upgrade complete"
 else
  echo "not found"
 fi
 echo "Done" 
 ### End update tool script
--- a/installer.sh
+++ b/installer.sh
@@ -1,6 +1,6 @@
-###===========================================================
+###============================================================
 ##      Ubuntu 18.04 Mailserver installer
-###===========================================================
+###============================================================
 ##----------##
@@ -20,13 +20,13 @@
 #    Static-Vars    #
 ##-----------------##
 echo "Static-Vars"
-domain=ict-dagbesteding.nl
+domain=ictdagbesteding.nl
 password=JW9t9ipdgLrWvMqHq7hX
 email=admin@ictdagbesteding.nl
 phpver=7.3
 domonly=${domain}
 domain=mail.${domain}
-branch=alpha
+branch=dev
 dhparam=1024
 ##----------------##
 #    Pre-Config    #
@@ -37,11 +37,9 @@ hostnamectl set-hostname $domain
 apt update
 add-apt-repository universe -y
 add-apt-repository ppa:ondrej/php -y
-apt install software-properties-common -y
+apt install mysql-server software-properties-common wget -y
 apt upgrade -y
 apt autoremove -y
 timedatectl set-timezone Europe/Amsterdam
 mkdir -p /etc/nginx
 mkdir -p /var/www/"$domain"/html
 chmod -R 755 /var/www
@@ -167,20 +165,18 @@ ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/
 ##-------------------------------##
 #    NGINX Single core bug fix    #
 ##-------------------------------##
 echo "NGINX Single core bug fix"
 mkdir /etc/systemd/system/nginx.service.d
 printf "[Service]\nExecStartPost=/bin/sleep 0.1\n" > /etc/systemd/system/nginx.service.d/override.conf
 systemctl daemon-reload
 systemctl restart nginx
 ##-----------------------##
 #    MySQL Installation   #
 ##-----------------------##
 wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-MySQL/raw/branch/master/mysql-8.0.sh -O /tmp/mysql-8.0.sh
 source /tmp/mysql-8.0.sh
 ##------------------------------##
 #    MySQL_Secure_Installation   #
 ##------------------------------##
 echo "MySQL_Secure_Installation"
 mysqladmin -u root password "$password"
 mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1')"
 mysql -u root -p"$password" -e "DELETE FROM mysql.user WHERE User=''"
@@ -189,12 +185,14 @@ mysql -u root -p"$password" -e "SELECT user,authentication_string,plugin,host FR
 mysql -u root -p"$password" -e "ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '"$password"';"
 mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
-##-----------------------------##
+##-----------##
-#    MySQL Database Creation    #
+#    MySQL    #
-##-----------------------------##
+##-----------##
 echo "MySQL"
 mkdir -p /etc/nginx
 mysql -u root -p"$password" -e "CREATE DATABASE postfixadmin;"
-mysql -u root -p"$password" -e "CREATE USER '"postfixadmin"'@'localhost' IDENTIFIED BY '"$password"';"
+mysql -u root -p"$password" -e "GRANT ALL ON postfixadmin.* TO 'postfixadmin'@'localhost' IDENTIFIED BY '"$password"';"
 mysql -u root -p"$password" -e "GRANT ALL ON "postfixadmin".* TO "postfixadmin"@'localhost';"
 mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
 ##------------------##
@@ -219,11 +217,12 @@ useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /var/mail/vmail -m vmail
 ##-------------##
 #    Certbot    #
 ##-------------##
-#add-apt-repository ppa:certbot/certbot -y
+add-apt-repository ppa:certbot/certbot -y
-#apt install -y python-certbot-nginx
+apt install -y python-certbot-nginx
 mkdir -p /etc/letsencrypt/live/$domain/
-#certbot --nginx -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
+certbot --nginx -n -d "$domain" -m "$email" --hsts --redirect --no-eff-email --agree-tos
-#echo "certbot --nginx -n -d $domain -m $email --hsts --redirect --no-eff-email --agree-tos" > ~/certbotactivate.sh
+echo "certbot --nginx -n -d $domain -m $email --hsts --redirect --no-eff-email --agree-tos" > ~/certbotactivate.sh
 bash ~/certbotactivate.sh
 sed -i 's/ssl ipv6only/ssl http2 ipv6only/g' /etc/nginx/sites-available/"$domain"
 sed -i 's/listen 443 ssl/listen 443 ssl http2/g' /etc/nginx/sites-available/"$domain"
 sed -i 's#include /etc/letsencrypt/options-ssl-nginx.conf;#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;#g' /etc/nginx/sites-available/"$domain"
@@ -315,31 +314,12 @@ wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$bra
 sievec /etc/dovecot/sieve/default.sieve
 chown vmail:vmail /etc/dovecot/sieve/ -R
 ##--------------##
 #    Rainloop    #
 ##--------------##
 apt install unzip -y
 wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/rainloop.sh -O /tmp/rainloop.sh
 source /tmp/rainloop.sh
 ln -s /opt/rainloop /var/www/"$domain"/html/
 ##--------------##
 #    Fail2Ban    #
 ##--------------##
 apt install fail2ban -y
 wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/fail2ban/dovecot-pop3imap.conf -O /etc/fail2ban/filter.d/dovecot-pop3imap.conf
 wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/fail2ban/postfix-sasl.conf -O /etc/fail2ban/filter.d/postfix-sasl.conf
 wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/fail2ban/rainloop.conf -O /etc/fail2ban/filter.d/rainloop.conf
 wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/fail2ban/jail.local -O /etc/fail2ban/jail.local
 sed -i 's/root@localhost/'$email'/g' /etc/fail2ban/jail.conf
 systemctl restart fail2ban
 ##-----------------------##
 #    Enabling Services    #
 ##-----------------------##
-systemctl enable postfix.service postfix@-.service dovecot.service fail2ban.service
+systemctl enable postfix.service postfix@-.service dovecot.service
 ##-----------------------##
 #    Starting Services    #
 ##-----------------------##
-systemctl restart postfix.service postfix@-.service dovecot.service fail2ban.service
+systemctl restart postfix.service postfix@-.service dovecot.service
--- a/mysql-8.0.sh
+++ b/mysql-8.0.sh
@@ -1,58 +0,0 @@
 ##------------##
 #     MySQL    #
 ##------------##
 export DEBIAN_FRONTEND=noninteractive
 apt install gnupg -y
 debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/repo-codename select bionic'
 debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/repo-distro select ubuntu'
 debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/repo-url string http://repo.mysql.com/apt/'
 debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/select-preview select '
 debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/select-product select Ok'
 debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/select-server select mysql-8.0'
 debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/select-tools select '
 debconf-set-selections <<< 'mysql-apt-config mysql-apt-config/unsupported-platform select abort'
 debconf-set-selections <<< "mysql-community-server mysql-community-server/root-pass password $password"
 debconf-set-selections <<< "mysql-community-server mysql-community-server/re-root-pass password $password"
 debconf-set-selections <<< "mysql-community-server mysql-server/default-auth-override select Use Legacy Authentication Method (Retain MySQL 5.x Compatibility)"
 wget https://dev.mysql.com/get/mysql-apt-config_0.8.13-1_all.deb -O /tmp/mysql-apt-conf.deb
 dpkg -i /tmp/mysql-apt-conf.deb
 apt-get update
 apt-get install -y mysql-server
 rm /etc/mysql/mysql.conf.d/mysqld.cnf
 cat > /etc/mysql/mysql.conf.d/mysqld.cnf <<- "EOF"
 [mysqld]
 user            = mysql
 pid-file        = /var/run/mysqld/mysqld.pid
 socket          = /var/run/mysqld/mysqld.sock
 port            = 3306
 basedir         = /usr
 datadir         = /var/lib/mysql
 tmpdir          = /tmp
 lc-messages-dir = /usr/share/mysql
 skip-external-locking
 innodb_buffer_pool_size = 1G # (adjust value here, 50%-70% of total RAM)
 innodb_log_file_size = 256M
 innodb_flush_log_at_trx_commit = 1 # may change to 2 or 0
 innodb_flush_method = O_DIRECT
 bind-address            = 127.0.0.1
 key_buffer_size         = 16M
 max_allowed_packet      = 16M
 thread_stack            = 192K
 thread_cache_size       = 8
 myisam-recover-options  = BACKUP
 #max_connections = 100
 #table_open_cache = 64
 #innodb-thread-concurrency     = 10
 log_error = /var/log/mysql/error.log
 expire_logs_days        = 10
 max_binlog_size   = 100M
 EOF
 systemctl restart mysql
 systemctl enable mysql
--- a/rainloop.sh
+++ b/rainloop.sh
@@ -1,51 +0,0 @@
 ##
 # Crates system wide avalible rainloop instance 
 # to enable this on a domain create a symlink to the webroot
 #
 # and don't forget disable acces to data folder in nginx 
 ##
 apt install php${phpver}-curl php${phpver}-dom unzip gnupg2 curl -y
 ##install
 mkdir -p /opt/rainloop
 wget http://www.rainloop.net/repository/webmail/rainloop-community-latest.zip -O /tmp/rlcl.zip
 unzip -q /tmp/rlcl.zip -d /opt/rainloop
 rm  /tmp/rlcl.zip
 php /opt/rainloop/index.php  > /dev/null 2>&1
 rm -f /opt/rainloop/data/_data_/_default_/domains/*
 #fetching config files
 mkdir -p /opt/rainloop/data/_data_/_default_/domains/
 mkdir -p /opt/rainloop/data/_data_/_default_/configs/
 wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/rainloop/domains-default.ini -O /opt/rainloop/data/_data_/_default_/domains/default.ini
 wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/rainloop/application.ini -O /opt/rainloop/data/_data_/_default_/configs/application.ini
 #setting Permissions
 chown -R www-data:www-data  /opt/rainloop
 find /opt/rainloop/ -type d -exec chmod 755 {} \;
 find /opt/rainloop/ -type f -exec chmod 644 {} \;
 #Storing version signature for auto updates
 signature=$(curl -s "https://www.rainloop.net/repository/webmail/rainloop-community-latest.zip.asc")
 echo "$signature" > /var/log/rainloop-installed.asc
 #creating Contact DB
 db_name="rainloop_contacts"
 db_user="rainloop_contacts"
 db_pass=$(date +%s|sha256sum|base64|head -c 32)
 mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;"
 mysql -u root -p"$password" -e "CREATE USER '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';"
 mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost';"
 mysql -u root -p"$password" -e "FLUSH PRIVILEGES;"
 sed -i 's/MYSQLPASS/'$db_pass'/g' /opt/rainloop/data/_data_/_default_/configs/application.ini
 sed -i 's/MYSQLUSER/'$db_user'/g' /opt/rainloop/data/_data_/_default_/configs/application.ini
 sed -i 's/MYSQLNAME/'$db_name'/g' /opt/rainloop/data/_data_/_default_/configs/application.ini
 #scripts for enableing/disabling admin panel
 echo "sed -i 's/allow_admin_panel = Off/allow_admin_panel = On/g'  /opt/rainloop/data/_data_/_default_/configs/application.ini" > ~/Enable-RLadmin.sh
 echo "sed -i 's/allow_admin_panel = On/allow_admin_panel = Off/g'  /opt/rainloop/data/_data_/_default_/configs/application.ini" > ~/Disable-RLadmin.sh
 #downloading Update tool
 wget -q -t7 https://git.ictmaatwerk.com/VPS-scripts/Ubuntu-Mail/raw/branch/"$branch"/config/rainloop/update-tools.sh -O /opt/update-rainloop.sh
 chmod +x /opt/update-rainloop.sh
Author	SHA1	Message	Date
b.waal	d5c3d58544	Update 'installer.sh'	2019-09-10 12:40:21 +02:00
b.waal	398475f560	Update 'installer.sh'	2019-08-31 19:28:43 +02:00