From 8cafe069826139e276b82001ea864009b647d5c8 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 18 Dec 2020 15:31:36 +0100 Subject: [PATCH 01/64] Reset branch in installer after merge --- installer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer.sh b/installer.sh index f39d02a..461aa2c 100644 --- a/installer.sh +++ b/installer.sh @@ -24,7 +24,7 @@ fi #Git-repo repo=https://git.ictmaatwerk.com/VPS-scripts/Web-V2 -branch=PHP8-Testing +branch=master branchtype=branch #=branch for branch and =tag for release #Installer-config phpver=7.4 -- 2.52.0 From afffd9f74d08e02f458c26d139827b18a6d1601d Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 8 Jan 2021 14:26:33 +0100 Subject: [PATCH 02/64] Added monit to backend CMS --- CMS/Backend/apache-siteBackend-unconfigured | 12 +++++++ CMS/Backend/conf.sh | 3 +- CMS/Backend/nginx-siteBackend-unconfigured | 5 +++ CoreModules/apache/conf.sh | 11 ++++-- CoreModules/nginx/conf.sh | 12 +++++++ Scripts/toggles/toggle-Monit_APACHE.sh | 39 +++++++++++++++++++++ Scripts/toggles/toggle-Monit_NGINX.sh | 39 +++++++++++++++++++++ 7 files changed, 117 insertions(+), 4 deletions(-) create mode 100644 Scripts/toggles/toggle-Monit_APACHE.sh create mode 100644 Scripts/toggles/toggle-Monit_NGINX.sh diff --git a/CMS/Backend/apache-siteBackend-unconfigured b/CMS/Backend/apache-siteBackend-unconfigured index 435201a..275680c 100644 --- a/CMS/Backend/apache-siteBackend-unconfigured +++ b/CMS/Backend/apache-siteBackend-unconfigured @@ -20,4 +20,16 @@ Alias /backend/database /usr/share/phpmyadmin + + RewriteEngine on + RewriteRule /monit /monit/$1 [R] + + + #enables/disables monit-websocket + deny from all + ProxyPass unix:/var/run/monit/monit.sock|http://127.0.0.1/ + ProxyPassReverse unix:/var/run/monit/monit.sock|http://127.0.0.1/ + + + #endConf diff --git a/CMS/Backend/conf.sh b/CMS/Backend/conf.sh index 10662aa..cacae23 100644 --- a/CMS/Backend/conf.sh +++ b/CMS/Backend/conf.sh @@ -11,4 +11,5 @@ chown Backend:Backend -R /var/log/PhpMyAdmin systemctl reload "$phpFPMService" #Auto disable backends at night echo "0 0 * * * root bash /opt/toggle/toggle-Netdata.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend -echo "0 0 * * * root bash /opt/toggle/toggle-PhpMyAdmin.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend \ No newline at end of file +echo "0 0 * * * root bash /opt/toggle/toggle-PhpMyAdmin.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend +echo "0 0 * * * root bash /opt/toggle/toggle-MonitWebui.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend \ No newline at end of file diff --git a/CMS/Backend/nginx-siteBackend-unconfigured b/CMS/Backend/nginx-siteBackend-unconfigured index cdaaebb..644b72b 100644 --- a/CMS/Backend/nginx-siteBackend-unconfigured +++ b/CMS/Backend/nginx-siteBackend-unconfigured @@ -34,6 +34,11 @@ location = /backend/netdata { } } + location /backend/monit/ { + deny all; #enables/disables monit-websocket + proxypass http://unix:/var/run/monit/monit.sock:/; + } + location ~ /\.ht { deny all; } diff --git a/CoreModules/apache/conf.sh b/CoreModules/apache/conf.sh index a46ec9b..d6dacb2 100644 --- a/CoreModules/apache/conf.sh +++ b/CoreModules/apache/conf.sh @@ -9,6 +9,7 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist a2dismod mpm_prefork > $OUTPUT 2>&1 a2enmod actions fcgid alias proxy_fcgi ssl headers http2 setenvif socache_shmcb > $OUTPUT 2>&1 mkdir -p "$apacheConfDir"/snippets/ + monitconf=/etc/monit/monitrc elif [ "$shortdist" = "el8" ]; then echo 'IncludeOptional conf-enabled/*.conf' >>/etc/httpd/conf/httpd.conf echo 'IncludeOptional sites-enabled/*.conf' >>/etc/httpd/conf/httpd.conf @@ -18,6 +19,7 @@ elif [ "$shortdist" = "el8" ]; then mkdir -p /etc/httpd/{sites-available,sites-enabled,conf-enabled,conf-available,snippets} #getting aditional apache config for centos curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/conf-httpd-custom.conf -o "$apacheConfDir"/conf-enabled/zzz-Httpd-custom.conf + monitconf=/etc/monitrc fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/snippets-ssl.conf -o "$apacheConfDir"/snippets/apa-ssl.conf @@ -54,12 +56,15 @@ ln -s "$apacheConfDir"/sites-available/Backend_nossl.conf "$apacheConfDir"/sites curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/apache/config/apache2/site_ssl-unconfigured >> "$apacheConfDir"/sites-available/Backend_ssl.conf sed -i -e 's/DOMAINname/'$hostname'/g' "$apacheConfDir"/sites-available/Backend_ssl.conf - +#BackendToggle mkdir -p /opt/toggle +##Phpmyadmin curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-PhpMyAdmin_APACHE.sh -o /opt/toggle/toggle-PhpMyAdmin.sh sed -i -e 's/APASRV/'$apacheService'/' -e 's#APADIR#'$apacheConfDir'#' /opt/toggle/toggle-PhpMyAdmin.sh - - +##monit +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-Monit_APACHE.sh -o /opt/toggle/toggle-MonitWebui.sh +sed -i -e 's/MONITCONF/'$monitconf'/' -e 's/APASRV/'$apacheService'/' -e 's#APADIR#'$apacheConfDir'#' /opt/toggle/toggle-MonitWebui.sh +unset monitconf # custom Welcome page diff --git a/CoreModules/nginx/conf.sh b/CoreModules/nginx/conf.sh index 627fd53..3e397cd 100644 --- a/CoreModules/nginx/conf.sh +++ b/CoreModules/nginx/conf.sh @@ -36,9 +36,21 @@ ln -s /etc/nginx/sites-available/Backend_nossl /etc/nginx/sites-enabled/Backend curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/nginx/config/nginx/site_ssl-unconfigured >> /etc/nginx/sites-available/Backend_ssl sed -i -e 's/DOMAINname/'$hostname'/g' /etc/nginx/sites-available/Backend_ssl +#toggles mkdir -p /opt/toggle +##phpmyadmin toggle curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-Netdata_NGINX.sh -o /opt/toggle/toggle-Netdata.sh curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-PhpMyAdmin_NGINX.sh -o /opt/toggle/toggle-PhpMyAdmin.sh +##monit toggle +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then + monitconf=/etc/monit/monitrc +elif [ "$shortdist" = "el8" ]; then + monitconf=/etc/monitrc +fi +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-Monit_NGINX.sh -o /opt/toggle/toggle-MonitWebui.sh +sed -i -e 's/MONITCONF/'$monitconf'/' /opt/toggle/toggle-MonitWebui.sh +unset monitconf + # custom Welcome page echo "$webserv is functioning normally" > /usr/share/nginx/html/index.html diff --git a/Scripts/toggles/toggle-Monit_APACHE.sh b/Scripts/toggles/toggle-Monit_APACHE.sh new file mode 100644 index 0000000..122b4b4 --- /dev/null +++ b/Scripts/toggles/toggle-Monit_APACHE.sh @@ -0,0 +1,39 @@ +function usage { + echo "Usage: $0 [option...]" >&2 + echo + echo " -e, Enable MonitWebui" + echo " -d, Disable MonitWebui" + echo " -h, Shows this information" + echo +} +if [ -n "$1" ]; then + if [[ ! -f /etc/ICTM/toggle.conf ]]; then + echo "Creating File" + touch /etc/ICTM/toggle.conf + fi + source /etc/ICTM/toggle.conf + if [ -z "$MonitWeb" ]; then + echo "Creating Var" + echo "MonitWeb=3" >> /etc/ICTM/toggle.conf + MonitWeb=3 + fi + if [[ "$1" = "-d" && "$MonitWeb" != 0 ]]; then + echo "Disable MonitWebui" + sed -i '/MonitWeb=/c\MonitWeb=0' /etc/ICTM/toggle.conf + sed -i --follow-symlinks '/#enables\/disables monit-websocket/!b;n;cdeny from all' /APADIR/sites-enabled/010-Backend.conf + sed -i '/#enables\/disables monit-websocket/ s/^#*/#/' MONITCONF + systemctl reload APASRV monit + elif [[ "$1" = "-e" && "$MonitWeb" != 1 ]]; then + echo "Enable MonitWebui" + sed -i '/MonitWeb=/c\MonitWeb=1' /etc/ICTM/toggle.conf + sed -i --follow-symlinks '/#enables\/disables monit-websocket/!b;n;c#deny from all' /APADIR/sites-enabled/010-Backend.conf + sed -i '/#enables\/disables monit-websocket/ s/^.//' MONITCONF + systemctl reload APASRV monit + elif [[ "$1" = "-h" ]]; then + usage + else + echo "Oopsie!" + fi +else + usage +fi \ No newline at end of file diff --git a/Scripts/toggles/toggle-Monit_NGINX.sh b/Scripts/toggles/toggle-Monit_NGINX.sh new file mode 100644 index 0000000..4091ad4 --- /dev/null +++ b/Scripts/toggles/toggle-Monit_NGINX.sh @@ -0,0 +1,39 @@ +function usage { + echo "Usage: $0 [option...]" >&2 + echo + echo " -e, Enable MonitWebui" + echo " -d, Disable MonitWebui" + echo " -h, Shows this information" + echo +} +if [ -n "$1" ]; then + if [[ ! -f /etc/ICTM/toggle.conf ]]; then + echo "Creating File" + touch /etc/ICTM/toggle.conf + fi + source /etc/ICTM/toggle.conf + if [ -z "$MonitWeb" ]; then + echo "Creating Var" + echo "MonitWeb=3" >> /etc/ICTM/toggle.conf + MonitWeb=3 + fi + if [[ "$1" = "-d" && "$MonitWeb" != 0 ]]; then + echo "Disable MonitWebui" + sed -i '/MonitWeb=/c\MonitWeb=0' /etc/ICTM/toggle.conf + sed -i --follow-symlinks '/deny all; #enables\/disables monit-websocket/c\ deny all; #enables\/disables monit-websocket' /etc/nginx/sites-enabled/Backend + sed -i '/#enables\/disables monit-websocket/ s/^#*/#/' MONITCONF + systemctl reload nginx monit + elif [[ "$1" = "-e" && "$MonitWeb" != 1 ]]; then + echo "Enable MonitWebui" + sed -i '/MonitWeb=/c\MonitWeb=1' /etc/ICTM/toggle.conf + sed -i --follow-symlinks '/deny all; #enables\/disables monit-websocket/c\ #deny all; #enables\/disables monit-websocket' /etc/nginx/sites-enabled/Backend + sed -i '/#enables\/disables monit-websocket/ s/^.//' MONITCONF + systemctl reload nginx monit + elif [[ "$1" = "-h" ]]; then + usage + else + echo "Oopsie!" + fi +else + usage +fi \ No newline at end of file -- 2.52.0 From d123670a71dbc1a4ba91becf9c07c03ea30ed6fc Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 8 Jan 2021 15:11:02 +0100 Subject: [PATCH 03/64] fixed typos in config for monit --- CMS/Backend/apache-siteBackend-unconfigured | 2 +- CMS/Backend/nginx-siteBackend-unconfigured | 2 +- CoreModules/apache/conf.sh | 4 ++-- CoreModules/nginx/conf.sh | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/CMS/Backend/apache-siteBackend-unconfigured b/CMS/Backend/apache-siteBackend-unconfigured index 275680c..bc7112a 100644 --- a/CMS/Backend/apache-siteBackend-unconfigured +++ b/CMS/Backend/apache-siteBackend-unconfigured @@ -22,7 +22,7 @@ Alias /backend/database /usr/share/phpmyadmin RewriteEngine on - RewriteRule /monit /monit/$1 [R] + RewriteRule /backend/monit /backend/monit/$1 [R] #enables/disables monit-websocket diff --git a/CMS/Backend/nginx-siteBackend-unconfigured b/CMS/Backend/nginx-siteBackend-unconfigured index 644b72b..d7fe94f 100644 --- a/CMS/Backend/nginx-siteBackend-unconfigured +++ b/CMS/Backend/nginx-siteBackend-unconfigured @@ -36,7 +36,7 @@ location = /backend/netdata { location /backend/monit/ { deny all; #enables/disables monit-websocket - proxypass http://unix:/var/run/monit/monit.sock:/; + proxy_pass http://unix:/var/run/monit/monit.sock:/; } location ~ /\.ht { diff --git a/CoreModules/apache/conf.sh b/CoreModules/apache/conf.sh index d6dacb2..2b0fcf6 100644 --- a/CoreModules/apache/conf.sh +++ b/CoreModules/apache/conf.sh @@ -7,7 +7,7 @@ systemctl stop $apacheService > $OUTPUT 2>&1 if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then a2dissite 000-default > $OUTPUT 2>&1 a2dismod mpm_prefork > $OUTPUT 2>&1 - a2enmod actions fcgid alias proxy_fcgi ssl headers http2 setenvif socache_shmcb > $OUTPUT 2>&1 + a2enmod actions fcgid alias proxy_fcgi ssl headers http2 setenvif socache_shmcb rewrite > $OUTPUT 2>&1 mkdir -p "$apacheConfDir"/snippets/ monitconf=/etc/monit/monitrc elif [ "$shortdist" = "el8" ]; then @@ -63,7 +63,7 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/to sed -i -e 's/APASRV/'$apacheService'/' -e 's#APADIR#'$apacheConfDir'#' /opt/toggle/toggle-PhpMyAdmin.sh ##monit curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-Monit_APACHE.sh -o /opt/toggle/toggle-MonitWebui.sh -sed -i -e 's/MONITCONF/'$monitconf'/' -e 's/APASRV/'$apacheService'/' -e 's#APADIR#'$apacheConfDir'#' /opt/toggle/toggle-MonitWebui.sh +sed -i -e 's#MONITCONF#'$monitconf'#' -e 's/APASRV/'$apacheService'/' -e 's#APADIR#'$apacheConfDir'#' /opt/toggle/toggle-MonitWebui.sh unset monitconf diff --git a/CoreModules/nginx/conf.sh b/CoreModules/nginx/conf.sh index 3e397cd..5733e62 100644 --- a/CoreModules/nginx/conf.sh +++ b/CoreModules/nginx/conf.sh @@ -48,7 +48,7 @@ elif [ "$shortdist" = "el8" ]; then monitconf=/etc/monitrc fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-Monit_NGINX.sh -o /opt/toggle/toggle-MonitWebui.sh -sed -i -e 's/MONITCONF/'$monitconf'/' /opt/toggle/toggle-MonitWebui.sh +sed -i -e 's#MONITCONF#'$monitconf'#' /opt/toggle/toggle-MonitWebui.sh unset monitconf -- 2.52.0 From f0e0eef8bc47431115bbbd673a19afb02640cfac Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 8 Jan 2021 15:30:30 +0100 Subject: [PATCH 04/64] enabled http proxy apahce module by default --- CoreModules/apache/conf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CoreModules/apache/conf.sh b/CoreModules/apache/conf.sh index 2b0fcf6..734379d 100644 --- a/CoreModules/apache/conf.sh +++ b/CoreModules/apache/conf.sh @@ -7,7 +7,7 @@ systemctl stop $apacheService > $OUTPUT 2>&1 if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then a2dissite 000-default > $OUTPUT 2>&1 a2dismod mpm_prefork > $OUTPUT 2>&1 - a2enmod actions fcgid alias proxy_fcgi ssl headers http2 setenvif socache_shmcb rewrite > $OUTPUT 2>&1 + a2enmod actions fcgid alias proxy_fcgi proxy_http ssl headers http2 setenvif socache_shmcb rewrite > $OUTPUT 2>&1 mkdir -p "$apacheConfDir"/snippets/ monitconf=/etc/monit/monitrc elif [ "$shortdist" = "el8" ]; then -- 2.52.0 From 8f9a9e7c95f2817aa4e4d2c81e76606ba00240bf Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 27 Jan 2021 11:29:57 +0100 Subject: [PATCH 05/64] Updated detection of centos to accept all EL8 --- installer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer.sh b/installer.sh index 461aa2c..f33b7c8 100644 --- a/installer.sh +++ b/installer.sh @@ -57,7 +57,7 @@ elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then PKGI="${PKGM} install -y --no-install-recommends" PKGLIST="apt" shortdist=deb10 -elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then +elif [ "$(grep -oP '(?<=^PLATFORM_ID=).+' /etc/os-release | tr -d '"')" = "platform:el8" ]; then PKGM="dnf" PKGUC="$PKGM check-update --refresh" PKGUP="$PKGM update -y" -- 2.52.0 From 39da2f54d73a3c38392aa0a0a960706da183ec08 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 27 Jan 2021 11:41:28 +0100 Subject: [PATCH 06/64] Cleanup EL8 Output --- CMS/nextcloud/conf.sh | 2 +- CMS/none/conf.sh | 2 +- CMS/wordpress/conf.sh | 2 +- installer.sh | 1 - 4 files changed, 3 insertions(+), 4 deletions(-) diff --git a/CMS/nextcloud/conf.sh b/CMS/nextcloud/conf.sh index 39bb16f..32f1619 100644 --- a/CMS/nextcloud/conf.sh +++ b/CMS/nextcloud/conf.sh @@ -42,7 +42,7 @@ chown "$sitename":"$sitename" -R /var/www/"$domain"/html if [ "$shortdist" = "el8" ]; then #Setting SeLiux perms for centos semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/html(/.*)?" > $OUTPUT 2>&1 - restorecon -vr /var/www/ > $OUTPUT 2>&1 + restorecon -r /var/www/ > $OUTPUT 2>&1 fi diff --git a/CMS/none/conf.sh b/CMS/none/conf.sh index 650461a..dd23163 100644 --- a/CMS/none/conf.sh +++ b/CMS/none/conf.sh @@ -22,5 +22,5 @@ fi if [ "$shortdist" = "el8" ]; then #Setting SeLiux perms for centos semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/html(/.*)?" > $OUTPUT 2>&1 - restorecon -vr /var/www/ > $OUTPUT 2>&1 + restorecon -r /var/www/ > $OUTPUT 2>&1 fi \ No newline at end of file diff --git a/CMS/wordpress/conf.sh b/CMS/wordpress/conf.sh index 7860d73..7e11d10 100644 --- a/CMS/wordpress/conf.sh +++ b/CMS/wordpress/conf.sh @@ -54,7 +54,7 @@ chown "$sitename":"$sitename" -R /var/www/"$domain"/html if [ "$shortdist" = "el8" ]; then #Setting SeLiux perms for centos semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/html(/.*)?" > $OUTPUT 2>&1 - restorecon -vr /var/www/ > $OUTPUT 2>&1 + restorecon -r /var/www/ > $OUTPUT 2>&1 fi #Makeing wordpress Finalize script and setting login Notice diff --git a/installer.sh b/installer.sh index f33b7c8..43b9eeb 100644 --- a/installer.sh +++ b/installer.sh @@ -64,7 +64,6 @@ elif [ "$(grep -oP '(?<=^PLATFORM_ID=).+' /etc/os-release | tr -d '"')" = "platf PKGI="${PKGM} install --setopt=install_weak_deps=False --best -y" PKGLIST="dnf" shortdist=el8 - echo "The support for this os is being worked on" else echo "This os in not supported" exit -- 2.52.0 From bd4e431215f226a211c2adefbd90214f4612e3f4 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 27 Jan 2021 12:19:07 +0100 Subject: [PATCH 07/64] Added FrontController CMS --- .../Fpm-Pool.conf-unconfigured | 43 +++++++++++++++++++ CMS/frontcontroller/Nginx-unconfigured | 30 +++++++++++++ CMS/frontcontroller/conf.sh | 40 +++++++++++++++++ CMS/frontcontroller/nginx-conf.sh | 5 +++ ModulesMenu.list | 3 +- 5 files changed, 120 insertions(+), 1 deletion(-) create mode 100644 CMS/frontcontroller/Fpm-Pool.conf-unconfigured create mode 100644 CMS/frontcontroller/Nginx-unconfigured create mode 100644 CMS/frontcontroller/conf.sh create mode 100644 CMS/frontcontroller/nginx-conf.sh diff --git a/CMS/frontcontroller/Fpm-Pool.conf-unconfigured b/CMS/frontcontroller/Fpm-Pool.conf-unconfigured new file mode 100644 index 0000000..6230e7f --- /dev/null +++ b/CMS/frontcontroller/Fpm-Pool.conf-unconfigured @@ -0,0 +1,43 @@ +[SITEname] +user = SITEname +group = SITEname +listen = /var/run/php/phpPHPver-fpm-SITEname.sock +listen.owner = www-data +listen.group = www-data +php_admin_value[disable_functions] = exec,passthru,shell_exec,system +php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log + +; OPCACHE SETTINGS +php_admin_value[opcache.memory_consumption] = 256 +php_admin_value[opcache.enable] = 0 +php_admin_value[opcache.interned_strings_buffer] = 32 +php_admin_value[opcache.max_accelerated_files] = 50000 +php_admin_value[opcache.max_wasted_percentage] = 5 +php_admin_value[opcache.revalidate_freq] = 0 +php_admin_value[opcache.validate_timestamps] = 1 + +; PERFORMANCE LIMITS +php_admin_value[max_input_vars] = 100 +php_admin_value[upload_max_filesize] = 32M +php_admin_value[post_max_size] = 32M +php_admin_value[max_input_time] = 15 +php_admin_value[max_execution_time] = 150 + + +; SECURITY +php_admin_value[cgi.fix_pathinfo] = 1 +php_admin_value[allow_url_fopen] = On +php_admin_value[file_uploads] = On +php_admin_value[open_basedir] = /var/www/DOMAINname/html +;php_admin_value[open_basedir] = /var/www/DOMAINname/html:/tmp +php_admin_value[session.use_strict_mode] = 1 +php_admin_value[session.cookie_httponly] = 1 +;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict +;HTTPSONLY php_admin_value[session.cookie_secure] = 1 + +pm = dynamic +pm.max_children = 5 +pm.start_servers = 2 +pm.min_spare_servers = 11 +pm.max_spare_servers = 3 +chdir = / diff --git a/CMS/frontcontroller/Nginx-unconfigured b/CMS/frontcontroller/Nginx-unconfigured new file mode 100644 index 0000000..fd5f0b5 --- /dev/null +++ b/CMS/frontcontroller/Nginx-unconfigured @@ -0,0 +1,30 @@ +#beginConf + + #access_log /var/log/nginx/SITEname-access.log; + error_log /var/log/nginx/SITEname-error.log; + + index index.php index.html; + root /var/www/DOMAINname/html; + gzip on; + gzip_proxied any; + gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon; + gzip_comp_level 2; + gzip_disable "msie6"; + gzip_buffers 16 8k; + + #include snippets/ngx-backendredir.conf; + + location / { + try_files $uri $uri/ $uri.html /index.php$is_args$query_string; + } + + location ~ \.php$ { + include snippets/fastcgi-php.conf; + fastcgi_pass unix:/var/run/php/phpPHPver-fpm-SITEname.sock; + } + + location ~ /\.ht { + deny all; + } + +#endConf \ No newline at end of file diff --git a/CMS/frontcontroller/conf.sh b/CMS/frontcontroller/conf.sh new file mode 100644 index 0000000..b776752 --- /dev/null +++ b/CMS/frontcontroller/conf.sh @@ -0,0 +1,40 @@ +#Creating DB +db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` +db_name="fc_$db_suffix" +db_user="fc_$db_suffix" +db_pass=$(tr -dc 'A-Za-z0-9!#%()*+,-.:;<=>?@[]^_{|}~' ~/DB_"$sitename" +echo "Database Username $db_user" >> ~/DB_"$sitename" +echo "Database Password $db_pass" >> ~/DB_"$sitename" + +#Setting up Database +mysql -u root -p"$password" -e "CREATE DATABASE "$db_name" DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci;" > $OUTPUT 2>&1 +mysql -u root -p"$password" -e "CREATE USER '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" > $OUTPUT 2>&1 +mysql -u root -p"$password" -e "GRANT ALL ON "$db_name".* TO '"$db_user"'@'localhost';" > $OUTPUT 2>&1 +mysql -u root -p"$password" -e "FLUSH PRIVILEGES;" > $OUTPUT 2>&1 + + +#Creating webfolder +mkdir -p /var/www/"$domain"/public + +#Ceating content +echo "$webserv has been succsefully installed by the Wizard
Ready for FontControler installation" > /var/www/$domain/public/index.html + +#Setup PHP Pool +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/Fpm-Pool.conf-unconfigured -o "$phpPoolDir"/"$sitename".conf +sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/' "$phpPoolDir"/$sitename.conf +groupadd "$sitename" +useradd -g "$sitename" "$sitename" + +systemctl reload $phpFPMService + +#Setting Permsissions +chown "$sitename":"$sitename" -R /var/www/"$domain"/ + +if [ "$shortdist" = "el8" ]; then + #Setting SeLiux perms for centos + semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/(/.*)?" > $OUTPUT 2>&1 + restorecon -r /var/www/ > $OUTPUT 2>&1 +fi diff --git a/CMS/frontcontroller/nginx-conf.sh b/CMS/frontcontroller/nginx-conf.sh new file mode 100644 index 0000000..9cbedd3 --- /dev/null +++ b/CMS/frontcontroller/nginx-conf.sh @@ -0,0 +1,5 @@ +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/Nginx-unconfigured -o /tmp/nginx-siteconf +sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/g' -e 's/SITEname/'$sitename'/g' /tmp/nginx-siteconf +sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext" + +systemctl reload nginx \ No newline at end of file diff --git a/ModulesMenu.list b/ModulesMenu.list index e2bbb9d..4f50d78 100644 --- a/ModulesMenu.list +++ b/ModulesMenu.list @@ -13,6 +13,7 @@ webservers+=("Apache:" "Will install Apache Webserver." OFF) nginxCMSL=("None:" "A plain webserver will be setup." OFF) nginxCMSL+=("Wordpress:" "WordPress is a content management system based on PHP." OFF) nginxCMSL+=("Nextcloud:" "Nextcloud is a suite of client-server software for creating and using file hosting services." OFF) +nginxCMSL+=("FrontController:" "Will prepair enviroment for frontcontroller." OFF) #Options nginxOptions=("Redis:" "Redis caching" OFF) nginxOptions+=("Postfix:" "Mail MTA" OFF) @@ -40,7 +41,7 @@ webservers=("Nginx" "Nginx_nonphp" "Apache" "Quit") ##Nginx #CMSList -nginxCMSL=("None" "Wordpress" "Nextcloud") +nginxCMSL=("None" "Wordpress" "Nextcloud" "FrontController") #Options nginxOptions=("Redis:" "Postfix:") -- 2.52.0 From 71f62088d876cf6dc347935ee34684b7afe08d08 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 27 Jan 2021 12:39:43 +0100 Subject: [PATCH 08/64] Fixed incorrect fetching of FC server conf --- CMS/frontcontroller/conf.sh | 2 +- CMS/frontcontroller/nginx-conf.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CMS/frontcontroller/conf.sh b/CMS/frontcontroller/conf.sh index b776752..e05a832 100644 --- a/CMS/frontcontroller/conf.sh +++ b/CMS/frontcontroller/conf.sh @@ -23,7 +23,7 @@ mkdir -p /var/www/"$domain"/public echo "$webserv has been succsefully installed by the Wizard
Ready for FontControler installation" > /var/www/$domain/public/index.html #Setup PHP Pool -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/Fpm-Pool.conf-unconfigured -o "$phpPoolDir"/"$sitename".conf +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/frontcontroller/Fpm-Pool.conf-unconfigured -o "$phpPoolDir"/"$sitename".conf sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/' "$phpPoolDir"/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" diff --git a/CMS/frontcontroller/nginx-conf.sh b/CMS/frontcontroller/nginx-conf.sh index 9cbedd3..dbb5ee7 100644 --- a/CMS/frontcontroller/nginx-conf.sh +++ b/CMS/frontcontroller/nginx-conf.sh @@ -1,4 +1,4 @@ -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/Nginx-unconfigured -o /tmp/nginx-siteconf +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/frontcontroller/Nginx-unconfigured -o /tmp/nginx-siteconf sed -i -e 's/PHPver/'$phpver'/g' -e 's/DOMAINname/'$domain'/g' -e 's/SITEname/'$sitename'/g' /tmp/nginx-siteconf sed -i -e "0,/^#ConfHere/s/\(^#Conf.*\)/#ConfHere1 /" -e '/#ConfHere1/ r /tmp/nginx-siteconf' -e '/#ConfHere/c\' /etc/nginx/sites-available/"$sitename"_"$site_ext" -- 2.52.0 From 03ff10e36db46ef62e998bb8099a0d0a263ffcf4 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 27 Jan 2021 12:47:30 +0100 Subject: [PATCH 09/64] Fixed config for FC CMS --- CMS/frontcontroller/Fpm-Pool.conf-unconfigured | 14 +++++++------- CMS/frontcontroller/Nginx-unconfigured | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/CMS/frontcontroller/Fpm-Pool.conf-unconfigured b/CMS/frontcontroller/Fpm-Pool.conf-unconfigured index 6230e7f..565f728 100644 --- a/CMS/frontcontroller/Fpm-Pool.conf-unconfigured +++ b/CMS/frontcontroller/Fpm-Pool.conf-unconfigured @@ -28,16 +28,16 @@ php_admin_value[max_execution_time] = 150 php_admin_value[cgi.fix_pathinfo] = 1 php_admin_value[allow_url_fopen] = On php_admin_value[file_uploads] = On -php_admin_value[open_basedir] = /var/www/DOMAINname/html -;php_admin_value[open_basedir] = /var/www/DOMAINname/html:/tmp +php_admin_value[open_basedir] = /var/www/DOMAINname +;php_admin_value[open_basedir] = /var/www/DOMAINname:/tmp php_admin_value[session.use_strict_mode] = 1 php_admin_value[session.cookie_httponly] = 1 ;HTTPSONLY php_admin_value[session.cookie_samesite] = Strict ;HTTPSONLY php_admin_value[session.cookie_secure] = 1 pm = dynamic -pm.max_children = 5 -pm.start_servers = 2 -pm.min_spare_servers = 11 -pm.max_spare_servers = 3 -chdir = / +pm.max_children = 11 +pm.start_servers = 3 +pm.min_spare_servers = 3 +pm.max_spare_servers = 11 +chdir = / \ No newline at end of file diff --git a/CMS/frontcontroller/Nginx-unconfigured b/CMS/frontcontroller/Nginx-unconfigured index fd5f0b5..1d7494e 100644 --- a/CMS/frontcontroller/Nginx-unconfigured +++ b/CMS/frontcontroller/Nginx-unconfigured @@ -4,7 +4,7 @@ error_log /var/log/nginx/SITEname-error.log; index index.php index.html; - root /var/www/DOMAINname/html; + root /var/www/DOMAINname/public; gzip on; gzip_proxied any; gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon; -- 2.52.0 From 8dfef7c493ba2690efe337d880006daaa8ec1dfc Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 29 Jan 2021 18:23:16 +0100 Subject: [PATCH 10/64] Added OpenDKIM to Postfix module --- SubModules/postfix/appendCMS-Pre_conf.sh | 18 +++++++ SubModules/postfix/apt.pkg.list | 2 +- SubModules/postfix/conf.sh | 61 +++++++++++++++++++++--- SubModules/postfix/config/opendkim.conf | 12 +++++ SubModules/postfix/generic.pkg.list | 2 +- SubModules/postfix/opendkim-init.sh | 35 ++++++++++++++ installer.sh | 2 +- 7 files changed, 123 insertions(+), 9 deletions(-) create mode 100644 SubModules/postfix/appendCMS-Pre_conf.sh create mode 100644 SubModules/postfix/config/opendkim.conf create mode 100644 SubModules/postfix/opendkim-init.sh diff --git a/SubModules/postfix/appendCMS-Pre_conf.sh b/SubModules/postfix/appendCMS-Pre_conf.sh new file mode 100644 index 0000000..7657c89 --- /dev/null +++ b/SubModules/postfix/appendCMS-Pre_conf.sh @@ -0,0 +1,18 @@ +if [ -z "${sitename}" ]; then sitename=${domain//./_};fi +#ADD DOMAIN +sudo --user opendkim mkdir /etc/opendkim/keys/"$domain" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$domain" -d "$domain" -s vps +echo "$domain" >> /etc/opendkim/TrustedHosts +echo "vps._domainkey."$domain" "$domain":vps:/etc/opendkim/keys/"$domain"/vps.private" >> /etc/opendkim/KeyTable + +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh + +cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" +#!/bin/sh +red='\e[1;31m%s\e[0m\n' +printf "\n" +printf \$red "To enable mail for $domain please run Please run bash ~/OpenDKIMInit-$sitename.sh after the first wordpress login" +printf "\n" +EOF +chmod +x /etc/update-motd.d/51-opendkim-"$sitename" \ No newline at end of file diff --git a/SubModules/postfix/apt.pkg.list b/SubModules/postfix/apt.pkg.list index b318606..9e3fe93 100644 --- a/SubModules/postfix/apt.pkg.list +++ b/SubModules/postfix/apt.pkg.list @@ -1 +1 @@ -mailutils \ No newline at end of file +mailutils opendkim-tools \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index f7c847c..4a041d5 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -1,10 +1,15 @@ + +systemctl stop postfix opendkim + + ##-------------## # Postfix # ##-------------## -sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf -sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf -sed -i 's/relayhost =/mydestination = '$hostname', localhost.'$hostname', '$hostname'/g' /etc/postfix/main.cf +sed -i "/^inet_interfaces =/c\inet_interfaces = loopback-only" /etc/postfix/main.cf +sed -i "/recipient_delimiter =/c\recipient_delimiter = +" /etc/postfix/main.cf +sed -i "/^mydestination =/c\mydestination = \"$hostname\", localhost.\"$hostname\", \"$hostname\"" /etc/postfix/main.cf +echo "$hostname" > /etc/mailname echo "bounce_notice_recipient = info@$domain" >> /etc/postfix/main.cf cat < /etc/aliases # See man 5 aliases for format @@ -13,6 +18,50 @@ root: $email EOF newaliases -systemctl start postfix -systemctl enable postfix -systemctl reload postfix \ No newline at end of file +cat <> +milter_default_action = accept +milter_protocol = 2 +smtpd_milters = unix:/var/run/opendkim/opendkim.sock +non_smtpd_milters = unix:/var/run/opendkim/opendkim.sock +EOF + + +##--------------## +# OpenDKIM # +##--------------## + +adduser postfix opendkim +mkdir /etc/opendkim/keys +chown opendkim:opendkim /etc/opendkim/keys -R +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf +cat < /etc/opendkim/TrustedHosts +127.0.0.1 +::1 +localhost +$(curl -s -4 icanhazip.com) +$(curl -s -6 icanhazip.com) +${hostname} +EOF + + +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then + mkdir /var/spool/postfix/opendkim + sudo chown opendkim:postfix /var/spool/postfix/opendkim + sed -i "/^RUNDIR=/c\RUNDIR=/var/spool/postfix/var/run/opendkim" /etc/default/opendkim + echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim/conf + bash /lib/opendkim/opendkim.service.generate + systemctl daemon-reload +fi + +cat << EOF > /etc/update-motd.d/51-generalSPF +#!/bin/sh +red='\e[1;31m%s\e[0m\n' +printf "\n" +printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" +printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalSPF\"" +printf "\n" +EOF +chmod +x /etc/update-motd.d/51-generalSPF + +systemctl start postfix opendkim +systemctl enable postfix opendkim diff --git a/SubModules/postfix/config/opendkim.conf b/SubModules/postfix/config/opendkim.conf new file mode 100644 index 0000000..9446ba4 --- /dev/null +++ b/SubModules/postfix/config/opendkim.conf @@ -0,0 +1,12 @@ +Syslog yes +UMask 007 +Socket local:/var/run/opendkim/opendkim.sock +PidFile /var/run/opendkim/opendkim.pid +OversignHeaders From +UserID opendkim +Canonicalization relaxed/simple +Mode s +KeyTable refile:/etc/opendkim/KeyTable +SigningTable refile:/etc/opendkim/SigningTable +ExternalIgnoreList refile:/etc/opendkim/TrustedHosts +InternalHosts refile:/etc/opendkim/TrustedHosts diff --git a/SubModules/postfix/generic.pkg.list b/SubModules/postfix/generic.pkg.list index 638b1b7..c07114a 100644 --- a/SubModules/postfix/generic.pkg.list +++ b/SubModules/postfix/generic.pkg.list @@ -1 +1 @@ -postfix \ No newline at end of file +postfix opendkim \ No newline at end of file diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh new file mode 100644 index 0000000..34b4c48 --- /dev/null +++ b/SubModules/postfix/opendkim-init.sh @@ -0,0 +1,35 @@ +if [ -n "$1" ]; then + if [[ "$1" = "--enable" ]]; then + echo "Enableing DKIM" + + echo "*@DOMAINname vps._domainkey.DOMAINname >>/etc/opendkim/SigningTable\ + systemctl reload opendkim + #Remove script + while true; do + read -p "Remove this script -> yes/no?" yn + case $yn in + [Nn]* ) + break;; + [Yy]* ) + rm -- "$0" + break;; + * )echo "Choose yes or no.";; + esac + done + exit + fi +fi +echo "Required to enable mailing for this system" +echo "Please add the folloing to your SPF Record in the DNS of DOMAINname" +echo "" +echo "Optional to enable dkim" +echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" +echo "Please add the folloing TXT Record to the DNS of DOMAINname" +echo "WARNING the output is split, please combine key before inserting into DNS" +cat /etc/opendkim/keys/DOMAINname/vps.txt + +echo "" +echo "If DNS is propegated then run \"bash $0 --enable\"" + +rm -f /etc/update-motd.d/51-opendkim-SITEName + diff --git a/installer.sh b/installer.sh index 43b9eeb..dd063b5 100644 --- a/installer.sh +++ b/installer.sh @@ -24,7 +24,7 @@ fi #Git-repo repo=https://git.ictmaatwerk.com/VPS-scripts/Web-V2 -branch=master +branch=PostfixTesting branchtype=branch #=branch for branch and =tag for release #Installer-config phpver=7.4 -- 2.52.0 From 5a711db69677568a446920a1efc4dc31b09a924d Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Mon, 1 Feb 2021 21:45:07 +0100 Subject: [PATCH 11/64] Fixed oopsie --- CMS/Backend/conf.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/CMS/Backend/conf.sh b/CMS/Backend/conf.sh index cacae23..d06ab41 100644 --- a/CMS/Backend/conf.sh +++ b/CMS/Backend/conf.sh @@ -10,6 +10,6 @@ chown Backend:Backend -R /var/lib/phpmyadmin/tmp chown Backend:Backend -R /var/log/PhpMyAdmin systemctl reload "$phpFPMService" #Auto disable backends at night -echo "0 0 * * * root bash /opt/toggle/toggle-Netdata.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend -echo "0 0 * * * root bash /opt/toggle/toggle-PhpMyAdmin.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend -echo "0 0 * * * root bash /opt/toggle/toggle-MonitWebui.sh -d > >/dev/null 2>&1" >> /etc/cron.d/autodisablebackend \ No newline at end of file +echo "0 0 * * * root bash /opt/toggle/toggle-Netdata.sh -d > /dev/null 2>&1" >> /etc/cron.d/autodisablebackend +echo "0 0 * * * root bash /opt/toggle/toggle-PhpMyAdmin.sh -d > /dev/null 2>&1" >> /etc/cron.d/autodisablebackend +echo "0 0 * * * root bash /opt/toggle/toggle-MonitWebui.sh -d > /dev/null 2>&1" >> /etc/cron.d/autodisablebackend \ No newline at end of file -- 2.52.0 From 9c36d12d5215cc6a1ae8ee75c5f1964950533b6f Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 4 Feb 2021 15:25:57 +0100 Subject: [PATCH 12/64] added CMSHook for postfix module and updated conf CMSHook wil be inplemented so CMS releated Module configuration, this wil be loaded when using appendCMS and the main intaller --- SubModules/postfix/CMSHook-conf.sh | 23 ++++++++++++++++++++ SubModules/postfix/CMSHook-preconf.sh | 27 ++++++++++++++++++++++++ SubModules/postfix/appendCMS-Pre_conf.sh | 18 ---------------- SubModules/postfix/conf.sh | 26 ++++++++++++++++++++++- SubModules/postfix/opendkim-init.sh | 2 +- SubModules/postfix/preconf.sh | 9 ++------ 6 files changed, 78 insertions(+), 27 deletions(-) create mode 100644 SubModules/postfix/CMSHook-conf.sh create mode 100644 SubModules/postfix/CMSHook-preconf.sh delete mode 100644 SubModules/postfix/appendCMS-Pre_conf.sh diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh new file mode 100644 index 0000000..5164b4a --- /dev/null +++ b/SubModules/postfix/CMSHook-conf.sh @@ -0,0 +1,23 @@ +#ADD DOMAIN +sudo --user opendkim mkdir /etc/opendkim/keys/"$maildomain" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$maildomain" -d "$maildomain" -s vps +echo "$maildomain" >> /etc/opendkim/TrustedHosts +echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim/keys/"$maildomain"/vps.private" >> /etc/opendkim/KeyTable + +if [ $webserv != nginx_nonphp ]; then + echo "php_admin_value[mail.force_extra_parameters] = \"-f$mailas -F'$maildomain'\"" >> "$phpPoolDir"/"$sitename".conf +fi + + +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh + +cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" +#!/bin/sh +red='\e[1;31m%s\e[0m\n' +printf "\n" +printf \$red "To enable mail for $domain please run please run bash ~/OpenDKIMInit-$sitename.sh" +printf "\n" +EOF +chmod +x /etc/update-motd.d/51-opendkim-"$sitename" +systemctl reload opendkim $phpFPMService \ No newline at end of file diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh new file mode 100644 index 0000000..a95924d --- /dev/null +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -0,0 +1,27 @@ +if [ -z "${sitename}" ]; then sitename=${domain//./_};fi +if [ $IMODE = n ]; then + if (whiptail --title "Config" --yesno " Send mail as info@$domain of $domain" 11 78); then + mailas=info@$domain + maildomain=$domain +else + mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail" 11 78 --title "Config" 3>&1 1>&2 2>&3) + sed -e 's/[^@]*@//' <<< "$mail" +fi + +fi +if [ $IMODE = l ]; then + while true; do + read -p "Hostname with nxdi.nl -> yes/no?" yn + case $yn in + [Yy]* ) + mailas=info@$domain + maildomain=$domain + break;; + [Nn]* ) + echo 'Enter full hostname:' + read hostname + break;; + * )echo "Choose yes or no.";; + esac + done +fi diff --git a/SubModules/postfix/appendCMS-Pre_conf.sh b/SubModules/postfix/appendCMS-Pre_conf.sh deleted file mode 100644 index 7657c89..0000000 --- a/SubModules/postfix/appendCMS-Pre_conf.sh +++ /dev/null @@ -1,18 +0,0 @@ -if [ -z "${sitename}" ]; then sitename=${domain//./_};fi -#ADD DOMAIN -sudo --user opendkim mkdir /etc/opendkim/keys/"$domain" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$domain" -d "$domain" -s vps -echo "$domain" >> /etc/opendkim/TrustedHosts -echo "vps._domainkey."$domain" "$domain":vps:/etc/opendkim/keys/"$domain"/vps.private" >> /etc/opendkim/KeyTable - -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh - -cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" -#!/bin/sh -red='\e[1;31m%s\e[0m\n' -printf "\n" -printf \$red "To enable mail for $domain please run Please run bash ~/OpenDKIMInit-$sitename.sh after the first wordpress login" -printf "\n" -EOF -chmod +x /etc/update-motd.d/51-opendkim-"$sitename" \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 4a041d5..e6cabcc 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -10,7 +10,11 @@ sed -i "/^inet_interfaces =/c\inet_interfaces = loopback-only" /etc/postfix/main sed -i "/recipient_delimiter =/c\recipient_delimiter = +" /etc/postfix/main.cf sed -i "/^mydestination =/c\mydestination = \"$hostname\", localhost.\"$hostname\", \"$hostname\"" /etc/postfix/main.cf echo "$hostname" > /etc/mailname -echo "bounce_notice_recipient = info@$domain" >> /etc/postfix/main.cf +if [ "$(echo "$hostname" | grep -o "\." | wc -l)" -eq 1 ]; then + echo "bounce_notice_recipient = admin@$hostname" >> /etc/postfix/main.cf +else + echo "bounce_notice_recipient = admin@$(sed 's/.*\.\(.*\..*\)/\1/' <<< $hostname)" >> /etc/postfix/main.cf +fi cat < /etc/aliases # See man 5 aliases for format postmaster: root @@ -34,6 +38,7 @@ adduser postfix opendkim mkdir /etc/opendkim/keys chown opendkim:opendkim /etc/opendkim/keys -R curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf +dkimname sed 's/\..*$//' <<< "$url" cat < /etc/opendkim/TrustedHosts 127.0.0.1 ::1 @@ -53,11 +58,21 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist systemctl daemon-reload fi +$odksec=$(sed 's/\..*$//' <<< $hostname) +sudo --user opendkim mkdir /etc/opendkim/keys/"$hostname" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$hostname" -d "$hostname" -s $odksec +echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim/keys/"$hostname"/"$odksec".private" >> /etc/opendkim/KeyTable +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-host.sh +sed -i -e 's/DOMAINname/'$hostname'/' 's/SITEName/'host'/' 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh +unset odksec + + cat << EOF > /etc/update-motd.d/51-generalSPF #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" +printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalSPF\"" printf "\n" EOF @@ -65,3 +80,12 @@ chmod +x /etc/update-motd.d/51-generalSPF systemctl start postfix opendkim systemctl enable postfix opendkim + +#if using Append module run for existing cms/sites +if [ -z "${postfixappended}" ]; then + for sitename in /etc/ICTM/sites/*; do + domain=${sitename//_/.} + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-preconf.sh) + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-conf.sh) + done +fi \ No newline at end of file diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index 34b4c48..ba52059 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -2,7 +2,7 @@ if [ -n "$1" ]; then if [[ "$1" = "--enable" ]]; then echo "Enableing DKIM" - echo "*@DOMAINname vps._domainkey.DOMAINname >>/etc/opendkim/SigningTable\ + echo "*@DOMAINname vps._domainkey.DOMAINname" >>/etc/opendkim/SigningTable systemctl reload opendkim #Remove script while true; do diff --git a/SubModules/postfix/preconf.sh b/SubModules/postfix/preconf.sh index 1d01d0c..0276a07 100644 --- a/SubModules/postfix/preconf.sh +++ b/SubModules/postfix/preconf.sh @@ -1,13 +1,8 @@ if [ -z "${domain}" ]; then - if [ $IMODE = n ]; then - domain=$(whiptail --nocancel --inputbox " Enter the domain without WWW " 11 82 --title "Config" 3>&1 1>&2 2>&3) - elif [ $IMODE = l ]; then - echo "Enter the domain without WWW:" - read domain - fi + postfixappended=1 fi if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then - debconf-set-selections <<< "postfix postfix/mailname string $domain" + debconf-set-selections <<< "postfix postfix/mailname string $hostname" debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" fi \ No newline at end of file -- 2.52.0 From 7e6be6bf72ccde3c2af1fb777d47630b1e6483d7 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 16:54:06 +0100 Subject: [PATCH 13/64] Updated Inst:AppendCMS Mod:Postfix Inst:AppendCMS added var store when adding CMS Mod:Postfix Added fix to conf.sh --- AppendCMS.sh | 6 ++++++ SubModules/postfix/conf.sh | 4 +++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 0966189..979e4c8 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -156,6 +156,12 @@ fi #Cleaning options from menu CMS="${CMS//:}" && CMS="${CMS,,}" +##-----------------## +# Storeing vars # +##-----------------## + +touch /etc/ICTM/sites/"$sitename" + ##-----------## # AptList # diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index e6cabcc..685d080 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -22,7 +22,9 @@ root: $email EOF newaliases -cat <> +cat <> /etc/postfix/main.cf + +#openDKIM milter_default_action = accept milter_protocol = 2 smtpd_milters = unix:/var/run/opendkim/opendkim.sock -- 2.52.0 From 2988258ffd5fe0ee8c988535be811076244eddbc Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 17:12:34 +0100 Subject: [PATCH 14/64] Mod:Postfix Updated Config.sh fixed mkdir, various typos and existing CMS/site detection --- SubModules/postfix/conf.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 685d080..6970ec2 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -37,10 +37,9 @@ EOF ##--------------## adduser postfix opendkim -mkdir /etc/opendkim/keys +mkdir -p /etc/opendkim/keys chown opendkim:opendkim /etc/opendkim/keys -R curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf -dkimname sed 's/\..*$//' <<< "$url" cat < /etc/opendkim/TrustedHosts 127.0.0.1 ::1 @@ -60,7 +59,7 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist systemctl daemon-reload fi -$odksec=$(sed 's/\..*$//' <<< $hostname) +odksec=$(sed 's/\..*$//' <<< $hostname) sudo --user opendkim mkdir /etc/opendkim/keys/"$hostname" sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$hostname" -d "$hostname" -s $odksec echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim/keys/"$hostname"/"$odksec".private" >> /etc/opendkim/KeyTable @@ -84,8 +83,9 @@ systemctl start postfix opendkim systemctl enable postfix opendkim #if using Append module run for existing cms/sites -if [ -z "${postfixappended}" ]; then - for sitename in /etc/ICTM/sites/*; do +if [ ! -z "${postfixappended}" ]; then + for file in /etc/ICTM/sites/*; do + sitename="${file##*/}" domain=${sitename//_/.} source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-preconf.sh) source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-conf.sh) -- 2.52.0 From c60b57d41b65003b41d1a4bcfa458e30f740e698 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 17:23:40 +0100 Subject: [PATCH 15/64] Mod:Postfix Fixed incorrect links & dkim conf dir Updated location of OpenDKIM config files to default /etc/opendkim.d from /etc/opendkim Updated config file to reflect filename hanges in repo --- SubModules/postfix/CMSHook-conf.sh | 10 +++++----- SubModules/postfix/conf.sh | 25 +++++++++++++------------ SubModules/postfix/config/opendkim.conf | 8 ++++---- SubModules/postfix/opendkim-init.sh | 4 ++-- 4 files changed, 24 insertions(+), 23 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 5164b4a..38e4efc 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -1,15 +1,15 @@ #ADD DOMAIN -sudo --user opendkim mkdir /etc/opendkim/keys/"$maildomain" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$maildomain" -d "$maildomain" -s vps -echo "$maildomain" >> /etc/opendkim/TrustedHosts -echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim/keys/"$maildomain"/vps.private" >> /etc/opendkim/KeyTable +sudo --user opendkim mkdir /etc/opendkim.d/keys/"$maildomain" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$maildomain" -d "$maildomain" -s vps +echo "$maildomain" >> /etc/opendkim.d/TrustedHosts +echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim.d/keys/"$maildomain"/vps.private" >> /etc/opendkim.d/KeyTable if [ $webserv != nginx_nonphp ]; then echo "php_admin_value[mail.force_extra_parameters] = \"-f$mailas -F'$maildomain'\"" >> "$phpPoolDir"/"$sitename".conf fi -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 6970ec2..1959030 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -37,10 +37,11 @@ EOF ##--------------## adduser postfix opendkim -mkdir -p /etc/opendkim/keys -chown opendkim:opendkim /etc/opendkim/keys -R -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf -cat < /etc/opendkim/TrustedHosts +rm -rm /etc/opendkim.d +mkdir -p /etc/opendkim.d/keys +chown opendkim:opendkim /etc/opendkim.d/keys -R +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.d.conf +cat < /etc/opendkim.d/TrustedHosts 127.0.0.1 ::1 localhost @@ -54,17 +55,17 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist mkdir /var/spool/postfix/opendkim sudo chown opendkim:postfix /var/spool/postfix/opendkim sed -i "/^RUNDIR=/c\RUNDIR=/var/spool/postfix/var/run/opendkim" /etc/default/opendkim - echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim/conf + echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim.d/conf bash /lib/opendkim/opendkim.service.generate systemctl daemon-reload fi odksec=$(sed 's/\..*$//' <<< $hostname) -sudo --user opendkim mkdir /etc/opendkim/keys/"$hostname" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim/keys/"$hostname" -d "$hostname" -s $odksec -echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim/keys/"$hostname"/"$odksec".private" >> /etc/opendkim/KeyTable -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim-init.sh -o ~/OpenDKIMInit-host.sh -sed -i -e 's/DOMAINname/'$hostname'/' 's/SITEName/'host'/' 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh +sudo --user opendkim mkdir /etc/opendkim.d/keys/"$hostname" +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odksec +echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim.d/keys/"$hostname"/"$odksec".private" >> /etc/opendkim.d/KeyTable +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-host.sh +sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh unset odksec @@ -87,7 +88,7 @@ if [ ! -z "${postfixappended}" ]; then for file in /etc/ICTM/sites/*; do sitename="${file##*/}" domain=${sitename//_/.} - source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-preconf.sh) - source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/appendCMS-conf.sh) + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/CMSHook-preconf.sh) + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/CMSHook-conf.sh) done fi \ No newline at end of file diff --git a/SubModules/postfix/config/opendkim.conf b/SubModules/postfix/config/opendkim.conf index 9446ba4..799422c 100644 --- a/SubModules/postfix/config/opendkim.conf +++ b/SubModules/postfix/config/opendkim.conf @@ -6,7 +6,7 @@ OversignHeaders From UserID opendkim Canonicalization relaxed/simple Mode s -KeyTable refile:/etc/opendkim/KeyTable -SigningTable refile:/etc/opendkim/SigningTable -ExternalIgnoreList refile:/etc/opendkim/TrustedHosts -InternalHosts refile:/etc/opendkim/TrustedHosts +KeyTable refile:/etc/opendkim.d/KeyTable +SigningTable refile:/etc/opendkim.d/SigningTable +ExternalIgnoreList refile:/etc/opendkim.d/TrustedHosts +InternalHosts refile:/etc/opendkim.d/TrustedHosts diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index ba52059..8460fc8 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -2,7 +2,7 @@ if [ -n "$1" ]; then if [[ "$1" = "--enable" ]]; then echo "Enableing DKIM" - echo "*@DOMAINname vps._domainkey.DOMAINname" >>/etc/opendkim/SigningTable + echo "*@DOMAINname vps._domainkey.DOMAINname" >>/etc/opendkim.d/SigningTable systemctl reload opendkim #Remove script while true; do @@ -26,7 +26,7 @@ echo "Optional to enable dkim" echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" echo "Please add the folloing TXT Record to the DNS of DOMAINname" echo "WARNING the output is split, please combine key before inserting into DNS" -cat /etc/opendkim/keys/DOMAINname/vps.txt +cat /etc/opendkim.d/keys/DOMAINname/vps.txt echo "" echo "If DNS is propegated then run \"bash $0 --enable\"" -- 2.52.0 From 10838eb815cd3e6b469b2b87184a192aea01edbe Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 17:33:26 +0100 Subject: [PATCH 16/64] Mod:Postfix updated CMSHook and fixed sed (again) --- SubModules/postfix/CMSHook-preconf.sh | 11 ++++++----- SubModules/postfix/conf.sh | 4 ++-- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh index a95924d..1292d46 100644 --- a/SubModules/postfix/CMSHook-preconf.sh +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -1,25 +1,26 @@ if [ -z "${sitename}" ]; then sitename=${domain//./_};fi if [ $IMODE = n ]; then - if (whiptail --title "Config" --yesno " Send mail as info@$domain of $domain" 11 78); then + if (whiptail --title "Config" --yesno " Send mail as info@$domain for $domain" 11 78); then mailas=info@$domain maildomain=$domain else mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail" 11 78 --title "Config" 3>&1 1>&2 2>&3) - sed -e 's/[^@]*@//' <<< "$mail" + maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") fi fi if [ $IMODE = l ]; then while true; do - read -p "Hostname with nxdi.nl -> yes/no?" yn + read -p "Send mail as info@$domain for $domain" yn case $yn in [Yy]* ) mailas=info@$domain maildomain=$domain break;; [Nn]* ) - echo 'Enter full hostname:' - read hostname + echo 'Enter mail addres for sending mail' + read mail + maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") break;; * )echo "Choose yes or no.";; esac diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 1959030..db7df5e 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -37,7 +37,7 @@ EOF ##--------------## adduser postfix opendkim -rm -rm /etc/opendkim.d +rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.d.conf @@ -65,7 +65,7 @@ sudo --user opendkim mkdir /etc/opendkim.d/keys/"$hostname" sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odksec echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim.d/keys/"$hostname"/"$odksec".private" >> /etc/opendkim.d/KeyTable curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-host.sh -sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh +sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' -e 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh unset odksec -- 2.52.0 From 616f0a216225bbcb22aae19403111dff2f6c4c1d Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 18:05:23 +0100 Subject: [PATCH 17/64] Mod:Postfix Fixed ODK Sock for deb & Clean CMSHOOK --- SubModules/postfix/CMSHook-conf.sh | 2 +- SubModules/postfix/CMSHook-preconf.sh | 24 ++++++++++++------------ SubModules/postfix/conf.sh | 4 ++-- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 38e4efc..2fa4488 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -10,7 +10,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" #!/bin/sh diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh index 1292d46..7d0bb76 100644 --- a/SubModules/postfix/CMSHook-preconf.sh +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -1,28 +1,28 @@ if [ -z "${sitename}" ]; then sitename=${domain//./_};fi if [ $IMODE = n ]; then - if (whiptail --title "Config" --yesno " Send mail as info@$domain for $domain" 11 78); then - mailas=info@$domain - maildomain=$domain -else - mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail" 11 78 --title "Config" 3>&1 1>&2 2>&3) - maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") + if (whiptail --title "Config" --yesno " Send mail as info@$domain for $domain?" 11 78); then + mailas=info@$domain + maildomain=$domain + else + mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail?" 11 78 --title "Config" 3>&1 1>&2 2>&3) + maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") + fi fi -fi if [ $IMODE = l ]; then while true; do - read -p "Send mail as info@$domain for $domain" yn + read -p "Send mail as info@$domain for $domain? (y/n)" yn case $yn in [Yy]* ) mailas=info@$domain maildomain=$domain break;; [Nn]* ) - echo 'Enter mail addres for sending mail' - read mail - maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") + echo 'Enter mail addres for sending mail? ' + read mail + maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") break;; * )echo "Choose yes or no.";; esac done -fi +fi \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index db7df5e..27e04d5 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -52,8 +52,8 @@ EOF if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then - mkdir /var/spool/postfix/opendkim - sudo chown opendkim:postfix /var/spool/postfix/opendkim + mkdir -p /var/spool/postfix/var/run/opendkim + sudo chown opendkim:postfix /var/spool/postfix/var/run/opendkim sed -i "/^RUNDIR=/c\RUNDIR=/var/spool/postfix/var/run/opendkim" /etc/default/opendkim echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim.d/conf bash /lib/opendkim/opendkim.service.generate -- 2.52.0 From 46042d3ca92d0ba7f7e64b280e71a0afd84cf884 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 18:39:35 +0100 Subject: [PATCH 18/64] Mod:Postfix fixed PHP cfg Update & motd warn msgs --- SubModules/postfix/CMSHook-conf.sh | 5 +++-- SubModules/postfix/conf.sh | 6 +++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 2fa4488..f5f1956 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -5,14 +5,15 @@ echo "$maildomain" >> /etc/opendkim.d/TrustedHosts echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim.d/keys/"$maildomain"/vps.private" >> /etc/opendkim.d/KeyTable if [ $webserv != nginx_nonphp ]; then + echo "" >> "$phpPoolDir"/"$sitename".conf echo "php_admin_value[mail.force_extra_parameters] = \"-f$mailas -F'$maildomain'\"" >> "$phpPoolDir"/"$sitename".conf fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'${sitename//_}'/' ~/OpenDKIMInit-$sitename.sh -cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" +cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 27e04d5..91c6d8a 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -69,16 +69,16 @@ sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' -e 's/vps/'$odksec unset odksec -cat << EOF > /etc/update-motd.d/51-generalSPF +cat << EOF > /etc/update-motd.d/51-generalspf #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" -printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalSPF\"" +printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" EOF -chmod +x /etc/update-motd.d/51-generalSPF +chmod +x /etc/update-motd.d/51-generalspf systemctl start postfix opendkim systemctl enable postfix opendkim -- 2.52.0 From 4ff12369d69bc2a218c1309333ebaf14b936bb39 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 18:39:35 +0100 Subject: [PATCH 19/64] Mod:Postfix fixed PHP cfg Update & motd warn msgs --- SubModules/postfix/CMSHook-conf.sh | 7 ++++--- SubModules/postfix/conf.sh | 6 +++--- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 2fa4488..da61e81 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -5,19 +5,20 @@ echo "$maildomain" >> /etc/opendkim.d/TrustedHosts echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim.d/keys/"$maildomain"/vps.private" >> /etc/opendkim.d/KeyTable if [ $webserv != nginx_nonphp ]; then + echo "" >> "$phpPoolDir"/"$sitename".conf echo "php_admin_value[mail.force_extra_parameters] = \"-f$mailas -F'$maildomain'\"" >> "$phpPoolDir"/"$sitename".conf fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'$sitename'/' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'${sitename//_}'/' ~/OpenDKIMInit-$sitename.sh -cat << EOF > /etc/update-motd.d/51-opendkim-"$sitename" +cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for $domain please run please run bash ~/OpenDKIMInit-$sitename.sh" printf "\n" EOF -chmod +x /etc/update-motd.d/51-opendkim-"$sitename" +chmod +x /etc/update-motd.d/51-opendkim-"${sitename//_}" systemctl reload opendkim $phpFPMService \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 27e04d5..91c6d8a 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -69,16 +69,16 @@ sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' -e 's/vps/'$odksec unset odksec -cat << EOF > /etc/update-motd.d/51-generalSPF +cat << EOF > /etc/update-motd.d/51-generalspf #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" -printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalSPF\"" +printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" EOF -chmod +x /etc/update-motd.d/51-generalSPF +chmod +x /etc/update-motd.d/51-generalspf systemctl start postfix opendkim systemctl enable postfix opendkim -- 2.52.0 From 98c5dec4d9511c333d90d51450e89c76c0a3d618 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 19:58:48 +0100 Subject: [PATCH 20/64] Mod:Postfix add global option to Seds & fixed cfg --- SubModules/postfix/CMSHook-conf.sh | 2 +- SubModules/postfix/conf.sh | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index da61e81..e444b23 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -11,7 +11,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/' -e 's/SITEName/'${sitename//_}'/' ~/OpenDKIMInit-$sitename.sh +sed -i -g -e 's/DOMAINname/'$domain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 91c6d8a..eb1fc77 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -40,7 +40,7 @@ adduser postfix opendkim rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.d.conf +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim cat < /etc/opendkim.d/TrustedHosts 127.0.0.1 ::1 @@ -55,7 +55,7 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist mkdir -p /var/spool/postfix/var/run/opendkim sudo chown opendkim:postfix /var/spool/postfix/var/run/opendkim sed -i "/^RUNDIR=/c\RUNDIR=/var/spool/postfix/var/run/opendkim" /etc/default/opendkim - echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim.d/conf + echo "TrustAnchorFile /usr/share/dns/root.key" >> /etc/opendkim.conf bash /lib/opendkim/opendkim.service.generate systemctl daemon-reload fi @@ -65,7 +65,7 @@ sudo --user opendkim mkdir /etc/opendkim.d/keys/"$hostname" sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odksec echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim.d/keys/"$hostname"/"$odksec".private" >> /etc/opendkim.d/KeyTable curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-host.sh -sed -i -e 's/DOMAINname/'$hostname'/' -e 's/SITEName/'host'/' -e 's/vps/'$odksec'/' ~/OpenDKIMInit-host.sh +sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/vps/'$odksec'/g' ~/OpenDKIMInit-host.sh unset odksec -- 2.52.0 From 402a4b68e56d77e6c51a04219c7375bc2d4c7501 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 20:35:04 +0100 Subject: [PATCH 21/64] Mod:Postfix Fixed typo --- SubModules/postfix/CMSHook-conf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index e444b23..9216964 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -11,7 +11,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -g -e 's/DOMAINname/'$domain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$domain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh -- 2.52.0 From 84cda6333f75967c3fe3786295c3946863c6449a Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 20:58:24 +0100 Subject: [PATCH 22/64] Mod:Postfix bugfixes --- SubModules/postfix/CMSHook-conf.sh | 2 +- SubModules/postfix/CMSHook-preconf.sh | 4 ++-- SubModules/postfix/conf.sh | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index 9216964..d66962d 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -11,7 +11,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$domain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$maildomain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh index 7d0bb76..41bf3ed 100644 --- a/SubModules/postfix/CMSHook-preconf.sh +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -19,8 +19,8 @@ if [ $IMODE = l ]; then break;; [Nn]* ) echo 'Enter mail addres for sending mail? ' - read mail - maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") + read mailas + maildomain=$(sed -e 's/[^@]*@//' <<< "$mailas") break;; * )echo "Choose yes or no.";; esac diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index eb1fc77..7cb0f25 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -40,7 +40,8 @@ adduser postfix opendkim rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R -curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/config/opendkim.conf -o /etc/opendkim.conf +touch /etc/opendkim.d/SigningTable cat < /etc/opendkim.d/TrustedHosts 127.0.0.1 ::1 -- 2.52.0 From af951799b5d2b78ba0e004301b9f57f2036816c3 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 21:08:36 +0100 Subject: [PATCH 23/64] Mod:Postfix added perl-Getopt for centos --- SubModules/postfix/conf.sh | 2 +- SubModules/postfix/dnf.pkg.list | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 SubModules/postfix/dnf.pkg.list diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 7cb0f25..fab9531 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -36,7 +36,7 @@ EOF # OpenDKIM # ##--------------## -adduser postfix opendkim +useradd -G opendkim postfix rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R diff --git a/SubModules/postfix/dnf.pkg.list b/SubModules/postfix/dnf.pkg.list new file mode 100644 index 0000000..72b8002 --- /dev/null +++ b/SubModules/postfix/dnf.pkg.list @@ -0,0 +1 @@ +perl-Getopt-Long \ No newline at end of file -- 2.52.0 From cbba8b1d1b0e8d4591647e7ea80455d1e9420b23 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 5 Feb 2021 21:17:22 +0100 Subject: [PATCH 24/64] Mod:Postfix fixed opendkim group for postfix --- SubModules/postfix/conf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index fab9531..f0448f5 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -36,7 +36,7 @@ EOF # OpenDKIM # ##--------------## -useradd -G opendkim postfix +usermod –a –G opendkim postfix rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R -- 2.52.0 From 282851f1ede3e98137ba9d9b5dd8f2b9a7314a41 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 10 Feb 2021 12:02:39 +0100 Subject: [PATCH 25/64] Main:AppendCMS Renamed bck-util cms-handeler Renamed bck-util cms-handeler to CMSHook-conf for future compatibility --- AppendCMS.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 979e4c8..c76c4d4 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -273,8 +273,8 @@ fi repobckutil=https://git.ictmaatwerk.com/VPS-scripts/Backup-Util branchbckutil=master -if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repobckutil"/raw/branch/"$branchbckutil"/cms-handeler.sh; then - source <(curl --retry 7 --retry-delay 5 -s "$repobckutil"/raw/branch/"$branchbckutil"/cms-handeler.sh) +if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repobckutil"/raw/branch/"$branchbckutil"/CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repobckutil"/raw/branch/"$branchbckutil"/CMSHook-conf.sh) fi ##------------## -- 2.52.0 From 81b7e93678c21f3402e2802c3b1bc47b076572dd Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 10 Feb 2021 15:23:22 +0100 Subject: [PATCH 26/64] Main:All Added per CMS config for sub-modules If CMS is installed and a sub-module requires to be configured per CMS, this is handeled by new 'CMSHook-(pre)conf.sh' this has been added to Dev Docs Updated postfix sub-module to use new CMSHook Added 'itype' var for detection of install script type Now also storeing 'Allways on modules' in installer as EnabledAons --- AppendCMS.sh | 56 ++++++++++++++++++++++++++++----- AppendModule.sh | 13 +++++--- Docs/docs/Dev-Adding-Modules.md | 5 ++- SubModules/postfix/conf.sh | 2 +- SubModules/postfix/preconf.sh | 4 --- installer.sh | 46 +++++++++++++++++++++++++++ 6 files changed, 108 insertions(+), 18 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index c76c4d4..6e70de5 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -1,3 +1,12 @@ +#!/bin/bash + +############################### +# @author: Bram Prieshof # +# @author: Branco van de Waal # +############################### + +itype=AddCMS + ##-----------------## # Fetching Vars # ##-----------------## @@ -29,6 +38,9 @@ declare -n options="$webserv"Options ignphpcms=1 +#Options var setup for enabled sub-modules +option="${SelectedOptions,,}" && option="${option// /}" && option="${option//:/ }" && option="${option//'"'}" +option="$option""$EnabledAons" ##---------------## # Functions # @@ -205,6 +217,23 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh) fi +#Preconfiguring module For CMS +for val1 in ${option[*]}; do + modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") + #Checking + if test -z "$modListed" + then + #Fetching from local repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-preconf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-preconf.sh) + fi + else + #Fetching from remote repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"CMSHook-preconf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$modListed"CMSHook-preconf.sh) + fi + fi +done ##-------------## # Installer # @@ -267,15 +296,26 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-conf.sh) fi -##--------------------------## -# Backup-util Site Setup # -##--------------------------## +#Configuring Module for CMS + +for val1 in ${option[*]}; do + modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") + #Checking + if test -z "$modListed" + then + #Fetching from local repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-conf.sh) + fi + else + #Fetching from remote repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$modListed"CMSHook-conf.sh) + fi + fi +done + -repobckutil=https://git.ictmaatwerk.com/VPS-scripts/Backup-Util -branchbckutil=master -if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repobckutil"/raw/branch/"$branchbckutil"/CMSHook-conf.sh; then - source <(curl --retry 7 --retry-delay 5 -s "$repobckutil"/raw/branch/"$branchbckutil"/CMSHook-conf.sh) -fi ##------------## # Services # diff --git a/AppendModule.sh b/AppendModule.sh index bdaed34..af2b03f 100644 --- a/AppendModule.sh +++ b/AppendModule.sh @@ -1,13 +1,18 @@ +#!/bin/bash + +############################### +# @author: Bram Prieshof # +# @author: Branco van de Waal # +############################### + +itype=AddMod + ##-----------------## # Fetching Vars # ##-----------------## if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi -##-----------------## -# Fetching Vars # -##-----------------## - source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi diff --git a/Docs/docs/Dev-Adding-Modules.md b/Docs/docs/Dev-Adding-Modules.md index fc95801..1526377 100644 --- a/Docs/docs/Dev-Adding-Modules.md +++ b/Docs/docs/Dev-Adding-Modules.md @@ -14,6 +14,8 @@ In both cases the file structure is expected as shown below * ``-apt.pkg.list * ``-dnf.pkg.list * config/* +* CMSHook-preconf.sh +* CMSHook-conf.sh ## The internal module location SubModules/`` @@ -32,7 +34,8 @@ SubModules/`` | ``-apt.pkg.list | packagelist for specified webserver for distro's that use apt| | ``-dnf.pkg.list | packagelist for specified webserver for distro's that use dnf/yum| | config/* | Directory for config files | - +| CMSHook-conf.sh | Will run as addtional preconf when CSM is installed| +| CMSHook-conf.sh | Will run after a CSM is installed| # Defining in the menu ### Add the following to ModulesMenu.list diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index f0448f5..5af7539 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -85,7 +85,7 @@ systemctl start postfix opendkim systemctl enable postfix opendkim #if using Append module run for existing cms/sites -if [ ! -z "${postfixappended}" ]; then +if [ "$itype" = "AddMod" ]; then for file in /etc/ICTM/sites/*; do sitename="${file##*/}" domain=${sitename//_/.} diff --git a/SubModules/postfix/preconf.sh b/SubModules/postfix/preconf.sh index 0276a07..fec0bd6 100644 --- a/SubModules/postfix/preconf.sh +++ b/SubModules/postfix/preconf.sh @@ -1,7 +1,3 @@ -if [ -z "${domain}" ]; then - postfixappended=1 -fi - if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then debconf-set-selections <<< "postfix postfix/mailname string $hostname" debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" diff --git a/installer.sh b/installer.sh index dd063b5..2df823d 100644 --- a/installer.sh +++ b/installer.sh @@ -1,5 +1,11 @@ #!/bin/bash +############################### +# @author: Bram Prieshof # +# @author: Branco van de Waal # +############################### + +itype=Main ##--------------------## # Legacy/Main Menu # @@ -435,6 +441,9 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CoreModules/"$webserv"/reqmodules.sh) fi +#saving enabled Allways on modules +echo 'EnabledAons=('$aonoption')' > /etc/ICTM/selopts.list + #Combining selected option with always-on options option="$option""$aonoption" @@ -573,6 +582,24 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/"$CMS"/"$webserv"-preconf.sh) fi +#Preconfiguring module For CMS +for val1 in ${option[*]}; do + modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") + #Checking + if test -z "$modListed" + then + #Fetching from local repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-preconf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-preconf.sh) + fi + else + #Fetching from remote repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"CMSHook-preconf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$modListed"CMSHook-preconf.sh) + fi + fi +done + #Saving updated vars for storeme in phpver sqlver PHPMyadmin; do declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list @@ -695,6 +722,25 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re fi fi +#Configuring Module for CMS + +for val1 in ${option[*]}; do + modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") + #Checking + if test -z "$modListed" + then + #Fetching from local repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/"$val1"/CMSHook-conf.sh) + fi + else + #Fetching from remote repo + if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$modListed"CMSHook-conf.sh; then + source <(curl --retry 7 --retry-delay 5 -s "$modListed"CMSHook-conf.sh) + fi + fi +done + ##------------## # Services # ##------------## -- 2.52.0 From 064ceafe082fea9933797e6d885aba27e45ca4ac Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 11 Feb 2021 13:37:36 +0100 Subject: [PATCH 27/64] Main:AddCMS removed var ignphpcms Remove var 'ignphpcms' because it is no longer unused --- AppendCMS.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 6e70de5..7afe15e 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -36,8 +36,6 @@ declare -n options="$webserv"Options # Static-Vars # ##----------------## -ignphpcms=1 - #Options var setup for enabled sub-modules option="${SelectedOptions,,}" && option="${option// /}" && option="${option//:/ }" && option="${option//'"'}" option="$option""$EnabledAons" -- 2.52.0 From 638a8c1525fdb15c92c91b592364ef1ef77de6a9 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 11 Feb 2021 15:18:17 +0100 Subject: [PATCH 28/64] Main:* fix for CMSHooks, Mod:Postfix fix openDKIM Main:Inst Fixed failing to store storing EnabledAons/aonoption Main:AddCMS renamed option to EnOption to avoid resusing variable Mod:Postfix Fixed OpenDKIM usermod --- AppendCMS.sh | 10 +++++----- SubModules/postfix/conf.sh | 2 +- installer.sh | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 7afe15e..b9385f9 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -37,8 +37,8 @@ declare -n options="$webserv"Options ##----------------## #Options var setup for enabled sub-modules -option="${SelectedOptions,,}" && option="${option// /}" && option="${option//:/ }" && option="${option//'"'}" -option="$option""$EnabledAons" +EnOption="${SelectedOptions[@],,}" && EnOption="${EnOption// /}" && EnOption="${EnOption//:/ }" && EnOption="${EnOption//'"'}" +EnOption="$EnOption""${EnabledAons[@]}" ##---------------## # Functions # @@ -163,7 +163,7 @@ if [ $IMODE = l ]; then done fi -#Cleaning options from menu +#Cleaning CMS from menu CMS="${CMS//:}" && CMS="${CMS,,}" ##-----------------## @@ -216,7 +216,7 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re fi #Preconfiguring module For CMS -for val1 in ${option[*]}; do +for val1 in ${EnOption[*]}; do modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") #Checking if test -z "$modListed" @@ -296,7 +296,7 @@ fi #Configuring Module for CMS -for val1 in ${option[*]}; do +for val1 in ${EnOption[*]}; do modListed=$(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/extModules.list|grep "$val1") #Checking if test -z "$modListed" diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 5af7539..408f7d6 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -36,7 +36,7 @@ EOF # OpenDKIM # ##--------------## -usermod –a –G opendkim postfix +usermod -aG opendkim postfix rm -rf /etc/opendkim.d mkdir -p /etc/opendkim.d/keys chown opendkim:opendkim /etc/opendkim.d/keys -R diff --git a/installer.sh b/installer.sh index 2df823d..ad2fc3b 100644 --- a/installer.sh +++ b/installer.sh @@ -442,7 +442,7 @@ if curl --retry 2 --retry-delay 1 --output /dev/null --silent --head --fail "$re fi #saving enabled Allways on modules -echo 'EnabledAons=('$aonoption')' > /etc/ICTM/selopts.list +echo 'EnabledAons=('$aonoption')' >> /etc/ICTM/selopts.list #Combining selected option with always-on options option="$option""$aonoption" -- 2.52.0 From 1423d72e5306b149fbd78166fb450f583b50e5cb Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 25 Feb 2021 11:34:42 +0100 Subject: [PATCH 29/64] Added rough versioning system --- AppendCMS.sh | 3 +++ AppendModule.sh | 3 +++ Scripts/Compat/Compat-V2.sh | 20 ++++++++++++++++++++ installer.sh | 3 ++- 4 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 Scripts/Compat/Compat-V2.sh diff --git a/AppendCMS.sh b/AppendCMS.sh index b9385f9..15d203c 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -6,6 +6,7 @@ ############################### itype=AddCMS +ScriptCompat=2 ##-----------------## # Fetching Vars # @@ -15,6 +16,8 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list +if [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi + if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi diff --git a/AppendModule.sh b/AppendModule.sh index af2b03f..48a8acf 100644 --- a/AppendModule.sh +++ b/AppendModule.sh @@ -6,6 +6,7 @@ ############################### itype=AddMod +ScriptCompat=2 ##-----------------## # Fetching Vars # @@ -15,6 +16,8 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list +if [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi + if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh new file mode 100644 index 0000000..f1bc84a --- /dev/null +++ b/Scripts/Compat/Compat-V2.sh @@ -0,0 +1,20 @@ +if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi + +source /etc/ICTM/selopts.list +source /etc/ICTM/mainvar.list + +source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) + +#Setting Menulist to webserver +declare -n CMSL="$webserv"CMSL +declare -n options="$webserv"Options + +#Updating mod lists +option=$(whiptail --nocancel --title "Additional modules" --checklist "Please select enabled features" 11 74 5 "${options[@]}" 3>&1 1>&2 2>&3) +aonoption="/MySQL/" +aonoption="$aonoption /Unattended-Security-Updates/" +aonoption="$aonoption /Backup-Util/" +aonoption="$aonoption /AcmeSH/" +echo 'SelectedOptions=('$option')' > /etc/ICTM/selopts.list +echo 'EnabledAons=('$aonoption')' >> /etc/ICTM/selopts.list +declare -p CompatVer | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list \ No newline at end of file diff --git a/installer.sh b/installer.sh index ad2fc3b..aca61b5 100644 --- a/installer.sh +++ b/installer.sh @@ -32,6 +32,7 @@ fi repo=https://git.ictmaatwerk.com/VPS-scripts/Web-V2 branch=PostfixTesting branchtype=branch #=branch for branch and =tag for release +CompatVer=2 #Installer-config phpver=7.4 PHPMyadmin=1 #Overwriten by cms's without php @@ -374,7 +375,7 @@ fi mkdir -p /etc/ICTM/sites echo "InstDate=$(date "+%d-%B-%Y")" >> /etc/ICTM/mainvar.list -for storeme in PKGM PKGI PKGUC PKGUP PKGLIST OUTPUT IMODE shortdist repo branch branchtype webserv email shortdist hostname; do +for storeme in PKGM PKGI PKGUC PKGUP PKGLIST OUTPUT IMODE shortdist repo branch branchtype webserv email shortdist hostname CompatVer; do declare -p $storeme | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list done -- 2.52.0 From 5a7027810317c6f2f4b923a7d70f497024a940cd Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Feb 2021 12:26:45 +0100 Subject: [PATCH 30/64] Main, Updated version detection --- AppendCMS.sh | 2 +- AppendModule.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 15d203c..df064f2 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -16,7 +16,7 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -if [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi +if [ -z ${ScriptCompat} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then diff --git a/AppendModule.sh b/AppendModule.sh index 48a8acf..0bc538f 100644 --- a/AppendModule.sh +++ b/AppendModule.sh @@ -16,7 +16,7 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -if [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi +if [ -z ${ScriptCompat} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then -- 2.52.0 From 0c62faa0aa5f1ce8174098852ad64eb62cd1385b Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Feb 2021 12:29:05 +0100 Subject: [PATCH 31/64] Main, fixed checking wrong var in version check --- AppendCMS.sh | 2 +- AppendModule.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index df064f2..8456443 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -16,7 +16,7 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -if [ -z ${ScriptCompat} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi +if [ -z ${CompatVer} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then diff --git a/AppendModule.sh b/AppendModule.sh index 0bc538f..411056f 100644 --- a/AppendModule.sh +++ b/AppendModule.sh @@ -16,7 +16,7 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -if [ -z ${ScriptCompat} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi +if [ -z ${CompatVer} ] || [ "$CompatVer" -lt "$ScriptCompat" ]; then echo "Web-V2 is outdated, Please run the Compat-V*.sh updater from the repo, Current version= $CompatVer" && exit ; fi if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ $webserv != nginx_nonphp ]; then -- 2.52.0 From d85678e56040327f330abef9bb8aca24487a02da Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Feb 2021 12:31:56 +0100 Subject: [PATCH 32/64] Script:Compat fixed/added var --- Scripts/Compat/Compat-V2.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh index f1bc84a..cc8b2c3 100644 --- a/Scripts/Compat/Compat-V2.sh +++ b/Scripts/Compat/Compat-V2.sh @@ -1,10 +1,14 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi +#Getting information and vars source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) +#NewCompat var +CompatVer=2 + #Setting Menulist to webserver declare -n CMSL="$webserv"CMSL declare -n options="$webserv"Options -- 2.52.0 From b15f8a33ed88340d952f199bed6f6be177202b3a Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Feb 2021 12:51:12 +0100 Subject: [PATCH 33/64] Script:Compat fix for getting option list Forceing "Normal install mode (Whiptail) " since this script requires it. For This sctipt only, since it was unable to get correct module list --- Scripts/Compat/Compat-V2.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh index cc8b2c3..d163554 100644 --- a/Scripts/Compat/Compat-V2.sh +++ b/Scripts/Compat/Compat-V2.sh @@ -4,11 +4,13 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list -source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) - #NewCompat var +IMODE="n" CompatVer=2 +#Getting module list +source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) + #Setting Menulist to webserver declare -n CMSL="$webserv"CMSL declare -n options="$webserv"Options -- 2.52.0 From 4af278b6f02807b5ec0aaa2159cbcc3407d4a644 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 4 Mar 2021 11:07:27 +0100 Subject: [PATCH 34/64] Main:PhpUp added remove script if cur php is kept --- PhpUpdater.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/PhpUpdater.sh b/PhpUpdater.sh index 41da8d8..d8b41a7 100644 --- a/PhpUpdater.sh +++ b/PhpUpdater.sh @@ -92,6 +92,7 @@ if [ $IMODE = n ]; then $PKGP -y $phpPkgName* else PhpPurge=0 + echo "$PKGP -y $phpPkgName*" > ~/remove-PHP-$phpver fi fi -- 2.52.0 From f28b08792c025e79ea8d70924783ecf06a38fe1e Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 11 Mar 2021 15:43:42 +0100 Subject: [PATCH 35/64] Scrtipt:Compat Cleanup and basic validation --- Scripts/Compat/Compat-V2.sh | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh index d163554..82786a2 100644 --- a/Scripts/Compat/Compat-V2.sh +++ b/Scripts/Compat/Compat-V2.sh @@ -1,26 +1,23 @@ if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi #Getting information and vars -source /etc/ICTM/selopts.list source /etc/ICTM/mainvar.list +#CompatUpdater Setup +UpdaterCompatTo=2 +if [ -z ${CompatVer} ]; then CompatVer=1 ; fi +if [ "$CompatVer" -ge "$UpdaterCompatTo" ]; then echo "Web-V2 is update to-date,Update scipt version= $UpdaterCompatTo, Current version= $CompatVer" && exit ; fi + +printf '%s' "Updating Web-V2..." #NewCompat var -IMODE="n" -CompatVer=2 - -#Getting module list -source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) - -#Setting Menulist to webserver -declare -n CMSL="$webserv"CMSL -declare -n options="$webserv"Options +CompatVer=$UpdaterCompatTo #Updating mod lists -option=$(whiptail --nocancel --title "Additional modules" --checklist "Please select enabled features" 11 74 5 "${options[@]}" 3>&1 1>&2 2>&3) aonoption="/MySQL/" aonoption="$aonoption /Unattended-Security-Updates/" aonoption="$aonoption /Backup-Util/" aonoption="$aonoption /AcmeSH/" -echo 'SelectedOptions=('$option')' > /etc/ICTM/selopts.list echo 'EnabledAons=('$aonoption')' >> /etc/ICTM/selopts.list -declare -p CompatVer | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list \ No newline at end of file +declare -p CompatVer | cut -d ' ' -f 3- >> /etc/ICTM/mainvar.list + +printf " [\033[0;32mok\033[0m]\n" -- 2.52.0 From 73bf0aa0f468ff60ff589419c75630feb5de2a42 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 12 Mar 2021 14:44:40 +0100 Subject: [PATCH 36/64] Mod:Postfix Made DKIM selector variable This so multiple servers useing Web-V2 can send from the same domain Now using odksec for host selector var and odkdomsec for domain selector var --- SubModules/postfix/CMSHook-conf.sh | 6 +++--- SubModules/postfix/CMSHook-preconf.sh | 18 ++++++++++++++++++ SubModules/postfix/conf.sh | 10 +++++----- SubModules/postfix/opendkim-init.sh | 4 ++-- 4 files changed, 28 insertions(+), 10 deletions(-) diff --git a/SubModules/postfix/CMSHook-conf.sh b/SubModules/postfix/CMSHook-conf.sh index d66962d..ebcacbb 100644 --- a/SubModules/postfix/CMSHook-conf.sh +++ b/SubModules/postfix/CMSHook-conf.sh @@ -1,8 +1,8 @@ #ADD DOMAIN sudo --user opendkim mkdir /etc/opendkim.d/keys/"$maildomain" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$maildomain" -d "$maildomain" -s vps +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$maildomain" -d "$maildomain" -s "$odkdomsec" echo "$maildomain" >> /etc/opendkim.d/TrustedHosts -echo "vps._domainkey."$maildomain" "$maildomain":vps:/etc/opendkim.d/keys/"$maildomain"/vps.private" >> /etc/opendkim.d/KeyTable +echo "$odkdomsec._domainkey."$maildomain" "$maildomain":"$odkdomsec":/etc/opendkim.d/keys/"$maildomain"/"$odkdomsec".private" >> /etc/opendkim.d/KeyTable if [ $webserv != nginx_nonphp ]; then echo "" >> "$phpPoolDir"/"$sitename".conf @@ -11,7 +11,7 @@ fi curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-$sitename.sh -sed -i -e 's/DOMAINname/'$maildomain'/g' -e 's/SITEName/'${sitename//_}'/g' ~/OpenDKIMInit-$sitename.sh +sed -i -e 's/DOMAINname/'$maildomain'/g' -e 's/SITEName/'${sitename//_}'/g' -e 's/ODKSec/'$odkdomsec'/g' ~/OpenDKIMInit-$sitename.sh cat << EOF > /etc/update-motd.d/51-opendkim-"${sitename//_}" #!/bin/sh diff --git a/SubModules/postfix/CMSHook-preconf.sh b/SubModules/postfix/CMSHook-preconf.sh index 41bf3ed..63c679d 100644 --- a/SubModules/postfix/CMSHook-preconf.sh +++ b/SubModules/postfix/CMSHook-preconf.sh @@ -7,6 +7,11 @@ if [ $IMODE = n ]; then mailas=$(whiptail --nocancel --inputbox " Enter mail addres for sending mail?" 11 78 --title "Config" 3>&1 1>&2 2>&3) maildomain=$(sed -e 's/[^@]*@//' <<< "$mail") fi + if (whiptail --title "Config" --yesno " Use default DKIM selector [vps]?" 11 78); then + odkdomsec=vps + else + odkdomsec=$(whiptail --nocancel --inputbox " Enter DKIM selector" 11 78 --title "Config" 3>&1 1>&2 2>&3) + fi fi if [ $IMODE = l ]; then @@ -25,4 +30,17 @@ if [ $IMODE = l ]; then * )echo "Choose yes or no.";; esac done + while true; do + read -p "Use default DKIM selector [vps]? (y/n)" yn + case $yn in + [Yy]* ) + odkdomsec=vps + break;; + [Nn]* ) + echo 'Enter DKIM selector? ' + read odkdomsec + break;; + * )echo "Choose yes or no.";; + esac + done fi \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 408f7d6..a8c856b 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -61,13 +61,13 @@ if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist systemctl daemon-reload fi -odksec=$(sed 's/\..*$//' <<< $hostname) +odkhsec=$(sed 's/\..*$//' <<< $hostname) sudo --user opendkim mkdir /etc/opendkim.d/keys/"$hostname" -sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odksec -echo ""$odksec"._domainkey."$hostname" "$hostname":"$odksec":/etc/opendkim.d/keys/"$hostname"/"$odksec".private" >> /etc/opendkim.d/KeyTable +sudo --user opendkim opendkim-genkey -r -D /etc/opendkim.d/keys/"$hostname" -d "$hostname" -s $odkhsec +echo ""$odkhsec"._domainkey."$hostname" "$hostname":"$odkhsec":/etc/opendkim.d/keys/"$hostname"/"$odkhsec".private" >> /etc/opendkim.d/KeyTable curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/opendkim-init.sh -o ~/OpenDKIMInit-host.sh -sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/vps/'$odksec'/g' ~/OpenDKIMInit-host.sh -unset odksec +sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/ODKSec/'$odkhsec'/g' ~/OpenDKIMInit-host.sh +unset odkhsec cat << EOF > /etc/update-motd.d/51-generalspf diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index 8460fc8..c9e5561 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -2,7 +2,7 @@ if [ -n "$1" ]; then if [[ "$1" = "--enable" ]]; then echo "Enableing DKIM" - echo "*@DOMAINname vps._domainkey.DOMAINname" >>/etc/opendkim.d/SigningTable + echo "*@DOMAINname ODKSec._domainkey.DOMAINname" >>/etc/opendkim.d/SigningTable systemctl reload opendkim #Remove script while true; do @@ -26,7 +26,7 @@ echo "Optional to enable dkim" echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" echo "Please add the folloing TXT Record to the DNS of DOMAINname" echo "WARNING the output is split, please combine key before inserting into DNS" -cat /etc/opendkim.d/keys/DOMAINname/vps.txt +cat /etc/opendkim.d/keys/DOMAINname/ODKSec.txt echo "" echo "If DNS is propegated then run \"bash $0 --enable\"" -- 2.52.0 From 0dd431a8d5c8fb4862cb57185012e97a8e7f0017 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 18 Mar 2021 14:34:31 +0100 Subject: [PATCH 37/64] Mod:Postfix updated instructions --- SubModules/postfix/conf.sh | 6 +++--- SubModules/postfix/opendkim-init.sh | 11 +++++++---- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index a8c856b..323c0a2 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -69,12 +69,12 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/ODKSec/'$odkhsec'/g' ~/OpenDKIMInit-host.sh unset odkhsec - -cat << EOF > /etc/update-motd.d/51-generalspf +/etc/update-motd.d/51-generalspf +cat << EOF > test.sh #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" -printf \$red "To enable mail for this server add \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" to $hostname SPF" +printf \$red "To enable mail for this server add the folling ip's \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" for $hostname" printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index c9e5561..d8a035a 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -20,11 +20,14 @@ if [ -n "$1" ]; then fi fi echo "Required to enable mailing for this system" -echo "Please add the folloing to your SPF Record in the DNS of DOMAINname" -echo "" -echo "Optional to enable dkim" +echo "Please add the folloing to your SPF Record in the DNS of DOMAINname," echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" -echo "Please add the folloing TXT Record to the DNS of DOMAINname" +echo "" +echo "Alternatively use the 'a' and 'mx' in the SPF record just make sure the server has an 'A' and 'AAA' record pointing to it" +echo "" +echo "" +echo "Optionally to enable dkim" +echo "Add the folloing TXT Record to the DNS of DOMAINname" echo "WARNING the output is split, please combine key before inserting into DNS" cat /etc/opendkim.d/keys/DOMAINname/ODKSec.txt -- 2.52.0 From 22df00dd804158b682e0a094b12b1a4612afc1ae Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 18 Mar 2021 14:46:00 +0100 Subject: [PATCH 38/64] Mod:Postfix added blacklist check reminder --- SubModules/postfix/conf.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 323c0a2..3c60f80 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -75,7 +75,9 @@ cat << EOF > test.sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add the folling ip's \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" for $hostname" -printf \$red "to enable DKKIM for the hostname run bash ~/OpenDKIMInit-host.sh" +printf \$red Check Blacklist using the following url: "https://www.debouncer.com/blacklistlookup?t=$hostname" +printf \n +printf \$red "Optionally, to enable DKIM for the hostname run bash ~/OpenDKIMInit-host.sh" printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" EOF -- 2.52.0 From f755e27fb423bab9fa7b90aee1fee8c3e35382ab Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 18 Mar 2021 14:57:42 +0100 Subject: [PATCH 39/64] Mod:Postfix Fixed oopsie --- SubModules/postfix/conf.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 3c60f80..6b9ec0a 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -69,14 +69,14 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules sed -i -e 's/DOMAINname/'$hostname'/g' -e 's/SITEName/'host'/g' -e 's/ODKSec/'$odkhsec'/g' ~/OpenDKIMInit-host.sh unset odkhsec -/etc/update-motd.d/51-generalspf -cat << EOF > test.sh + +cat << EOF > /etc/update-motd.d/51-generalspf #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" printf \$red "To enable mail for this server add the folling ip's \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" for $hostname" -printf \$red Check Blacklist using the following url: "https://www.debouncer.com/blacklistlookup?t=$hostname" -printf \n +printf \$red "Check Blacklist using the following url: 'https://www.debouncer.com/blacklistlookup?t=$hostname'" +printf "\n" printf \$red "Optionally, to enable DKIM for the hostname run bash ~/OpenDKIMInit-host.sh" printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" -- 2.52.0 From 31c7ba85c8132f0441feafb278f45675b5658383 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 18 Mar 2021 16:04:53 +0100 Subject: [PATCH 40/64] Mod:Postfix Updated msg's --- SubModules/postfix/conf.sh | 8 ++++++-- SubModules/postfix/opendkim-init.sh | 1 + 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 6b9ec0a..2d4c3b7 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -74,11 +74,15 @@ cat << EOF > /etc/update-motd.d/51-generalspf #!/bin/sh red='\e[1;31m%s\e[0m\n' printf "\n" -printf \$red "To enable mail for this server add the folling ip's \"ip4:\$(curl -s -4 icanhazip.com) ip6:\$(curl -s -6 icanhazip.com)\" for $hostname" +printf \$red "To enable mail for this server add the folling Records for $hostname:" +printf \$red "A record: \$(curl -s -4 icanhazip.com)" +printf \$red "AAA record: \$(curl -s -6 icanhazip.com)" +printf \$red "MX record: '0 mail'" +printf \$red "SPF record: '\"v=spf1 a mx -all\"'" printf \$red "Check Blacklist using the following url: 'https://www.debouncer.com/blacklistlookup?t=$hostname'" printf "\n" printf \$red "Optionally, to enable DKIM for the hostname run bash ~/OpenDKIMInit-host.sh" -printf \$red "remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" +printf \$red "Remove notice this by running \"rm /etc/update-motd.d/51-generalspf\"" printf "\n" EOF chmod +x /etc/update-motd.d/51-generalspf diff --git a/SubModules/postfix/opendkim-init.sh b/SubModules/postfix/opendkim-init.sh index d8a035a..4a2c861 100644 --- a/SubModules/postfix/opendkim-init.sh +++ b/SubModules/postfix/opendkim-init.sh @@ -20,6 +20,7 @@ if [ -n "$1" ]; then fi fi echo "Required to enable mailing for this system" +echo "Please make sure a valid MX record, and A/AAA are set for DOMAINname," echo "Please add the folloing to your SPF Record in the DNS of DOMAINname," echo "ip4:$(curl -s -4 icanhazip.com) ip6:$(curl -s -6 icanhazip.com)" echo "" -- 2.52.0 From 269998a2af53e0d5f30e1962fb2d11bc25c7da31 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 19 Mar 2021 14:59:56 +0100 Subject: [PATCH 41/64] Main, reset branch to master after merge --- installer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer.sh b/installer.sh index aca61b5..035a81d 100644 --- a/installer.sh +++ b/installer.sh @@ -30,7 +30,7 @@ fi #Git-repo repo=https://git.ictmaatwerk.com/VPS-scripts/Web-V2 -branch=PostfixTesting +branch=master branchtype=branch #=branch for branch and =tag for release CompatVer=2 #Installer-config -- 2.52.0 From dda74005f5fafdd41bdc26ed069b35b5ebb54f4f Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 24 Mar 2021 15:06:54 +0100 Subject: [PATCH 42/64] Main: Added fix SSL issue described #12 --- CoreModules/apache/conf.sh | 4 +++- CoreModules/apache/config/apache2/site_ssl-unconfigured | 4 ++-- CoreModules/apache/config/apache2/site_ssl-wwwredir | 4 ++-- CoreModules/nginx/conf.sh | 4 +++- CoreModules/nginx/config/nginx/site_ssl-unconfigured | 6 +++--- CoreModules/nginx/config/nginx/site_ssl-wwwredir | 6 +++--- CoreModules/nginx_nonphp/conf.sh | 3 +++ Scripts/EnableSSL.sh | 2 ++ installer.sh | 4 ++++ 9 files changed, 25 insertions(+), 12 deletions(-) diff --git a/CoreModules/apache/conf.sh b/CoreModules/apache/conf.sh index 734379d..e6dc629 100644 --- a/CoreModules/apache/conf.sh +++ b/CoreModules/apache/conf.sh @@ -66,9 +66,11 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/to sed -i -e 's#MONITCONF#'$monitconf'#' -e 's/APASRV/'$apacheService'/' -e 's#APADIR#'$apacheConfDir'#' /opt/toggle/toggle-MonitWebui.sh unset monitconf - # custom Welcome page echo "$webserv is functioning normally" > /var/www/html/index.html +#Add Apache as SSL service +echo "$apacheService" >> /etc/ICTM/SslServices + systemctl start $apacheService > $OUTPUT 2>&1 systemctl enable $apacheService > $OUTPUT 2>&1 \ No newline at end of file diff --git a/CoreModules/apache/config/apache2/site_ssl-unconfigured b/CoreModules/apache/config/apache2/site_ssl-unconfigured index 5a99a2b..5c401e0 100644 --- a/CoreModules/apache/config/apache2/site_ssl-unconfigured +++ b/CoreModules/apache/config/apache2/site_ssl-unconfigured @@ -6,8 +6,8 @@ ServerName DOMAINname SSLEngine on - SSLCertificateFile /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer - SSLCertificateKeyFile /etc/acmesh/certs/DOMAINname_ecc/DOMAINname.key + SSLCertificateFile /etc/acmesh/inst/DOMAINname/fullchain.pem + SSLCertificateKeyFile /etc/acmesh/inst/DOMAINname/key.pem Include snippets/apa-ssl.conf #ConfHere diff --git a/CoreModules/apache/config/apache2/site_ssl-wwwredir b/CoreModules/apache/config/apache2/site_ssl-wwwredir index 57c294b..5bcbf94 100644 --- a/CoreModules/apache/config/apache2/site_ssl-wwwredir +++ b/CoreModules/apache/config/apache2/site_ssl-wwwredir @@ -6,8 +6,8 @@ ServerName www.DOMAINname SSLEngine on - SSLCertificateFile /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer - SSLCertificateKeyFile /etc/acmesh/certs/DOMAINname_ecc/DOMAINname.key + SSLCertificateFile /etc/acmesh/inst/DOMAINname/fullchain.pem + SSLCertificateKeyFile /etc/acmesh/inst/DOMAINname/key.pem Include snippets/apa-ssl.conf Redirect permanent / https://DOMAINname/ \ No newline at end of file diff --git a/CoreModules/nginx/conf.sh b/CoreModules/nginx/conf.sh index 5733e62..4f96f79 100644 --- a/CoreModules/nginx/conf.sh +++ b/CoreModules/nginx/conf.sh @@ -51,9 +51,11 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/to sed -i -e 's#MONITCONF#'$monitconf'#' /opt/toggle/toggle-MonitWebui.sh unset monitconf - # custom Welcome page echo "$webserv is functioning normally" > /usr/share/nginx/html/index.html +#Add Nginx as SSL service +echo "nginx" >> /etc/ICTM/SslServices + systemctl start nginx > $OUTPUT 2>&1 systemctl enable nginx > $OUTPUT 2>&1 \ No newline at end of file diff --git a/CoreModules/nginx/config/nginx/site_ssl-unconfigured b/CoreModules/nginx/config/nginx/site_ssl-unconfigured index cc758ed..66ceba3 100644 --- a/CoreModules/nginx/config/nginx/site_ssl-unconfigured +++ b/CoreModules/nginx/config/nginx/site_ssl-unconfigured @@ -13,9 +13,9 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name DOMAINname; - ssl_certificate /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer; - ssl_certificate_key /etc/acmesh/certs/DOMAINname_ecc/DOMAINname.key; - ssl_trusted_certificate /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer; + ssl_certificate /etc/acmesh/inst/DOMAINname/fullchain.pem; + ssl_certificate_key /etc/acmesh/inst/DOMAINname/key.pem; + ssl_trusted_certificate /etc/acmesh/inst/DOMAINname/fullchain.pem; include snippets/ngx-ssl.conf; diff --git a/CoreModules/nginx/config/nginx/site_ssl-wwwredir b/CoreModules/nginx/config/nginx/site_ssl-wwwredir index 639af0b..a43a6fc 100644 --- a/CoreModules/nginx/config/nginx/site_ssl-wwwredir +++ b/CoreModules/nginx/config/nginx/site_ssl-wwwredir @@ -11,9 +11,9 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name www.DOMAINname; - ssl_certificate /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer; - ssl_certificate_key /etc/acmesh/certs/DOMAINname_ecc/DOMAINname.key; - ssl_trusted_certificate /etc/acmesh/certs/DOMAINname_ecc/fullchain.cer; + ssl_certificate /etc/acmesh/inst/DOMAINname/fullchain.pem; + ssl_certificate_key /etc/acmesh/inst/DOMAINname/key.pem; + ssl_trusted_certificate /etc/acmesh/inst/DOMAINname/fullchain.pem; include snippets/ngx-ssl.conf; return 301 https://DOMAINname$request_uri; } diff --git a/CoreModules/nginx_nonphp/conf.sh b/CoreModules/nginx_nonphp/conf.sh index ab4fece..de20896 100644 --- a/CoreModules/nginx_nonphp/conf.sh +++ b/CoreModules/nginx_nonphp/conf.sh @@ -28,5 +28,8 @@ sed -i -e 's/DOMAINname/'$domain'/g' /etc/nginx/sites-available/"$sitename"_ssl # custom Welcome page echo "$webserv is functioning normally" > /usr/share/nginx/html/index.html +#Add Nginx as SSL service +echo "nginx" >> /etc/ICTM/SslServices + systemctl start nginx > $OUTPUT 2>&1 systemctl enable nginx > $OUTPUT 2>&1 \ No newline at end of file diff --git a/Scripts/EnableSSL.sh b/Scripts/EnableSSL.sh index 098b300..d522d03 100644 --- a/Scripts/EnableSSL.sh +++ b/Scripts/EnableSSL.sh @@ -37,6 +37,8 @@ fi if test $certsatus -eq 0 then site_ext="ssl" + mkdir -p /etc/acmesh/inst/$domain + /opt/acmesh/acme.sh --config-home '/etc/acmesh/data' --install-cert --ecc --domain $domain --cert-file /etc/acmesh/inst/$domain/cert.pem --key-file /etc/acmesh/inst/$domain/key.pem --ca-file /etc/acmesh/inst/$domain/ca.cer --fullchain-file /etc/acmesh/inst/$domain/fullchain.pem --reloadcmd 'systemctl reload $(cat /etc/ICTM/SslServices)' else site_ext="nossl" rm -rf /etc/acmesh/certs/$domain* diff --git a/installer.sh b/installer.sh index 035a81d..e9ee770 100644 --- a/installer.sh +++ b/installer.sh @@ -671,6 +671,8 @@ if [ $sslenable = 1 ]; then if test $certsatus -eq 0 then site_ext="ssl" + mkdir -p /etc/acmesh/inst/$domain + /opt/acmesh/acme.sh --config-home '/etc/acmesh/data' --install-cert --ecc --domain $domain --cert-file /etc/acmesh/inst/$domain/cert.pem --key-file /etc/acmesh/inst/$domain/key.pem --ca-file /etc/acmesh/inst/$domain/ca.cer --fullchain-file /etc/acmesh/inst/$domain/fullchain.pem --reloadcmd 'systemctl reload $(cat /etc/ICTM/SslServices)' else site_ext="nossl" rm -rf /etc/acmesh/certs/$domain* @@ -682,6 +684,8 @@ if [ $sslenable = 1 ]; then if test $certsatusBackend -eq 0 then siteBackend_ext="ssl" + mkdir -p /etc/acmesh/inst/$hostname + /opt/acmesh/acme.sh --config-home '/etc/acmesh/data' --install-cert --ecc --domain $hostname --cert-file /etc/acmesh/inst/$hostname/cert.pem --key-file /etc/acmesh/inst/$hostname/key.pem --ca-file /etc/acmesh/inst/$hostname/ca.cer --fullchain-file /etc/acmesh/inst/$hostname/fullchain.pem --reloadcmd 'systemctl reload $(cat /etc/ICTM/SslServices)' else siteBackend_ext="nossl" rm -rf /etc/acmesh/certs/$hostname* -- 2.52.0 From f27c55336e422c40c5b62285619a63de159d3c7c Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 25 Mar 2021 12:17:05 +0100 Subject: [PATCH 43/64] Main:AppendCMS added fix for #12, Forgotten this --- AppendCMS.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/AppendCMS.sh b/AppendCMS.sh index 8456443..8e38cea 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -272,6 +272,8 @@ msg " Setting up SSL" if test $certsatus -eq 0 then site_ext="ssl" + mkdir -p /etc/acmesh/inst/$domain + /opt/acmesh/acme.sh --config-home '/etc/acmesh/data' --install-cert --ecc --domain $domain --cert-file /etc/acmesh/inst/$domain/cert.pem --key-file /etc/acmesh/inst/$domain/key.pem --ca-file /etc/acmesh/inst/$domain/ca.cer --fullchain-file /etc/acmesh/inst/$domain/fullchain.pem --reloadcmd 'systemctl reload $(cat /etc/ICTM/SslServices)' else site_ext="nossl" rm -rf /etc/acmesh/certs/$domain* -- 2.52.0 From dabb32845d07a100474ffd926470e9e076032084 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 14 Apr 2021 14:54:05 +0200 Subject: [PATCH 44/64] CMS:Nextcloud fixes related to #15 --- CMS/nextcloud/Nginx-unconfigured | 21 ++++++++++++++++----- CMS/nextcloud/nextcloud-init.sh | 17 ++++++++++++++++- 2 files changed, 32 insertions(+), 6 deletions(-) diff --git a/CMS/nextcloud/Nginx-unconfigured b/CMS/nextcloud/Nginx-unconfigured index 273d74d..d98802e 100644 --- a/CMS/nextcloud/Nginx-unconfigured +++ b/CMS/nextcloud/Nginx-unconfigured @@ -28,13 +28,14 @@ location = /robots.txt { access_log off; } -location = /.well-known/carddav { - return 301 $scheme://$host:$server_port/remote.php/dav; -} -location = /.well-known/caldav { - return 301 $scheme://$host:$server_port/remote.php/dav; +location ^~ /.well-known { + location = /.well-known/carddav { return 301 /remote.php/dav/; } + location = /.well-known/caldav { return 301 /remote.php/dav/; } + location ^~ /.well-known { return 301 /index.php$uri; } + try_files $uri $uri/ =404; } + location / { rewrite ^ /index.php; } @@ -80,4 +81,14 @@ location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { try_files $uri /index.php$request_uri; access_log off; } + +## Reverse proxy Config for 'Files High Performance Back-end' +#FHPBlocation ^~ /push/ { +#FHPB proxy_http_version 1.1; +#FHPB proxy_set_header Upgrade $http_upgrade; +#FHPB proxy_set_header Connection "Upgrade"; +#FHPB proxy_set_header Host $host; +#FHPB proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +#FHPB} + #endConf \ No newline at end of file diff --git a/CMS/nextcloud/nextcloud-init.sh b/CMS/nextcloud/nextcloud-init.sh index d74e693..10e5618 100644 --- a/CMS/nextcloud/nextcloud-init.sh +++ b/CMS/nextcloud/nextcloud-init.sh @@ -4,6 +4,7 @@ sudo -u SITEname php /var/www/DOMAINname/html/occ app:disable firstrunwizard sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set default_language --value=nl sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set default_locale --value=nl +sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set default_phone_region --value=nl sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set skeletondirectory --value= sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.local --value='\OC\Memcache\APCu' @@ -12,8 +13,22 @@ if [ "$(systemctl is-active redis-server)" = "active" ] || [ "$(systemctl is-ac sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.locking --value='\OC\Memcache\Redis' sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set redis host --value=localhost sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set redis port --value=6379 + while true; do + read -p "Prepair for Files High Performance Back-end -> yes/no?" yn + case $yn in + [Nn]* ) + break;; + [Yy]* ) + sudo -u SITEname php /var/www/DOMAINname/html/occ app:install notify_push + sed -i --follow-symlinks 's/#FHPB//g' /etc/nginx/sites-enabled/SITEname + systemctl nginx reload + echo -e "\e[96m Run: sudo -u SITEname php /var/www/DOMAINname/html/occ notify_push:setup\e[39m" + break;; + * )echo "Choose yes or no.";; + esac + done else - echo "Redis running on this system" + echo "Redis is not running on this system" fi echo "*/5 * * * * SITEname php -f /var/www/DOMAINname/html/cron.php > /dev/null 2>&1" >> /etc/crontab -- 2.52.0 From 6ffae914311386fa312b88f60ec214f96a31a8ef Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 15 Apr 2021 13:46:13 +0200 Subject: [PATCH 45/64] CMS:Nextcloud Init.sh fixed typo --- CMS/nextcloud/nextcloud-init.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CMS/nextcloud/nextcloud-init.sh b/CMS/nextcloud/nextcloud-init.sh index 10e5618..f51adb2 100644 --- a/CMS/nextcloud/nextcloud-init.sh +++ b/CMS/nextcloud/nextcloud-init.sh @@ -14,14 +14,14 @@ if [ "$(systemctl is-active redis-server)" = "active" ] || [ "$(systemctl is-ac sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set redis host --value=localhost sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set redis port --value=6379 while true; do - read -p "Prepair for Files High Performance Back-end -> yes/no?" yn + read -p "Prepair for Files High Performance Back-end (Only for nginx) -> yes/no?" yn case $yn in [Nn]* ) break;; [Yy]* ) sudo -u SITEname php /var/www/DOMAINname/html/occ app:install notify_push sed -i --follow-symlinks 's/#FHPB//g' /etc/nginx/sites-enabled/SITEname - systemctl nginx reload + systemctl reload nginx echo -e "\e[96m Run: sudo -u SITEname php /var/www/DOMAINname/html/occ notify_push:setup\e[39m" break;; * )echo "Choose yes or no.";; -- 2.52.0 From 73e168ff44e590f2f2cea659faf8a41129fa5114 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 15 Apr 2021 22:30:20 +0200 Subject: [PATCH 46/64] CMS:Nextcloud nginx added missing line Signed-off-by: Bram Prieshof --- CMS/nextcloud/Nginx-unconfigured | 1 + 1 file changed, 1 insertion(+) diff --git a/CMS/nextcloud/Nginx-unconfigured b/CMS/nextcloud/Nginx-unconfigured index d98802e..68dee3f 100644 --- a/CMS/nextcloud/Nginx-unconfigured +++ b/CMS/nextcloud/Nginx-unconfigured @@ -84,6 +84,7 @@ location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { ## Reverse proxy Config for 'Files High Performance Back-end' #FHPBlocation ^~ /push/ { +#FHPB proxy_pass http://127.0.0.1:7867/; #FHPB proxy_http_version 1.1; #FHPB proxy_set_header Upgrade $http_upgrade; #FHPB proxy_set_header Connection "Upgrade"; -- 2.52.0 From b94a84bb8459031b78887319c4106a949aa746c9 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 6 May 2021 11:55:11 +0200 Subject: [PATCH 47/64] CMS:Nextcloud added config option for trash clean --- CMS/nextcloud/nextcloud-init.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/CMS/nextcloud/nextcloud-init.sh b/CMS/nextcloud/nextcloud-init.sh index f51adb2..ac316cf 100644 --- a/CMS/nextcloud/nextcloud-init.sh +++ b/CMS/nextcloud/nextcloud-init.sh @@ -7,6 +7,7 @@ sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set default_loca sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set default_phone_region --value=nl sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set skeletondirectory --value= sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.local --value='\OC\Memcache\APCu' +sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set trashbin_retention_obligation --value=30,30 if [ "$(systemctl is-active redis-server)" = "active" ] || [ "$(systemctl is-active redis)" = "active" ]; then sudo -u SITEname php /var/www/DOMAINname/html/occ config:system:set memcache.distributed --value='\OC\Memcache\Redis' -- 2.52.0 From ad5411b8cb095e724a63e624126d39b3749008f0 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 27 May 2021 12:49:17 +0200 Subject: [PATCH 48/64] Update 'CMS/none/conf.sh' --- CMS/none/conf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMS/none/conf.sh b/CMS/none/conf.sh index dd23163..146ec4d 100644 --- a/CMS/none/conf.sh +++ b/CMS/none/conf.sh @@ -14,10 +14,10 @@ groupadd "$sitename" useradd -g "$sitename" "$sitename" systemctl reload $phpFPMService +fi #Setting Permsissions chown "$sitename":"$sitename" -R /var/www/"$domain"/html -fi if [ "$shortdist" = "el8" ]; then #Setting SeLiux perms for centos -- 2.52.0 From b911388b8593ec294966f10cfc18eb5064b2c13e Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 11 Aug 2021 13:05:17 +0200 Subject: [PATCH 49/64] Added fix for Nextcloud php8.x (see #10) --- CMS/nextcloud/conf.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/CMS/nextcloud/conf.sh b/CMS/nextcloud/conf.sh index 32f1619..7c5c3b7 100644 --- a/CMS/nextcloud/conf.sh +++ b/CMS/nextcloud/conf.sh @@ -45,6 +45,17 @@ if [ "$shortdist" = "el8" ]; then restorecon -r /var/www/ > $OUTPUT 2>&1 fi +#PHP 8.0 Settings +if [ "$phpVerBranch" = "8x" ] then + if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then + if ! grep -Fxq "apc.enable_cli=1" /etc/php/${phpver}/mods-available/apcu.ini; then + echo "apc.enable_cli=1" >> /etc/php/${phpver}/mods-available/apcu.ini + fi + elif [ "$shortdist" = "el8" ]; then + sed -i "/apc.enable_cli/c\apc.enable_cli=1" /etc/opt/remi/php${phpver//.}/php.d/40-apcu.ini + fi + sed -i "/opcache.enable/c\php_admin_value[opcache.enable] = 1" "$phpPoolDir"/"$sitename".conf +fi #Makeing nextcloud Finalize script and setting login Notice curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/nextcloud/nextcloud-init.sh -o ~/NextcloudInit-"$sitename".sh -- 2.52.0 From 02e644ba606ce8e9eda1a35c5a855178af0f34bf Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 11 Aug 2021 13:20:41 +0200 Subject: [PATCH 50/64] CMS:Nextcloud added missing semicolon --- CMS/nextcloud/conf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMS/nextcloud/conf.sh b/CMS/nextcloud/conf.sh index 7c5c3b7..1ab8b42 100644 --- a/CMS/nextcloud/conf.sh +++ b/CMS/nextcloud/conf.sh @@ -46,7 +46,7 @@ if [ "$shortdist" = "el8" ]; then fi #PHP 8.0 Settings -if [ "$phpVerBranch" = "8x" ] then +if [ "$phpVerBranch" = "8x" ]; then if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then if ! grep -Fxq "apc.enable_cli=1" /etc/php/${phpver}/mods-available/apcu.ini; then echo "apc.enable_cli=1" >> /etc/php/${phpver}/mods-available/apcu.ini -- 2.52.0 From c9abe992e0e79065b7a8c79a1cddcf97a51d0b54 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 19 Aug 2021 12:47:01 +0200 Subject: [PATCH 51/64] Main: Added inital support for Debian 11 Added Debian 11 as supported os Added deb11 to all places were deb10 was in a if statement Temporarily replaced MySQL with MariaDB, since the MySQL repo is not yet avalible --- CMS/nextcloud/conf.sh | 2 +- CoreModules/apache/conf.sh | 2 +- CoreModules/apache/preconf.sh | 2 +- CoreModules/generic/preconf.sh | 2 +- CoreModules/nginx/conf.sh | 2 +- PhpUpdater.sh | 4 ++-- Scripts/Compat/Compat-V2.sh | 3 ++- Scripts/GenerateApacheList.sh | 2 +- Scripts/GeneratePhplist.sh | 2 +- Scripts/MicroOSDetect.sh | 2 ++ Scripts/SMI.sh | 8 ++++++-- SubModules/php-fpm/preconf.sh | 2 +- SubModules/postfix/conf.sh | 2 +- SubModules/postfix/preconf.sh | 2 +- SubModules/redis/preconf.sh | 2 +- extModules.list | 3 ++- installer.sh | 14 ++++++++++++-- 17 files changed, 37 insertions(+), 19 deletions(-) diff --git a/CMS/nextcloud/conf.sh b/CMS/nextcloud/conf.sh index 1ab8b42..ddfd6b6 100644 --- a/CMS/nextcloud/conf.sh +++ b/CMS/nextcloud/conf.sh @@ -47,7 +47,7 @@ fi #PHP 8.0 Settings if [ "$phpVerBranch" = "8x" ]; then - if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then + if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then if ! grep -Fxq "apc.enable_cli=1" /etc/php/${phpver}/mods-available/apcu.ini; then echo "apc.enable_cli=1" >> /etc/php/${phpver}/mods-available/apcu.ini fi diff --git a/CoreModules/apache/conf.sh b/CoreModules/apache/conf.sh index e6dc629..0479bd9 100644 --- a/CoreModules/apache/conf.sh +++ b/CoreModules/apache/conf.sh @@ -4,7 +4,7 @@ systemctl stop $apacheService > $OUTPUT 2>&1 # Apache # ############## -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then a2dissite 000-default > $OUTPUT 2>&1 a2dismod mpm_prefork > $OUTPUT 2>&1 a2enmod actions fcgid alias proxy_fcgi proxy_http ssl headers http2 setenvif socache_shmcb rewrite > $OUTPUT 2>&1 diff --git a/CoreModules/apache/preconf.sh b/CoreModules/apache/preconf.sh index 87a4508..441a93f 100644 --- a/CoreModules/apache/preconf.sh +++ b/CoreModules/apache/preconf.sh @@ -1,4 +1,4 @@ -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then # Debian/Ubunbtu apache variables apacheConfDir=/etc/apache2 apacheService=apache2 diff --git a/CoreModules/generic/preconf.sh b/CoreModules/generic/preconf.sh index 24fc427..10f3a35 100644 --- a/CoreModules/generic/preconf.sh +++ b/CoreModules/generic/preconf.sh @@ -1,4 +1,4 @@ -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then ######################## # Debian/Ubunbtu # ######################## diff --git a/CoreModules/nginx/conf.sh b/CoreModules/nginx/conf.sh index 4f96f79..3c8177f 100644 --- a/CoreModules/nginx/conf.sh +++ b/CoreModules/nginx/conf.sh @@ -42,7 +42,7 @@ mkdir -p /opt/toggle curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-Netdata_NGINX.sh -o /opt/toggle/toggle-Netdata.sh curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/toggles/toggle-PhpMyAdmin_NGINX.sh -o /opt/toggle/toggle-PhpMyAdmin.sh ##monit toggle -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then monitconf=/etc/monit/monitrc elif [ "$shortdist" = "el8" ]; then monitconf=/etc/monitrc diff --git a/PhpUpdater.sh b/PhpUpdater.sh index d8b41a7..a44e017 100644 --- a/PhpUpdater.sh +++ b/PhpUpdater.sh @@ -6,7 +6,7 @@ source /etc/ICTM/mainvar.list if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi source /etc/ICTM/phpvar.list -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ]|| [ "$shortdist" = "deb11" ] ; then apt update RepoVersion=`apt list |grep php | grep deb.sury.org| cut -f1 -d"-"| tail -1 |sed 's/php//'` elif [ "$shortdist" = "el8" ]; then @@ -55,7 +55,7 @@ if [ $IMODE = l ]; then fi #Genereating vars for new php version - if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then + if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then # Debian/Ubunbtu Php variables newphpPoolDir=/etc/php/${newphpver}/fpm/pool.d newphpPkgName=php${newphpver} diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh index 82786a2..d4bd195 100644 --- a/Scripts/Compat/Compat-V2.sh +++ b/Scripts/Compat/Compat-V2.sh @@ -13,7 +13,8 @@ printf '%s' "Updating Web-V2..." CompatVer=$UpdaterCompatTo #Updating mod lists -aonoption="/MySQL/" +#Temporarily for Testing since not avalible#aonoption="/MySQL/" +aonoption="/MariaDB/" #Temporarily replaceing MySQL aonoption="$aonoption /Unattended-Security-Updates/" aonoption="$aonoption /Backup-Util/" aonoption="$aonoption /AcmeSH/" diff --git a/Scripts/GenerateApacheList.sh b/Scripts/GenerateApacheList.sh index 49de67f..4c5670b 100644 --- a/Scripts/GenerateApacheList.sh +++ b/Scripts/GenerateApacheList.sh @@ -2,7 +2,7 @@ if [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, source /etc/ICTM/mainvar.list if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then # Debian/Ubunbtu apache variables apacheConfDir=/etc/apache2 apacheService=apache2 diff --git a/Scripts/GeneratePhplist.sh b/Scripts/GeneratePhplist.sh index e848b8e..c31b16d 100644 --- a/Scripts/GeneratePhplist.sh +++ b/Scripts/GeneratePhplist.sh @@ -2,7 +2,7 @@ if [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, source /etc/ICTM/mainvar.list if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then # Debian/Ubunbtu Php variables phpPoolDir=/etc/php/${phpver}/fpm/pool.d phpPkgName=php${phpver} diff --git a/Scripts/MicroOSDetect.sh b/Scripts/MicroOSDetect.sh index c6ccf85..4ea533c 100644 --- a/Scripts/MicroOSDetect.sh +++ b/Scripts/MicroOSDetect.sh @@ -7,6 +7,8 @@ if [[ "${dist}" == *"ubuntu"* ]] && [[ "${dist_ver}" == *"18.04"* ]]; then shortdist=ubu2004 elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then shortdist=deb10 +elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"11"* ]]; then + shortdist=deb11 elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then shortdist=el8 else diff --git a/Scripts/SMI.sh b/Scripts/SMI.sh index 06ac178..b4ee86c 100644 --- a/Scripts/SMI.sh +++ b/Scripts/SMI.sh @@ -45,14 +45,18 @@ elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then PKGI="${PKGM} install -y --no-install-recommends" PKGLIST="apt" shortdist=deb10 +elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"11"* ]]; then + echo "Debian 11 Detected" + PKGM="$APTMODE" + PKGI="${PKGM} install -y --no-install-recommends" + PKGLIST="apt" + shortdist=deb11 elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then echo "Centos 8 Detected" PKGM="dnf" PKGI="${PKGM} install --setopt=install_weak_deps=False --best -y" PKGLIST="dnf" shortdist=el8 - echo "This OS is not supported" - exit else echo "This OS is not supported" exit diff --git a/SubModules/php-fpm/preconf.sh b/SubModules/php-fpm/preconf.sh index 29ff8de..79fe42c 100644 --- a/SubModules/php-fpm/preconf.sh +++ b/SubModules/php-fpm/preconf.sh @@ -1,4 +1,4 @@ -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then # Debian/Ubunbtu Php variables phpPoolDir=/etc/php/${phpver}/fpm/pool.d phpPkgName=php${phpver} diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index 2d4c3b7..f0d622c 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -52,7 +52,7 @@ ${hostname} EOF -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then mkdir -p /var/spool/postfix/var/run/opendkim sudo chown opendkim:postfix /var/spool/postfix/var/run/opendkim sed -i "/^RUNDIR=/c\RUNDIR=/var/spool/postfix/var/run/opendkim" /etc/default/opendkim diff --git a/SubModules/postfix/preconf.sh b/SubModules/postfix/preconf.sh index fec0bd6..3c7e3bf 100644 --- a/SubModules/postfix/preconf.sh +++ b/SubModules/postfix/preconf.sh @@ -1,4 +1,4 @@ -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then debconf-set-selections <<< "postfix postfix/mailname string $hostname" debconf-set-selections <<< "postfix postfix/main_mailer_type string 'Internet Site'" fi \ No newline at end of file diff --git a/SubModules/redis/preconf.sh b/SubModules/redis/preconf.sh index 8dec08d..cc761e0 100644 --- a/SubModules/redis/preconf.sh +++ b/SubModules/redis/preconf.sh @@ -1,6 +1,6 @@ #!/bin/bash -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then # Debian/Ubunbtu redis variables redisService=redis-server diff --git a/extModules.list b/extModules.list index f2d9b69..7fee0bf 100644 --- a/extModules.list +++ b/extModules.list @@ -1,4 +1,5 @@ https://git.ictmaatwerk.com/VPS-scripts/MySQL/raw/branch/master/ https://git.ictmaatwerk.com/VPS-scripts/Unattended-Security-Updates/raw/branch/master/ https://git.ictmaatwerk.com/VPS-scripts/Backup-Util/raw/branch/master/ -https://git.ictmaatwerk.com/VPS-scripts/AcmeSH/raw/branch/main/ \ No newline at end of file +https://git.ictmaatwerk.com/VPS-scripts/AcmeSH/raw/branch/main/ +https://git.ictmaatwerk.com/VPS-scripts/MariaDB/raw/branch/master/ \ No newline at end of file diff --git a/installer.sh b/installer.sh index e9ee770..3d8e631 100644 --- a/installer.sh +++ b/installer.sh @@ -30,7 +30,7 @@ fi #Git-repo repo=https://git.ictmaatwerk.com/VPS-scripts/Web-V2 -branch=master +branch=Debian11Testing branchtype=branch #=branch for branch and =tag for release CompatVer=2 #Installer-config @@ -64,6 +64,15 @@ elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"10"* ]]; then PKGI="${PKGM} install -y --no-install-recommends" PKGLIST="apt" shortdist=deb10 +elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"11"* ]]; then + PKGM="$APTMODE" + PKGUC="$PKGM update" + PKGUP="$PKGM upgrade -y" + PKGI="${PKGM} install -y --no-install-recommends" + PKGLIST="apt" + shortdist=deb11 + echo "Support for this os is stil being developed, Exiting" + exit elif [ "$(grep -oP '(?<=^PLATFORM_ID=).+' /etc/os-release | tr -d '"')" = "platform:el8" ]; then PKGM="dnf" PKGUC="$PKGM check-update --refresh" @@ -99,7 +108,8 @@ fi # Always-on modules # ##---------------------## -aonoption="/MySQL/" +#Temporarily for Testing since not avalible#aonoption="/MySQL/" +aonoption="/MariaDB/" #Temporarily replaceing MySQL aonoption="$aonoption /Unattended-Security-Updates/" aonoption="$aonoption /Backup-Util/" aonoption="$aonoption /AcmeSH/" -- 2.52.0 From 98c5429f0036aed98a6b1b8a9830c7c66fe348c7 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 19 Aug 2021 14:54:47 +0200 Subject: [PATCH 52/64] Added fix from #10 to all php versions --- CMS/nextcloud/conf.sh | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/CMS/nextcloud/conf.sh b/CMS/nextcloud/conf.sh index ddfd6b6..c27fa16 100644 --- a/CMS/nextcloud/conf.sh +++ b/CMS/nextcloud/conf.sh @@ -45,15 +45,17 @@ if [ "$shortdist" = "el8" ]; then restorecon -r /var/www/ > $OUTPUT 2>&1 fi -#PHP 8.0 Settings -if [ "$phpVerBranch" = "8x" ]; then - if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then - if ! grep -Fxq "apc.enable_cli=1" /etc/php/${phpver}/mods-available/apcu.ini; then - echo "apc.enable_cli=1" >> /etc/php/${phpver}/mods-available/apcu.ini - fi - elif [ "$shortdist" = "el8" ]; then - sed -i "/apc.enable_cli/c\apc.enable_cli=1" /etc/opt/remi/php${phpver//.}/php.d/40-apcu.ini +#Enable PHP-ACPU on CLI +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then + if ! grep -Fxq "apc.enable_cli=1" /etc/php/${phpver}/mods-available/apcu.ini; then + echo "apc.enable_cli=1" >> /etc/php/${phpver}/mods-available/apcu.ini fi +elif [ "$shortdist" = "el8" ]; then + sed -i "/apc.enable_cli/c\apc.enable_cli=1" /etc/opt/remi/php${phpver//.}/php.d/40-apcu.ini +fi + +#PHP 8.0 Settings +if [ "$phpVerBranch" = "8x" ]; then sed -i "/opcache.enable/c\php_admin_value[opcache.enable] = 1" "$phpPoolDir"/"$sitename".conf fi -- 2.52.0 From 4238e78ac1a8a570212ad03f37cc6b68f62873fe Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 26 Aug 2021 15:20:31 +0200 Subject: [PATCH 53/64] Mod:Postfix Added basic SSL/TLS support --- SubModules/postfix/Postfix-EnableSSL.sh | 32 +++++++++++++++++++++++++ SubModules/postfix/conf.sh | 3 +++ 2 files changed, 35 insertions(+) create mode 100644 SubModules/postfix/Postfix-EnableSSL.sh diff --git a/SubModules/postfix/Postfix-EnableSSL.sh b/SubModules/postfix/Postfix-EnableSSL.sh new file mode 100644 index 0000000..7bd2e61 --- /dev/null +++ b/SubModules/postfix/Postfix-EnableSSL.sh @@ -0,0 +1,32 @@ +#Sript for setting up SSL/TLS for Postfix (Web-V2) + +##Loading install vars +source /etc/ICTM/mainvar.list +##Checking if hostname cert exists +if [ ! -f "/etc/acmesh/inst/$hostname/cert.pem" ] || [ ! -f "/etc/acmesh/inst/$hostname/key.pem" ] ; then echo 'SSL Certificate for $hostname is not installed' && exit ; fi + +##Updating Postix config +printf "Updating Postfix config" +systemctl stop postfix +sed -i "/smtpd_tls_cert_file=/c\ssmtpd_tls_cert_file=/etc/acmesh/inst/$hostname/cert.pem" /etc/postfix/main.cf +sed -i "/smtpd_tls_key_file=/c\smtpd_tls_key_file=/etc/acmesh/inst/$hostname/key.pem" /etc/postfix/main.cf +systemctl start postfix +printf " [\e[1;32m Ok \e[0m]\n" + +##Adding postfix to SSL services (so it gets reloaded when a the cert is renewd) +printf "Updating SSL services list" +echo "postfix" >> /etc/ICTM/SslServices +printf " [\e[1;32m Ok \e[0m]\n" + +##Remove script +while true; do + read -p "Remove this script -> yes/no?" yn + case $yn in + [Nn]* ) + break;; + [Yy]* ) + rm -- "$0" + break;; + * )echo "Choose yes or no.";; + esac +done \ No newline at end of file diff --git a/SubModules/postfix/conf.sh b/SubModules/postfix/conf.sh index f0d622c..7ccc6b6 100644 --- a/SubModules/postfix/conf.sh +++ b/SubModules/postfix/conf.sh @@ -90,6 +90,9 @@ chmod +x /etc/update-motd.d/51-generalspf systemctl start postfix opendkim systemctl enable postfix opendkim +#Getting script for enableling ssl on Postfix +curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/SubModules/postfix/Postfix-EnableSSL.sh -o ~/Postfix-EnableSSL.sh + #if using Append module run for existing cms/sites if [ "$itype" = "AddMod" ]; then for file in /etc/ICTM/sites/*; do -- 2.52.0 From bbd91b4e9ae1ed959d1b8fb1d984e87bf1e6b4d1 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 27 Aug 2021 15:21:18 +0200 Subject: [PATCH 54/64] Mod:php-fpm update script new version detection Updated detection for latested php version in repo for deb based now using apt package list repo file instead of apt list command --- PhpUpdater.sh | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/PhpUpdater.sh b/PhpUpdater.sh index a44e017..f8188b2 100644 --- a/PhpUpdater.sh +++ b/PhpUpdater.sh @@ -6,9 +6,17 @@ source /etc/ICTM/mainvar.list if [ -z $shortdist ] ; then source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/MicroOSDetect.sh) ; fi if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi source /etc/ICTM/phpvar.list -if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ]|| [ "$shortdist" = "deb11" ] ; then +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ]; then + # Ubuntu Php variable apt update - RepoVersion=`apt list |grep php | grep deb.sury.org| cut -f1 -d"-"| tail -1 |sed 's/php//'` + if ! ls /var/lib/apt/lists/ppa.launchpad.net_ondrej_php*_Packages > /dev/null 2>&1 ; then echo 'PHP(Sury) repo not installed' && echo 'Install using: curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=php bash' && exit ; fi + RepoVersion=`grep -h '^Package: php' /var/lib/apt/lists/ppa.launchpad.net_ondrej_php*_Packages | cut -f1 -d"-" | sort | tail -1| sed -e 's/Package: php//'` +elif [ "$shortdist" = "deb10" ]|| [ "$shortdist" = "deb11" ]; then + # Debian Php variable + apt update + if ! ls /var/lib/apt/lists/packages.sury.org_php*_Packages > /dev/null 2>&1 ; then echo 'PHP(Sury) repo not installed' && echo 'Install using: curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=php bash' && exit ; fi + RepoVersion=`grep -h '^Package: php' /var/lib/apt/lists/packages.sury.org*_Packages| cut -f1 -d"-" | sort | tail -1| sed -e 's/Package: php//'` +fi elif [ "$shortdist" = "el8" ]; then dnf check-update --refresh RepoVersion=`dnf list php* | awk '{print $1; }' | cut -f1 -d"-"| tail -1 |sed 's/php//' | sed 's/./&./1'` @@ -32,7 +40,7 @@ if [ $IMODE = n ]; then if (whiptail --title "Set new php version?" --yesno "Install php version $RepoVersion ?" 8 78); then newphpver=$RepoVersion else - newphpver=$(whiptail --inputbox "Please enter the version to install" --title "Custom" 8 39 3>&1 1>&2 2>&3) + newphpver=$(whiptail --inputbox "Please enter the version to install" --nocancel --title "Custom" 8 39 3>&1 1>&2 2>&3) fi fi -- 2.52.0 From 668da644f33441acd36408c9644bde65356d9619 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 3 Sep 2021 14:02:06 +0200 Subject: [PATCH 55/64] Main, MariaDB & Deb11; CMS:Backend Main, MariaDB: Switched form MariaDB back to MySQL since it is available for Deb11 Main, Debian 11 Enabled Debian 11 support, and removed warnings CMS:Backend increased limits PHP: post_max to 256M Nginx: client_max_body to 256m and fcgi_timeout to 10 minutes --- CMS/Backend/Fpm-Pool.conf-unconfigured | 2 +- CMS/Backend/nginx-siteBackend-unconfigured | 2 ++ Scripts/Compat/Compat-V2.sh | 3 +-- installer.sh | 5 +---- 4 files changed, 5 insertions(+), 7 deletions(-) diff --git a/CMS/Backend/Fpm-Pool.conf-unconfigured b/CMS/Backend/Fpm-Pool.conf-unconfigured index 1fbe55b..84305a2 100644 --- a/CMS/Backend/Fpm-Pool.conf-unconfigured +++ b/CMS/Backend/Fpm-Pool.conf-unconfigured @@ -8,7 +8,7 @@ php_admin_value[disable_functions] = exec,passthru,shell_exec,system php_admin_value[opcache.enable] = 0 php_admin_value[max_input_vars] = 5000 php_admin_value[upload_max_filesize] = 256M -php_admin_value[post_max_size] = 16M +php_admin_value[post_max_size] = 256M php_admin_value[max_input_time] = 15 php_admin_value[cgi.fix_pathinfo] = 0 php_admin_value[allow_url_fopen] = Off diff --git a/CMS/Backend/nginx-siteBackend-unconfigured b/CMS/Backend/nginx-siteBackend-unconfigured index d7fe94f..64aef26 100644 --- a/CMS/Backend/nginx-siteBackend-unconfigured +++ b/CMS/Backend/nginx-siteBackend-unconfigured @@ -24,12 +24,14 @@ location = /backend/netdata { location /backend/database { deny all; #enables/disables PHPMyadmin index index.php index.html; + client_max_body_size 256m; alias /usr/share/phpmyadmin; location ~ \.php$ { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php/phpPHPver-fpm-Backend.sock; + fastcgi_read_timeout 10m; fastcgi_index index.php; } } diff --git a/Scripts/Compat/Compat-V2.sh b/Scripts/Compat/Compat-V2.sh index d4bd195..82786a2 100644 --- a/Scripts/Compat/Compat-V2.sh +++ b/Scripts/Compat/Compat-V2.sh @@ -13,8 +13,7 @@ printf '%s' "Updating Web-V2..." CompatVer=$UpdaterCompatTo #Updating mod lists -#Temporarily for Testing since not avalible#aonoption="/MySQL/" -aonoption="/MariaDB/" #Temporarily replaceing MySQL +aonoption="/MySQL/" aonoption="$aonoption /Unattended-Security-Updates/" aonoption="$aonoption /Backup-Util/" aonoption="$aonoption /AcmeSH/" diff --git a/installer.sh b/installer.sh index 3d8e631..8734d87 100644 --- a/installer.sh +++ b/installer.sh @@ -71,8 +71,6 @@ elif [[ "${dist}" == *"debian"* ]] && [[ "${dist_ver}" == *"11"* ]]; then PKGI="${PKGM} install -y --no-install-recommends" PKGLIST="apt" shortdist=deb11 - echo "Support for this os is stil being developed, Exiting" - exit elif [ "$(grep -oP '(?<=^PLATFORM_ID=).+' /etc/os-release | tr -d '"')" = "platform:el8" ]; then PKGM="dnf" PKGUC="$PKGM check-update --refresh" @@ -108,8 +106,7 @@ fi # Always-on modules # ##---------------------## -#Temporarily for Testing since not avalible#aonoption="/MySQL/" -aonoption="/MariaDB/" #Temporarily replaceing MySQL +aonoption="/MySQL/" aonoption="$aonoption /Unattended-Security-Updates/" aonoption="$aonoption /Backup-Util/" aonoption="$aonoption /AcmeSH/" -- 2.52.0 From 50c35617104a50615a1e17a8f2c0083698fc2f6f Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 8 Sep 2021 10:35:21 +0200 Subject: [PATCH 56/64] Main:Inst updated ssh service name sshd->ssh Since in Debian 11 `ssh` is more reliable then 'sshd' --- installer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer.sh b/installer.sh index 8734d87..a448181 100644 --- a/installer.sh +++ b/installer.sh @@ -757,7 +757,7 @@ done # Services # ##------------## -systemctl reload sshd fail2ban +systemctl reload ssh fail2ban ##-------## -- 2.52.0 From c512a70477a69580e58f14bf80419a8d0369575a Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 8 Sep 2021 13:54:33 +0200 Subject: [PATCH 57/64] Main:Inst added var:sshservice for el8 using sshd and deb based ssh --- installer.sh | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/installer.sh b/installer.sh index a448181..7d0830e 100644 --- a/installer.sh +++ b/installer.sh @@ -757,7 +757,14 @@ done # Services # ##------------## -systemctl reload ssh fail2ban +#Set ssh service for distro +if [ "$shortdist" = "ubu1804" ] || [ "$shortdist" = "ubu2004" ] || [ "$shortdist" = "deb10" ] || [ "$shortdist" = "deb11" ] ; then + SSHService=ssh +elif [ "$shortdist" = "el8" ]; then + SSHService=sshd +fi + +systemctl reload $SSHService fail2ban ##-------## -- 2.52.0 From 429f75e5e3885092bef24b7e7015a5a91860d1ba Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 8 Sep 2021 14:42:29 +0200 Subject: [PATCH 58/64] Main, Prepair for sync to master branch --- installer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer.sh b/installer.sh index 7d0830e..d75359d 100644 --- a/installer.sh +++ b/installer.sh @@ -30,7 +30,7 @@ fi #Git-repo repo=https://git.ictmaatwerk.com/VPS-scripts/Web-V2 -branch=Debian11Testing +branch=master branchtype=branch #=branch for branch and =tag for release CompatVer=2 #Installer-config -- 2.52.0 From 39724043fe48fcad1529d95a0dec1918d47b3cd5 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 25 Nov 2021 14:20:16 +0100 Subject: [PATCH 59/64] Fixed php session save permission problem --- CMS/Backend/Fpm-Pool.conf-unconfigured | 1 + CMS/Backend/conf.sh | 2 ++ .../Fpm-Pool.conf-unconfigured | 1 + CMS/frontcontroller/conf.sh | 1 + CMS/nextcloud/Fpm-Pool.conf-unconfigured | 2 ++ CMS/nextcloud/conf.sh | 1 + CMS/none/Fpm-Pool.conf-unconfigured | 2 ++ CMS/none/conf.sh | 1 + CMS/wordpress/Fpm-Pool.conf-unconfigured | 2 ++ CMS/wordpress/conf.sh | 1 + Scripts/Php-EnableSessionsToRam.sh | 25 +++++++++++++++++++ SubModules/php-fpm/conf.sh | 4 +++ SubModules/php-fpm/preconf.sh | 2 +- 13 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 Scripts/Php-EnableSessionsToRam.sh diff --git a/CMS/Backend/Fpm-Pool.conf-unconfigured b/CMS/Backend/Fpm-Pool.conf-unconfigured index 84305a2..646dd38 100644 --- a/CMS/Backend/Fpm-Pool.conf-unconfigured +++ b/CMS/Backend/Fpm-Pool.conf-unconfigured @@ -5,6 +5,7 @@ listen = /var/run/php/phpPHPver-fpm-Backend.sock listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,shell_exec,system +php_value[session.save_path] = /var/lib/php/sessions php_admin_value[opcache.enable] = 0 php_admin_value[max_input_vars] = 5000 php_admin_value[upload_max_filesize] = 256M diff --git a/CMS/Backend/conf.sh b/CMS/Backend/conf.sh index d06ab41..63cafdd 100644 --- a/CMS/Backend/conf.sh +++ b/CMS/Backend/conf.sh @@ -3,6 +3,8 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/Backen sed -i 's/PHPver/'$phpver'/' "$phpPoolDir"/Backend.conf groupadd Backend useradd -g Backend Backend +usermod -a -G www-data Backend + #PHPMyAdmin configuration touch /var/log/PhpMyAdmin/PhpMyAdmin_auth.log chown Backend:Backend -R /usr/share/phpmyadmin diff --git a/CMS/frontcontroller/Fpm-Pool.conf-unconfigured b/CMS/frontcontroller/Fpm-Pool.conf-unconfigured index 565f728..c4ac1bc 100644 --- a/CMS/frontcontroller/Fpm-Pool.conf-unconfigured +++ b/CMS/frontcontroller/Fpm-Pool.conf-unconfigured @@ -6,6 +6,7 @@ listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,shell_exec,system php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log +php_value[session.save_path] = /var/lib/php/sessions ; OPCACHE SETTINGS php_admin_value[opcache.memory_consumption] = 256 diff --git a/CMS/frontcontroller/conf.sh b/CMS/frontcontroller/conf.sh index e05a832..f193ca0 100644 --- a/CMS/frontcontroller/conf.sh +++ b/CMS/frontcontroller/conf.sh @@ -27,6 +27,7 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/frontc sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/' "$phpPoolDir"/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" +usermod -a -G www-data "$sitename" systemctl reload $phpFPMService diff --git a/CMS/nextcloud/Fpm-Pool.conf-unconfigured b/CMS/nextcloud/Fpm-Pool.conf-unconfigured index df062c8..83335ca 100644 --- a/CMS/nextcloud/Fpm-Pool.conf-unconfigured +++ b/CMS/nextcloud/Fpm-Pool.conf-unconfigured @@ -6,6 +6,8 @@ listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,system php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log +php_value[session.save_path] = /var/lib/php/sessions + ; OPCACHE SETTINGS php_admin_value[opcache.memory_consumption] = 256 php_admin_value[opcache.enable] = 0 diff --git a/CMS/nextcloud/conf.sh b/CMS/nextcloud/conf.sh index c27fa16..6d5ddae 100644 --- a/CMS/nextcloud/conf.sh +++ b/CMS/nextcloud/conf.sh @@ -3,6 +3,7 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/nextcl sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/g' "$phpPoolDir"/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" +usermod -a -G www-data "$sitename" mkdir -p /var/www/"$domain"/html/data #Getting Nextcloud diff --git a/CMS/none/Fpm-Pool.conf-unconfigured b/CMS/none/Fpm-Pool.conf-unconfigured index b0770ee..6167957 100644 --- a/CMS/none/Fpm-Pool.conf-unconfigured +++ b/CMS/none/Fpm-Pool.conf-unconfigured @@ -6,6 +6,8 @@ listen.owner = www-data listen.group = www-data php_admin_value[disable_functions] = exec,passthru,shell_exec,system php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log +php_value[session.save_path] = /var/lib/php/sessions + ; OPCACHE SETTINGS php_admin_value[opcache.memory_consumption] = 256 php_admin_value[opcache.enable] = 0 diff --git a/CMS/none/conf.sh b/CMS/none/conf.sh index 146ec4d..0ad8337 100644 --- a/CMS/none/conf.sh +++ b/CMS/none/conf.sh @@ -12,6 +12,7 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/none/F sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/' "$phpPoolDir"/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" +usermod -a -G www-data "$sitename" systemctl reload $phpFPMService fi diff --git a/CMS/wordpress/Fpm-Pool.conf-unconfigured b/CMS/wordpress/Fpm-Pool.conf-unconfigured index 108526b..8c4b872 100644 --- a/CMS/wordpress/Fpm-Pool.conf-unconfigured +++ b/CMS/wordpress/Fpm-Pool.conf-unconfigured @@ -6,6 +6,8 @@ listen.owner = www-data listen.group = www-data php_admin_value[error_log] = /var/log/php-fpm/error-SITEname.log php_admin_value[disable_functions] = exec,passthru,shell_exec,system +php_value[session.save_path] = /var/lib/php/sessions + ; OPCACHE SETTINGS php_admin_value[opcache.memory_consumption] = 256 php_admin_value[opcache.enable] = 0 diff --git a/CMS/wordpress/conf.sh b/CMS/wordpress/conf.sh index 7e11d10..9f8db54 100644 --- a/CMS/wordpress/conf.sh +++ b/CMS/wordpress/conf.sh @@ -37,6 +37,7 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/CMS/wordpr sed -i -e 's/PHPver/'$phpver'/g' -e 's/SITEname/'$sitename'/g' -e 's/DOMAINname/'$domain'/g' "$phpPoolDir"/$sitename.conf groupadd "$sitename" useradd -g "$sitename" "$sitename" +usermod -a -G www-data "$sitename" systemctl reload $phpFPMService diff --git a/Scripts/Php-EnableSessionsToRam.sh b/Scripts/Php-EnableSessionsToRam.sh new file mode 100644 index 0000000..0951df0 --- /dev/null +++ b/Scripts/Php-EnableSessionsToRam.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +####################################################### +# @description: # +# Setup the PHP session folder as a Ramdisk / tmpfs # +# This will store session info in memory # +# # +# @author: Bram Prieshof # +####################################################### + +#sysCheck +if [ ! -f "/etc/ICTM/selopts.list" ] || [ ! -f "/etc/ICTM/mainvar.list" ] ; then echo 'This system is not yet setup, please run the main installer first' && exit ; fi +if [ ! -f "/etc/ICTM/phpvar.list" ] ; then bash <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/Scripts/GeneratePhplist.sh) ; fi +source /etc/ICTM/phpvar.list + +#Stop php service +systemctl stop $phpFPMService +#Reset php session folder +rm -rf /var/lib/php/sessions +mkdir -p /var/lib/php/sessions +#Create memdisk/Tmpfs and mount it +echo "tmpfs /var/lib/php/sessions tmpfs size=32m,uid=$(id -u www-data),gid=$(id -g www-data),mode=0773 0 0" >> /etc/fstab +mount -a +#start php service +systemctl stop $phpFPMService \ No newline at end of file diff --git a/SubModules/php-fpm/conf.sh b/SubModules/php-fpm/conf.sh index 32f44be..4cbbcb7 100644 --- a/SubModules/php-fpm/conf.sh +++ b/SubModules/php-fpm/conf.sh @@ -15,6 +15,10 @@ sed -i 's/upload_max_filesize = 2/upload_max_filesize = 128/g' "$phpMainConf" sed -i 's/post_max_size = 8/post_max_size = 64/g' "$phpMainConf" +#Php session to disk +chown www-data:www-data /var/lib/php/sessions +chmod 1773 /var/lib/php/sessions + if [ "$shortdist" = "el8" ]; then # Centos Mysql config echo "pdo_mysql.default_socket = '/var/run/mysqld/mysqld.sock'" >> /etc/opt/remi/php${phpver//.}/php.d/60-mysql_sock.ini diff --git a/SubModules/php-fpm/preconf.sh b/SubModules/php-fpm/preconf.sh index 79fe42c..ed060e4 100644 --- a/SubModules/php-fpm/preconf.sh +++ b/SubModules/php-fpm/preconf.sh @@ -12,7 +12,7 @@ elif [ "$shortdist" = "el8" ]; then phpMainConf=/etc/opt/remi/php${phpver//.}/php.ini phpFPMService=php${phpver//.}-php-fpm #Creating Socket directory - mkdir -p /var/run/php + mkdir -p /var/run/php /var/lib/php/sessions fi #Setting php version branch -- 2.52.0 From 296a68dc2e10b195636562ac89f0e19250a58b19 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Fri, 26 Nov 2021 19:56:32 +0100 Subject: [PATCH 60/64] CMS:Nextcloud, fixed first-run video --- CMS/nextcloud/Nginx-unconfigured | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMS/nextcloud/Nginx-unconfigured b/CMS/nextcloud/Nginx-unconfigured index 68dee3f..d9cca6d 100644 --- a/CMS/nextcloud/Nginx-unconfigured +++ b/CMS/nextcloud/Nginx-unconfigured @@ -77,7 +77,7 @@ location ~ \.(?:css|js|woff2?|svg|gif|map)$ { access_log off; } -location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ { +location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { try_files $uri /index.php$request_uri; access_log off; } -- 2.52.0 From 459d61b348f74fdf6b4db41d0e24c738828ff072 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 20 Jan 2022 14:40:33 +0100 Subject: [PATCH 61/64] PhpUpdater: Fixed mistake and cleaned up promts --- PhpUpdater.sh | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/PhpUpdater.sh b/PhpUpdater.sh index f8188b2..d4dd556 100644 --- a/PhpUpdater.sh +++ b/PhpUpdater.sh @@ -16,7 +16,6 @@ elif [ "$shortdist" = "deb10" ]|| [ "$shortdist" = "deb11" ]; then apt update if ! ls /var/lib/apt/lists/packages.sury.org_php*_Packages > /dev/null 2>&1 ; then echo 'PHP(Sury) repo not installed' && echo 'Install using: curl --retry 7 --retry-delay 5 -s https://git.ictmaatwerk.com/VPS-scripts/General/raw/branch/Main/Setup-Repo.sh |repo=php bash' && exit ; fi RepoVersion=`grep -h '^Package: php' /var/lib/apt/lists/packages.sury.org*_Packages| cut -f1 -d"-" | sort | tail -1| sed -e 's/Package: php//'` -fi elif [ "$shortdist" = "el8" ]; then dnf check-update --refresh RepoVersion=`dnf list php* | awk '{print $1; }' | cut -f1 -d"-"| tail -1 |sed 's/php//' | sed 's/./&./1'` @@ -30,17 +29,16 @@ msg () { fi } -msg "Current php version: $phpver" if [ $IMODE = n ]; then # Legacy/Main Menu PKGD="debconf-apt-progress -- apt purge -y" #Menu - if (whiptail --title "Set new php version?" --yesno "Install php version $RepoVersion ?" 8 78); then + if (whiptail --title "Php Upgrader" --yesno " Current php version is $phpver, and $RepoVersion the is latest available version" --yes-button "Yes, upgrade to this version" --no-button "No, i want to choose" 8 100); then newphpver=$RepoVersion else - newphpver=$(whiptail --inputbox "Please enter the version to install" --nocancel --title "Custom" 8 39 3>&1 1>&2 2>&3) + newphpver=$(whiptail --inputbox "Please enter the version to install" --nocancel --title "Php Upgrader" 8 50 3>&1 1>&2 2>&3) fi fi @@ -50,7 +48,7 @@ if [ $IMODE = l ]; then #Menu while true; do - read -p "Set phpversion to version $RepoVersion ? -> yes/no?" yn + read -p "Current php version is $phpver, and $RepoVersion the is latest available version -> Yes, upgrade to this version/No, i want to choose? " yn case $yn in [Yy]* ) newphpver=$RepoVersion break;; @@ -95,7 +93,7 @@ if [ $IMODE = l ]; then if [ $IMODE = n ]; then #Purge - if (whiptail --title "Set new php version?" --yesno "Remove php $phpver ?" 8 78); then + if (whiptail --title "Php Upgrader" --yesno "Remove old php version ($phpver) ?" 8 78); then PhpPurge=1 $PKGP -y $phpPkgName* else @@ -108,7 +106,7 @@ fi if [ $IMODE = l ]; then #Purge while true; do - read -p "Remove php $phpver ? -> yes/no?" yn + read -p "Remove old php version ($phpver) ? -> yes/no?" yn case $yn in [Yy]* ) PhpPurge=1 ; $PKGP $phpPkgName* break;; -- 2.52.0 From e583fa73575e4324f749e29dcbd026273cda2448 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Wed, 16 Feb 2022 21:59:50 +0000 Subject: [PATCH 62/64] CMS-Nextcloud: update opchache config php pool --- CMS/nextcloud/Fpm-Pool.conf-unconfigured | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CMS/nextcloud/Fpm-Pool.conf-unconfigured b/CMS/nextcloud/Fpm-Pool.conf-unconfigured index 83335ca..f07220a 100644 --- a/CMS/nextcloud/Fpm-Pool.conf-unconfigured +++ b/CMS/nextcloud/Fpm-Pool.conf-unconfigured @@ -16,6 +16,8 @@ php_admin_value[opcache.max_accelerated_files] = 50000 php_admin_value[opcache.max_wasted_percentage] = 5 php_admin_value[opcache.revalidate_freq] = 0 php_admin_value[opcache.validate_timestamps] = 1 +php_admin_value[opcache.interned_strings_buffer] = 64 + ; PERFORMANCE LIMITS php_admin_value[max_input_vars] = 1000 -- 2.52.0 From 9222904ab2d4e20ac947756fa3ba874bf30966e3 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 21 Apr 2022 14:39:14 +0200 Subject: [PATCH 63/64] CMS-Nextcloud: Update nginx config for beter Talk compatibility --- CMS/nextcloud/Nginx-unconfigured | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/CMS/nextcloud/Nginx-unconfigured b/CMS/nextcloud/Nginx-unconfigured index d9cca6d..515f0bf 100644 --- a/CMS/nextcloud/Nginx-unconfigured +++ b/CMS/nextcloud/Nginx-unconfigured @@ -20,7 +20,7 @@ gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; -gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; +gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; location = /robots.txt { allow all; @@ -67,7 +67,7 @@ location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { index index.php; } -location ~ \.(?:css|js|woff2?|svg|gif|map)$ { +location ~ \.(?:css|js|svg|gif|png|jpg|ico|wasm|tflite|map)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463"; add_header Referrer-Policy "no-referrer" always; @@ -75,6 +75,15 @@ location ~ \.(?:css|js|woff2?|svg|gif|map)$ { add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; access_log off; + location ~ \.wasm$ { + default_type application/wasm; + } +} + +location ~ \.woff2?$ { + try_files $uri /index.php$request_uri; + expires 7d; + access_log off; } location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { -- 2.52.0 From be98df66a93d525327f2c3394436c98be3880873 Mon Sep 17 00:00:00 2001 From: Bram Prieshof Date: Thu, 21 Apr 2022 15:17:28 +0200 Subject: [PATCH 64/64] Main: Updated way DB names are generated Switch from geting folder count in /var/www to using SiteCount variable stored in /etc/ICTM/sites.count, installer.sh has static 1, AppendCMS gets the file an increments it by one. Fallback is build in for systems without sites.count --- AppendCMS.sh | 6 ++++++ CMS/frontcontroller/conf.sh | 5 ++--- CMS/nextcloud/conf.sh | 5 ++--- CMS/wordpress/conf.sh | 5 ++--- installer.sh | 3 ++- 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/AppendCMS.sh b/AppendCMS.sh index 8e38cea..620229d 100644 --- a/AppendCMS.sh +++ b/AppendCMS.sh @@ -30,6 +30,11 @@ fi rm /tmp/pkg.list > $OUTPUT 2>&1 source <(curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/ModulesMenu.list) +#SiteCount +if [ ! -f "/etc/ICTM/sites.count" ]; then SiteCount=`expr $(ls -l /var/www | grep -c ^d) - 1` ; else source /etc/ICTM/sites.count; fi +if [ -z ${SiteCount+x} ] ; then SiteCount=`expr $(ls -l /var/www | grep -c ^d) - 1` ; fi +SiteCount=$(($SiteCount+1)) + #Setting Menulist to webserver declare -n CMSL="$webserv"CMSL declare -n options="$webserv"Options @@ -174,6 +179,7 @@ CMS="${CMS//:}" && CMS="${CMS,,}" ##-----------------## touch /etc/ICTM/sites/"$sitename" +echo "SiteCount=$SiteCount" > /etc/ICTM/sites.count ##-----------## diff --git a/CMS/frontcontroller/conf.sh b/CMS/frontcontroller/conf.sh index f193ca0..d035e87 100644 --- a/CMS/frontcontroller/conf.sh +++ b/CMS/frontcontroller/conf.sh @@ -1,7 +1,6 @@ #Creating DB -db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` -db_name="fc_$db_suffix" -db_user="fc_$db_suffix" +db_name="fc_$SiteCount" +db_user="fc_$SiteCount" db_pass=$(tr -dc 'A-Za-z0-9!#%()*+,-.:;<=>?@[]^_{|}~' $OUTPUT 2>&1 #Creating DB -db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` -db_name="nextcloud_$db_suffix" -db_user="nextcloud_$db_suffix" +db_name="nextcloud_$SiteCount" +db_user="nextcloud_$SiteCount" db_pass=$(tr -dc 'A-Za-z0-9!#%()*+,-.:;<=>?@[]^_{|}~' $OUTPUT 2>&1 mysql -u root -p"$password" -e "CREATE USER '"$db_user"'@'localhost' IDENTIFIED BY '"$db_pass"';" > $OUTPUT 2>&1 diff --git a/CMS/wordpress/conf.sh b/CMS/wordpress/conf.sh index 9f8db54..af7807f 100644 --- a/CMS/wordpress/conf.sh +++ b/CMS/wordpress/conf.sh @@ -6,9 +6,8 @@ if [ ! -f /usr/local/bin/wp ]; then fi #Creating DB -db_suffix=`expr $(ls -l /var/www | grep -c ^d) - 1` -db_name="wp_$db_suffix" -db_user="wp_$db_suffix" +db_name="wp_$SiteCount" +db_user="wp_$SiteCount" db_pass=$(tr -dc 'A-Za-z0-9!#%()*+,-.:;<=>?@[]^_{|}~' > /etc/ICTM/mainvar.list done - touch /etc/ICTM/sites/"$sitename" +echo "SiteCount=$SiteCount" > /etc/ICTM/sites.count ##----------## # Addons # -- 2.52.0