Advertisement
PuriDevelopers

vst-install-ubuntu.sh

Mar 7th, 2023
84
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 47.02 KB | None | 0 0
  1. #!/bin/bash
  2.  
  3. # Vesta Ubuntu installer v.05
  4.  
  5. #----------------------------------------------------------#
  6. # Variables&Functions #
  7. #----------------------------------------------------------#
  8. export PATH=$PATH:/sbin
  9. export DEBIAN_FRONTEND=noninteractive
  10. RHOST='apt.vestacp.com'
  11. CHOST='c.vestacp.com'
  12. VERSION='ubuntu'
  13. VESTA='/usr/local/vesta'
  14. memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])
  15. arch=$(uname -i)
  16. os='ubuntu'
  17. release="$(lsb_release -s -r)"
  18. codename="$(lsb_release -s -c)"
  19. vestacp="$VESTA/install/$VERSION/$release"
  20.  
  21. # Defining software pack for all distros
  22. software="apache2 apache2.2-common apache2-suexec-custom apache2-utils
  23. apparmor-utils awstats bc bind9 bsdmainutils bsdutils clamav-daemon
  24. cron curl dnsutils dovecot-imapd dovecot-pop3d e2fslibs e2fsprogs exim4
  25. exim4-daemon-heavy expect fail2ban flex ftp git idn imagemagick
  26. libapache2-mod-fcgid libapache2-mod-php libapache2-mod-rpaf
  27. libapache2-mod-ruid2 lsof mc mysql-client mysql-common mysql-server nginx
  28. ntpdate php-cgi php-common php-curl php-fpm phpmyadmin php-mysql
  29. phppgadmin php-pgsql postgresql postgresql-contrib proftpd-basic quota
  30. roundcube-core roundcube-mysql roundcube-plugins rrdtool rssh spamassassin
  31. sudo vesta vesta-ioncube vesta-nginx vesta-php vesta-softaculous
  32. vim-common vsftpd webalizer whois zip"
  33.  
  34. # Fix for old releases
  35. if [[ ${release:0:2} -lt 16 ]]; then
  36. software=$(echo "$software" |sed -e "s/php /php5 /g")
  37. software=$(echo "$software" |sed -e "s/vesta-php5 /vesta-php /g")
  38. software=$(echo "$software" |sed -e "s/php-/php5-/g")
  39. fi
  40.  
  41. # Defining help function
  42. help() {
  43. echo "Usage: $0 [OPTIONS]
  44. -a, --apache Install Apache [yes|no] default: yes
  45. -n, --nginx Install Nginx [yes|no] default: yes
  46. -w, --phpfpm Install PHP-FPM [yes|no] default: no
  47. -v, --vsftpd Install Vsftpd [yes|no] default: yes
  48. -j, --proftpd Install ProFTPD [yes|no] default: no
  49. -k, --named Install Bind [yes|no] default: yes
  50. -m, --mysql Install MySQL [yes|no] default: yes
  51. -g, --postgresql Install PostgreSQL [yes|no] default: no
  52. -d, --mongodb Install MongoDB [yes|no] unsupported
  53. -x, --exim Install Exim [yes|no] default: yes
  54. -z, --dovecot Install Dovecot [yes|no] default: yes
  55. -c, --clamav Install ClamAV [yes|no] default: yes
  56. -t, --spamassassin Install SpamAssassin [yes|no] default: yes
  57. -i, --iptables Install Iptables [yes|no] default: yes
  58. -b, --fail2ban Install Fail2ban [yes|no] default: yes
  59. -o, --softaculous Install Softaculous [yes|no] default: yes
  60. -q, --quota Filesystem Quota [yes|no] default: no
  61. -l, --lang Default language default: en
  62. -y, --interactive Interactive install [yes|no] default: yes
  63. -s, --hostname Set hostname
  64. -e, --email Set admin email
  65. -p, --password Set admin password
  66. -f, --force Force installation
  67. -h, --help Print this help
  68.  
  69. Example: bash $0 -e demo@vestacp.com -p p4ssw0rd --apache no --phpfpm yes"
  70. exit 1
  71. }
  72.  
  73.  
  74. # Defining password-gen function
  75. gen_pass() {
  76. MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
  77. LENGTH=10
  78. while [ ${n:=1} -le $LENGTH ]; do
  79. PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
  80. let n+=1
  81. done
  82. echo "$PASS"
  83. }
  84.  
  85. # Defining return code check function
  86. check_result() {
  87. if [ $1 -ne 0 ]; then
  88. echo "Error: $2"
  89. exit $1
  90. fi
  91. }
  92.  
  93. # Defining function to set default value
  94. set_default_value() {
  95. eval variable=\$$1
  96. if [ -z "$variable" ]; then
  97. eval $1=$2
  98. fi
  99. if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then
  100. eval $1=$2
  101. fi
  102. }
  103.  
  104. # Defining function to set default language value
  105. set_default_lang() {
  106. if [ -z "$lang" ]; then
  107. eval lang=$1
  108. fi
  109. lang_list="
  110. ar cz el fa hu ja no pt se ua
  111. bs da en fi id ka pl ro tr vi
  112. cn de es fr it nl pt-BR ru tw
  113. bg ko sr th ur"
  114. if !(echo $lang_list |grep -w $lang 1>&2>/dev/null); then
  115. eval lang=$1
  116. fi
  117. }
  118.  
  119.  
  120. #----------------------------------------------------------#
  121. # Verifications #
  122. #----------------------------------------------------------#
  123.  
  124. # Creating temporary file
  125. tmpfile=$(mktemp -p /tmp)
  126.  
  127. # Translating argument to --gnu-long-options
  128. for arg; do
  129. delim=""
  130. case "$arg" in
  131. --apache) args="${args}-a " ;;
  132. --nginx) args="${args}-n " ;;
  133. --phpfpm) args="${args}-w " ;;
  134. --vsftpd) args="${args}-v " ;;
  135. --proftpd) args="${args}-j " ;;
  136. --named) args="${args}-k " ;;
  137. --mysql) args="${args}-m " ;;
  138. --postgresql) args="${args}-g " ;;
  139. --mongodb) args="${args}-d " ;;
  140. --exim) args="${args}-x " ;;
  141. --dovecot) args="${args}-z " ;;
  142. --clamav) args="${args}-c " ;;
  143. --spamassassin) args="${args}-t " ;;
  144. --iptables) args="${args}-i " ;;
  145. --fail2ban) args="${args}-b " ;;
  146. --softaculous) args="${args}-o " ;;
  147. --remi) args="${args}-r " ;;
  148. --quota) args="${args}-q " ;;
  149. --lang) args="${args}-l " ;;
  150. --interactive) args="${args}-y " ;;
  151. --hostname) args="${args}-s " ;;
  152. --email) args="${args}-e " ;;
  153. --password) args="${args}-p " ;;
  154. --force) args="${args}-f " ;;
  155. --help) args="${args}-h " ;;
  156. *) [[ "${arg:0:1}" == "-" ]] || delim="\""
  157. args="${args}${delim}${arg}${delim} ";;
  158. esac
  159. done
  160. eval set -- "$args"
  161.  
  162. # Parsing arguments
  163. while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:o:q:l:y:s:e:p:fh" Option; do
  164. case $Option in
  165. a) apache=$OPTARG ;; # Apache
  166. n) nginx=$OPTARG ;; # Nginx
  167. w) phpfpm=$OPTARG ;; # PHP-FPM
  168. v) vsftpd=$OPTARG ;; # Vsftpd
  169. j) proftpd=$OPTARG ;; # Proftpd
  170. k) named=$OPTARG ;; # Named
  171. m) mysql=$OPTARG ;; # MySQL
  172. g) postgresql=$OPTARG ;; # PostgreSQL
  173. d) mongodb=$OPTARG ;; # MongoDB (unsupported)
  174. x) exim=$OPTARG ;; # Exim
  175. z) dovecot=$OPTARG ;; # Dovecot
  176. c) clamd=$OPTARG ;; # ClamAV
  177. t) spamd=$OPTARG ;; # SpamAssassin
  178. i) iptables=$OPTARG ;; # Iptables
  179. b) fail2ban=$OPTARG ;; # Fail2ban
  180. r) remi=$OPTARG ;; # Remi repo
  181. o) softaculous=$OPTARG ;; # Softaculous plugin
  182. q) quota=$OPTARG ;; # FS Quota
  183. l) lang=$OPTARG ;; # Language
  184. y) interactive=$OPTARG ;; # Interactive install
  185. s) servername=$OPTARG ;; # Hostname
  186. e) email=$OPTARG ;; # Admin email
  187. p) vpass=$OPTARG ;; # Admin password
  188. f) force='yes' ;; # Force install
  189. h) help ;; # Help
  190. *) help ;; # Print help (default)
  191. esac
  192. done
  193.  
  194. # Defining default software stack
  195. set_default_value 'nginx' 'yes'
  196. set_default_value 'apache' 'yes'
  197. set_default_value 'phpfpm' 'no'
  198. set_default_value 'vsftpd' 'yes'
  199. set_default_value 'proftpd' 'no'
  200. set_default_value 'named' 'yes'
  201. set_default_value 'mysql' 'yes'
  202. set_default_value 'postgresql' 'no'
  203. set_default_value 'mongodb' 'no'
  204. set_default_value 'exim' 'yes'
  205. set_default_value 'dovecot' 'yes'
  206. if [ $memory -lt 1500000 ]; then
  207. set_default_value 'clamd' 'no'
  208. set_default_value 'spamd' 'no'
  209. else
  210. set_default_value 'clamd' 'yes'
  211. set_default_value 'spamd' 'yes'
  212. fi
  213. set_default_value 'iptables' 'yes'
  214. set_default_value 'fail2ban' 'yes'
  215. set_default_value 'softaculous' 'yes'
  216. set_default_value 'quota' 'no'
  217. set_default_value 'interactive' 'yes'
  218. set_default_lang 'en'
  219.  
  220. # Checking software conflicts
  221. if [ "$phpfpm" = 'yes' ]; then
  222. apache='no'
  223. nginx='yes'
  224. fi
  225. if [ "$proftpd" = 'yes' ]; then
  226. vsftpd='no'
  227. fi
  228. if [ "$exim" = 'no' ]; then
  229. clamd='no'
  230. spamd='no'
  231. dovecot='no'
  232. fi
  233. if [ "$iptables" = 'no' ]; then
  234. fail2ban='no'
  235. fi
  236.  
  237. # Checking root permissions
  238. if [ "x$(id -u)" != 'x0' ]; then
  239. check_result 1 "Script can be run executed only by root"
  240. fi
  241.  
  242. # Checking admin user account
  243. if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ -z "$force" ]; then
  244. echo 'Please remove admin user account before proceeding.'
  245. echo 'If you want to do it automatically run installer with -f option:'
  246. echo -e "Example: bash $0 --force\n"
  247. check_result 1 "User admin exists"
  248. fi
  249.  
  250. # Checking wget
  251. if [ ! -e '/usr/bin/wget' ]; then
  252. apt-get -y install wget
  253. check_result $? "Can't install wget"
  254. fi
  255.  
  256. # Checking repository availability
  257. wget -q "c.vestacp.com/deb_signing.key" -O /dev/null
  258. check_result $? "No access to Vesta repository"
  259.  
  260. # Checking installed packages
  261. tmpfile=$(mktemp -p /tmp)
  262. dpkg --get-selections > $tmpfile
  263. for pkg in exim4 mysql-server apache2 nginx vesta; do
  264. if [ ! -z "$(grep $pkg $tmpfile)" ]; then
  265. conflicts="$pkg $conflicts"
  266. fi
  267. done
  268. rm -f $tmpfile
  269. if [ ! -z "$conflicts" ] && [ -z "$force" ]; then
  270. echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!'
  271. echo
  272. echo 'Following packages are already installed:'
  273. echo "$conflicts"
  274. echo
  275. echo 'It is highly recommended to remove them before proceeding.'
  276. echo 'If you want to force installation run this script with -f option:'
  277. echo "Example: bash $0 --force"
  278. echo
  279. echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!'
  280. echo
  281. check_result 1 "Control Panel should be installed on clean server."
  282. fi
  283.  
  284.  
  285. #----------------------------------------------------------#
  286. # Brief Info #
  287. #----------------------------------------------------------#
  288.  
  289. # Printing nice ASCII logo
  290. clear
  291. echo
  292. echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|'
  293. echo ' _| _| _| _| _| _| _|'
  294. echo ' _| _| _|_|_| _|_| _| _|_|_|_|'
  295. echo ' _| _| _| _| _| _| _|'
  296. echo ' _| _|_|_|_| _|_|_| _| _| _|'
  297. echo
  298. echo ' Vesta Control Panel'
  299. echo -e "\n\n"
  300.  
  301. echo 'The following software will be installed on your system:'
  302.  
  303. # Web stack
  304. if [ "$nginx" = 'yes' ]; then
  305. echo ' - Nginx Web Server'
  306. fi
  307. if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then
  308. echo ' - Apache Web Server'
  309. fi
  310. if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then
  311. echo ' - Apache Web Server (as backend)'
  312. fi
  313. if [ "$phpfpm" = 'yes' ]; then
  314. echo ' - PHP-FPM Application Server'
  315. fi
  316.  
  317. # DNS stack
  318. if [ "$named" = 'yes' ]; then
  319. echo ' - Bind DNS Server'
  320. fi
  321.  
  322. # Mail stack
  323. if [ "$exim" = 'yes' ]; then
  324. echo -n ' - Exim Mail Server'
  325. if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ] ; then
  326. echo -n ' + '
  327. if [ "$clamd" = 'yes' ]; then
  328. echo -n 'ClamAV'
  329. fi
  330. if [ "$spamd" = 'yes' ]; then
  331. echo -n 'SpamAssassin'
  332. fi
  333. fi
  334. echo
  335. if [ "$dovecot" = 'yes' ]; then
  336. echo ' - Dovecot POP3/IMAP Server'
  337. fi
  338. fi
  339.  
  340. # Database stack
  341. if [ "$mysql" = 'yes' ]; then
  342. echo ' - MySQL Database Server'
  343. fi
  344. if [ "$postgresql" = 'yes' ]; then
  345. echo ' - PostgreSQL Database Server'
  346. fi
  347. if [ "$mongodb" = 'yes' ]; then
  348. echo ' - MongoDB Database Server'
  349. fi
  350.  
  351. # FTP stack
  352. if [ "$vsftpd" = 'yes' ]; then
  353. echo ' - Vsftpd FTP Server'
  354. fi
  355. if [ "$proftpd" = 'yes' ]; then
  356. echo ' - ProFTPD FTP Server'
  357. fi
  358.  
  359. # Softaculous
  360. if [ "$softaculous" = 'yes' ]; then
  361. echo ' - Softaculous Plugin'
  362. fi
  363.  
  364. # Firewall stack
  365. if [ "$iptables" = 'yes' ]; then
  366. echo -n ' - Iptables Firewall'
  367. fi
  368. if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then
  369. echo -n ' + Fail2Ban'
  370. fi
  371. echo -e "\n\n"
  372.  
  373. # Asking for confirmation to proceed
  374. if [ "$interactive" = 'yes' ]; then
  375. read -p 'Would you like to continue [y/n]: ' answer
  376. if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then
  377. echo 'Goodbye'
  378. exit 1
  379. fi
  380.  
  381. # Asking for contact email
  382. if [ -z "$email" ]; then
  383. read -p 'Please enter admin email address: ' email
  384. fi
  385.  
  386. # Asking to set FQDN hostname
  387. if [ -z "$servername" ]; then
  388. read -p "Please enter FQDN hostname [$(hostname -f)]: " servername
  389. fi
  390. fi
  391.  
  392. # Generating admin password if it wasn't set
  393. if [ -z "$vpass" ]; then
  394. vpass=$(gen_pass)
  395. fi
  396.  
  397. # Set hostname if it wasn't set
  398. if [ -z "$servername" ]; then
  399. servername=$(hostname -f)
  400. fi
  401.  
  402. # Set FQDN if it wasn't set
  403. mask1='(([[:alnum:]](-?[[:alnum:]])*)\.)'
  404. mask2='*[[:alnum:]](-?[[:alnum:]])+\.[[:alnum:]]{2,}'
  405. if ! [[ "$servername" =~ ^${mask1}${mask2}$ ]]; then
  406. if [ ! -z "$servername" ]; then
  407. servername="$servername.example.com"
  408. else
  409. servername="example.com"
  410. fi
  411. echo "127.0.0.1 $servername" >> /etc/hosts
  412. fi
  413.  
  414. # Set email if it wasn't set
  415. if [ -z "$email" ]; then
  416. email="admin@$servername"
  417. fi
  418.  
  419. # Defining backup directory
  420. vst_backups="/root/vst_install_backups/$(date +%s)"
  421. echo "Installation backup directory: $vst_backups"
  422.  
  423. # Printing start message and sleeping for 5 seconds
  424. echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n"
  425. sleep 5
  426.  
  427.  
  428. #----------------------------------------------------------#
  429. # Checking swap #
  430. #----------------------------------------------------------#
  431.  
  432. # Checking swap on small instances
  433. if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then
  434. fallocate -l 1G /swapfile
  435. chmod 600 /swapfile
  436. mkswap /swapfile
  437. swapon /swapfile
  438. echo "/swapfile none swap sw 0 0" >> /etc/fstab
  439. fi
  440.  
  441.  
  442. #----------------------------------------------------------#
  443. # Install repository #
  444. #----------------------------------------------------------#
  445.  
  446. # Updating system
  447. apt-get -y upgrade
  448. check_result $? 'apt-get upgrade failed'
  449.  
  450. # Checking universe repository
  451. if [[ ${release:0:2} -gt 16 ]]; then
  452. if [ -z "$(grep universe /etc/apt/sources.list)" ]; then
  453. add-apt-repository -y universe
  454. fi
  455. fi
  456.  
  457. # Installing nginx repo
  458. apt=/etc/apt/sources.list.d
  459. echo "deb http://nginx.org/packages/mainline/ubuntu/ $codename nginx" \
  460. > $apt/nginx.list
  461. wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key
  462. apt-key add /tmp/nginx_signing.key
  463.  
  464. # Installing vesta repo
  465. echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list
  466. wget $CHOST/deb_signing.key -O deb_signing.key
  467. apt-key add deb_signing.key
  468.  
  469.  
  470. #----------------------------------------------------------#
  471. # Backup #
  472. #----------------------------------------------------------#
  473.  
  474. # Creating backup directory tree
  475. mkdir -p $vst_backups
  476. cd $vst_backups
  477. mkdir nginx apache2 php vsftpd proftpd bind exim4 dovecot clamd
  478. mkdir spamassassin mysql postgresql mongodb vesta
  479.  
  480. # Backup nginx configuration
  481. service nginx stop > /dev/null 2>&1
  482. cp -r /etc/nginx/* $vst_backups/nginx >/dev/null 2>&1
  483.  
  484. # Backup Apache configuration
  485. service apache2 stop > /dev/null 2>&1
  486. cp -r /etc/apache2/* $vst_backups/apache2 > /dev/null 2>&1
  487. rm -f /etc/apache2/conf.d/* > /dev/null 2>&1
  488.  
  489. # Backup PHP-FPM configuration
  490. service php7.0-fpm stop > /dev/null 2>&1
  491. service php5-fpm stop > /dev/null 2>&1
  492. service php-fpm stop > /dev/null 2>&1
  493. cp -r /etc/php7.0/* $vst_backups/php/ > /dev/null 2>&1
  494. cp -r /etc/php5/* $vst_backups/php/ > /dev/null 2>&1
  495. cp -r /etc/php/* $vst_backups/php/ > /dev/null 2>&1
  496.  
  497. # Backup Bind configuration
  498. service bind9 stop > /dev/null 2>&1
  499. cp -r /etc/bind/* $vst_backups/bind > /dev/null 2>&1
  500.  
  501. # Backup Vsftpd configuration
  502. service vsftpd stop > /dev/null 2>&1
  503. cp /etc/vsftpd.conf $vst_backups/vsftpd > /dev/null 2>&1
  504.  
  505. # Backup ProFTPD configuration
  506. service proftpd stop > /dev/null 2>&1
  507. cp /etc/proftpd.conf $vst_backups/proftpd > /dev/null 2>&1
  508.  
  509. # Backup Exim configuration
  510. service exim4 stop > /dev/null 2>&1
  511. cp -r /etc/exim4/* $vst_backups/exim4 > /dev/null 2>&1
  512.  
  513. # Backup ClamAV configuration
  514. service clamav-daemon stop > /dev/null 2>&1
  515. cp -r /etc/clamav/* $vst_backups/clamav > /dev/null 2>&1
  516.  
  517. # Backup SpamAssassin configuration
  518. service spamassassin stop > /dev/null 2>&1
  519. cp -r /etc/spamassassin/* $vst_backups/spamassassin > /dev/null 2>&1
  520.  
  521. # Backup Dovecot configuration
  522. service dovecot stop > /dev/null 2>&1
  523. cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1
  524. cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1
  525.  
  526. # Backup MySQL/MariaDB configuration and data
  527. service mysql stop > /dev/null 2>&1
  528. killall -9 mysqld > /dev/null 2>&1
  529. mv /var/lib/mysql $vst_backups/mysql/mysql_datadir > /dev/null 2>&1
  530. cp -r /etc/mysql/* $vst_backups/mysql > /dev/null 2>&1
  531. mv -f /root/.my.cnf $vst_backups/mysql > /dev/null 2>&1
  532. if [ "$release" = '16.04' ] && [ -e '/etc/init.d/mysql' ]; then
  533. mkdir -p /var/lib/mysql > /dev/null 2>&1
  534. chown mysql:mysql /var/lib/mysql
  535. mysqld --initialize-insecure
  536. fi
  537.  
  538. # Backup Vesta
  539. service vesta stop > /dev/null 2>&1
  540. cp -r $VESTA/* $vst_backups/vesta > /dev/null 2>&1
  541. apt-get -y remove vesta vesta-nginx vesta-php > /dev/null 2>&1
  542. apt-get -y purge vesta vesta-nginx vesta-php > /dev/null 2>&1
  543. rm -rf $VESTA > /dev/null 2>&1
  544.  
  545.  
  546. #----------------------------------------------------------#
  547. # Package Excludes #
  548. #----------------------------------------------------------#
  549.  
  550. # Excluding packages
  551. if [ "$release" != "15.04" ] && [ "$release" != "15.04" ]; then
  552. software=$(echo "$software" | sed -e "s/apache2.2-common//")
  553. fi
  554.  
  555. if [ "$nginx" = 'no' ]; then
  556. software=$(echo "$software" | sed -e "s/^nginx//")
  557. fi
  558. if [ "$apache" = 'no' ]; then
  559. software=$(echo "$software" | sed -e "s/apache2 //")
  560. software=$(echo "$software" | sed -e "s/apache2-utils//")
  561. software=$(echo "$software" | sed -e "s/apache2-suexec-custom//")
  562. software=$(echo "$software" | sed -e "s/apache2.2-common//")
  563. software=$(echo "$software" | sed -e "s/libapache2-mod-ruid2//")
  564. software=$(echo "$software" | sed -e "s/libapache2-mod-rpaf//")
  565. software=$(echo "$software" | sed -e "s/libapache2-mod-fcgid//")
  566. software=$(echo "$software" | sed -e "s/libapache2-mod-php7.0//")
  567. software=$(echo "$software" | sed -e "s/libapache2-mod-php5//")
  568. software=$(echo "$software" | sed -e "s/libapache2-mod-php//")
  569. fi
  570. if [ "$phpfpm" = 'no' ]; then
  571. software=$(echo "$software" | sed -e "s/php7.0-fpm//")
  572. software=$(echo "$software" | sed -e "s/php5-fpm//")
  573. software=$(echo "$software" | sed -e "s/php-fpm//")
  574. fi
  575. if [ "$vsftpd" = 'no' ]; then
  576. software=$(echo "$software" | sed -e "s/vsftpd//")
  577. fi
  578. if [ "$proftpd" = 'no' ]; then
  579. software=$(echo "$software" | sed -e "s/proftpd-basic//")
  580. software=$(echo "$software" | sed -e "s/proftpd-mod-vroot//")
  581. fi
  582. if [ "$named" = 'no' ]; then
  583. software=$(echo "$software" | sed -e "s/bind9//")
  584. fi
  585. if [ "$exim" = 'no' ]; then
  586. software=$(echo "$software" | sed -e "s/exim4 //")
  587. software=$(echo "$software" | sed -e "s/exim4-daemon-heavy//")
  588. software=$(echo "$software" | sed -e "s/dovecot-imapd//")
  589. software=$(echo "$software" | sed -e "s/dovecot-pop3d//")
  590. software=$(echo "$software" | sed -e "s/clamav-daemon//")
  591. software=$(echo "$software" | sed -e "s/spamassassin//")
  592. fi
  593. if [ "$clamd" = 'no' ]; then
  594. software=$(echo "$software" | sed -e "s/clamav-daemon//")
  595. fi
  596. if [ "$spamd" = 'no' ]; then
  597. software=$(echo "$software" | sed -e "s/spamassassin//")
  598. fi
  599. if [ "$dovecot" = 'no' ]; then
  600. software=$(echo "$software" | sed -e "s/dovecot-imapd//")
  601. software=$(echo "$software" | sed -e "s/dovecot-pop3d//")
  602. fi
  603. if [ "$mysql" = 'no' ]; then
  604. software=$(echo "$software" | sed -e 's/mysql-server//')
  605. software=$(echo "$software" | sed -e 's/mysql-client//')
  606. software=$(echo "$software" | sed -e 's/mysql-common//')
  607. software=$(echo "$software" | sed -e 's/php7.0-mysql//')
  608. software=$(echo "$software" | sed -e 's/php5-mysql//')
  609. software=$(echo "$software" | sed -e 's/php-mysql//')
  610. software=$(echo "$software" | sed -e 's/phpMyAdmin//')
  611. software=$(echo "$software" | sed -e 's/phpmyadmin//')
  612. fi
  613. if [ "$postgresql" = 'no' ]; then
  614. software=$(echo "$software" | sed -e 's/postgresql-contrib//')
  615. software=$(echo "$software" | sed -e 's/postgresql//')
  616. software=$(echo "$software" | sed -e 's/php7.0-pgsql//')
  617. software=$(echo "$software" | sed -e 's/php5-pgsql//')
  618. software=$(echo "$software" | sed -e 's/php-pgsql//')
  619. software=$(echo "$software" | sed -e 's/phppgadmin//')
  620. fi
  621. if [ "$softaculous" = 'no' ]; then
  622. software=$(echo "$software" | sed -e 's/vesta-softaculous//')
  623. fi
  624. if [ "$iptables" = 'no' ] || [ "$fail2ban" = 'no' ]; then
  625. software=$(echo "$software" | sed -e 's/fail2ban//')
  626. fi
  627.  
  628.  
  629. #----------------------------------------------------------#
  630. # Install packages #
  631. #----------------------------------------------------------#
  632.  
  633. # Updating system
  634. apt-get update
  635.  
  636. # Disabling daemon autostart on apt-get install
  637. echo -e '#!/bin/sh\nexit 101' > /usr/sbin/policy-rc.d
  638. chmod a+x /usr/sbin/policy-rc.d
  639.  
  640. # Installing apt packages
  641. apt-get -y install $software
  642. check_result $? "apt-get install failed"
  643.  
  644. # Restoring autostart policy
  645. rm -f /usr/sbin/policy-rc.d
  646.  
  647.  
  648. #----------------------------------------------------------#
  649. # Configure system #
  650. #----------------------------------------------------------#
  651.  
  652. # Enabling SSH password auth
  653. sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config
  654. service ssh restart
  655.  
  656. # Disabling AWStats cron
  657. rm -f /etc/cron.d/awstats
  658.  
  659. # Set directory color
  660. echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
  661.  
  662. # Registering /usr/sbin/nologin
  663. if [ -z "$(grep nologin /etc/shells)" ]; then
  664. echo "/usr/sbin/nologin" >> /etc/shells
  665. fi
  666.  
  667. # Configuring NTP
  668. echo '#!/bin/sh' > /etc/cron.daily/ntpdate
  669. echo "$(which ntpdate) -s ntp.ubuntu.com" >> /etc/cron.daily/ntpdate
  670. chmod 775 /etc/cron.daily/ntpdate
  671. ntpdate -s ntp.ubuntu.com
  672.  
  673. # Adding rssh
  674. if [ -z "$(grep /usr/bin/rssh /etc/shells)" ]; then
  675. echo /usr/bin/rssh >> /etc/shells
  676. fi
  677. sed -i 's/#allowscp/allowscp/' /etc/rssh.conf
  678. sed -i 's/#allowsftp/allowsftp/' /etc/rssh.conf
  679. sed -i 's/#allowrsync/allowrsync/' /etc/rssh.conf
  680. chmod 755 /usr/bin/rssh
  681.  
  682.  
  683. #----------------------------------------------------------#
  684. # Configure Vesta #
  685. #----------------------------------------------------------#
  686.  
  687. # Installing sudo configuration
  688. mkdir -p /etc/sudoers.d
  689. cp -f $vestacp/sudo/admin /etc/sudoers.d/
  690. chmod 440 /etc/sudoers.d/admin
  691.  
  692. # Configuring system env
  693. echo "export VESTA='$VESTA'" > /etc/profile.d/vesta.sh
  694. chmod 755 /etc/profile.d/vesta.sh
  695. source /etc/profile.d/vesta.sh
  696. echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile
  697. echo 'export PATH' >> /root/.bash_profile
  698. source /root/.bash_profile
  699.  
  700. # Configuring logrotate for Vesta logs
  701. cp -f $vestacp/logrotate/vesta /etc/logrotate.d/
  702.  
  703. # Building directory tree and creating some blank files for Vesta
  704. mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \
  705. $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \
  706. $VESTA/data/sessions
  707. touch $VESTA/data/queue/backup.pipe $VESTA/data/queue/disk.pipe \
  708. $VESTA/data/queue/webstats.pipe $VESTA/data/queue/restart.pipe \
  709. $VESTA/data/queue/traffic.pipe $VESTA/log/system.log \
  710. $VESTA/log/nginx-error.log $VESTA/log/auth.log
  711. chmod 750 $VESTA/conf $VESTA/data/users $VESTA/data/ips $VESTA/log
  712. chmod -R 750 $VESTA/data/queue
  713. chmod 660 $VESTA/log/*
  714. rm -f /var/log/vesta
  715. ln -s $VESTA/log /var/log/vesta
  716. chmod 770 $VESTA/data/sessions
  717.  
  718. # Generating Vesta configuration
  719. rm -f $VESTA/conf/vesta.conf 2>/dev/null
  720. touch $VESTA/conf/vesta.conf
  721. chmod 660 $VESTA/conf/vesta.conf
  722.  
  723. # Web stack
  724. if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then
  725. echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf
  726. echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf
  727. echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf
  728. echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf
  729. echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf
  730. echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf
  731. fi
  732. if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then
  733. echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf
  734. echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf
  735. echo "WEB_PORT='8080'" >> $VESTA/conf/vesta.conf
  736. echo "WEB_SSL_PORT='8443'" >> $VESTA/conf/vesta.conf
  737. echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf
  738. echo "PROXY_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf
  739. echo "PROXY_PORT='80'" >> $VESTA/conf/vesta.conf
  740. echo "PROXY_SSL_PORT='443'" >> $VESTA/conf/vesta.conf
  741. echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf
  742. fi
  743. if [ "$apache" = 'no' ] && [ "$nginx" = 'yes' ]; then
  744. echo "WEB_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf
  745. echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf
  746. echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf
  747. echo "WEB_SSL='openssl'" >> $VESTA/conf/vesta.conf
  748. if [ "$phpfpm" = 'yes' ]; then
  749. echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf
  750. fi
  751. echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf
  752. fi
  753.  
  754. # FTP stack
  755. if [ "$vsftpd" = 'yes' ]; then
  756. echo "FTP_SYSTEM='vsftpd'" >> $VESTA/conf/vesta.conf
  757. fi
  758. if [ "$proftpd" = 'yes' ]; then
  759. echo "FTP_SYSTEM='proftpd'" >> $VESTA/conf/vesta.conf
  760. fi
  761.  
  762. # DNS stack
  763. if [ "$named" = 'yes' ]; then
  764. echo "DNS_SYSTEM='bind9'" >> $VESTA/conf/vesta.conf
  765. fi
  766.  
  767. # Mail stack
  768. if [ "$exim" = 'yes' ]; then
  769. echo "MAIL_SYSTEM='exim4'" >> $VESTA/conf/vesta.conf
  770. if [ "$clamd" = 'yes' ]; then
  771. echo "ANTIVIRUS_SYSTEM='clamav-daemon'" >> $VESTA/conf/vesta.conf
  772. fi
  773. if [ "$spamd" = 'yes' ]; then
  774. echo "ANTISPAM_SYSTEM='spamassassin'" >> $VESTA/conf/vesta.conf
  775. fi
  776. if [ "$dovecot" = 'yes' ]; then
  777. echo "IMAP_SYSTEM='dovecot'" >> $VESTA/conf/vesta.conf
  778. fi
  779. fi
  780.  
  781. # Cron daemon
  782. echo "CRON_SYSTEM='cron'" >> $VESTA/conf/vesta.conf
  783.  
  784. # Firewall stack
  785. if [ "$iptables" = 'yes' ]; then
  786. echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf
  787. fi
  788. if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then
  789. echo "FIREWALL_EXTENSION='fail2ban'" >> $VESTA/conf/vesta.conf
  790. fi
  791.  
  792. # Disk quota
  793. if [ "$quota" = 'yes' ]; then
  794. echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf
  795. fi
  796.  
  797. # Backups
  798. echo "BACKUP_SYSTEM='local'" >> $VESTA/conf/vesta.conf
  799.  
  800. # Language
  801. echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf
  802.  
  803. # Version
  804. echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf
  805.  
  806. # Installing hosting packages
  807. cp -rf $vestacp/packages $VESTA/data/
  808.  
  809. # Installing templates
  810. cp -rf $vestacp/templates $VESTA/data/
  811.  
  812. # Copying index.html to default documentroot
  813. cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/
  814. sed -i 's/%domain%/It worked!/g' /var/www/index.html
  815.  
  816. # Installing firewall rules
  817. cp -rf $vestacp/firewall $VESTA/data/
  818.  
  819. # Configuring server hostname
  820. $VESTA/bin/v-change-sys-hostname $servername 2>/dev/null
  821.  
  822. # Generating SSL certificate
  823. $VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \
  824. 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem
  825.  
  826. # Parsing certificate file
  827. crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:)
  828. key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:)
  829. key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:)
  830.  
  831. # Adding SSL certificate
  832. cd $VESTA/ssl
  833. sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt
  834. sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key
  835. chown root:mail $VESTA/ssl/*
  836. chmod 660 $VESTA/ssl/*
  837. rm /tmp/vst.pem
  838.  
  839. # Adding nologin as a valid system shell
  840. if [ -z "$(grep nologin /etc/shells)" ]; then
  841. echo "/usr/sbin/nologin" >> /etc/shells
  842. fi
  843.  
  844.  
  845. #----------------------------------------------------------#
  846. # Configure Nginx #
  847. #----------------------------------------------------------#
  848.  
  849. if [ "$nginx" = 'yes' ]; then
  850. rm -f /etc/nginx/conf.d/*.conf
  851. cp -f $vestacp/nginx/nginx.conf /etc/nginx/
  852. cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/
  853. cp -f $vestacp/nginx/phpmyadmin.inc /etc/nginx/conf.d/
  854. cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/
  855. cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/
  856. cp -f $vestacp/logrotate/nginx /etc/logrotate.d/
  857. echo > /etc/nginx/conf.d/vesta.conf
  858. mkdir -p /var/log/nginx/domains
  859. update-rc.d nginx defaults
  860. service nginx start
  861. check_result $? "nginx start failed"
  862. fi
  863.  
  864.  
  865. #----------------------------------------------------------#
  866. # Configure Apache #
  867. #----------------------------------------------------------#
  868.  
  869. if [ "$apache" = 'yes' ]; then
  870. cp -f $vestacp/apache2/apache2.conf /etc/apache2/
  871. cp -f $vestacp/apache2/status.conf /etc/apache2/mods-enabled/
  872. cp -f $vestacp/logrotate/apache2 /etc/logrotate.d/
  873. a2enmod rewrite
  874. a2enmod suexec
  875. a2enmod ssl
  876. a2enmod actions
  877. a2enmod ruid2
  878. mkdir -p /etc/apache2/conf.d
  879. echo > /etc/apache2/conf.d/vesta.conf
  880. echo "# Powered by vesta" > /etc/apache2/sites-available/default
  881. echo "# Powered by vesta" > /etc/apache2/sites-available/default-ssl
  882. echo "# Powered by vesta" > /etc/apache2/ports.conf
  883. echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data
  884. touch /var/log/apache2/access.log /var/log/apache2/error.log
  885. mkdir -p /var/log/apache2/domains
  886. chmod a+x /var/log/apache2
  887. chmod 640 /var/log/apache2/access.log /var/log/apache2/error.log
  888. chmod 751 /var/log/apache2/domains
  889. update-rc.d apache2 defaults
  890. service apache2 start
  891. check_result $? "apache2 start failed"
  892. else
  893. update-rc.d apache2 disable >/dev/null 2>&1
  894. service apache2 stop >/dev/null 2>&1
  895. fi
  896.  
  897.  
  898. #----------------------------------------------------------#
  899. # Configure PHP-FPM #
  900. #----------------------------------------------------------#
  901.  
  902. if [ "$phpfpm" = 'yes' ]; then
  903. pool=$(find /etc/php* -type d \( -name "pool.d" -o -name "*fpm.d" \))
  904. cp -f $vestacp/php-fpm/www.conf $pool/
  905. php_fpm=$(ls /etc/init.d/php*-fpm* |cut -f 4 -d /)
  906. ln -s /etc/init.d/$php_fpm /etc/init.d/php-fpm > /dev/null 2>&1
  907. update-rc.d $php_fpm defaults
  908. service $php_fpm start
  909. check_result $? "php-fpm start failed"
  910. fi
  911.  
  912.  
  913. #----------------------------------------------------------#
  914. # Configure PHP #
  915. #----------------------------------------------------------#
  916.  
  917. ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}')
  918. if [ -z "$ZONE" ]; then
  919. ZONE='UTC'
  920. fi
  921. for pconf in $(find /etc/php* -name php.ini); do
  922. sed -i "s%;date.timezone =%date.timezone = $ZONE%g" $pconf
  923. sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf
  924. done
  925.  
  926.  
  927. #----------------------------------------------------------#
  928. # Configure Vsftpd #
  929. #----------------------------------------------------------#
  930.  
  931. if [ "$vsftpd" = 'yes' ]; then
  932. cp -f $vestacp/vsftpd/vsftpd.conf /etc/
  933. touch /var/log/vsftpd.log
  934. chown root:adm /var/log/vsftpd.log
  935. chmod 640 /var/log/vsftpd.log
  936. touch /var/log/xferlog
  937. chown root:adm /var/log/xferlog
  938. chmod 640 /var/log/xferlog
  939. update-rc.d vsftpd defaults
  940. service vsftpd start
  941. check_result $? "vsftpd start failed"
  942.  
  943. fi
  944.  
  945.  
  946. #----------------------------------------------------------#
  947. # Configure ProFTPD #
  948. #----------------------------------------------------------#
  949.  
  950. if [ "$proftpd" = 'yes' ]; then
  951. echo "127.0.0.1 $servername" >> /etc/hosts
  952. cp -f $vestacp/proftpd/proftpd.conf /etc/proftpd/
  953. update-rc.d proftpd defaults
  954. service proftpd start
  955. check_result $? "proftpd start failed"
  956. fi
  957.  
  958.  
  959. #----------------------------------------------------------#
  960. # Configure MySQL/MariaDB #
  961. #----------------------------------------------------------#
  962.  
  963. if [ "$mysql" = 'yes' ]; then
  964. mycnf="my-small.cnf"
  965. if [ $memory -gt 1200000 ]; then
  966. mycnf="my-medium.cnf"
  967. fi
  968. if [ $memory -gt 3900000 ]; then
  969. mycnf="my-large.cnf"
  970. fi
  971.  
  972. # Configuring MySQL/MariaDB
  973. cp -f $vestacp/mysql/$mycnf /etc/mysql/my.cnf
  974. if [ "$release" != '16.04' ]; then
  975. mysql_install_db
  976. fi
  977. if [ "$release" == '18.04' ]; then
  978. mkdir /var/lib/mysql
  979. chown mysql:mysql /var/lib/mysql
  980. mysqld --initialize-insecure
  981. fi
  982. update-rc.d mysql defaults
  983. service mysql start
  984. check_result $? "mysql start failed"
  985.  
  986. # Securing MySQL/MariaDB installation
  987. mpass=$(gen_pass)
  988. mysqladmin -u root password $mpass
  989. echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf
  990. chmod 600 /root/.my.cnf
  991. mysql -e "DELETE FROM mysql.user WHERE User=''"
  992. mysql -e "DROP DATABASE test" >/dev/null 2>&1
  993. mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
  994. mysql -e "DELETE FROM mysql.user WHERE user='' OR password='';"
  995. mysql -e "FLUSH PRIVILEGES"
  996.  
  997. # Configuring phpMyAdmin
  998. if [ "$apache" = 'yes' ]; then
  999. cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/
  1000. ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf
  1001. fi
  1002. if [[ ${release:0:2} -ge 18 ]]; then
  1003. mysql < /usr/share/phpmyadmin/sql/create_tables.sql
  1004. p=$(grep dbpass /etc/phpmyadmin/config-db.php |cut -f 2 -d "'")
  1005. mysql -e "GRANT ALL ON phpmyadmin.*
  1006. TO phpmyadmin@localhost IDENTIFIED BY '$p'"
  1007. else
  1008. cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/
  1009. fi
  1010. chmod 777 /var/lib/phpmyadmin/tmp
  1011. fi
  1012.  
  1013.  
  1014. #----------------------------------------------------------#
  1015. # Configure PostgreSQL #
  1016. #----------------------------------------------------------#
  1017.  
  1018. if [ "$postgresql" = 'yes' ]; then
  1019. ppass=$(gen_pass)
  1020. cp -f $vestacp/postgresql/pg_hba.conf /etc/postgresql/*/main/
  1021. service postgresql restart
  1022. sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'"
  1023.  
  1024. # Configuring phpPgAdmin
  1025. if [ "$apache" = 'yes' ]; then
  1026. cp -f $vestacp/pga/phppgadmin.conf /etc/apache2/conf.d/
  1027. fi
  1028. cp -f $vestacp/pga/config.inc.php /etc/phppgadmin/
  1029. fi
  1030.  
  1031.  
  1032. #----------------------------------------------------------#
  1033. # Configure Bind #
  1034. #----------------------------------------------------------#
  1035.  
  1036. if [ "$named" = 'yes' ]; then
  1037. cp -f $vestacp/bind/named.conf /etc/bind/
  1038. sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options
  1039. chown root:bind /etc/bind/named.conf
  1040. chmod 640 /etc/bind/named.conf
  1041. aa-complain /usr/sbin/named 2>/dev/null
  1042. echo "/home/** rwm," >> /etc/apparmor.d/local/usr.sbin.named 2>/dev/null
  1043. service apparmor status >/dev/null 2>&1
  1044. if [ $? -ne 0 ]; then
  1045. service apparmor restart
  1046. fi
  1047. update-rc.d bind9 defaults
  1048. service bind9 start
  1049. check_result $? "bind9 start failed"
  1050.  
  1051. # Workaround for OpenVZ/Virtuozzo
  1052. if [ -e "/proc/vz/veinfo" ]; then
  1053. sed -i "s/^exit 0/service bind9 restart\nexit 0/" /etc/rc.local
  1054. fi
  1055. fi
  1056.  
  1057. #----------------------------------------------------------#
  1058. # Configure Exim #
  1059. #----------------------------------------------------------#
  1060.  
  1061. if [ "$exim" = 'yes' ]; then
  1062. gpasswd -a Debian-exim mail
  1063. cp -f $vestacp/exim/exim4.conf.template /etc/exim4/
  1064. cp -f $vestacp/exim/dnsbl.conf /etc/exim4/
  1065. cp -f $vestacp/exim/spam-blocks.conf /etc/exim4/
  1066. touch /etc/exim4/white-blocks.conf
  1067.  
  1068. if [ "$spamd" = 'yes' ]; then
  1069. sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template
  1070. fi
  1071. if [ "$clamd" = 'yes' ]; then
  1072. sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template
  1073. fi
  1074.  
  1075. chmod 640 /etc/exim4/exim4.conf.template
  1076. rm -rf /etc/exim4/domains
  1077. mkdir -p /etc/exim4/domains
  1078.  
  1079. rm -f /etc/alternatives/mta
  1080. ln -s /usr/sbin/exim4 /etc/alternatives/mta
  1081. update-rc.d -f sendmail remove > /dev/null 2>&1
  1082. service sendmail stop > /dev/null 2>&1
  1083. update-rc.d -f postfix remove > /dev/null 2>&1
  1084. service postfix stop > /dev/null 2>&1
  1085.  
  1086. update-rc.d exim4 defaults
  1087. service exim4 start
  1088. check_result $? "exim4 start failed"
  1089. fi
  1090.  
  1091.  
  1092. #----------------------------------------------------------#
  1093. # Configure Dovecot #
  1094. #----------------------------------------------------------#
  1095.  
  1096. if [ "$dovecot" = 'yes' ]; then
  1097. gpasswd -a dovecot mail
  1098. if [[ ${release:0:2} -ge 18 ]]; then
  1099. cp -r /usr/local/vesta/install/debian/9/dovecot /etc/
  1100. if [ -z "$(grep yes /etc/dovecot/conf.d/10-mail.conf)" ]; then
  1101. echo "namespace inbox {" >> /etc/dovecot/conf.d/10-mail.conf
  1102. echo " inbox = yes" >> /etc/dovecot/conf.d/10-mail.conf
  1103. echo "}" >> /etc/dovecot/conf.d/10-mail.conf
  1104. echo "first_valid_uid = 1000" >> /etc/dovecot/conf.d/10-mail.conf
  1105. echo "mbox_write_locks = fcntl" >> /etc/dovecot/conf.d/10-mail.conf
  1106. fi
  1107. else
  1108. cp -rf $vestacp/dovecot /etc/
  1109. fi
  1110. cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
  1111. chown -R root:root /etc/dovecot*
  1112. update-rc.d dovecot defaults
  1113. service dovecot start
  1114. check_result $? "dovecot start failed"
  1115. fi
  1116.  
  1117.  
  1118. #----------------------------------------------------------#
  1119. # Configure ClamAV #
  1120. #----------------------------------------------------------#
  1121.  
  1122. if [ "$clamd" = 'yes' ]; then
  1123. gpasswd -a clamav mail
  1124. gpasswd -a clamav Debian-exim
  1125. cp -f $vestacp/clamav/clamd.conf /etc/clamav/
  1126. /usr/bin/freshclam
  1127. update-rc.d clamav-daemon defaults
  1128. service clamav-daemon start
  1129. check_result $? "clamav-daemon start failed"
  1130. fi
  1131.  
  1132.  
  1133. #----------------------------------------------------------#
  1134. # Configure SpamAssassin #
  1135. #----------------------------------------------------------#
  1136.  
  1137. if [ "$spamd" = 'yes' ]; then
  1138. update-rc.d spamassassin defaults
  1139. sed -i "s/ENABLED=0/ENABLED=1/" /etc/default/spamassassin
  1140. service spamassassin start
  1141. check_result $? "spamassassin start failed"
  1142. unit_files="$(systemctl list-unit-files |grep spamassassin)"
  1143. if [[ "$unit_files" =~ "disabled" ]]; then
  1144. systemctl enable spamassassin
  1145. fi
  1146. fi
  1147.  
  1148.  
  1149. #----------------------------------------------------------#
  1150. # Configure Roundcube #
  1151. #----------------------------------------------------------#
  1152.  
  1153. if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
  1154. if [ "$apache" = 'yes' ]; then
  1155. cp -f $vestacp/roundcube/apache.conf /etc/roundcube/
  1156. ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf
  1157. fi
  1158.  
  1159. if [[ ${release:0:2} -ge 18 ]]; then
  1160. r=$(grep dbpass= /etc/roundcube/debian-db.php |cut -f 2 -d "'")
  1161. sed -i "s/default_host.*/default_host'] = 'localhost';/" \
  1162. /etc/roundcube/config.inc.php
  1163. sed -i "s/^);/'password');/" /etc/roundcube/config.inc.php
  1164. else
  1165. r="$(gen_pass)"
  1166. cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/
  1167. cp -f $vestacp/roundcube/db.inc.php /etc/roundcube/
  1168. sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php
  1169. fi
  1170.  
  1171. if [ "$release" = '16.04' ]; then
  1172. # TBD: should be fixed in config repo
  1173. mv /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php
  1174. mv /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php
  1175. chmod 640 /etc/roundcube/debian-db-roundcube.php
  1176. chown root:www-data /etc/roundcube/debian-db-roundcube.php
  1177. fi
  1178.  
  1179. cp -f $vestacp/roundcube/vesta.php \
  1180. /usr/share/roundcube/plugins/password/drivers/
  1181. cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/
  1182.  
  1183. mysql -e "CREATE DATABASE roundcube"
  1184. mysql -e "GRANT ALL ON roundcube.*
  1185. TO roundcube@localhost IDENTIFIED BY '$r'"
  1186. mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql
  1187.  
  1188. chmod 640 /etc/roundcube/debian-db*
  1189. chown root:www-data /etc/roundcube/debian-db*
  1190. touch /var/log/roundcube/errors
  1191. chmod 640 /var/log/roundcube/errors
  1192. chown www-data:adm /var/log/roundcube/errors
  1193.  
  1194. php5enmod mcrypt 2>/dev/null
  1195. phpenmod mcrypt 2>/dev/null
  1196. if [ "$apache" = 'yes' ]; then
  1197. service apache2 restart
  1198. fi
  1199. if [ "$nginx" = 'yes' ]; then
  1200. service nginx restart
  1201. fi
  1202. fi
  1203.  
  1204.  
  1205. #----------------------------------------------------------#
  1206. # Configure Fail2Ban #
  1207. #----------------------------------------------------------#
  1208.  
  1209. if [ "$fail2ban" = 'yes' ]; then
  1210. cp -rf $vestacp/fail2ban /etc/
  1211. if [ "$dovecot" = 'no' ]; then
  1212. fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2)
  1213. fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
  1214. sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local
  1215. fi
  1216. if [ "$exim" = 'no' ]; then
  1217. fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2)
  1218. fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
  1219. sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local
  1220. fi
  1221. if [ "$vsftpd" = 'yes' ]; then
  1222. #Create vsftpd Log File
  1223. if [ ! -f "/var/log/vsftpd.log" ]; then
  1224. touch /var/log/vsftpd.log
  1225. fi
  1226. fline=$(cat /etc/fail2ban/jail.local |grep -n vsftpd-iptables -A 2)
  1227. fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
  1228. sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local
  1229. fi
  1230. update-rc.d fail2ban defaults
  1231. service fail2ban start
  1232. check_result $? "fail2ban start failed"
  1233. fi
  1234.  
  1235.  
  1236. #----------------------------------------------------------#
  1237. # Configure Admin User #
  1238. #----------------------------------------------------------#
  1239.  
  1240. # Deleting old admin user
  1241. if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then
  1242. chattr -i /home/admin/conf > /dev/null 2>&1
  1243. userdel -f admin >/dev/null 2>&1
  1244. chattr -i /home/admin/conf >/dev/null 2>&1
  1245. mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1
  1246. rm -f /tmp/sess_* >/dev/null 2>&1
  1247. fi
  1248. if [ ! -z "$(grep ^admin: /etc/group)" ]; then
  1249. groupdel admin > /dev/null 2>&1
  1250. fi
  1251.  
  1252. # Adding Vesta admin account
  1253. $VESTA/bin/v-add-user admin $vpass $email default System Administrator
  1254. check_result $? "can't create admin user"
  1255. $VESTA/bin/v-change-user-shell admin bash
  1256. $VESTA/bin/v-change-user-language admin $lang
  1257.  
  1258. # Configuring system IPs
  1259. $VESTA/bin/v-update-sys-ip
  1260.  
  1261. # Get main IP
  1262. ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
  1263.  
  1264. # Configuring firewall
  1265. if [ "$iptables" = 'yes' ]; then
  1266. $VESTA/bin/v-update-firewall
  1267. fi
  1268.  
  1269. # Get public IP
  1270. pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
  1271. if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then
  1272. echo "$VESTA/bin/v-update-sys-ip" >> /etc/rc.local
  1273. $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip
  1274. ip=$pub_ip
  1275. fi
  1276.  
  1277. # Configuring MySQL/MariaDB host
  1278. if [ "$mysql" = 'yes' ]; then
  1279. $VESTA/bin/v-add-database-host mysql localhost root $mpass
  1280. $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
  1281. fi
  1282.  
  1283. # Configuring PostgreSQL host
  1284. if [ "$postgresql" = 'yes' ]; then
  1285. $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass
  1286. $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
  1287. fi
  1288.  
  1289. # Adding default domain
  1290. $VESTA/bin/v-add-domain admin $servername
  1291.  
  1292. # Adding cron jobs
  1293. command="sudo $VESTA/bin/v-update-sys-queue disk"
  1294. $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command"
  1295. command="sudo $VESTA/bin/v-update-sys-queue traffic"
  1296. $VESTA/bin/v-add-cron-job 'admin' '10' '00' '*' '*' '*' "$command"
  1297. command="sudo $VESTA/bin/v-update-sys-queue webstats"
  1298. $VESTA/bin/v-add-cron-job 'admin' '30' '03' '*' '*' '*' "$command"
  1299. command="sudo $VESTA/bin/v-update-sys-queue backup"
  1300. $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
  1301. command="sudo $VESTA/bin/v-backup-users"
  1302. $VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '*' "$command"
  1303. command="sudo $VESTA/bin/v-update-user-stats"
  1304. $VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command"
  1305. command="sudo $VESTA/bin/v-update-sys-rrd"
  1306. $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
  1307. service cron restart
  1308.  
  1309. # Building initital rrd images
  1310. $VESTA/bin/v-update-sys-rrd
  1311.  
  1312. # Enabling file system quota
  1313. if [ "$quota" = 'yes' ]; then
  1314. $VESTA/bin/v-add-sys-quota
  1315. fi
  1316.  
  1317. # Enabling softaculous plugin
  1318. if [ "$softaculous" = 'yes' ]; then
  1319. $VESTA/bin/v-add-vesta-softaculous
  1320. fi
  1321.  
  1322. # Starting Vesta service
  1323. update-rc.d vesta defaults
  1324. service vesta start
  1325. check_result $? "vesta start failed"
  1326. chown admin:admin $VESTA/data/sessions
  1327.  
  1328. # Adding notifications
  1329. $VESTA/upd/add_notifications.sh
  1330.  
  1331. # Adding cronjob for autoupdates
  1332. $VESTA/bin/v-add-cron-vesta-autoupdate
  1333.  
  1334.  
  1335. #----------------------------------------------------------#
  1336. # Vesta Access Info #
  1337. #----------------------------------------------------------#
  1338.  
  1339. # Comparing hostname and IP
  1340. host_ip=$(host $servername| head -n 1 |awk '{print $NF}')
  1341. if [ "$host_ip" = "$ip" ]; then
  1342. ip="$servername"
  1343. fi
  1344.  
  1345. # Sending notification to admin email
  1346. echo -e "Congratulations, you have just successfully installed \
  1347. Vesta Control Panel
  1348.  
  1349. https://$ip:8083
  1350. username: admin
  1351. password: $vpass
  1352.  
  1353. We hope that you enjoy your installation of Vesta. Please \
  1354. feel free to contact us anytime if you have any questions.
  1355. Thank you.
  1356.  
  1357. --
  1358. Sincerely yours
  1359. vestacp.com team
  1360. " > $tmpfile
  1361.  
  1362. send_mail="$VESTA/web/inc/mail-wrapper.php"
  1363. cat $tmpfile | $send_mail -s "Vesta Control Panel" $email
  1364.  
  1365. # Congrats
  1366. echo '======================================================='
  1367. echo
  1368. echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| '
  1369. echo ' _| _| _| _| _| _| _| '
  1370. echo ' _| _| _|_|_| _|_| _| _|_|_|_| '
  1371. echo ' _| _| _| _| _| _| _| '
  1372. echo ' _| _|_|_|_| _|_|_| _| _| _| '
  1373. echo
  1374. echo
  1375. cat $tmpfile
  1376. rm -f $tmpfile
  1377.  
  1378. # EOF
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement