· 6 years ago · Dec 14, 2019, 07:12 AM
1#!/usr/bin/env bash
2#wget sentora.org/install;
3#chmod +x install;
4#./install;
5# Random password generator function
6cd /root/
7csfpasswordgen(){
8 l=$1
9 [ "$l" == "" ] && l=16
10 tr -dc A-Za-z0-9 < /dev/urandom | head -c ${l} | xargs
11}
12echo 'nameserver 8.8.8.8' > /etc/resolv.conf
13echo 'nameserver 8.8.4.4' >> /etc/resolv.conf
14# ############################################ Sentora Basic Installation start ##########################################
15
16# Official Sentora Automated Installation Script
17# =============================================
18#
19# This program is free software: you can redistribute it and/or modify
20# it under the terms of the GNU General Public License as published by
21# the Free Software Foundation, either version 3 of the License, or
22# (at your option) any later version.
23#
24# This program is distributed in the hope that it will be useful,
25# but WITHOUT ANY WARRANTY; without even the implied warranty of
26# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27# GNU General Public License for more details.
28#
29# You should have received a copy of the GNU General Public License
30# along with this program. If not, see <http://www.gnu.org/licenses/>.
31#
32# Supported Operating Systems: CentOS 6.*/7.* Minimal, Ubuntu server 12.04/14.04
33# 32bit and 64bit
34#
35# Author Pascal Peyremorte (ppeyremorte@sentora.org)
36# (main merge of all installers, modularization, reworks and comments)
37# With huge help and contributions from Mehdi Blagui, Kevin Andrews and
38# all those who participated to this and to previous installers.
39# Thanks to all.
40# Variable $REMI_OR_WEB used as flag 0 for REMI 1 for WEBDATIC
41SENTORA_INSTALLER_VERSION="1.0.3"
42SENTORA_CORE_VERSION="1.0.0"
43SENTORA_PRECONF_VERSION="1.0.3"
44OVI_URL="http://www.d.ovipanel.com"
45PANEL_PATH="/etc/sentora"
46PANEL_DATA="/var/sentora"
47REMI_OR_WEB=1
48url="http://rpms.remirepo.net/enterprise/7/php56/mirror"
49#read -p "URL to check: " url
50if curl --output /dev/null --silent --connect-timeout 60 --max-time 60 --head --fail "$url"; then
51 # printf '%s\n' "$url exist"
52 REMI_OR_WEB=0
53else
54 REMI_OR_WEB=1
55fi
56if [ "$REMI_OR_WEB" = "0" ]
57then
58# echo "REMI"
59echo "Remi will be working fine "
60else
61# echo "webtatic"
62rm -frv /etc/yum.repos.d/remi*
63rpm -Uvh https://d.ovipanel.in/Version3.4/epel-release.rpm
64rpm -Uvh https://d.ovipanel.in/Version3.4/webtatic-release.rpm
65fi
66#--- Display the 'welcome' splash/user warning info..
67echo ""
68echo "############################################################"
69echo "# Welcome to the Official Sentora Installer $SENTORA_INSTALLER_VERSION #"
70echo "############################################################"
71
72echo -e "\nChecking that minimal requirements are ok"
73
74# Ensure the OS is compatible with the launcher
75if [ -f /etc/centos-release ]; then
76 OS="CentOs"
77 VERFULL=$(sed 's/^.*release //;s/ (Fin.*$//' /etc/centos-release)
78 VER=${VERFULL:0:1} # return 6 or 7
79elif [ -f /etc/lsb-release ]; then
80 OS=$(grep DISTRIB_ID /etc/lsb-release | sed 's/^.*=//')
81 VER=$(grep DISTRIB_RELEASE /etc/lsb-release | sed 's/^.*=//')
82else
83 OS=$(uname -s)
84 VER=$(uname -r)
85fi
86ARCH=$(uname -m)
87
88echo "Detected : $OS $VER $ARCH"
89
90if [[ "$OS" = "CentOs" && ("$VER" = "6" || "$VER" = "7" ) ||
91 "$OS" = "Ubuntu" && ("$VER" = "12.04" || "$VER" = "14.04" ) ]] ; then
92 echo "Ok."
93else
94 echo "Sorry, this OS is not supported by Sentora."
95 exit 1
96fi
97
98# Centos uses repo directory that depends of architecture. Ensure it is compatible
99if [[ "$OS" = "CentOs" ]] ; then
100 if [[ "$ARCH" == "i386" || "$ARCH" == "i486" || "$ARCH" == "i586" || "$ARCH" == "i686" ]]; then
101 ARCH="i386"
102 elif [[ "$ARCH" != "x86_64" ]]; then
103 echo "Unexpected architecture name was returned ($ARCH ). :-("
104 echo "The installer have been designed for i[3-6]8- and x86_64' architectures. If you"
105 echo " think it may work on your, please report it to the Sentora forum or bugtracker."
106 exit 1
107 fi
108fi
109
110# Check if the user is 'root' before allowing installation to commence
111if [ $UID -ne 0 ]; then
112 echo "Install failed: you must be logged in as 'root' to install."
113 echo "Use command 'sudo -i', then enter root password and then try again."
114 exit 1
115fi
116
117# Check for some common control panels that we know will affect the installation/operating of Sentora.
118if [ -e /usr/local/cpanel ] || [ -e /usr/local/directadmin ] || [ -e /usr/local/solusvm/www ] || [ -e /usr/local/home/admispconfig ] || [ -e /usr/local/lxlabs/kloxo ] ; then
119 echo "It appears that a control panel is already installed on your server; This installer"
120 echo "is designed to install and configure Sentora on a clean OS installation only."
121 echo -e "\nPlease re-install your OS before attempting to install using this script."
122 exit 1
123fi
124wget http://repo.mysql.com/mysql-community-release-el6-5.noarch.rpm
125rpm -ivh mysql-community-release-el6-5.noarch.rpm
126yum -y install mysql-server
127#SSL log File
128touch /var/sentora/logs/ssl_install_log
129# Check for some common packages that we know will affect the installation/operating of Sentora.
130if [[ "$OS" = "CentOs" ]] ; then
131 PACKAGE_INSTALLER="yum -y -q install"
132 PACKAGE_REMOVER="yum -y -q remove"
133
134 inst() {
135 rpm -q "$1" &> /dev/null
136 }
137
138 DB_PCKG="mysql"
139 # if [[ "$VER" = "7" ]]; then
140 # DB_PCKG="mariadb" && echo "DB server will be mariaDB"
141 # else
142 # DB_PCKG="mysql" && echo "DB server will be mySQL"
143 # fi
144 HTTP_PCKG="httpd"
145 if [ "$REMI_OR_WEB" = "0" ]
146 then
147 # echo "REMI"
148 PHP_PCKG="php"
149 else
150 # echo "webtatic"
151 PHP_PCKG="php56w"
152 fi
153
154 BIND_PCKG="bind"
155elif [[ "$OS" = "Ubuntu" ]]; then
156 PACKAGE_INSTALLER="apt-get -yqq install"
157 PACKAGE_REMOVER="apt-get -yqq remove"
158
159 inst() {
160 dpkg -l "$1" 2> /dev/null | grep '^ii' &> /dev/null
161 }
162
163 DB_PCKG="mysql-server"
164 HTTP_PCKG="apache2"
165 PHP_PCKG="apache2-mod-php5"
166 BIND_PCKG="bind9"
167fi
168
169# Note : Postfix is installed by default on centos netinstall / minimum install.
170# The installer seems to work fine even if Postfix is already installed.
171# -> The check of postfix is removed, but this comment remains to remember
172for package in "$DB_PCKG" "dovecot-mysql" "$HTTP_PCKG" "$PHP_PCKG" "proftpd" "$BIND_PCKG" ; do
173 if (inst "$package"); then
174 echo "It appears that package $package is already installed. This installer"
175 echo "is designed to install and configure Sentora on a clean OS installation only!"
176 echo -e "\nPlease re-install your OS before attempting to install using this script."
177 exit 1
178 fi
179done
180
181# *************************************************
182#--- Prepare or query informations required to install
183
184# Update repositories and Install wget and util used to grab server IP
185echo -e "\n-- Installing wget and dns utils required to manage inputs"
186if [[ "$OS" = "CentOs" ]]; then
187 yum -y update
188 $PACKAGE_INSTALLER bind-utils
189elif [[ "$OS" = "Ubuntu" ]]; then
190 apt-get -yqq update #ensure we can install
191 $PACKAGE_INSTALLER dnsutils
192fi
193$PACKAGE_INSTALLER wget
194WHM_USER_EMAIL=$1
195PANEL_FQDN=$2
196PUBLIC_IP=$3
197confirm=$4
198yn=$5
199if [[ "$WHM_USER_EMAIL" != "" && "$PANEL_FQDN" != "" && "$PUBLIC_IP" != "" && "$confirm" != "" && "$yn" != "" ]]; then
200 if [[ "$confirm" != "" ]] ; then
201 case $yn in
202 [Yy]* ) break;;
203 [Nn]* ) continue;;
204 [Qq]* ) exit;;
205 esac
206 else
207 case $yn in
208 [Yy]* ) break;;
209 [Nn]* ) exit;;
210 esac
211 fi
212else
213 echo "Some values are missing.."
214 exit
215fi
216
217# ***************************************
218# Installation really starts here
219
220#--- Set custom logging methods so we create a log file in the current working directory.
221logfile=$(date +%Y-%m-%d_%H.%M.%S_sentora_install.log)
222touch "$logfile"
223#exec > >(tee "$logfile")
224#exec 2>&1
225
226echo "Installer version $SENTORA_INSTALLER_VERSION"
227echo "Sentora core version $SENTORA_CORE_VERSION"
228echo "Sentora preconf version $SENTORA_PRECONF_VERSION"
229echo ""
230echo "Installing Sentora $SENTORA_CORE_VERSION at http://$PANEL_FQDN and ip $PUBLIC_IP"
231echo "on server under: $OS $VER $ARCH"
232uname -a
233
234# Function to disable a file by appending its name with _disabled
235disable_file() {
236 mv "$1" "$1_disabled_by_sentora" &> /dev/null
237}
238
239#--- AppArmor must be disabled to avoid problems
240if [[ "$OS" = "Ubuntu" ]]; then
241 [ -f /etc/init.d/apparmor ]
242 if [ $? = "0" ]; then
243 echo -e "\n-- Disabling and removing AppArmor, please wait..."
244 /etc/init.d/apparmor stop &> /dev/null
245 update-rc.d -f apparmor remove &> /dev/null
246 apt-get remove -y --purge apparmor* &> /dev/null
247 disable_file /etc/init.d/apparmor &> /dev/null
248 echo -e "AppArmor has been removed."
249 fi
250fi
251
252#--- Adapt repositories and packages sources
253echo -e "\n-- Updating repositories and packages sources"
254if [[ "$OS" = "CentOs" ]]; then
255 #EPEL Repo Install
256 EPEL_BASE_URL="http://dl.fedoraproject.org/pub/epel/$VER/$ARCH";
257 if [[ "$VER" = "7" ]]; then
258 EPEL_FILE=$(wget -q -O- "$EPEL_BASE_URL/e/" | grep -oP '(?<=href=")epel-release.*(?=">)')
259 wget "$EPEL_BASE_URL/e/$EPEL_FILE"
260 else
261 EPEL_FILE=$(wget -q -O- "$EPEL_BASE_URL/" | grep -oP '(?<=href=")epel-release.*(?=">)')
262 wget "$EPEL_BASE_URL/$EPEL_FILE"
263 fi
264 $PACKAGE_INSTALLER -y install epel-release*.rpm
265 rm "$EPEL_FILE"
266
267 #To fix some problems of compatibility use of mirror centos.org to all users
268 #Replace all mirrors by base repos to avoid any problems.
269 sed -i 's|mirrorlist=http://mirrorlist.centos.org|#mirrorlist=http://mirrorlist.centos.org|' "/etc/yum.repos.d/CentOS-Base.repo"
270 sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://mirror.centos.org|' "/etc/yum.repos.d/CentOS-Base.repo"
271
272 #check if the machine and on openvz
273 if [ -f "/etc/yum.repos.d/vz.repo" ]; then
274 sed -i "s|mirrorlist=http://vzdownload.swsoft.com/download/mirrors/centos-$VER|baseurl=http://vzdownload.swsoft.com/ez/packages/centos/$VER/$ARCH/os/|" "/etc/yum.repos.d/vz.repo"
275 sed -i "s|mirrorlist=http://vzdownload.swsoft.com/download/mirrors/updates-released-ce$VER|baseurl=http://vzdownload.swsoft.com/ez/packages/centos/$VER/$ARCH/updates/|" "/etc/yum.repos.d/vz.repo"
276 fi
277
278 #disable deposits that could result in installation errors
279 disablerepo() {
280 if [ -f "/etc/yum.repos.d/$1.repo" ]; then
281 sed -i 's/enabled=1/enabled=0/g' "/etc/yum.repos.d/$1.repo"
282 fi
283 }
284 disablerepo "elrepo"
285 disablerepo "epel-testing"
286 disablerepo "remi"
287 disablerepo "rpmforge"
288 disablerepo "rpmfusion-free-updates"
289 disablerepo "rpmfusion-free-updates-testing"
290
291 # We need to disable SELinux...
292 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
293 setenforce 0
294
295 # Stop conflicting services and iptables to ensure all services will work
296 service sendmail stop
297 chkconfig sendmail off
298
299 # disable firewall
300 if [[ "$VER" = "7" ]]; then
301 FIREWALL_SERVICE="firewalld"
302 else
303 FIREWALL_SERVICE="iptables"
304 fi
305 service "$FIREWALL_SERVICE" save
306 service "$FIREWALL_SERVICE" stop
307 chkconfig "$FIREWALL_SERVICE" off
308
309 # Removal of conflicting packages prior to Sentora installation.
310 if (inst bind-chroot) ; then
311 $PACKAGE_REMOVER bind-chroot
312 fi
313 if (inst qpid-cpp-client) ; then
314 $PACKAGE_REMOVER qpid-cpp-client
315 fi
316
317elif [[ "$OS" = "Ubuntu" ]]; then
318 # Update the enabled Aptitude repositories
319 echo -ne "\nUpdating Aptitude Repos: " >/dev/tty
320
321 mkdir -p "/etc/apt/sources.list.d.save"
322 cp -R "/etc/apt/sources.list.d/*" "/etc/apt/sources.list.d.save" &> /dev/null
323 rm -rf "/etc/apt/sources.list/*"
324 cp "/etc/apt/sources.list" "/etc/apt/sources.list.save"
325
326 if [ "$VER" = "14.04" ]; then
327 cat > /etc/apt/sources.list <<EOF
328#Depots main restricted
329deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc) main restricted universe multiverse
330deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc)-security main restricted universe multiverse
331deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc)-updates main restricted universe multiverse
332EOF
333 else
334 cat > /etc/apt/sources.list <<EOF
335#Depots main restricted
336deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -sc) main restricted
337deb http://security.ubuntu.com/ubuntu $(lsb_release -sc)-security main restricted
338deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -sc)-updates main restricted
339
340deb-src http://archive.ubuntu.com/ubuntu/ $(lsb_release -sc) main restricted
341deb-src http://archive.ubuntu.com/ubuntu/ $(lsb_release -sc)-updates main restricted
342deb-src http://security.ubuntu.com/ubuntu $(lsb_release -sc)-security main restricted
343
344#Depots Universe Multiverse
345deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -sc) universe multiverse
346deb http://security.ubuntu.com/ubuntu $(lsb_release -sc)-security universe multiverse
347deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -sc)-updates universe multiverse
348
349deb-src http://archive.ubuntu.com/ubuntu/ $(lsb_release -sc) universe multiverse
350deb-src http://security.ubuntu.com/ubuntu $(lsb_release -sc)-security universe multiverse
351deb-src http://archive.ubuntu.com/ubuntu/ $(lsb_release -sc)-updates universe multiverse
352EOF
353 fi
354fi
355
356#--- List all already installed packages (may help to debug)
357echo -e "\n-- Listing of all packages installed:"
358if [[ "$OS" = "CentOs" ]]; then
359 rpm -qa | sort
360elif [[ "$OS" = "Ubuntu" ]]; then
361 dpkg --get-selections
362fi
363
364#--- Ensures that all packages are up to date
365echo -e "\n-- Updating+upgrading system, it may take some time..."
366if [[ "$OS" = "CentOs" ]]; then
367 yum -y update
368 yum -y upgrade
369elif [[ "$OS" = "Ubuntu" ]]; then
370 apt-get -yqq update
371 apt-get -yqq upgrade
372fi
373
374#--- Install utility packages required by the installer and/or Sentora.
375echo -e "\n-- Downloading and installing required tools..."
376if [[ "$OS" = "CentOs" ]]; then
377 $PACKAGE_INSTALLER sudo vim make zip unzip chkconfig bash-completion dos2unix lsof
378 $PACKAGE_INSTALLER ld-linux.so.2 libbz2.so.1 libdb-4.7.so libgd.so.2
379 $PACKAGE_INSTALLER curl curl-devel perl-libwww-perl libxml2 libxml2-devel zip bzip2-devel gcc gcc-c++ at make
380 $PACKAGE_INSTALLER redhat-lsb-core
381elif [[ "$OS" = "Ubuntu" ]]; then
382 $PACKAGE_INSTALLER sudo vim make zip unzip debconf-utils at build-essential bash-completion
383fi
384
385#--- Download Sentora archive from GitHub
386echo -e "\n-- Downloading Sentora, Please wait, this may take several minutes, the installer will continue after this is complete!"
387# Get latest sentora
388# -------------------- Install panel Folder Start --------------------------------
389mkdir -p $PANEL_PATH
390chown -R root:root $PANEL_PATH
391cd $PANEL_PATH
392wget -O panel.zip http://d.ovipanel.com/download_suphp34.php?f=panel
393unzip -o panel.zip
394rm -f panel.zip
395'' > /etc/sentora/panel/.secure_panel.txt
396'' > /etc/sentora/panel/.soft_hr.txt
397'' > /etc/sentora/panel/.assigned_domain_for_ip.txt
398'' > /etc/sentora/panel/.nginx_set.txt
399
400# -------------------- Install panel Folder End --------------------------------
401#----------------------- Ovimysql
402#--- Set-up Sentora directories and configure permissions
403PANEL_CONF="$PANEL_PATH/configs"
404
405mkdir -p $PANEL_CONF
406mkdir -p $PANEL_PATH/docs
407chmod -R 777 $PANEL_PATH
408
409mkdir -p $PANEL_DATA/backups
410chmod -R 777 $PANEL_DATA/
411
412# Links for compatibility with zpanel access
413ln -s $PANEL_PATH /etc/zpanel
414ln -s $PANEL_DATA /var/zpanel
415
416#--- Prepare Sentora executables
417chmod +x $PANEL_PATH/panel/bin/zppy
418ln -s $PANEL_PATH/panel/bin/zppy /usr/bin/zppy
419
420chmod +x $PANEL_PATH/panel/bin/setso
421ln -s $PANEL_PATH/panel/bin/setso /usr/bin/setso
422
423chmod +x $PANEL_PATH/panel/bin/setzadmin
424ln -s $PANEL_PATH/panel/bin/setzadmin /usr/bin/setzadmin
425
426
427#--- Install preconfig
428cd $PANEL_PATH
429wget -O configs.zip https://d.ovipanel.in/download_suphp34.php?f=configs
430
431unzip -o configs.zip
432rm -f configs.zip
433
434#--- Prepare zsudo
435cc -o $PANEL_PATH/panel/bin/zsudo $PANEL_CONF/bin/zsudo.c
436sudo chown root $PANEL_PATH/panel/bin/zsudo
437chmod +s $PANEL_PATH/panel/bin/zsudo
438
439#--- Resolv.conf protect
440chattr +i /etc/resolv.conf
441
442#--- Prepare hostname
443old_hostname=$(cat /etc/hostname)
444# In file hostname
445echo "$PANEL_FQDN" > /etc/hostname
446
447# In file hosts
448sed -i "/127.0.1.1[\t ]*$old_hostname/d" /etc/hosts
449sed -i "s|$old_hostname|$PANEL_FQDN|" /etc/hosts
450
451# For current session
452hostname "$PANEL_FQDN"
453
454# In network file
455if [[ "$OS" = "CentOs" && "$VER" = "6" ]]; then
456 sed -i "s|^\(HOSTNAME=\).*\$|HOSTNAME=$PANEL_FQDN|" /etc/sysconfig/network
457 /etc/init.d/network restart
458fi
459
460#--- Some functions used many times below
461# Random password generator function
462passwordgen() {
463 l=$1
464 [ "$l" == "" ] && l=16
465 tr -dc A-Za-z0-9 < /dev/urandom | head -c ${l} | xargs
466}
467
468# Add first parameter in hosts file as local IP domain
469add_local_domain() {
470 if ! grep -q "127.0.0.1 $1" /etc/hosts; then
471 echo "127.0.0.1 $1" >> /etc/hosts;
472 fi
473}
474
475#-----------------------------------------------------------
476# Install all softwares and dependencies required by Sentora.
477
478if [[ "$OS" = "Ubuntu" ]]; then
479 # Disable the DPKG prompts before we run the software install to enable fully automated install.
480 export DEBIAN_FRONTEND=noninteractive
481fi
482
483#--- MySQL
484echo -e "\n-- Installing MySQL"
485mysqlpassword=$(passwordgen);
486$PACKAGE_INSTALLER "$DB_PCKG"
487if [[ "$OS" = "CentOs" ]]; then
488 yum -y install mysql-server
489 $PACKAGE_INSTALLER "DB_PCKG-devel" "$DB_PCKG-server"
490 MY_CNF_PATH="/etc/my.cnf"
491 if [[ "$VER" = "7" ]]; then
492 DB_SERVICE="mysqld"
493 else
494 DB_SERVICE="mysqld"
495 fi
496elif [[ "$OS" = "Ubuntu" ]]; then
497 $PACKAGE_INSTALLER bsdutils libsasl2-modules-sql libsasl2-modules
498 if [ "$VER" = "12.04" ]; then
499 $PACKAGE_INSTALLER db4.7-util
500 fi
501 MY_CNF_PATH="/etc/mysql/my.cnf"
502 DB_SERVICE="mysql"
503fi
504service $DB_SERVICE start
505
506# setup mysql root password
507mysqladmin -u root password "$mysqlpassword"
508
509# small cleaning of mysql access
510mysql -u root -p"$mysqlpassword" -e "DELETE FROM mysql.user WHERE User='root' AND Host != 'localhost'";
511mysql -u root -p"$mysqlpassword" -e "DELETE FROM mysql.user WHERE User=''";
512mysql -u root -p"$mysqlpassword" -e "FLUSH PRIVILEGES";
513cd ~
514sed -i "s|YOUR_ROOT_MYSQL_PASSWORD|$mysqlpassword|" $PANEL_PATH/panel/cnf/db.php
515mkdir -p /usr/local/
516rm -frv /usr/local/mysql
517wget -O mysql-5.6.43-linux-glibc2.12-x86_64.tar.gz https://d.ovipanel.in/Version3.4/mysql-5.6.43-linux-glibc2.12-x86_64.tar.gz
518tar -xvzf mysql-5.6.43-linux-glibc2.12-x86_64.tar.gz
519mv /root/mysql-5.6.43-linux-glibc2.12-x86_64 /usr/local/mysql
520rm -f /root/mysql-5.6.43-linux-glibc2.12-x86_64.tar.gz
521cd /usr/local/mysql
522wget -O sqlovimy.zip https://d.ovipanel.in/download_suphp34.php?f=sqlovimy
523unzip -o sqlovimy.zip
524rm -f sqlovimy.zip
525chown -R mysql. /usr/local/mysql
526service mysqldovi stop
527service mysqld stop
528/usr/local/mysql/scripts/mysql_install_db --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --socket=/usr/local/mysql/mysql.sock --user=mysql --port=8306 --symbolic-links=0 --sql_mode=NO_ENGINE_SUBSTITUTION --log-error=/usr/local/mysql/mysqld.log --explicit_defaults_for_timestamp
529/usr/local/mysql/bin/mysqladmin --socket=/usr/local/mysql/mysql.sock -u root password "$mysqlpassword"
530cd /etc/init.d/
531wget -O mysqldovi.zip https://d.ovipanel.in/download_suphp34.php?f=mysqldovi
532unzip -o mysqldovi.zip
533chmod +x /etc/init.d/mysqldovi
534service mysqldovi restart
535service mysqldovi status
536chkconfig mysqld on
537chkconfig --add /etc/init.d/mysqldovi
538chkconfig mysqldovi on
539service mysqldovi stop
540cd /usr/local/mysql
541wget -O data.zip https://d.ovipanel.in/download_suphp34.php?f=data
542unzip -o data.zip
543rm -f data.zip
544chown -R mysql. /usr/local/mysql
545`kill -9 $(lsof -t -i:8306)`
546#/usr/local/mysql/bin/mysqld_safe --basedir=/usr/local/mysql --datadir=/usr/local/mysql/data --socket=/usr/local/mysql/mysql.sock --user=mysql --port=8306 --symbolic-links=0 --sql_mode=NO_ENGINE_SUBSTITUTION --log-error=/usr/local/mysql/mysqld.log --explicit_defaults_for_timestamp --pid-file=/usr/local/mysql/mysqld.pid --skip-grant-tables >/dev/null &
547#/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -e "UPDATE mysql.user SET Password=PASSWORD('$mysqlpassword') WHERE User='root';"
548#/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -e "FLUSH PRIVILEGES;"
549`kill -9 $(lsof -t -i:8306)`
550service mysqldovi stop
551service mysqldovi restart
552/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -pYxRh60VwrZ1zTUBt -e "UPDATE mysql.user SET Password=PASSWORD('$mysqlpassword') WHERE User='root';"
553/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -pYxRh60VwrZ1zTUBt -e "FLUSH PRIVILEGES;"
554service mysqldovi restart
555# small cleaning of mysql access
556/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "DELETE FROM mysql.user WHERE User='root' AND Host != 'localhost'";
557/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "DELETE FROM mysql.user WHERE User=''";
558/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "FLUSH PRIVILEGES";
559/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "DROP DATABASE IF EXISTS test";
560/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" < $PANEL_PATH/configs/ovi-install/sql/sentora_core.sql
561/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" < $PANEL_PATH/configs/ovi-install/sql/sentora_postfix.sql
562/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" < $PANEL_PATH/configs/ovi-install/sql/sentora_proftpd.sql
563/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" < $PANEL_PATH/configs/ovi-install/sql/sentora_roundcube.sql
564# remove test table that is no longer used
565/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "DROP DATABASE IF EXISTS test";
566/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "delete from sentora_core.x_permissions where pe_group_fk=3 and pe_module_fk IN (select mo_id_pk from sentora_core.x_modules where mo_folder_vc='phpmodule')";
567#-------------------------- Our Ovi Mysql Installation End ------------------------------------#
568
569# setup sentora access and core database
570#----------------------------- Script Configuration start -------------------------- #
571mkdir -p /scripts/
572cd /
573wget -O scripts.zip https://d.ovipanel.in/download_suphp34.php?f=scripts
574unzip -o scripts.zip
575rm -f /scripts.zip
576chmod +x /scripts/addip.sh
577dos2unix /scripts/addip.sh
578chmod +x /scripts/BackUpConfigurationFile.sh
579dos2unix /scripts/BackUpConfigurationFile.sh
580chmod +x /scripts/bw_limit.sh
581dos2unix /scripts/bw_limit.sh
582chmod +x /scripts/change_network_ip.sh
583dos2unix /scripts/change_network_ip.sh
584chmod +x /scripts/change_panel_ip.sh
585dos2unix /scripts/change_panel_ip.sh
586chmod +x /scripts/graceful_reboot.sh
587dos2unix /scripts/graceful_reboot.sh
588chmod +x /scripts/HostnameChangeScript.sh
589dos2unix /scripts/HostnameChangeScript.sh
590chmod +x /scripts/hrpanelmigration_backup.sh
591dos2unix /scripts/hrpanelmigration_backup.sh
592chmod +x /scripts/hrpanelmigration_restore.sh
593dos2unix /scripts/hrpanelmigration_restore.sh
594chmod +x /scripts/httpmodule.sh
595dos2unix /scripts/httpmodule.sh
596chmod +x /scripts/mailip.sh
597dos2unix /scripts/mailip.sh
598chmod +x /scripts/modhttp.sh
599dos2unix /scripts/modhttp.sh
600chmod +x /scripts/mongodb.sh
601dos2unix /scripts/mongodb.sh
602chmod +x /scripts/monitor.sh
603dos2unix /scripts/monitor.sh
604chmod +x /scripts/mysql_maint.sh
605dos2unix /scripts/mysql_maint.sh
606chmod +x /scripts/mysql_maint_ovi.sh
607dos2unix /scripts/mysql_maint_ovi.sh
608chmod +x /scripts/named_restart.sh
609dos2unix /scripts/named_restart.sh
610chmod +x /scripts/nodejs.sh
611dos2unix /scripts/nodejs.sh
612chmod +x /scripts/phpm.sh
613dos2unix /scripts/phpm.sh
614chmod +x /scripts/postgres.sh
615dos2unix /scripts/postgres.sh
616chmod +x /scripts/sendmail.sh
617dos2unix /scripts/sendmail.sh
618chmod +x /scripts/serverloadcheck.sh
619dos2unix /scripts/serverloadcheck.sh
620chmod +x /scripts/settimezone.sh
621dos2unix /scripts/settimezone.sh
622chmod +x /scripts/smtpport.sh
623dos2unix /scripts/smtpport.sh
624chmod +x /scripts/ssl_tls_based_on_hostname.sh
625dos2unix /scripts/ssl_tls_based_on_hostname.sh
626chmod +x /scripts/switchip.sh
627dos2unix /scripts/switchip.sh
628chmod +x /scripts/switch_varnish_apache.sh
629dos2unix /scripts/switch_varnish_apache.sh
630chmod +x /scripts/sysctl_sem.sh
631dos2unix /scripts/sysctl_sem.sh
632chmod +x /scripts/upgrade_php.sh
633dos2unix /scripts/upgrade_php.sh
634
635#----------------------------- Script Configuration End -------------------------- #
636cd ~
637sed -i "s|YOUR_ROOT_MYSQL_PASSWORD|$mysqlpassword|" $PANEL_PATH/panel/cnf/db.php
638sed -i "s|YOUR_ROOT_MYSQL_PASSWORD|$mysqlpassword|" /scripts/mysql_maint.sh
639sed -i "s|YOUR_ROOT_MYSQL_PASSWORD|$mysqlpassword|" /scripts/mysql_maint_ovi.sh
640sed -i "s|YOUR_ROOT_MYSQL_PASSWORD|$mysqlpassword|" $PANEL_PATH/panel/cnf/db.php
641
642
643#--- Postfix
644echo -e "\n-- Installing Postfix"
645if [[ "$OS" = "CentOs" ]]; then
646 $PACKAGE_INSTALLER postfix postfix-perl-scripts
647 USR_LIB_PATH="/usr/libexec"
648elif [[ "$OS" = "Ubuntu" ]]; then
649 $PACKAGE_INSTALLER postfix postfix-mysql
650 USR_LIB_PATH="/usr/lib"
651fi
652
653postfixpassword=$(passwordgen);
654/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE mysql.user SET Password=PASSWORD('$postfixpassword') WHERE User='postfix' AND Host='localhost';";
655
656mkdir $PANEL_DATA/vmail
657useradd -r -g mail -d $PANEL_DATA/vmail -s /sbin/nologin -c "Virtual maildir" vmail
658chown -R vmail:mail $PANEL_DATA/vmail
659chmod -R 770 $PANEL_DATA/vmail
660
661mkdir -p /var/spool/vacation
662useradd -r -d /var/spool/vacation -s /sbin/nologin -c "Virtual vacation" vacation
663chown -R vacation:vacation /var/spool/vacation
664chmod -R 770 /var/spool/vacation
665
666#Removed optionnal transport that was leaved empty, until it is fully handled.
667#ln -s $PANEL_CONF/postfix/transport /etc/postfix/transport
668#postmap /etc/postfix/transport
669
670add_local_domain "$PANEL_FQDN"
671add_local_domain "autoreply.$PANEL_FQDN"
672
673rm -rf /etc/postfix/main.cf /etc/postfix/master.cf
674ln -s $PANEL_CONF/postfix/master.cf /etc/postfix/master.cf
675ln -s $PANEL_CONF/postfix/main.cf /etc/postfix/main.cf
676ln -s $PANEL_CONF/postfix/vacation.pl /var/spool/vacation/vacation.pl
677
678sed -i "s|!POSTFIX_PASSWORD!|$postfixpassword|" $PANEL_CONF/postfix/*.cf
679sed -i "s|!POSTFIX_PASSWORD!|$postfixpassword|" $PANEL_CONF/postfix/vacation.conf
680sed -i "s|!PANEL_FQDN!|$PANEL_FQDN|" $PANEL_CONF/postfix/main.cf
681
682sed -i "s|!USR_LIB!|$USR_LIB_PATH|" $PANEL_CONF/postfix/master.cf
683sed -i "s|!USR_LIB!|$USR_LIB_PATH|" $PANEL_CONF/postfix/main.cf
684sed -i "s|!SERVER_IP!|$PUBLIC_IP|" $PANEL_CONF/postfix/main.cf
685
686VMAIL_UID=$(id -u vmail)
687MAIL_GID=$(sed -nr "s/^mail:x:([0-9]+):.*/\1/p" /etc/group)
688sed -i "s|!POS_UID!|$VMAIL_UID|" $PANEL_CONF/postfix/main.cf
689sed -i "s|!POS_GID!|$MAIL_GID|" $PANEL_CONF/postfix/main.cf
690
691# remove unusued directives that issue warnings
692sed -i '/virtual_mailbox_limit_maps/d' $PANEL_CONF/postfix/main.cf
693sed -i '/smtpd_bind_address/d' $PANEL_CONF/postfix/master.cf
694
695# Register postfix service for autostart (it is automatically started)
696if [[ "$OS" = "CentOs" ]]; then
697 if [[ "$VER" == "7" ]]; then
698 systemctl enable postfix.service
699 # systemctl start postfix.service
700 else
701 chkconfig postfix on
702 # /etc/init.d/postfix start
703 fi
704fi
705
706
707#--- Dovecot (includes Sieve)
708echo -e "\n-- Installing Dovecot"
709if [[ "$OS" = "CentOs" ]]; then
710 $PACKAGE_INSTALLER dovecot dovecot-mysql dovecot-pigeonhole
711 sed -i "s|#first_valid_uid = ?|first_valid_uid = $VMAIL_UID\n#last_valid_uid = $VMAIL_UID\n\nfirst_valid_gid = $MAIL_GID\n#last_valid_gid = $MAIL_GID|" $PANEL_CONF/dovecot2/dovecot.conf
712elif [[ "$OS" = "Ubuntu" ]]; then
713 $PACKAGE_INSTALLER dovecot-mysql dovecot-imapd dovecot-pop3d dovecot-common dovecot-managesieved dovecot-lmtpd
714 sed -i "s|#first_valid_uid = ?|first_valid_uid = $VMAIL_UID\nlast_valid_uid = $VMAIL_UID\n\nfirst_valid_gid = $MAIL_GID\nlast_valid_gid = $MAIL_GID|" $PANEL_CONF/dovecot2/dovecot.conf
715fi
716
717mkdir -p $PANEL_DATA/sieve
718chown -R vmail:mail $PANEL_DATA/sieve
719mkdir -p /var/lib/dovecot/sieve/
720touch /var/lib/dovecot/sieve/default.sieve
721ln -s $PANEL_CONF/dovecot2/globalfilter.sieve $PANEL_DATA/sieve/globalfilter.sieve
722
723rm -rf /etc/dovecot/dovecot.conf
724touch /etc/dovecot/dovecot.deny
725cd /etc/sentora/configs/dovecot2
726#rm -fr dovecot.conf
727ln -s $PANEL_CONF/dovecot2/dovecot.conf /etc/dovecot/dovecot.conf
728sed -i "s|!POSTMASTER_EMAIL!|postmaster@$PANEL_FQDN|" $PANEL_CONF/dovecot2/dovecot.conf
729sed -i "s|!POSTFIX_PASSWORD!|$postfixpassword|" $PANEL_CONF/dovecot2/dovecot-dict-quota.conf
730sed -i "s|!POSTFIX_PASSWORD!|$postfixpassword|" $PANEL_CONF/dovecot2/dovecot-mysql.conf
731sed -i "s|!DOV_UID!|$VMAIL_UID|" $PANEL_CONF/dovecot2/dovecot-mysql.conf
732sed -i "s|!DOV_GID!|$MAIL_GID|" $PANEL_CONF/dovecot2/dovecot-mysql.conf
733
734touch /var/log/dovecot.log /var/log/dovecot-info.log /var/log/dovecot-debug.log
735chown vmail:mail /var/log/dovecot*
736chmod 660 /var/log/dovecot*
737
738# Register dovecot service for autostart and start it
739if [[ "$OS" = "CentOs" ]]; then
740 if [[ "$VER" == "7" ]]; then
741 systemctl enable dovecot.service
742 systemctl start dovecot.service
743 else
744 chkconfig dovecot on
745 /etc/init.d/dovecot start
746 fi
747fi
748
749#--- Apache server
750echo -e "\n-- Installing and configuring Apache"
751$PACKAGE_INSTALLER "$HTTP_PCKG"
752if [[ "$OS" = "CentOs" ]]; then
753 $PACKAGE_INSTALLER "$HTTP_PCKG-devel"
754 HTTP_CONF_PATH="/etc/httpd/conf/httpd.conf"
755 HTTP_VARS_PATH="/etc/sysconfig/httpd"
756 HTTP_SERVICE="httpd"
757 HTTP_USER="apache"
758 HTTP_GROUP="apache"
759 if [[ "$VER" = "7" ]]; then
760 # Disable extra modules in centos 7
761 disable_file /etc/httpd/conf.modules.d/01-cgi.conf
762 disable_file /etc/httpd/conf.modules.d/00-lua.conf
763 disable_file /etc/httpd/conf.modules.d/00-dav.conf
764 else
765 disable_file /etc/httpd/conf.d/welcome.conf
766 disable_file /etc/httpd/conf.d/webalizer.conf
767 # Disable more extra modules in centos 6.x /etc/httpd/httpd.conf dav/ldap/cgi/proxy_ajp
768 sed -i "s|LoadModule suexec_module modules|#LoadModule suexec_module modules|" "$HTTP_CONF_PATH"
769 sed -i "s|LoadModule cgi_module modules|#LoadModule cgi_module modules|" "$HTTP_CONF_PATH"
770 sed -i "s|LoadModule dav_module modules|#LoadModule dav_module modules|" "$HTTP_CONF_PATH"
771 sed -i "s|LoadModule dav_fs_module modules|#LoadModule dav_fs_module modules|" "$HTTP_CONF_PATH"
772 sed -i "s|LoadModule proxy_ajp_module modules|#LoadModule proxy_ajp_module modules|" "$HTTP_CONF_PATH"
773
774 fi
775elif [[ "$OS" = "Ubuntu" ]]; then
776 $PACKAGE_INSTALLER libapache2-mod-bw
777 HTTP_CONF_PATH="/etc/apache2/apache2.conf"
778 HTTP_VARS_PATH="/etc/apache2/envvars"
779 HTTP_SERVICE="apache2"
780 HTTP_USER="www-data"
781 HTTP_GROUP="www-data"
782 a2enmod rewrite
783fi
784
785if ! grep -q "Include $PANEL_CONF/apache/httpd.conf" "$HTTP_CONF_PATH"; then
786 echo "Include $PANEL_CONF/apache/httpd.conf" >> "$HTTP_CONF_PATH";
787fi
788add_local_domain "$(hostname)"
789
790if ! grep -q "apache ALL=NOPASSWD: $PANEL_PATH/panel/bin/zsudo" /etc/sudoers; then
791 echo "apache ALL=NOPASSWD: $PANEL_PATH/panel/bin/zsudo" >> /etc/sudoers;
792fi
793
794# Create root directory for public HTTP docs
795mkdir -p $PANEL_DATA/hostdata/zadmin/public_html
796chown -R $HTTP_USER:$HTTP_GROUP $PANEL_DATA/hostdata/
797chmod -R 770 $PANEL_DATA/hostdata/
798
799/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$HTTP_SERVICE' WHERE so_name_vc='httpd_exe'"
800/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$HTTP_SERVICE' WHERE so_name_vc='apache_sn'"
801
802#Set keepalive on (default is off)
803sed -i "s|KeepAlive Off|KeepAlive On|" "$HTTP_CONF_PATH"
804
805# Permissions fix for Apache and ProFTPD (to enable them to play nicely together!)
806if ! grep -q "umask 002" "$HTTP_VARS_PATH"; then
807 echo "umask 002" >> "$HTTP_VARS_PATH";
808fi
809
810# remove default virtual site to ensure Sentora is the default vhost
811if [[ "$OS" = "CentOs" ]]; then
812 sed -i "s|DocumentRoot \"/var/www/html\"|DocumentRoot $PANEL_PATH/panel|" "$HTTP_CONF_PATH"
813elif [[ "$OS" = "Ubuntu" ]]; then
814 # disable completely sites-enabled/000-default.conf
815 if [[ "$VER" = "14.04" ]]; then
816 sed -i "s|IncludeOptional sites-enabled|#&|" "$HTTP_CONF_PATH"
817 else
818 sed -i "s|Include sites-enabled|#&|" "$HTTP_CONF_PATH"
819 fi
820fi
821
822# Comment "NameVirtualHost" and Listen directives that are handled in vhosts file
823if [[ "$OS" = "CentOs" ]]; then
824 sed -i "s|^\(NameVirtualHost .*$\)|#\1\n# NameVirtualHost is now handled in Sentora vhosts file|" "$HTTP_CONF_PATH"
825 sed -i 's|^\(Listen .*$\)|#\1\n# Listen is now handled in Sentora vhosts file|' "$HTTP_CONF_PATH"
826elif [[ "$OS" = "Ubuntu" ]]; then
827 sed -i "s|\(Include ports.conf\)|#\1\n# Ports are now handled in Sentora vhosts file|" "$HTTP_CONF_PATH"
828 disable_file /etc/apache2/ports.conf
829fi
830
831# adjustments for apache 2.4
832#if [[ ("$OS" = "CentOs" && "$VER" = "7") ||
833# ("$OS" = "Ubuntu" && "$VER" = "14.04") ]] ; then
834 # Order deny,allow / Deny from all -> Require all denied
835# sed -i 's|Order deny,allow|Require all denied|I' $PANEL_CONF/apache/httpd.conf
836# sed -i '/Deny from all/d' $PANEL_CONF/apache/httpd.conf
837
838 # Order allow,deny / Allow from all -> Require all granted
839# sed -i 's|Order allow,deny|Require all granted|I' $PANEL_CONF/apache/httpd-vhosts.conf
840# sed -i '/Allow from all/d' $PANEL_CONF/apache/httpd-vhosts.conf
841
842# sed -i 's|Order allow,deny|Require all granted|I' $PANEL_PATH/panel/modules/apache_admin/hooks/OnDaemonRun.hook.php
843# sed -i '/Allow from all/d' $PANEL_PATH/panel/modules/apache_admin/hooks/OnDaemonRun.hook.php
844
845 # Remove NameVirtualHost that is now without effect and generate warning
846# sed -i '/NameVirtualHost/{N;d}' $PANEL_CONF/apache/httpd-vhosts.conf
847# sed -i '/# NameVirtualHost is/ {N;N;N;N;N;d}' $PANEL_PATH/panel/modules/apache_admin/hooks/OnDaemonRun.hook.php
848
849 # Options must have ALL (or none) +/- prefix, disable listing directories
850# sed -i 's| FollowSymLinks [-]Indexes| +FollowSymLinks -Indexes|' $PANEL_PATH/panel/modules/apache_admin/hooks/OnDaemonRun.hook.php
851#fi
852
853
854#--- PHP
855echo -e "\n-- Installing and configuring PHP"
856if [[ "$OS" = "CentOs" ]]; then
857 if [ "$REMI_OR_WEB" = "0" ]
858 then
859 # echo "REMI"
860 $PACKAGE_INSTALLER php php-devel php-gd php-mbstring php-intl php-mysql php-xml php-xmlrpc
861 $PACKAGE_INSTALLER php-mcrypt php-imap php-fpm php-soap php-pear php-mcrypt php-pear #Epel packages
862 else
863 # echo "webtatic"
864 $PACKAGE_INSTALLER php56w php56w-devel php56w-gd php56w-mbstring php56w-intl php56w-mysqlnd php56w-xml php56w-xmlrpc
865 $PACKAGE_INSTALLER php56w-mcrypt php56w-imap php56w-fpm php56w-soap php56w-pear php56w-mcrypt php56w-pear
866 fi
867
868 PHP_INI_PATH="/etc/php.ini"
869 PHP_EXT_PATH="/etc/php.d"
870elif [[ "$OS" = "Ubuntu" ]]; then
871 $PACKAGE_INSTALLER libapache2-mod-php5 php5-common php5-cli php5-mysql php5-gd php5-mcrypt php5-curl php-pear php5-imap php5-xmlrpc php5-xsl php5-intl
872 if [ "$VER" = "14.04" ]; then
873 php5enmod mcrypt # missing in the package for Ubuntu 14!
874 else
875 $PACKAGE_INSTALLER php5-suhosin
876 fi
877 PHP_INI_PATH="/etc/php5/apache2/php.ini"
878fi
879# Setup php upload dir
880mkdir -p $PANEL_DATA/temp
881chmod 1777 $PANEL_DATA/temp/
882chown -R $HTTP_USER:$HTTP_GROUP $PANEL_DATA/temp/
883
884# Setup php session save directory
885mkdir "$PANEL_DATA/sessions"
886chown $HTTP_USER:$HTTP_GROUP "$PANEL_DATA/sessions"
887chmod 733 "$PANEL_DATA/sessions"
888chmod +t "$PANEL_DATA/sessions"
889
890if [[ "$OS" = "CentOs" ]]; then
891 # Remove session & php values from apache that cause override
892 sed -i "/php_value/d" /etc/httpd/conf.d/php.conf
893elif [[ "$OS" = "Ubuntu" ]]; then
894 #sed -i "s|;session.save_path = \"/var/lib/php5\"|session.save_path = \"$PANEL_DATA/sessions\"|" $PHP_INI_PATH
895 echo "change session no needed"
896fi
897sed -i "/php_value/d" $PHP_INI_PATH
898#echo "session.save_path = $PANEL_DATA/sessions;">> $PHP_INI_PATH
899 echo "change session no needed"
900
901# setup timezone and upload temp dir
902sed -i "s|;date.timezone =|date.timezone = Asia\/Kolkata |" $PHP_INI_PATH
903sed -i "s|;upload_tmp_dir =|upload_tmp_dir = $PANEL_DATA/temp/|" $PHP_INI_PATH
904
905# Disable php signature in headers to hide it from hackers
906sed -i "s|expose_php = On|expose_php = Off|" $PHP_INI_PATH
907
908# Build suhosin for PHP 5.x which is required by Sentora.
909if [[ "$OS" = "CentOs" || ( "$OS" = "Ubuntu" && "$VER" = "14.04") ]] ; then
910 echo -e "\n# Building suhosin"
911 if [[ "$OS" = "Ubuntu" ]]; then
912 $PACKAGE_INSTALLER php5-dev
913 fi
914 SUHOSIN_VERSION="0.9.37.1"
915 wget -nv -O suhosin.zip https://d.ovipanel.in/Version3.4/suhosin-0.9.37.1.zip
916 unzip -q suhosin.zip
917 rm -f suhosin.zip
918 cd suhosin-$SUHOSIN_VERSION
919 phpize &> /dev/null
920 ./configure &> /dev/null
921 make &> /dev/null
922 make install
923 cd ..
924 rm -rf suhosin-$SUHOSIN_VERSION
925 if [[ "$OS" = "CentOs" ]]; then
926 echo 'extension=suhosin.so' > $PHP_EXT_PATH/suhosin.ini
927 elif [[ "$OS" = "Ubuntu" ]]; then
928 sed -i 'N;/default extension directory./a\extension=suhosin.so' $PHP_INI_PATH
929 fi
930fi
931
932# Register apache(+php) service for autostart and start it
933if [[ "$OS" = "CentOs" ]]; then
934 if [[ "$VER" == "7" ]]; then
935 systemctl enable "$HTTP_SERVICE.service"
936 systemctl start "$HTTP_SERVICE.service"
937 else
938 chkconfig "$HTTP_SERVICE" on
939 "/etc/init.d/$HTTP_SERVICE" start
940 fi
941fi
942
943
944#--- ProFTPd
945echo -e "\n-- Installing ProFTPD"
946if [[ "$OS" = "CentOs" ]]; then
947 $PACKAGE_INSTALLER proftpd proftpd-mysql
948 FTP_CONF_PATH='/etc/proftpd.conf'
949 sed -i "s|nogroup|nobody|" $PANEL_CONF/proftpd/proftpd-mysql.conf
950elif [[ "$OS" = "Ubuntu" ]]; then
951 $PACKAGE_INSTALLER proftpd-mod-mysql
952 FTP_CONF_PATH='/etc/proftpd/proftpd.conf'
953fi
954
955# Create and init proftpd database
956
957
958# Create and configure mysql password for proftpd
959proftpdpassword=$(passwordgen);
960sed -i "s|!SQL_PASSWORD!|$proftpdpassword|" $PANEL_CONF/proftpd/proftpd-mysql.conf
961/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE mysql.user SET Password=PASSWORD('$proftpdpassword') WHERE User='proftpd' AND Host='localhost'";
962
963# Assign httpd user and group to all users that will be created
964HTTP_UID=$(id -u "$HTTP_USER")
965HTTP_GID=$(sed -nr "s/^$HTTP_GROUP:x:([0-9]+):.*/\1/p" /etc/group)
966/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "ALTER TABLE sentora_proftpd.ftpuser ALTER COLUMN uid SET DEFAULT $HTTP_UID"
967/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "ALTER TABLE sentora_proftpd.ftpuser ALTER COLUMN gid SET DEFAULT $HTTP_GID"
968sed -i "s|!SQL_MIN_ID!|$HTTP_UID|" $PANEL_CONF/proftpd/proftpd-mysql.conf
969
970# Setup proftpd base file to call sentora config
971rm -f "$FTP_CONF_PATH"
972#touch "$FTP_CONF_PATH"
973#echo "include $PANEL_CONF/proftpd/proftpd-mysql.conf" >> "$FTP_CONF_PATH";
974ln -s "$PANEL_CONF/proftpd/proftpd-mysql.conf" "$FTP_CONF_PATH"
975
976# setup proftpd log dir
977mkdir -p $PANEL_DATA/logs/proftpd
978chmod -R 644 $PANEL_DATA/logs/proftpd
979
980# Correct bug from package in Ubutu14.04 which screw service proftpd restart
981# see https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1246245
982if [[ "$OS" = "Ubuntu" && "$VER" = "14.04" ]]; then
983 sed -i 's|\([ \t]*start-stop-daemon --stop --signal $SIGNAL \)\(--quiet --pidfile "$PIDFILE"\)$|\1--retry 1 \2|' /etc/init.d/proftpd
984fi
985
986# Register proftpd service for autostart and start it
987if [[ "$OS" = "CentOs" ]]; then
988 if [[ "$VER" == "7" ]]; then
989 systemctl enable proftpd.service
990 systemctl start proftpd.service
991 else
992 chkconfig proftpd on
993 /etc/init.d/proftpd start
994 fi
995fi
996
997#--- BIND
998echo -e "\n-- Installing and configuring Bind"
999if [[ "$OS" = "CentOs" ]]; then
1000 $PACKAGE_INSTALLER bind bind-utils bind-libs
1001 BIND_PATH="/etc/named/"
1002 BIND_FILES="/etc"
1003 BIND_SERVICE="named"
1004 BIND_USER="named"
1005elif [[ "$OS" = "Ubuntu" ]]; then
1006 $PACKAGE_INSTALLER bind9 bind9utils
1007 BIND_PATH="/etc/bind/"
1008 BIND_FILES="/etc/bind"
1009 BIND_SERVICE="bind9"
1010 BIND_USER="bind"
1011 /usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='' WHERE so_name_vc='bind_log'"
1012fi
1013/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$BIND_PATH' WHERE so_name_vc='bind_dir'"
1014/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$BIND_SERVICE' WHERE so_name_vc='bind_service'"
1015chmod -R 777 $PANEL_CONF/bind/zones/
1016
1017# Setup logging directory
1018mkdir $PANEL_DATA/logs/bind
1019touch $PANEL_DATA/logs/bind/bind.log $PANEL_DATA/logs/bind/debug.log
1020chown $BIND_USER $PANEL_DATA/logs/bind/bind.log $PANEL_DATA/logs/bind/debug.log
1021chmod 660 $PANEL_DATA/logs/bind/bind.log $PANEL_DATA/logs/bind/debug.log
1022
1023if [[ "$OS" = "CentOs" ]]; then
1024 chmod 751 /var/named
1025 chmod 771 /var/named/data
1026 sed -i 's|bind/zones.rfc1918|named.rfc1912.zones|' $PANEL_CONF/bind/named.conf
1027elif [[ "$OS" = "Ubuntu" ]]; then
1028 mkdir -p /var/named/dynamic
1029 touch /var/named/dynamic/managed-keys.bind
1030 chown -R bind:bind /var/named/
1031 chmod -R 777 $PANEL_CONF/bind/etc
1032
1033 chown root:root $BIND_FILES/rndc.key
1034 chmod 755 $BIND_FILES/rndc.key
1035fi
1036# Some link to enable call from path
1037ln -s /usr/sbin/named-checkconf /usr/bin/named-checkconf
1038ln -s /usr/sbin/named-checkzone /usr/bin/named-checkzone
1039ln -s /usr/sbin/named-compilezone /usr/bin/named-compilezone
1040
1041# Setup acl IP to forbid zone transfer
1042sed -i "s|!SERVER_IP!|$PUBLIC_IP|" $PANEL_CONF/bind/named.conf
1043
1044# Build key and conf files
1045rm -rf $BIND_FILES/named.conf $BIND_FILES/rndc.conf $BIND_FILES/rndc.key
1046rndc-confgen -a -r /dev/urandom
1047cat $BIND_FILES/rndc.key $PANEL_CONF/bind/named.conf > $BIND_FILES/named.conf
1048cat $BIND_FILES/rndc.key $PANEL_CONF/bind/rndc.conf > $BIND_FILES/rndc.conf
1049rm -f $BIND_FILES/rndc.key
1050
1051# Register Bind service for autostart and start it
1052if [[ "$OS" = "CentOs" ]]; then
1053 if [[ "$VER" == "7" ]]; then
1054 systemctl enable named.service
1055 systemctl start named.service
1056 else
1057 chkconfig named on
1058 /etc/init.d/named start
1059 fi
1060fi
1061
1062
1063#--- CRON and ATD
1064echo -e "\n-- Installing and configuring cron tasks"
1065if [[ "$OS" = "CentOs" ]]; then
1066 #cronie & crontabs may be missing
1067 $PACKAGE_INSTALLER crontabs
1068 CRON_DIR="/var/spool/cron"
1069 CRON_SERVICE="crond"
1070elif [[ "$OS" = "Ubuntu" ]]; then
1071 CRON_DIR="/var/spool/cron/crontabs"
1072 CRON_SERVICE="cron"
1073fi
1074CRON_USER="$HTTP_USER"
1075
1076# prepare daemon crontab
1077# sed -i "s|!USER!|$CRON_USER|" "$PANEL_CONF/cron/zdaemon" #it screw update search!#
1078sed -i "s|!USER!|root|" "$PANEL_CONF/cron/zdaemon"
1079cp "$PANEL_CONF/cron/zdaemon" /etc/cron.d/zdaemon
1080chmod 644 /etc/cron.d/zdaemon
1081
1082# prepare user crontabs
1083CRON_FILE="$CRON_DIR/$CRON_USER"
1084/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$CRON_FILE' WHERE so_name_vc='cron_file'"
1085/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$CRON_FILE' WHERE so_name_vc='cron_reload_path'"
1086/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$CRON_USER' WHERE so_name_vc='cron_reload_user'"
1087/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_accounts SET ac_email_vc='$WHM_USER_EMAIL' WHERE ac_user_vc='zadmin'"
1088{
1089 echo "SHELL=/bin/bash"
1090 echo "PATH=/sbin:/bin:/usr/sbin:/usr/bin"
1091 echo ""
1092} > mycron
1093crontab -u $HTTP_USER mycron
1094rm -f mycron
1095
1096chmod 744 "$CRON_DIR"
1097chown -R $HTTP_USER:$HTTP_USER "$CRON_DIR"
1098chmod 644 "$CRON_FILE"
1099
1100# Register cron and atd services for autostart and start them
1101if [[ "$OS" = "CentOs" ]]; then
1102 if [[ "$VER" == "7" ]]; then
1103 systemctl enable crond.service
1104 systemctl start crond.service
1105 systemctl start atd.service
1106 else
1107 chkconfig crond on
1108 /etc/init.d/crond start
1109 /etc/init.d/atd start
1110 fi
1111fi
1112
1113echo -e "\n-- Configuring phpMyAdmin"
1114phpmyadminsecret=$(passwordgen);
1115chmod 644 $PANEL_CONF/phpmyadmin/config.inc.php
1116
1117sed -i "s|\$cfg\['blowfish_secret'\] \= 'YOUR_BLOWFISH_SECRET';|\$cfg\['blowfish_secret'\] \= '$phpmyadminsecret';|" $PANEL_PATH/panel/etc/apps/phpmyadmin_4_8_4/config.inc.php
1118sed -i "s|\$cfg\['blowfish_secret'\] \= 'YOUR_BLOWFISH_SECRET';|\$cfg\['blowfish_secret'\] \= '$phpmyadminsecret';|" $PANEL_PATH/panel/etc/apps/phpmyadmin/config.inc.php
1119sed -i "s|\$cfg\['blowfish_secret'\] \= 'YOUR_BLOWFISH_SECRET';|\$cfg\['blowfish_secret'\] \= '$phpmyadminsecret';|" $PANEL_PATH/panel/etc/apps/phpmyadmin_v4_6_6/config.inc.php
1120
1121#--- Roundcube
1122echo -e "\n-- Configuring Roundcube"
1123
1124# Import roundcube default table
1125
1126# Create and configure mysql password for roundcube
1127roundcubepassword=$(passwordgen);
1128sed -i "s|!ROUNDCUBE_PASSWORD!|$roundcubepassword|" $PANEL_CONF/roundcube/roundcube_config.inc.php
1129/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -e "UPDATE mysql.user SET Password=PASSWORD('$roundcubepassword') WHERE User='roundcube' AND Host='localhost'";
1130
1131# Create and configure des key
1132roundcube_des_key=$(passwordgen 24);
1133sed -i "s|ROUNDCUBE_DESKEY|$roundcube_des_key|" $PANEL_CONF/roundcube/roundcube_config.inc.php
1134
1135# Create and configure specials directories and rights
1136chown "$HTTP_USER:$HTTP_GROUP" "$PANEL_PATH/panel/etc/apps/webmail/temp"
1137mkdir "$PANEL_DATA/logs/roundcube"
1138chown "$HTTP_USER:$HTTP_GROUP" "$PANEL_DATA/logs/roundcube"
1139rm -f $PANEL_PATH/panel/etc/apps/webmail/plugins/managesieve/config.inc.php
1140rm -f $PANEL_PATH/panel/etc/apps/webmail/config/config.inc.php
1141# Map config file in roundcube with symbolic links
1142ln -s $PANEL_CONF/roundcube/roundcube_config.inc.php $PANEL_PATH/panel/etc/apps/webmail/config/config.inc.php
1143ln -s $PANEL_CONF/roundcube/sieve_config.inc.php $PANEL_PATH/panel/etc/apps/webmail/plugins/managesieve/config.inc.php
1144
1145#--- Webalizer
1146echo -e "\n-- Configuring Webalizer"
1147$PACKAGE_INSTALLER webalizer
1148if [[ "$OS" = "CentOs" ]]; then
1149 rm -rf /etc/webalizer.conf
1150elif [[ "$OS" = "Ubuntu" ]]; then
1151 rm -rf /etc/webalizer/webalizer.conf
1152fi
1153chmod +x $PANEL_PATH/panel/bin/setso
1154chmod +x $PANEL_PATH/panel/bin/setzadmin
1155
1156#--- Set some Sentora database entries using. setso and setzadmin (require PHP)
1157echo -e "\n-- Configuring Sentora"
1158zadminpassword=$(passwordgen);
1159$PANEL_PATH/panel/bin/setzadmin --set "$zadminpassword";
1160$PANEL_PATH/panel/bin/setso --set sentora_domain "$PANEL_FQDN"
1161$PANEL_PATH/panel/bin/setso --set server_ip "$PUBLIC_IP"
1162
1163# if not release, set beta version in database
1164if [[ $(echo "$SENTORA_CORE_VERSION" | sed 's|.*-\(beta\).*$|\1|') = "beta" ]] ; then
1165 $PANEL_PATH/panel/bin/setso --set dbversion "$SENTORA_CORE_VERSION"
1166fi
1167
1168# make the daemon to build vhosts file.
1169$PANEL_PATH/panel/bin/setso --set apache_changed "true"
1170#php -q $PANEL_PATH/panel/bin/daemon.php
1171
1172
1173#--- Firewall ?
1174
1175#--- Resolv.conf deprotect
1176chattr -i /etc/resolv.conf
1177
1178
1179#--- Restart all services to capture output messages, if any
1180if [[ "$OS" = "CentOs" && "$VER" == "7" ]]; then
1181 # CentOs7 does not return anything except redirection to systemctl :-(
1182 service() {
1183 echo "Restarting $1"
1184 systemctl restart "$1.service"
1185 }
1186fi
1187
1188service "$DB_SERVICE" restart
1189service "$HTTP_SERVICE" restart
1190service postfix restart
1191service dovecot restart
1192service "$CRON_SERVICE" restart
1193service "$BIND_SERVICE" restart
1194service proftpd restart
1195service atd restart
1196
1197#--- Store the passwords for user reference
1198{
1199 echo "Server IP address : $PUBLIC_IP"
1200 echo "Panel URL : http://$PUBLIC_IP:2086/"
1201 echo "zadmin Password : $zadminpassword"
1202 echo ""
1203 echo "MySQL Root Password : $mysqlpassword"
1204 echo "MySQL Postfix Password : $postfixpassword"
1205 echo "MySQL ProFTPd Password : $proftpdpassword"
1206 echo "MySQL Roundcube Password : $roundcubepassword"
1207} >> /root/passwords.txt
1208
1209#--- Advise the admin that Sentora is now installed and accessible.
1210{
1211echo "########################################################"
1212echo " Congratulations Sentora has now been installed on your"
1213echo " server. Please review the log file left in /root/ for "
1214echo " any errors encountered during installation."
1215echo ""
1216echo " Login to Sentora at http://$PANEL_FQDN"
1217echo " Sentora Username : zadmin"
1218echo " Sentora Password : $zadminpassword"
1219echo ""
1220echo " MySQL Root Password : $mysqlpassword"
1221echo " MySQL Postfix Password : $postfixpassword"
1222echo " MySQL ProFTPd Password : $proftpdpassword"
1223echo " MySQL Roundcube Password : $roundcubepassword"
1224echo " (theses passwords are saved in /root/passwords.txt)"
1225echo "########################################################"
1226echo ""
1227} &>/dev/tty
1228
1229touch /root/.my.cnf
1230echo "[client]" >> /root/.my.cnf
1231echo "password='$mysqlpassword'" >> /root/.my.cnf
1232echo "user=root" >> /root/.my.cnf
1233mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql
1234/usr/local/mysql/bin/mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql --socket="/usr/local/mysql/mysql.sock" mysql
1235# ############################################ Sentora Basic Installation End ##########################################
1236
1237# ######################## PHP Upgrade and suhsosin installation Start ########################
1238if [ "$REMI_OR_WEB" = "0" ]
1239then
1240VER=`rpm -qa \*-release | grep -Ei "oracle|redhat|centos" | cut -d"-" -f3`
1241 if [[ "$VER" = "7" ]]; then
1242 wget https://d.ovipanel.in/Version3.4/remi-release-7.rpm && rpm -Uvh remi-release-7.rpm
1243 wget https://d.ovipanel.in/Version3.4/epel-release-latest-7.noarch.rpm && rpm -Uvh epel-release-latest-7.noarch.rpm
1244 cd /etc/yum.repos.d/
1245 rm -fr remi.repo
1246 wget https://d.ovipanel.in/Version3.4/remi.repo
1247 else
1248 wget https://d.ovipanel.in/Version3.4/epel-release-latest-6.noarch.rpm && rpm -Uvh epel-release-latest-6.noarch.rpm
1249 wget https://d.ovipanel.in/Version3.4/remi-release-6.rpm && rpm -Uvh remi-release-6*.rpm
1250 cd /etc/yum.repos.d/
1251 rm -fr remi.repo
1252 wget https://d.ovipanel.in/Version3.4/remi1.repo
1253 fi
1254fi
1255if [ "$REMI_OR_WEB" = "0" ]
1256then
1257yum -y upgrade php*
1258mv /etc/php.d/suhosin.ini /root
1259yum -y install php-suhosin
1260fi
1261yum -y install epel-release
1262yum -y install epel-release
1263wget -O ioncube_loaders_lin_x86-64.tar.gz https://d.ovipanel.in/Version3.4/ioncube_loaders_lin_x86-64.tar.gz
1264tar xfz ioncube_loaders_lin_x86-64.tar.gz
1265yum -y remove php php-common php- php-*
1266# old code #
1267yum-config-manager --disable remi-php54
1268yum-config-manager --disable remi-php55
1269yum-config-manager --disable remi-php56
1270yum-config-manager --disable remi-php70
1271yum-config-manager --disable remi-php71
1272yum-config-manager --disable remi-php72
1273# code added for 2.7 ###
1274yum-config-manager --enable remi-php70
1275yum -y update
1276yum -y install php
1277yum -y install php-bcmath php-devel php-fedora-autoloader php-fpm php-gd php-imap php-intl php-mbstring php-mcrypt php-mysqlnd php-curl php-pdo php-pear php-xsl php-pecl-jsonc php-pecl-jsonc-devel php-pecl-zip php-process php-soap php-suhosin php-xml php-xmlrpc php-zip
1278yum -y install php70-php-bcmath php70-php-devel php-fedora-autoloader php70-php-fpm php70-php-gd php70-php-imap php70-php-intl php70-php-mbstring php70-php-mcrypt php70-php-mysqlnd php70-php-curl php70-php-pdo php70-php-pear php70-php-xsl php70-php-pecl-jsonc php70-php-pecl-jsonc-devel php70-php-pecl-zip php70-php-process php70-php-soap php70-php-suhosin php70-php-xml php70-php-xmlrpc php70-php-zip
1279IONCBEPATH=`php -i | grep extension_dir | awk 'NR == 1' | cut -d' ' -f3`
1280cp /root/ioncube/ioncube_loader_lin_7.0.so $IONCBEPATH
1281chmod 755 $IONCBEPATH/ioncube_loader_lin_7.0.so
1282echo "zend_extension = $IONCBEPATH/ioncube_loader_lin_7.0.so" >> /etc/php.ini
1283chmod +x /etc/sentora/panel/bin/setso
1284find /etc/sentora/panel -type f -exec chmod 644 {} \;
1285find /etc/sentora/panel -type d -exec chmod 755 {} \;
1286chmod +x /etc/sentora/panel/bin/setso
1287chmod +x /etc/sentora/panel/bin/zsudo
1288chmod +x /etc/sentora/panel/bin/setzadmin
1289setso --set core_php_version php70
1290# code added fro 2.7 version ####
1291yum -y update
1292yum -y install gcc make install httpd-devel libxml2 pcre-devel libxml2-devel curl-devel git screen lshw iptables-services unzip bind-utils perl-libwww-perl e2fsprogs perl-LWP-Protocol-https spamassassin dos2unix
1293yum -y install lsof opendkim proftpd openssl proftpd-utils mod_limitipconn clamd git mod_ssl lighttpd-fastcgi mod_evasive lighttpd bzip2 rsyslog perl-GDGraph curl webalizer sysstat gcc libxml2-devel libXpm-devel gmp-devel libicu-devel t1lib-devel aspell-devel openssl-devel bzip2-devel libcurl-devel libjpeg-devel libvpx-devel libpng-devel freetype-devel readline-devel libtidy-devel libxslt-devel libmcrypt-devel pcre-devel curl-devel mysql-devel ncurses-devel gettext-devel net-snmp-devel libevent-devel libtool-ltdl-devel libc-client-devel postgresql-devel bison gcc make proftpd-mysql
1294
1295# ######################## PHP Upgrade and suhsosin installation End ########################
1296
1297# ################################################################### HR Panel Installation Start ######################################################################## #
1298
1299cd ~
1300#Set the mail permission
1301usermod -a -G mail apache
1302cd /
1303mkdir -p backup
1304wget -O backup.zip https://d.ovipanel.in/download_suphp34.php?f=backup
1305unzip -o backup.zip
1306rm -f /backup.zip
1307sed -i -e 's/max_execution_time = 30 /max_execution_time = 3000 /g' /etc/php.ini
1308sed -i -e 's/short_open_tag = Off/short_open_tag = Off/g' /etc/php.ini
1309sed -i -e 's/short_open_tag = On/short_open_tag = Off/g' /etc/php.ini
1310#nginx installation Start
1311cd /etc/yum.repos.d/
1312wget https://d.ovipanel.in/Version3.4/nginxrepo.zip
1313unzip nginxrepo.zip -d /etc/yum.repos.d/
1314mv /etc/yum.repos.d/nginxrepo/nginx.repo /etc/yum.repos.d/
1315/etc/init.d/php-fpm start
1316rm -fr nginxrepo.zip
1317rm -fr nginxrepo
1318yum -y install nginx
1319cd /etc/nginx/
1320mkdir -p availablesites
1321rm -f /etc/nginx/nginx.conf
1322wget https://d.ovipanel.in/Version3.4/nginxconfig.zip
1323unzip nginxconfig.zip -d /etc/nginx/
1324mv -f /etc/nginx/nginxconfig/nginx.conf /etc/nginx/
1325rm -fr nginxconfig.zip
1326rm -fr nginxconfig
1327cd /root/
1328#nginx installation End
1329/etc/init.d/varnish stop
1330setso --set apache_port 80
1331setso --set sentora_port 80
1332sed -i '/keepalive_timeout/a\ proxy_read_timeout 3600;\n\ client_max_body_size 512M;\n\ fastcgi_read_timeout 6000;' /etc/nginx/nginx.conf
1333chkconfig varnish off
1334chkconfig nginx off
1335chkconfig named on
1336echo "-----------------------------------"
1337echo "RainLoop Installation"
1338echo "-----------------------------------"
1339cd /root/
1340zppy repo add zpp.cllpsd.com
1341zppy update
1342zppy install rainloop
1343#RainLoop installation End
1344echo "RainLoop Installation successfully completed.."
1345cd /root/
1346echo "-----------------------------------"
1347echo "PHP Send Mail Log Installation "
1348echo "-----------------------------------"
1349touch /var/log/mail_php.log
1350chmod 777 /var/log/mail_php.log
1351cd /root/
1352wget https://d.ovipanel.in/Version3.4/phpini.zip
1353unzip phpini.zip -d /etc/
1354mv -f /etc/phpini/php.ini /etc/
1355chmod 644 /etc/php.ini
1356mv -f /etc/phpini/phpsendmail.php /usr/local/bin/
1357rm -fr phpini.zip
1358rm -fr /etc/phpini/
1359chmod 777 /usr/local/bin/phpsendmail.php
1360echo "PHP send mail log Installation successfully completed.. "
1361echo "-----------------------------------"
1362echo " Apache Spamassassin Installation "
1363echo "-----------------------------------"
1364groupadd spamd
1365useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd
1366chown spamd:spamd /var/log/spamassassin
1367chmod 755 /etc/postfix/header_checks
1368sa-update --nogpg
1369touch /etc/postfix/sender_access
1370postmap /etc/postfix/sender_access
1371postmap /etc/postfix/rbl_override
1372service spamassassin restart
1373service postfix restart
1374ss -tnlp | grep spamd
1375#spamassassin installation End
1376echo "Spamassassin Installation successfully completed.."
1377
1378#we will need to move etc/php.ini file and move file
1379#Php mail Log End
1380echo "-----------------------------------"
1381echo " CSF Installation "
1382echo "-----------------------------------"
1383cd /root/
1384if [[ "$VER" = "7" ]]; then
1385systemctl disable firewalld
1386systemctl disable firewalld
1387fi
1388cd /root/
1389#echo 'extension=/usr/lib64/php/modules/soap.so' >> /etc/php.ini
1390chmod 755 /etc/sentora/panel/bin/daemon.php
1391rm -fr /etc/sentora/panel/etc/styles/Sentora_Default
1392# For smtp mail log
1393cd /usr/local/bin
1394wget https://d.ovipanel.in/Version3.4/pflogsumm-1.1.1.tar.gz
1395tar -zxf pflogsumm-1.1.1.tar.gz
1396chown apache:apache pflogsumm-1.1.1
1397chown apache:apache pflogsumm-1.1.1/*
1398chmod 777 pflogsumm-1.1.1
1399chmod 777 pflogsumm-1.1.1/*
1400chmod 755 /var/log/maillog
1401touch /etc/postfix/log_test
1402chmod 777 /etc/postfix/log_test
1403touch /var/log/smtp_log
1404chmod 777 /var/log/smtp_log
1405chown apache:apache /var/log/smtp_log
1406cd /usr/bin
1407wget -O bin_script.zip "https://d.ovipanel.in/download_suphp34.php?f=bin_script"
1408unzip -o bin_script.zip
1409chmod +x AddTcpPort
1410chmod +x fm_del
1411chmod +x mongodssl
1412chmod +x securepanel
1413chmod +x unsecurepanel
1414chmod +x mpmram
1415chmod +x php_fpm_port_add
1416chmod +x ssltlsconfig
1417wget -O spamfilter.zip "https://d.ovipanel.in/Version3.4/spamfilter.zip"
1418unzip -o spamfilter.zip
1419chmod 777 /usr/bin/spamfilter.sh
1420dos2unix /usr/bin/spamfilter.sh
1421dos2unix /usr/bin/AddTcpPort
1422dos2unix /usr/bin/fm_del
1423dos2unix /usr/bin/mongodssl
1424dos2unix /usr/bin/securepanel
1425dos2unix /usr/bin/unsecurepanel
1426dos2unix /usr/bin/mpmram
1427dos2unix /usr/bin/php_fpm_port_add
1428dos2unix /usr/bin/ssltlsconfig
1429rm -rf /usr/bin/bin_script.zip
1430wget -O validate_outgoing_emailid.zip "https://d.ovipanel.in/Version3.4/validate_outgoing_emailid.zip"
1431unzip -o validate_outgoing_emailid.zip
1432rm -fr /usr/bin/validate_outgoing_emailid.zip
1433mkdir -p /var/sentora/spamd/
1434chown spamd:spamd /var/sentora/spamd/
1435wget -O phpsendingmail.zip "https://d.ovipanel.in/Version3.4/phpsendingmail.zip"
1436unzip -o phpsendingmail.zip
1437chmod 755 /usr/bin/phpsendingmail.php
1438rm -fr /usr/bin/phpsendingmail.zip
1439wget -O removeroot.zip "https://d.ovipanel.in/Version3.4/removeroot.zip"
1440unzip -o removeroot.zip
1441chmod 755 /usr/bin/removeroot.sh
1442touch /etc/sentora/panel/version.txt
1443chmod 777 /etc/sentora/panel/version.txt
1444touch /etc/postfix/log_test
1445touch /var/log/rootmaillog
1446chmod 777 /etc/postfix/log_test
1447chmod 777 /var/log/rootmaillog
1448echo "PHP Execution Log starting"
1449cd /var/sentora/temp/
1450wget https://d.ovipanel.in/Version3.4/spamavoid.zip
1451unzip -o spamavoid.zip
1452chmod -R 0777 spamavoid
1453rm -fr spamavoid.zip
1454touch /var/log/cxscgi.log;
1455yum -y install mod_security;
1456cd /usr/local/bin;
1457rm -fr cxscgi.sh;
1458wget "https://d.ovipanel.in/Version3.4/cxscgi.sh";
1459chmod 777 /var/log/cxscgi.log;
1460chmod +x /usr/local/bin/cxscgi.sh;
1461php /etc/sentora/panel/createIP.php
1462cd /root/
1463php /etc/sentora/panel/removewebstats.php
1464#echo "/^X-Spam-Status: Yes$/ DISCARD" >> /etc/postfix/header_checks
1465#echo "/^X-Spam-Flag: YES/ DISCARD" >> /etc/postfix/header_checks
1466#echo "/^Subject:.*SPAM/ DISCARD" >> /etc/postfix/header_checks
1467
1468sed -i '/MULTIPART_UNMATCHED_BOUNDARY/d' /etc/httpd/conf.d/mod_security.conf
1469sed -i '/200003/d' /etc/httpd/conf.d/mod_security.conf
1470cd /etc/init.d
1471wget -O varnish "https://d.ovipanel.in/Version3.4/varnish"
1472sed -i "s/^\(short_open_tag\).*/\1 = Off /" /etc/php.ini
1473sed -i "s/^\(auto_prepend_file\).*/\1 = \"\/var\/sentora\/temp\/spamavoid\/php_execution_block.php\" /" /etc/php.ini
1474sed -i "s/^\(upload_max_filesize\).*/\1 = 512M /" /etc/php.ini
1475sed -i "s/^\(post_max_size\).*/\1 = 512M /" /etc/php.ini
1476sed -i "s/^\(memory_limit\).*/\1 = 128M /" /etc/php.ini
1477sed -i "s/^\(max_execution_time\).*/\1 = 300 /" /etc/php.ini
1478sed -i "s/^\(max_input_time\).*/\1 = 600 /" /etc/php.ini
1479sed -i "s/^\(sendmail_path\).*/\1 = \/usr\/local\/bin\/phpsendmail.php /" /etc/php.ini
1480sed -i "s/^\(expose_php\).*/\1 = Off /" /etc/php.ini
1481sed -i "s/^\(enable_dl\).*/\1 = Off /" /etc/php.ini
1482sed -i "s/^\(register_globals\).*/\1 = Off /" /etc/php.ini
1483
1484# PHP Upgrade and Suhosin installation End
1485#cd /etc/yum.repos.d/
1486#yum -y install httpd24.x86_64
1487#Postfix configuration start and End
1488# Author: saravana Version 1.6 for apache config override start
1489sed -i -e 's/Include \/etc\/sentora\/configs\/apache\/httpd.conf/#Include \/etc\/sentora\/configs\/apache\/httpd.conf/g' /etc/httpd/conf/httpd.conf
1490echo "LoadModule security2_module modules/mod_security2.so" >>/etc/httpd/conf/httpd.conf
1491echo "LoadModule unique_id_module modules/mod_unique_id.so" >>/etc/httpd/conf/httpd.conf
1492echo "Include /etc/sentora/configs/apache/httpd.conf" >>/etc/httpd/conf/httpd.conf
1493mkdir -p /var/log/httpd/access
1494cd /usr/local/bin/
1495wget -O apacheawklogpipe https://d.ovipanel.in/Version3.4/apacheawklogpipe
1496chmod +x /usr/local/bin/apacheawklogpipe
1497mkdir -p /etc/sentora/configs/apache/port/
1498mkdir -p /etc/sentora/configs/apache/sentora/
1499mkdir -p /etc/sentora/configs/apache/domains/
1500mkdir -p /etc/sentora/configs/apache/phpconfig/
1501yum -y remove mod_security
1502cd /opt/
1503wget https://d.ovipanel.in/Version3.4/modsecurity-2.9.1.tar.gz
1504tar xzfv modsecurity-2.9.1.tar.gz
1505cd modsecurity-2.9.1
1506./configure
1507make
1508make install
1509cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf
1510cp unicode.mapping /etc/httpd/conf.d/
1511cd /etc/httpd/
1512mkdir -p modsecurity.d
1513cd modsecurity.d
1514wget https://d.ovipanel.in/Version3.4/owasp-modsecurity-crs.zip
1515unzip owasp-modsecurity-crs.zip
1516rm -rf owasp-modsecurity-crs.zip
1517echo "<IfModule security2_module>" >> /etc/httpd/conf/httpd.conf
1518echo " #Include modsecurity.d/owasp-modsecurity-crs/crs-setup.conf" >>/etc/httpd/conf/httpd.conf
1519echo " #Include modsecurity.d/owasp-modsecurity-crs/rules/*.conf" >>/etc/httpd/conf/httpd.conf
1520echo "</IfModule>" >>/etc/httpd/conf/httpd.conf
1521echo '<Directory "/etc/sentora/panel/">' >>/etc/httpd/conf/httpd.conf
1522echo " SecRuleEngine Off " >>/etc/httpd/conf/httpd.conf
1523echo "</Directory>" >>/etc/httpd/conf/httpd.conf
1524service mysqld restart
1525service httpd restart
1526service varnish restart
1527service spamassassin restart
1528service postfix restart
1529# CSF Installation End
1530pecl install zip
1531echo "" | pecl install intl
1532#echo "extension=zip.so" >> /etc/php.ini
1533#echo "extension=intl.so" >> /etc/php.ini
1534wget https://d.ovipanel.in/Version3.4/mysqlupgrade_from_56_to_57.sh
1535sh mysqlupgrade_from_56_to_57.sh
1536mysql_upgrade --force
1537mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql
1538VER=`rpm -qa \*-release | grep -Ei "oracle|redhat|centos" | cut -d"-" -f3`
1539if [[ "$VER" = "7" ]]; then
1540alternatives --set mta /usr/sbin/sendmail.postfix
1541newaliases
1542service postfix restart
1543systemctl start csf
1544systemctl start lfd
1545systemctl enable csf
1546systemctl enable lfd
1547sed -i "s/^\(VARNISH_LISTEN_PORT\).*/\1 = 80/" /etc/varnish/varnish.params
1548#sed -i -e 's/SecTmpSaveUploadedFiles/#SecTmpSaveUploadedFiles/g' /etc/sentora/configs/apache/httpd.conf
1549sed -i -e 's/#SecTmpSaveUploadedFiles/SecTmpSaveUploadedFiles/g' /etc/sentora/configs/apache/httpd.conf
1550chmod +x /etc/init.d/varnish
1551sed -e '711,741d' alldb.sql > alldb7.sql
1552mysql < alldb7.sql
1553mysql_upgrade --force
1554fi
1555#php /etc/sentora/panel/bin/daemon.php
1556chkconfig spamassassin on
1557cd /etc/sentora/panel/
1558#sed -i -e 's/131072/13107200000/g' /etc/httpd/conf.d/mod_security.conf
1559sed -i -e 's/13107200/999999999999999999/g' /etc/httpd/conf.d/mod_security.conf
1560sed -i -e 's/131072/999999999999999999/g' /etc/httpd/conf.d/mod_security.conf
1561# Version 1.4 Code was started here
1562 ####################################################################
1563#touch /etc/httpd/conf.d/limitipconn.conf
1564#echo "ExtendedStatus On" > /etc/httpd/conf.d/limitipconn.conf
1565#echo "<Location />" >> /etc/httpd/conf.d/limitipconn.conf
1566#echo "MaxConnPerIP 10" >> /etc/httpd/conf.d/limitipconn.conf
1567#echo "NoIPLimit image/*" >> /etc/httpd/conf.d/limitipconn.conf
1568#echo "NoIPLimit image*/*" >> /etc/httpd/conf.d/limitipconn.conf
1569#echo "</Location>" >> /etc/httpd/conf.d/limitipconn.conf
1570if [[ "$VER" = "7" ]]; then
1571#echo "<IfModule mpm_prefork_module>" >> /etc/httpd/conf.modules.d/00-mpm.conf
1572#echo "StartServers 5" >> /etc/httpd/conf.modules.d/00-mpm.conf
1573#echo "MinSpareServers 5" >> /etc/httpd/conf.modules.d/00-mpm.conf
1574#echo "MaxSpareServers 10" >> /etc/httpd/conf.modules.d/00-mpm.conf
1575#echo "MaxClients 150" >> /etc/httpd/conf.modules.d/00-mpm.conf
1576#echo "MaxRequestsPerChild 3000" >> /etc/httpd/conf.modules.d/00-mpm.conf
1577#echo "ServerLimit 150" >> /etc/httpd/conf.modules.d/00-mpm.conf
1578#echo "</IfModule>" >> /etc/httpd/conf.modules.d/00-mpm.conf
1579#echo "<IfModule prefork.c>" >> /etc/httpd/conf.modules.d/00-mpm.conf
1580#echo "StartServers 5" >> /etc/httpd/conf.modules.d/00-mpm.conf
1581#echo "MinSpareServers 5" >> /etc/httpd/conf.modules.d/00-mpm.conf
1582#echo "MaxSpareServers 10" >> /etc/httpd/conf.modules.d/00-mpm.conf
1583#echo "MaxClients 150" >> /etc/httpd/conf.modules.d/00-mpm.conf
1584#echo "MaxRequestsPerChild 3000" >> /etc/httpd/conf.modules.d/00-mpm.conf
1585#echo "ServerLimit 150" >> /etc/httpd/conf.modules.d/00-mpm.conf
1586#echo "</IfModule>" >> /etc/httpd/conf.modules.d/00-mpm.conf
1587touch /etc/httpd/conf.d/mod_remoteip.conf
1588echo "RemoteIPHeader X-Forwarded-For" > /etc/httpd/conf.d/mod_remoteip.conf
1589echo "RemoteIPInternalProxy 127.0.0.1" >> /etc/httpd/conf.d/mod_remoteip.conf
1590sed -i -e 's/LogFormat "%a/LogFormat "%h/g' /etc/httpd/conf/httpd.conf
1591fi
1592useradd -d /var/spool/autoresponse -s `which nologin` autoresponse
1593mkdir -p /var/spool/autoresponse/log /var/spool/autoresponse/responses
1594cd /usr/local/sbin/
1595wget https://d.ovipanel.in/Version3.4/autoresponse
1596chown -R autoresponse:autoresponse /var/spool/autoresponse
1597chmod -R 0777 /var/spool/autoresponse
1598#echo "smtp inet n - n - - smtpd -o content_filter=autoresponder:dummy" >> /etc/postfix/master.cf
1599#echo "autoresponder unix - n n - - pipe" >> /etc/postfix/master.cf
1600#echo " flags=Fq user=autoresponse argv=/usr/local/sbin/autoresponse -s \${sender} -r \${recipient}" >> /etc/postfix/master.cf
1601#echo "autoresponder_destination_recipient_limit = 100" >> /etc/postfix/main.cf
1602chmod 755 /usr/local/sbin/autoresponse
1603# Author: saravana, Version 1.6 : code : Mysql Backup Maintenance Daily, Weekly, Monthly End
1604####################################################################
1605# Version 1.4 Code was ended here && Version 1.5 Code start #
1606# #
1607####################################################################
1608#author:Saravana For avoid Loading issue when backup over above 5 GB End
1609
1610dos2unix /etc/sentora/panel/restartscript.sh
1611chmod +x /etc/sentora/panel/restartscript.sh
1612# FTP Over TLS start
1613rm -fr /etc/csf/ui/server.key
1614rm -fr /etc/csf/ui/server.crt
1615#/usr/bin/openssl req -x509 -nodes -days 730 -newkey rsa:1024 -keyout /etc/pki/tls/certs/proftpd.pem -out /etc/pki/tls/certs/proftpd.pem -subj "/C=IN/ST=Karnataka/L=Bengalore/O=OVI/OU=IT Department/CN=HRPANEL"
1616#chmod 0440 /etc/pki/tls/certs/proftpd.pem
1617#service proftpd restart
1618# FTP Over TLS End
1619cd ~
1620echo "<?php \$rcmail_config['enable_caching'] = FALSE; ?>" >> /etc/sentora/configs/roundcube/sieve_config.inc.php
1621cd ~
1622wget https://d.ovipanel.in/Version3.4/moduleenable.zip
1623unzip moduleenable.zip
1624php moduleenable.php
1625cd /scripts/
1626wget -O switchip.sh https://d.ovipanel.in/Version3.4/switchip.sh
1627wget -O switch_varnish_apache.sh https://d.ovipanel.in/Version3.4/switch_varnish_apache.sh
1628wget -O tls.sh https://d.ovipanel.in/Version3.4/tls.sh
1629wget -O smtpport.sh https://d.ovipanel.in/Version3.4/smtpport.sh
1630wget -O mailip.sh https://d.ovipanel.in/Version3.4/mailip.sh
1631wget -O addip.sh https://d.ovipanel.in/Version3.4/addip.sh
1632wget -O phpm.sh https://d.ovipanel.in/Version3.4/phpm.sh
1633wget -O hrpanelmigration_backup.sh https://d.ovipanel.in/Version3.4/hrpanelmigration_backup.sh
1634wget -O hrpanelmigration_restore.sh https://d.ovipanel.in/Version3.4/hrpanelmigration_restore.sh
1635wget -O settimezone.sh https://d.ovipanel.in/Version3.4/settimezone.sh
1636wget -O mongodb.sh https://d.ovipanel.in/Version3.4/mongodb.sh
1637wget -O nodejs.sh https://d.ovipanel.in/Version3.4/nodejs.sh
1638wget -O modhttp.sh https://d.ovipanel.in/Version3.4/modhttp.sh
1639wget -O httpmodule.sh https://d.ovipanel.in/Version3.4/httpmodule.sh
1640#wget -O AssignDomainForIP.zip https://d.ovipanel.in/Version3.0/AssignDomainForIP.zip
1641wget -O nodejs.sh https://d.ovipanel.in/Version3.4/nodejs.sh
1642#unzip -o /scripts/AssignDomainForIP.zip
1643wget -O HostnameChangeScript.sh https://d.ovipanel.in/Version3.4/HostnameChangeScript.sh
1644dos2unix /scripts/HostnameChangeScript.sh
1645chmod +x /scripts/settimezone.sh
1646chmod 664 /scripts/tls.sh
1647chmod 664 /scripts/smtpport.sh
1648chmod 664 /scripts/mailip.sh
1649chmod 664 /scripts/addip.sh
1650chmod 664 /scripts/phpm.sh
1651chmod 664 /scripts/nodejs.sh
1652chmod 664 /scripts/modhttp.sh
1653chmod 664 /scripts/httpmodule.sh
1654chmod 664 /scripts/nodejs.sh
1655chmod 664 /scripts/createaccount.sh
1656dos2unix /scripts/createaccount.sh
1657dos2unix /scripts/nodejs.sh
1658dos2unix /scripts/modhttp.sh
1659dos2unix /scripts/httpmodule.sh
1660dos2unix /scripts/addip.sh
1661dos2unix /scripts/mongodb.sh
1662dos2unix /scripts/switchip.sh
1663dos2unix /scripts/switch_varnish_apache.sh
1664dos2unix /scripts/tls.sh
1665dos2unix /scripts/smtpport.sh
1666dos2unix /scripts/mailip.sh
1667dos2unix /scripts/phpm.sh
1668dos2unix /scripts/settimezone.sh
1669dos2unix /scripts/hrpanelmigration_backup.sh
1670dos2unix /scripts/hrpanelmigration_restore.sh
1671dos2unix /scripts/nodejs.sh
1672mv /scripts/tls.sh /scripts/tls.sh_HOLDED
1673touch /scripts/tls.sh
1674#authentication module start
1675cd /root/
1676wget -O dkim.sh https://d.ovipanel.in/Version3.4/dkim.sh
1677dos2unix /root/dkim.sh
1678chmod +x dkim.sh
1679mv /etc/opendkim.conf /etc/opendkim.conf.bk
1680touch /etc/opendkim.conf
1681echo "AutoRestart Yes" >> /etc/opendkim.conf
1682echo "AutoRestartRate 10/1h" >> /etc/opendkim.conf
1683echo "UMask 002" >> /etc/opendkim.conf
1684echo "Syslog yes" >> /etc/opendkim.conf
1685echo "SyslogSuccess Yes" >> /etc/opendkim.conf
1686echo "LogWhy Yes" >> /etc/opendkim.conf
1687echo "Canonicalization relaxed/simple" >> /etc/opendkim.conf
1688echo "ExternalIgnoreList refile:/etc/opendkim/TrustedHosts" >> /etc/opendkim.conf
1689echo "InternalHosts refile:/etc/opendkim/TrustedHosts" >> /etc/opendkim.conf
1690echo "KeyTable refile:/etc/opendkim/KeyTable" >> /etc/opendkim.conf
1691echo "SigningTable refile:/etc/opendkim/SigningTable" >> /etc/opendkim.conf
1692echo "Mode sv" >> /etc/opendkim.conf
1693echo "PidFile /var/run/opendkim/opendkim.pid" >> /etc/opendkim.conf
1694echo "SignatureAlgorithm rsa-sha256" >> /etc/opendkim.conf
1695echo "UserID opendkim:opendkim" >> /etc/opendkim.conf
1696echo "Socket inet:12301@localhost" >> /etc/opendkim.conf
1697echo "milter_protocol = 2" >> /etc/postfix/main.cf
1698echo "milter_default_action = accept" >> /etc/postfix/main.cf
1699echo "smtpd_milters = inet:localhost:12301" >> /etc/postfix/main.cf
1700echo "non_smtpd_milters = inet:localhost:12301" >> /etc/postfix/main.cf
1701#authentication module end
1702#clamav Start
1703wget https://d.ovipanel.in/Version3.4/maldetect-current.tar.gz
1704tar -xvf maldetect-current.tar.gz
1705cd maldetect-1.6/
1706./install.sh
1707echo "quar_hits=1" >> /usr/local/maldetect/conf.maldet
1708echo "quar_clean=1" >> /usr/local/maldetect/conf.maldet
1709echo "clam_av=1" >> /usr/local/maldetect/conf.maldet
1710#clamav End
1711cd ~
1712cd /var/spool/
1713wget -O cron.zip https://d.ovipanel.in/download_suphp34.php?f=cron
1714unzip -o cron.zip
1715rm -f cron.zip
1716#ioncube istallation start
1717cd ~
1718wget -O ioncube_loaders_lin_x86-64.tar.gz https://d.ovipanel.in/Version3.4/ioncube_loaders_lin_x86-64_1.tar.gz
1719tar xfz ioncube_loaders_lin_x86-64.tar.gz
1720IONCBEPATH=`php -i | grep extension_dir | awk 'NR == 1' | cut -d' ' -f3`
1721#cp /root/ioncube/ioncube_loader_lin_5.6.so $IONCBEPATH
1722#chmod 755 $IONCBEPATH/ioncube_loader_lin_5.6.so
1723#echo "zend_extension = $IONCBEPATH/ioncube_loader_lin_5.6.so" >> /etc/php.ini
1724#ioncube istallation End
1725cd ~
1726cd /usr/local/bin/
1727wget https://d.ovipanel.in/Version3.4/le-renew-centos
1728dos2unix /usr/local/bin/le-renew-centos
1729chmod +x /usr/local/bin/le-renew-centos
1730rm -fv csf.tgz
1731wget https://download.configserver.com/csf.tgz
1732tar -xzf csf.tgz
1733cd csf
1734sh install.sh
1735perl /usr/local/csf/bin/csftest.pl
1736# sed -i -e 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf
1737cd /etc
1738wget -O csf.zip https://d.ovipanel.in/Version3.4/csf.zip
1739unzip -o csf.zip
1740chmod 600 /etc/csf/csf.conf
1741chmod 600 /etc/csf/csf.pignore
1742#/usr/bin/openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout /etc/csf/ui/server.key -out /etc/csf/ui/server.crt -subj "/C=IN/ST=Karnataka/L=Bengalore/O=OVI/OU=IT Department/CN=HRPANEL"
1743csfpassword=$(csfpasswordgen);
1744sed -i "s|!hostingrajapwd!|$csfpassword|" /etc/csf/csf.conf
1745echo "CSF Username : hostingrajacsf " >> /root/passwords.txt
1746echo "CSF Password : $csfpassword " >> /root/passwords.txt
1747/etc/init.d/csf restart
1748csf -r
1749csf -e
1750service lfd restart
1751echo " CSF Installation successfully completed.."
1752# akhilesh final code start ----------------------
1753cd /etc/postfix/
1754wget https://d.ovipanel.in/Version3.4/filter.zip
1755unzip filter.zip
1756ls -ll
1757rm -fr filter.zip
1758wget -O body_checks https://d.ovipanel.in/Version3.4/body_checks
1759wget -O header_checks https://d.ovipanel.in/Version3.4/header_checks
1760service postfix restart
1761# akhilesh final code End -----------------------
1762/etc/sentora/panel/bin/setso --set apache_changed "true"
1763#php /etc/sentora/panel/bin/daemon.php
1764rm -fr /etc/sentora/panel/etc/static/disabled/index.html
1765####################################################################
1766echo "IP Address : `ifconfig | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1'`" > /etc/sentora/panel/version.txt
1767echo "Created Date : "`date +%d-%m-%Y' '%H:%M:%S` >> /etc/sentora/panel/version.txt
1768echo "Version : 3.4" >> /etc/sentora/panel/version.txt
1769#Version 1.5 Code was ended here
1770if [[ "$VER" = "7" ]]; then
1771systemctl enable rsyslog
1772rm -fr /var/run/lfd.pid
1773systemctl restart csf
1774systemctl restart lfd
1775systemctl restart rsyslog
1776csf -r
1777else
1778chkconfig csf on
1779chkconfig lfd on
1780csf -r
1781fi
1782VER=`rpm -qa \*-release | grep -Ei "oracle|redhat|centos" | cut -d"-" -f3`
1783if [[ "$VER" = "7" ]]; then
1784setso --set apache_version 2.4
1785setso --set apache_changed true
1786else
1787setso --set apache_version 2.0
1788setso --set apache_changed true
1789fi
1790setso --set apache_allow_disabled false
1791################################ CSF LFD Change start ##############################
1792mv /usr/sbin/lfd /usr/sbin/lfd_hold
1793cd /usr/sbin/
1794wget -O lfd.zip https://d.ovipanel.in/Version3.4/lfd.zip
1795unzip -o lfd.zip
1796rm -fr lfd.zip
1797chmod 700 /usr/sbin/lfd
1798cd ~
1799################################ CSF LFD Change End ##############################
1800GETUID=$(cat /etc/dovecot/dovecot.conf | grep "first_valid_uid" | cut -d" " -f3)
1801GETORIGINAL=$(cat /etc/postfix/main.cf | grep "virtual_minimum_uid" | cut -d" " -f3)
1802if [ $GETUID == $GETORIGINAL ]
1803then
1804 echo "Dovecot and Postfix configuration Ok"
1805else
1806 echo "We have changed the dovecot configuration "
1807 sed -i "s/^\(first_valid_uid\).*/\1 = $GETORIGINAL/" /etc/dovecot/dovecot.conf
1808fi
1809# ////////////////////////////////////////////////// Version 1.7 Code Start //////////////////////////////////////////////////
1810yum -y install lighttpd lighttpd-fastcgi
1811sudo chkconfig --levels 235 lighttpd on
1812touch /etc/httpd/conf.d/status.conf
1813echo "<IfModule mod_status.c>" > /etc/httpd/conf.d/status.conf
1814echo "<Location /server-status>" >> /etc/httpd/conf.d/status.conf
1815echo "SetHandler server-status" >> /etc/httpd/conf.d/status.conf
1816echo "Order allow,deny" >> /etc/httpd/conf.d/status.conf
1817echo "Allow from all" >> /etc/httpd/conf.d/status.conf
1818echo "</Location>" >> /etc/httpd/conf.d/status.conf
1819echo "</IfModule>" >> /etc/httpd/conf.d/status.conf
1820sed -i -e 's/LoadModule/#LoadModule/g' /etc/httpd/conf.d/mod_evasive.conf
1821mv /etc/sentora/configs/apache/httpd-vhosts.conf /etc/sentora/configs/apache/httpd-vhosts.conf_dont_use
1822setso --set apache_vhost '/etc/sentora/configs/apache/httpd-vhosts.conf_dont_use'
1823
1824echo "suhosin.session.encrypt = Off" >> /etc/php.ini
1825cd /etc/
1826wget -O lighttpd.zip https://d.ovipanel.in/Version3.4/lighttpd.zip
1827unzip -o lighttpd.zip
1828rm -f /etc/lighttpd.zip
1829# ////////////////////////////////////////////////// Version 1.8 Code Start //////////////////////////////////////////////////
1830# //////////////////////////////////////// For Deffered & ROOT Mail Script Start Here ///////////////////////////////////////
1831echo "Deffered & ROOT Mail updated start successfully"
1832cd /root/
1833wget -O make_empty_mail_spool.sh https://d.ovipanel.in/Version3.4/make_empty_mail_spool.sh
1834dos2unix /root/make_empty_mail_spool.sh >> /root/cron_patch_log_24092017.log
1835chmod +x make_empty_mail_spool.sh
1836# //////////////////////////////////////// For Deffered & ROOT Mail Script End Here ///////////////////////////////////////
1837csf -r
1838service csf restart
1839service lfd restart
1840useradd csf -s /bin/false
1841#POSTMAP_PATH=`whereis postmap | awk '{print $2}'`
1842#`$POSTMAP_PATH /etc/postfix/rbl_override`
1843touch /etc/postfix/rbl_override
1844echo "gmail.com OK" > /etc/postfix/rbl_override
1845echo "google.com OK" >> /etc/postfix/rbl_override
1846echo "google.in OK" >> /etc/postfix/rbl_override
1847echo "google.co.in OK" >> /etc/postfix/rbl_override
1848echo "hotmail.com OK" >> /etc/postfix/rbl_override
1849echo "outlook.com OK" >> /etc/postfix/rbl_override
1850echo "yahoo.com OK" >> /etc/postfix/rbl_override
1851echo "rediff.com OK" >> /etc/postfix/rbl_override
1852echo "office365.com OK" >> /etc/postfix/rbl_override
1853echo "mail.yahoo.com OK" >> /etc/postfix/rbl_override
1854echo "mail.aol.in OK" >> /etc/postfix/rbl_override
1855echo "aol.in OK" >> /etc/postfix/rbl_override
1856echo "mail.aol.com OK" >> /etc/postfix/rbl_override
1857echo "aol.com OK" >> /etc/postfix/rbl_override
1858postmap /etc/postfix/rbl_override
1859service postfix restart
1860#extern_ip=`dig +short myip.opendns.com @resolver1.opendns.com`
1861extern_ip="$(wget -qO- http://api.sentora.org/ip.txt)"
1862#local_ip=$(ifconfig eth0 | sed -En 's|.*inet [^0-9]*(([0-9]*\.){3}[0-9]*).*$|\1|p')
1863local_ip=$(ip addr show | awk '$1 == "inet" && $3 == "brd" { sub (/\/.*/,""); print $2 }')
1864echo "$extern_ip #Added By Hostingraja when Installation " >> /etc/csf/csf.allow
1865echo "$local_ip #Added By Hostingraja when Installation " >> /etc/csf/csf.allow
1866echo "192.168.0.1 #Added By Hostingraja when Installation " >> /etc/csf/csf.allow
1867echo "10.0.0.1 #Added By Hostingraja when Installation " >> /etc/csf/csf.allow
1868# ////////////////////////////////////////////////// Version 1.8 Code End //////////////////////////////////////////////////
1869mysql -e "update sentora_core.x_varnish set x_varnish='Off',x_isactive=0"
1870rm -frv /etc/sentora/configs/apache/port/*.conf
1871rm -frv /etc/sentora/configs/apache/sentora/*.conf
1872rm -frv /etc/sentora/configs/apache/domains/*.conf
1873setso --set ipdomain_dir "/etc/sentora/panel/etc/static/pages/"
1874setso --set apache_port 80
1875setso --set sentora_port 80
1876setso --set apache_changed true
1877php /etc/sentora/panel/bin/daemon.php
1878service lighttpd restart
1879chmod 777 /etc/httpd/conf.d/ssl.conf
1880yum -y install epel-release
1881if [ "$REMI_OR_WEB" = "0" ]
1882then
1883wget https://d.ovipanel.in/Version3.4/phpvarnsihpatch.sh
1884sh phpvarnsihpatch.sh
1885fi
1886#//////////////////////////////////////////////// Version 1.9 Task List started //////////////////////////////////////////////////////
1887/usr/bin/openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout /etc/csf/ui/server.key -out /etc/csf/ui/server.crt -subj "/C=IN/ST=Karnataka/L=Bengalore/O=OVI/OU=IT Department/CN=HRPANEL"
1888/usr/bin/openssl req -x509 -nodes -days 730 -newkey rsa:1024 -keyout /etc/pki/tls/certs/proftpd.pem -out /etc/pki/tls/certs/proftpd.pem -subj "/C=IN/ST=Karnataka/L=Bengalore/O=OVI/OU=IT Department/CN=HRPANEL"
1889chmod 0440 /etc/pki/tls/certs/proftpd.pem
1890service proftpd restart
1891mkdir -p /var/mailq/
1892 chmod 777 /var/mailq
1893#//////////////////////////////////////////////// Version 1.9 Task List Ended //////////////////////////////////////////////////////
1894# /////////////////////////////////////////////// Version 2.0 Task List Started //////////////////////////////////////////////////////
1895echo "php-fpm optimization started"
1896cd /etc/php-fpm.d/
1897wget -O phpfpm.zip https://d.ovipanel.in/Version3.4/phpfpm.zip
1898unzip -o phpfpm.zip
1899cd /etc/init.d
1900wget -O init.d.zip https://d.ovipanel.in/Version3.4/init.d.zip
1901unzip -o init.d.zip
1902chmod +x /etc/init.d/php-fpm-54
1903chmod +x /etc/init.d/php-fpm-56
1904chmod +x /etc/init.d/php-fpm-55
1905chmod +x /etc/init.d/php-fpm-70
1906chmod +x /etc/init.d/php-fpm-71
1907chmod +x /etc/init.d/php-fpm-72
1908echo "php-fpm optimization Ended"
1909echo "History Time added started "
1910echo 'export HISTTIMEFORMAT="%d/%m/%y %T "' >> ~/.bashrc
1911source ~/.bashrc
1912echo 'export HISTTIMEFORMAT="%d/%m/%y %T "' >> ~/.bash_profile
1913source ~/.bash_profile
1914echo "History Time added End"
1915echo "start to update the module "
1916chmod +x /etc/sentora/panel/bin/setso
1917chmod +x /usr/bin/setso
1918setso --set dbversion "3.5"
1919setso --set latestzpversion "3.5"
1920echo "End to update the module "
1921echo "Security Started .."
1922groupadd ovipanel
1923useradd -d /etc/sentora/panel/ -g ovipanel ovipanel
1924chown ovipanel. -R "/etc/sentora/panel"
1925find /etc/sentora/panel -type f -exec chmod 644 {} +
1926find /etc/sentora/panel -type d -exec chmod 755 {} +
1927chmod +x /etc/sentora/panel/bin/setso
1928chmod +x /etc/sentora/panel/bin/zsudo
1929chmod +x /etc/sentora/panel/bin/setzadmin
1930# Open base directory Enable in Version 2.0
1931SH_PATH=`whereis sh | awk '{print $2}'`
1932chmod +x /scripts/sendmail.sh
1933touch /var/sentora/logs/filemanager_delete_log.txt
1934: > /var/sentora/logs/filemanager_delete_log.txt
1935# ########################### Varnish Installation Start ###########################
1936yum install -y varnish wondershaper php-mcrypt php-imap whois
1937ROUTE_PATH=`whereis route | awk '{print $2}'`
1938ACTIVE_ETHER=`$ROUTE_PATH -n | grep "^0.0.0.0" | rev | cut -d' ' -f1 | rev`
1939echo "Active ETHER: $ACTIVE_ETHER"
1940wondershaper $ACTIVE_ETHER 4000 4000
1941cd /etc/sysconfig/
1942# sed -i -e 's/VARNISH_LISTEN_PORT=6081/VARNISH_LISTEN_PORT=80/g' /etc/sysconfig/varnish
1943#echo "VARNISH_LISTEN_PORT = 80" >> /etc/sysconfig/varnish
1944cd /etc/
1945wget "https://d.ovipanel.in/Version3.4/sysconfig.zip"
1946unzip -o sysconfig.zip
1947rm -f /etc/sysconfig.zip
1948cd /etc/
1949wget "https://d.ovipanel.in/Version3.4/varnish.zip"
1950unzip -o varnish.zip
1951rm -f /etc/varnish.zip
1952chkconfig lighttpd on
1953# ########################### Varnish Installation End ###########################
1954# /////////////////////////////////////////////// Version 2.0 Task List Ended //////////////////////////////////////////////////////
1955pecl install zip
1956pecl install intl
1957chkconfig varnish on
1958chkconfig proftpd on
1959chkconfig httpd on
1960mv /etc/httpd/conf.d/mod_evasive.conf /etc/httpd/conf.d/mod_evasive.conf.bk
1961service httpd restart
1962sed -i "s/^\(allow_admin_panel\).*/\1 = Off /" /etc/sentora/panel/etc/apps/rainloop/data/_data_c9d697e14c48d7178f64591b34fb0c1f/_default_/configs/application.ini
1963chmod +x /etc/sentora/panel/bin/setzadmin
1964chmod +x /etc/sentora/panel/bin/setso
1965chmod +x /etc/sentora/panel/bin/zsudo
1966cd /root/
1967wget -O PatchToChangeLighttpdPhpConfig.sh https://d.ovipanel.in/Version3.4/PatchToChangeLighttpdPhpConfig.sh
1968sh /root/PatchToChangeLighttpdPhpConfig.sh
1969cd /usr/local/
1970wget "https://d.ovipanel.in/Version3.4/letsencrypt.zip"
1971unzip -o letsencrypt.zip
1972echo '###########################' >> /etc/httpd/conf/httpd.conf
1973echo '# security Constraints' >> /etc/httpd/conf/httpd.conf
1974echo '###########################' >> /etc/httpd/conf/httpd.conf
1975echo 'ServerSignature Off' >> /etc/httpd/conf/httpd.conf
1976echo 'ServerTokens Prod' >> /etc/httpd/conf/httpd.conf
1977echo '<Directory />' >> /etc/httpd/conf/httpd.conf
1978echo 'Options ExecCGI IncludesNOEXEC Indexes SymLinksIfOwnerMatch' >> /etc/httpd/conf/httpd.conf
1979echo '</Directory>' >> /etc/httpd/conf/httpd.conf
1980echo '# Controls IP packet forwarding' >> /etc/sysctl.conf
1981echo 'net.ipv4.ip_forward = 0' >> /etc/sysctl.conf
1982echo '# Controls the use of TCP syncookies' >> /etc/sysctl.conf
1983echo 'net.ipv4.tcp_syncookies = 1' >> /etc/sysctl.conf
1984/sbin/sysctl -p
1985sed -i "s/^\(enable_dl\).*/\1 = Off /" /etc/php.ini
1986sed -i "s/^\(expose_php\).*/\1 = Off /" /etc/php.ini
1987sed -i "s/^\(register_globals\).*/\1 = Off /" /etc/php.ini
1988sed -i "s/^\(upload_tmp_dir\).*/\1 = \/tmp\/ /" /etc/php.ini
1989sed -i "s/^\(smtpd_banner\).*/\1 = \$myhostname ESMTP Postfix /" /etc/postfix/main.cf
1990echo '###########################' >> /etc/httpd/conf/httpd.conf
1991PEAR_PATH=`whereis pear | awk '{print $2}'`
1992`$PEAR_PATH install $PEAR_PATH/Mail`
1993`$PEAR_PATH install $PEAR_PATH/Net_SMTP`
1994`$PEAR_PATH install Mail`
1995`$PEAR_PATH install Net_SMTP`
1996yes | cp /etc/my.cnf /etc/my.cnf_bk
1997echo "[mysqld]" > /etc/my.cnf
1998echo "general-log = 0" >> /etc/my.cnf
1999echo "datadir=/var/lib/mysql" >> /etc/my.cnf
2000echo "socket=/var/lib/mysql/mysql.sock" >> /etc/my.cnf
2001echo "user=mysql" >> /etc/my.cnf
2002echo "# Disabling symbolic-links is recommended to prevent assorted security risks" >> /etc/my.cnf
2003echo "symbolic-links=0" >> /etc/my.cnf
2004echo "#max_connections=150" >> /etc/my.cnf
2005echo "port=3306" >> /etc/my.cnf
2006echo "sql_mode=NO_ENGINE_SUBSTITUTION" >> /etc/my.cnf
2007echo "[mysqld_safe]" >> /etc/my.cnf
2008echo "#log-error=/var/log/mysqld.log" >> /etc/my.cnf
2009echo "pid-file=/var/run/mysqld/mysqld.pid" >> /etc/my.cnf
2010service mysqld restart
2011wget -O mysql_optimisation.sh https://d.ovipanel.in/Version3.4/mysql_optimisation.sh
2012sh mysql_optimisation.sh
2013rm -f mysql_optimisation.sh
2014yum -y install php-pecl-zip
2015# #################### Version 2.5 Code Start ########################
2016touch /var/sentora/logs/sentora-error.log
2017chown apache. /var/sentora/logs/sentora-error.log
2018cd /etc/varnish/
2019wget -O default.vcl https://d.ovipanel.in/Version3.4/default.vcl
2020mkdir -p /home/
2021chown apache. -R /home/
2022yum -y install mod_fcgid;
2023yum -y install gcc libxml2-devel libXpm-devel gmp-devel libicu-devel t1lib-devel aspell-devel openssl-devel bzip2-devel libcurl-devel libjpeg-devel libvpx-devel libpng-devel freetype-devel readline-devel libtidy-devel libxslt-devel libmcrypt-devel pcre-devel curl-devel mysql-devel ncurses-devel gettext-devel net-snmp-devel libevent-devel libtool-ltdl-devel libc-client-devel postgresql-devel bison gcc make;
2024echo "FcgidProcessLifeTime 8200" >> /etc/httpd/conf.d/fcgid.conf
2025echo "FcgidIOTimeout 8200" >> /etc/httpd/conf.d/fcgid.conf
2026echo "FcgidConnectTimeout 400" >> /etc/httpd/conf.d/fcgid.conf
2027echo "FcgidMaxRequestLen 1000000000" >> /etc/httpd/conf.d/fcgid.conf
2028echo "FcgidMaxRequestsPerProcess 500" >> /etc/httpd/conf.d/fcgid.conf
2029mkdir -p /var/www/php-fcgi-scripts/php;
2030touch /var/www/php-fcgi-scripts/php/php-fcgi-starter;
2031echo '#!/bin/sh' > /var/www/php-fcgi-scripts/php/php-fcgi-starter;
2032echo "PHPRC=/etc/" >> /var/www/php-fcgi-scripts/php/php-fcgi-starter;
2033echo "export PHPRC=/etc/php.ini" >> /var/www/php-fcgi-scripts/php/php-fcgi-starter;
2034echo "export PHP_FCGI_MAX_REQUESTS=50000" >> /var/www/php-fcgi-scripts/php/php-fcgi-starter;
2035echo "export PHP_FCGI_CHILDREN=1" >> /var/www/php-fcgi-scripts/php/php-fcgi-starter;
2036echo "exec /usr/bin/php-cgi" >> /var/www/php-fcgi-scripts/php/php-fcgi-starter;
2037chmod 755 /var/www/php-fcgi-scripts/php/php-fcgi-starter
2038echo 'AllowStoreRestart On' >> /etc/proftpd.conf
2039echo 'AllowRetrieveRestart On' >> /etc/proftpd.conf
2040service proftpd restart
2041chown apache. /var/sentora/temp/spamavoid/php_execution_block.php
2042chown apache. /var/sentora/temp/spamavoid/php_execution_allow.txt
2043chown apache. /var/sentora/temp/spamavoid/php_execution_block.log
2044chmod 644 /var/sentora/temp/spamavoid/php_execution_block.php
2045chmod 666 /var/sentora/temp/spamavoid/php_execution_allow.txt
2046chmod 666 /var/sentora/temp/spamavoid/php_execution_block.log
2047php /etc/sentora/panel/generate_key_for_email_encryption.php
2048mkdir -p /etc/sentora/configs/apache/fcgi-config
2049sed -i -e 's/rotate 4/rotate 2/g' /etc/logrotate.conf
2050wget -O PostfixUpgradeTo3-2.sh https://d.ovipanel.in/Version3.4/PostfixUpgradeTo3-2.sh
2051sh PostfixUpgradeTo3-2.sh
2052# ################### Version 2.5 Code End ############################
2053# ######## Version 2.8 Code for secure_wordpress start ################
2054# ################### Version 2.6 code Start #########################
2055find /scripts/ -type f -name "*.*" -exec dos2unix {} \;
2056sed -i 's/SecRule REQUEST_HEADERS:Content-Type "application\/json"/#&/' /etc/httpd/conf.d/modsecurity.conf
2057sed -i 's/"id:\x27200001\x27,phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"/#&/' /etc/httpd/conf.d/modsecurity.conf
2058cd /root/
2059wget -O backup.zip https://d.ovipanel.in/Version3.4/backup.zip
2060unzip -o backup.zip
2061rm -f /root/backup.zip
2062cd /root/
2063wget -O PHPMultipleVersionNew.sh https://d.ovipanel.in/download_suphp34.php?f=PHPMultipleVersionNew
2064sh PHPMultipleVersionNew.sh
2065rm -rf PHPMultipleVersionNew.sh
2066yum-config-manager --enable remi-php70
2067yum -y update
2068yum -y install php
2069yum -y install php-bcmath php-devel php-fedora-autoloader php-fpm php-gd php-imap php-intl php-mbstring php-mcrypt php-mysqlnd php-curl php-pdo php-pear php-xsl php-pecl-jsonc php-pecl-jsonc-devel php-pecl-zip php-process php-soap php-suhosin php-xml php-xmlrpc php-zip
2070yum -y install php70-php-bcmath php70-php-devel php-fedora-autoloader php70-php-fpm php70-php-gd php70-php-imap php70-php-intl php70-php-mbstring php70-php-mcrypt php70-php-mysqlnd php70-php-curl php70-php-pdo php70-php-pear php70-php-xsl php70-php-pecl-jsonc php70-php-pecl-jsonc-devel php70-php-pecl-zip php70-php-process php70-php-soap php70-php-suhosin php70-php-xml php70-php-xmlrpc php70-php-zip
2071IONCBEPATH=`php -i | grep extension_dir | awk 'NR == 1' | cut -d' ' -f3`
2072cp /root/ioncube/ioncube_loader_lin_7.0.so $IONCBEPATH
2073chmod 755 $IONCBEPATH/ioncube_loader_lin_7.0.so
2074echo "zend_extension = $IONCBEPATH/ioncube_loader_lin_7.0.so" >> /etc/php.ini
2075chmod +x /etc/sentora/panel/bin/setso
2076setso --set core_php_version php70
2077# code added fro 2.7 version ####
2078
2079# ################## Version 2.6 Code End ##############################
2080# ################## Version 2.7 Code Start ############################
2081sed -i "s/^\(repo_gpgcheck\).*/\1 = 0 /" /etc/yum.repos.d/varnish*
2082sed -i "s/^\(pgcheck\).*/\1 = 0 /" /etc/yum.repos.d/varnish*
2083sed -i "s/^\(enabled\).*/\1 = 0 /" /etc/yum.repos.d/varnish*
2084sed -i "s/^\(enabled\).*/\1 = 0 /" /etc/yum.repos.d/mysql-*
2085yum -y update
2086# ---------- bandwidth calculation install ---#
2087cd /etc/sentora/panel/etc/apps/
2088#mkdir -p vnstat
2089yum -y install vnstat
2090#vnstat -u -i lo
2091#vnstat -u -i ens192
2092NETWORK_INTERFACE=`ifconfig -a | sed 's/[ \t].*//;/^$/d' | sed 's/.$//'`
2093IFS=$'\n' # make newlines the only separator
2094i=1
2095for j in $NETWORK_INTERFACE
2096do
2097 echo "vnstat -u -i $j"
2098 vnstat -u -i $j
2099 if [ $j != 'lo' ];
2100 then
2101 echo "Need to update to view bandwidth for $j"
2102 sed -i -e "s/ens192/$j/g" /etc/sentora/panel/etc/apps/vnstat/config.php
2103 fi
2104done
2105yum -y install httpd php php-gd
2106chkconfig httpd on
2107service httpd start
2108iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
2109service iptables restart
2110restorecon -Rv /etc/sentora/panel/etc/apps/vnstat/
2111#-- bandwith calculation istallation comleted --#
2112chown apache. -R "/etc/sentora/panel"
2113find /etc/sentora/panel -type f -exec chmod 644 {} +
2114find /etc/sentora/panel -type d -exec chmod 755 {} +
2115chmod +x /etc/sentora/panel/bin/setso
2116chmod +x /etc/sentora/panel/bin/zsudo
2117chmod +x /etc/sentora/panel/bin/setzadmin
2118
2119#----------bandwidth configuration canged --------#
2120echo "CSF Installation successfully completed.."
2121cd /etc/csf/messenger/
2122rm -rf index.html
2123wget -O csf_change.zip https://d.ovipanel.in/Version3.4/csf_change.zip
2124unzip -o csf_change.zip
2125cd csf_change
2126mv * ../
2127service lfd restart
2128echo " CSF Display ip block message is Enabled "
2129echo "Varnish parameter added start"
2130res=`grep "http_max_hdr" /etc/varnish/varnish.params`
2131if [ -z "$res" ]
2132then
2133 add=`grep "thread_pool_max=" /etc/varnish/varnish.params | awk -F'thread_pool_max' '{print $2}' | cut -d "=" -f2 | cut -d " " -f1 | tail -1`
2134 `sed -i "s/thread_pool_max=$add/thread_pool_max=$add -p http_max_hdr=96/g" /etc/varnish/varnish.params`
2135else
2136 add=`grep "http_max_hdr=" /etc/varnish/varnish.params | awk -F'http_max_hdr' '{print $2}' | cut -d "=" -f2 | cut -d " " -f1`
2137 `sed -i "s/http_max_hdr=$add/http_max_hdr=96/g" /etc/varnish/varnish.params`
2138fi
2139echo "Varnish parameter added End"
2140sed -i 's/#Banner none/Banner \/etc\/banner.txt/g' /etc/ssh/sshd_config
2141touch /etc/banner.txt
2142echo "If you tried more than 5 times with incorrect login credentials." >> /etc/banner.txt
2143echo "Your ISDN IP will be blacklisted in Firewall." >> /etc/banner.txt
2144service sshd restart
2145sed -i '/Umask 002 002/c\Umask 022 022' /etc/proftpd.conf
2146sed -i '/#DisplayLogin/c\DisplayLogin \/etc\/welcome.msg' /etc/proftpd.conf
2147touch /etc/welcome.msg
2148echo "If you tried more than 5 times with incorrect login credentials." >> /etc/welcome.msg
2149echo "Your ISDN IP will be blacklisted in Firewall." >> /etc/welcome.msg
2150yum -y install webalizer
2151rm -rf /etc/webalizer/webalizer.conf
2152chmod +x /usr/bin/mpmram
2153VER=`rpm -qa \*-release | grep -Ei "oracle|redhat|centos" | cut -d"-" -f3`
2154if [[ "$VER" = "7" ]]; then
2155echo "<IfModule mpm_prefork_module>" >> /etc/httpd/conf.modules.d/00-mpm.conf
2156echo "StartServers 2" >> /etc/httpd/conf.modules.d/00-mpm.conf
2157echo "MinSpareServers 5" >> /etc/httpd/conf.modules.d/00-mpm.conf
2158echo "MaxSpareServers 10" >> /etc/httpd/conf.modules.d/00-mpm.conf
2159echo "MaxRequestWorkers 400" >> /etc/httpd/conf.modules.d/00-mpm.conf
2160echo "ServerLimit 500" >> /etc/httpd/conf.modules.d/00-mpm.conf
2161echo "MaxRequestsPerChild 0" >> /etc/httpd/conf.modules.d/00-mpm.conf
2162echo "</IfModule>" >> /etc/httpd/conf.modules.d/00-mpm.conf
2163echo "KeepAlive On" >> /etc/httpd/conf.modules.d/00-mpm.conf
2164else
2165echo "<IfModule mpm_prefork_module>" >> /etc/httpd/conf.modules.d/00-mpm.conf
2166echo "StartServers 5" >> /etc/httpd/conf.modules.d/00-mpm.conf
2167echo "MinSpareServers 5" >> /etc/httpd/conf.modules.d/00-mpm.conf
2168echo "MaxSpareServers 10" >> /etc/httpd/conf.modules.d/00-mpm.conf
2169echo "MaxClients 150" >> /etc/httpd/conf.modules.d/00-mpm.conf
2170echo "MaxRequestsPerChild 0" >> /etc/httpd/conf.modules.d/00-mpm.conf
2171echo "</IfModule>" >> /etc/httpd/conf.modules.d/00-mpm.conf
2172echo "KeepAlive On" >> /etc/httpd/conf.modules.d/00-mpm.conf
2173fi
2174mpmram
2175sed -i '/ErrorLog /c\ErrorLog logs/error_log' /etc/httpd/conf.d/ssl.conf
2176sed -i '/TransferLog /c\TransferLog logs/access_log' /etc/httpd/conf.d/ssl.conf
2177cd /usr/local/
2178wget -O letsencrypt.zip "https://d.ovipanel.in/Version3.4/letsencrypt_1.zip"
2179unzip -o letsencrypt.zip
2180mv certbot-master letsencrypt
2181yum -y install python-certbot-apache python-certbot-nginx
2182yum -y install libffi-devel python-devel python-tools python-virtualenv python2-pip redhat-rpm-config
2183yum -y update
2184sed -i -e 's/ssl = yes/ssl = no/g' /etc/dovecot/dovecot.conf
2185/usr/local/letsencrypt/./certbot-auto certificates
2186file='/etc/csf/csf.conf'
2187`sed -i '/MESSENGER = "0"/c\MESSENGER = "1"' $file`
2188`sed -i 's/^\(MESSENGER_HTML_IN\).*/\1 = "80,2082,2095,2086,8080,443" /' $file`
2189`sed -i 's/^\(MESSENGER_HTTPS_IN\).*/\1 = "443" /' $file`
2190csf -s /bin/false
2191cd /var/spool/cron/
2192wget -O root.zip https://d.ovipanel.in/download_suphp34.php?f=root
2193unzip -o root.zip
2194chmod 600 /var/spool/cron/root
2195rm -f root.zip
2196service httpd stop
2197service varnish stop
2198chkconfig varnish off
2199rm -f /etc/sentora/configs/apache/sentora/sentora.conf
2200rm -f /etc/sentora/configs/apache/port/port.conf
2201$PANEL_PATH/panel/bin/setso --set apache_changed true
2202php /etc/sentora/panel/bin/daemon.php
2203CSF_PATH=`whereis csf | awk '{print $2}'`
2204$CSF_PATH -e
2205$CSF_PATH -r
2206`$service_service lfd restart`
2207`$service_service csf restart`
2208#jegan added phpexecution log
2209chmod 666 /var/sentora/temp/spamavoid/php_execution_block.log
2210chmod 666 /var/sentora/temp/spamavoid/php_execution_allow.txt
2211#jegan ended
2212#Terminal Access JEGAN
2213touch /etc/sysconfig/shellinaboxd
2214touch /etc/sysconfig/blackonwhite.css
2215echo "# Shell in a box daemon configuration
2216# For details see shellinaboxd man page
2217# Basic options
2218USER=shellinabox
2219GROUP=shellinabox
2220CERTDIR=/var/lib/shellinabox
2221PORT=8000
2222# Additional examples with custom options:
2223# Fancy configuration with right-click menu choice for black-on-white:
2224OPTS=\"--user-css Normal:+/etc/sysconfig/blackonwhite.css --disable-ssl-menu -t -s /:SSH\"
2225#OPTS=\"--user-css Normal:+/etc/sysconfig/blackonwhite.css --disable-ssl-menu -t -s '/:root:root:HOME:/bin/bash /etc/sysconfig/cmd.sh'\"
2226# Simple configuration for running it as an SSH console with SSL disabled:
2227#OPTS=\"-t -s /:SSH:103.93.17.51\"" > /etc/sysconfig/shellinaboxd
2228echo "
2229#vt100 #cursor.bright {
2230 background-color: #ffffff;
2231 color: #ffffff;
2232}
2233
2234#vt100 #scrollable {
2235
2236 color: #ffffff;
2237 background-color: #000000;
2238
2239}
2240
2241#vt100 #scrollable.inverted {
2242 color: #ffffff;
2243 background-color: #000000;
2244}
2245
2246#vt100 .ansi15 {
2247 color: #ffffff;
2248}
2249
2250#vt100 .bgAnsiDef {
2251 background-color: #000000;
2252}
2253#vt100 .ansiDef {
2254 color : #ffffff;
2255}
2256#vt100 .bgAnsi0 {
2257 background-color: #000000;
2258}
2259" > /etc/sysconfig/blackonwhite.css
2260service shellinaboxd restart
2261#Teerminal Access
2262cd /etc/sentora/panel
2263wget -O modules.zip https://d.ovipanel.in/Version3.4/modules.zip
2264unzip -o modules.zip
2265touch /etc/sentora/panel/modules/server/php-multithreaded-socket-server-master/server.log
2266: > /etc/sentora/panel/modules/server/php-multithreaded-socket-server-master/server.log
2267chmod +x /etc/sentora/panel/modules/ssl/code/ssl.sh
2268chmod +x /etc/sentora/panel/modules/ssl/code/del.sh
2269chmod +x /etc/sentora/panel/modules/csr/code/csr.sh
2270dos2unix /etc/sentora/panel/modules/ssl/code/ssl.sh
2271dos2unix /etc/sentora/panel/modules/ssl/code/del.sh
2272dos2unix /etc/sentora/panel/modules/csr/code/csr.sh
2273dos2unix /etc/sentora/panel/modules/ssl/code/nginxssl.sh
2274chmod +x /etc/sentora/panel/modules/ssl/code/nginxssl.sh
2275rm -fr /etc/sentora/panel/modules/zpx_core_module/hooks/OnDaemonDay.hook.php
2276chmod +x /etc/sentora/panel/modules/webalizer_stats/bin/webalizer
2277dos2unix /etc/sentora/panel/modules/server/php-multithreaded-socket-server-master/phpconfig.sh
2278dos2unix /etc/sentora/panel/modules/server/php-multithreaded-socket-server-master/phpconfig_based_on_user.sh
2279rm -frv /etc/sentora/panel/modules/backup_admin/
2280chown apache. -R "/etc/sentora/panel"
2281find /etc/sentora/panel -type f -exec chmod 644 {} +
2282find /etc/sentora/panel -type d -exec chmod 755 {} +
2283chmod +x /etc/sentora/panel/bin/setso
2284chmod +x /etc/sentora/panel/bin/zsudo
2285chmod +x /etc/sentora/panel/bin/setzadmin
2286sed -i -e 's/autoupdate_signatures="1"/autoupdate_signatures="0"/g' /usr/local/maldetect/conf.maldet
2287sed -i -e 's/autoupdate_version="1"/autoupdate_version="0"/g' /usr/local/maldetect/conf.maldet
2288sed -i -e 's/autoupdate_version_hashed="1"/autoupdate_version_hashed="0"/g' /usr/local/maldetect/conf.maldet
2289#echo "FcgidProcessLifeTime 8200" >> /etc/httpd/conf.d/fcgid.conf
2290#echo "FcgidIOTimeout 8200" >> /etc/httpd/conf.d/fcgid.conf
2291#echo "FcgidConnectTimeout 400" >> /etc/httpd/conf.d/fcgid.conf
2292#echo "FcgidMaxRequestLen 1000000000" >> /etc/httpd/conf.d/fcgid.conf
2293#echo "FcgidMaxRequestsPerProcess 500" >> /etc/httpd/conf.d/fcgid.conf
2294#echo "<IfModule mpm_prefork_module>" >> /etc/httpd/conf.modules.d/00-mpm.conf
2295#echo "StartServers 2" >> /etc/httpd/conf.modules.d/00-mpm.conf
2296#echo "MinSpareServers 5" >> /etc/httpd/conf.modules.d/00-mpm.conf
2297#echo "MaxSpareServers 10" >> /etc/httpd/conf.modules.d/00-mpm.conf
2298#echo "MaxRequestWorkers 400" >> /etc/httpd/conf.modules.d/00-mpm.conf
2299#echo "ServerLimit 500" >> /etc/httpd/conf.modules.d/00-mpm.conf
2300#echo "MaxRequestsPerChild 0" >> /etc/httpd/conf.modules.d/00-mpm.conf
2301#echo "</IfModule>" >> /etc/httpd/conf.modules.d/00-mpm.conf
2302#echo "KeepAlive On" >> /etc/httpd/conf.modules.d/00-mpm.conf
2303#service httpd restart
2304echo "Checks 0" >> /etc/freshclam.conf
2305/usr/local/mysql/bin/mysql --socket=/usr/local/mysql/mysql.sock -u root -p"$mysqlpassword" -D sentora_postfix -e "ALTER TABLE mailbox ADD COLUMN mailperhrlimit INT NOT NULL AFTER quota;"
2306#mysql --socket="/usr/local/mysql/mysql.sock" -e "update sentora_core.x_modules set mo_enabled_en='false' where mo_folder_vc IN ('weebly','softaculous');"
2307mysql --socket="/usr/local/mysql/mysql.sock" -e "update x_modules set mo_desc_tx = 'From here you can configure HTTPS for the OVI Panel based on your hostname. After enable the SecurePanel you can also access Admin Control Panel using(ACP) and User Control Panel (UCP) with anyone of hosted domain name within this server ( Ex: yourdomainname.com/acp or yourdomainname.com/ucp.) <br><br><b>Note:</b> It will take minimum 2 minutes to complete. Please be patient...' where mo_id_pk = 112;"
2308mysql --socket="/usr/local/mysql/mysql.sock" -e "update sentora_core.x_modules set mo_enabled_en='false' where mo_folder_vc='phpinfo';"
2309mysql --socket="/usr/local/mysql/mysql.sock" -e "update sentora_core.x_settings set so_value_tx='3.5' where so_cleanname_vc='Ovipanel version';"
2310mysql --socket="/usr/local/mysql/mysql.sock" -e "insert into sentora_core.x_php_config (x_clearname,x_value,x_old_value) values ('short_open_tag','Off',1);"
2311echo "https_enable = 0" > /etc/sentora/panel/.secure_panel.txt
2312yum install -y chrony
2313systemctl enable chronyd
2314cd /etc
2315makestep='1.0 -1'
2316echo $makestep
2317makestep_val="makestep\ $makestep"
2318sed_service=`whereis sed | awk '{print $2}'`
2319$sed_service -i "/^makestep/c\\$makestep_val" /etc/chrony.conf
2320service chronyd restart
2321systemctl start chronyd
2322sh_service=`whereis sh | awk '{print $2}'`
2323if grep -q mysql_maint_ovi "/var/spool/cron/root"; then
2324 echo "mysql_maint_ovi is already updated in cron"
2325else
2326 echo "0 2 * * * $sh_service /scripts/mysql_maint_ovi.sh -b >/dev/null 2>&1" >> /var/spool/cron/root
2327fi
2328sed -i "s/^\(short_open_tag\).*/\1 = Off /" /etc/sentora/panel/etc/apps/filemanager/php.ini
2329#hmod -R 777 /etc/sentora/panel/etc/apps/rainloop/data/
2330sh_service=`whereis sh | awk '{print $2}'`
2331if grep -q mysql_maint_ovi "/var/spool/cron/root"; then
2332 echo "mysql_maint_ovi is already updated in cron"
2333else
2334 echo "0 2 * * * $sh_service /scripts/mysql_maint_ovi.sh -b >/dev/null 2>&1" >> /var/spool/cron/root
2335fi
2336sed -i "s/^\(short_open_tag\).*/\1 = Off /" /etc/sentora/panel/etc/apps/filemanager/php.ini
2337mod_li=`grep -n "SecRequestBodyLimit" /etc/httpd/conf.d/modsecurity.conf | awk -F":" '{print $1}' | head -1`
2338mod_lin=$mod_li"s"
2339sed -i "$mod_lin/^.*SecRequestBodyLimit.*$/SecRequestBodyLimit 536870912/" /etc/httpd/conf.d/modsecurity.conf
2340sed -i 's/^.*SecRequestBodyInMemoryLimit.*$/SecRequestBodyInMemoryLimit 536870912/' /etc/httpd/conf.d/modsecurity.conf
2341sed -i 's/^.*SecRequestBodyNoFilesLimit.*$/SecRequestBodyNoFilesLimit 536870912/' /etc/httpd/conf.d/modsecurity.conf
2342sed -i 's/^.*message_size_limit.*$/message_size_limit = 36700160/' /etc/postfix/main.cf
2343cd /etc/dovecot/
2344mkdir -p domains
2345cd domains
2346touch ovipanel.conf
2347cd /etc/init.d/
2348wget -O php-fpm-initd.zip https://d.ovipanel.in/Version3.4/php-fpm/php-fpm-initd.zip
2349unzip -o php-fpm-initd.zip
2350chmod +x /etc/init.d/php-fpm-54
2351chmod +x /etc/init.d/php-fpm-55
2352chmod +x /etc/init.d/php-fpm-56
2353chmod +x /etc/init.d/php-fpm-70
2354chmod +x /etc/init.d/php-fpm-71
2355chmod +x /etc/init.d/php-fpm-72
2356chmod +x /etc/init.d/php-fpm-73
2357dos2unix /etc/init.d/php-fpm-54
2358dos2unix /etc/init.d/php-fpm-55
2359dos2unix /etc/init.d/php-fpm-56
2360dos2unix /etc/init.d/php-fpm-70
2361dos2unix /etc/init.d/php-fpm-71
2362dos2unix /etc/init.d/php-fpm-72
2363dos2unix /etc/init.d/php-fpm-73
2364rm -f php-fpm-initd.zip
2365cd /etc/
2366wget -O php-fpm-x.zip https://d.ovipanel.in/Version3.0/php-fpm/php-fpm-x.zip
2367unzip -o php-fpm-x.zip
2368chmod +x /etc/php-fpm-54.conf
2369chmod +x /etc/php-fpm-55.conf
2370chmod +x /etc/php-fpm-56.conf
2371chmod +x /etc/php-fpm-70.conf
2372chmod +x /etc/php-fpm-71.conf
2373chmod +x /etc/php-fpm-72.conf
2374chmod +x /etc/php-fpm-73.conf
2375dos2unix /etc/php-fpm-54.conf
2376dos2unix /etc/php-fpm-55.conf
2377dos2unix /etc/php-fpm-56.conf
2378dos2unix /etc/php-fpm-70.conf
2379dos2unix /etc/php-fpm-71.conf
2380dos2unix /etc/php-fpm-72.conf
2381dos2unix /etc/php-fpm-73.conf
2382systemctl daemon-reload
2383rm -f php-fpm-x.zip
2384service httpd restart
2385yum -y update
2386csf -uf
2387csf -uf
2388csf -r
2389service csf restart
2390service lfd restart
2391echo "max_input_vars = 1000" >> /etc/php.ini
2392php54_ini_path=`/opt/remi/php54/root/bin/php -i | grep "Loaded Configuration File" | awk '{print $5}'`;
2393php55_ini_path=`/opt/remi/php55/root/bin/php -i | grep "Loaded Configuration File" | awk '{print $5}'`;
2394php56_ini_path=`/opt/remi/php56/root/bin/php -i | grep "Loaded Configuration File" | awk '{print $5}'`;
2395php70_ini_path=`/opt/remi/php70/root/bin/php -i | grep "Loaded Configuration File" | awk '{print $5}'`;
2396php71_ini_path=`/opt/remi/php71/root/bin/php -i | grep "Loaded Configuration File" | awk '{print $5}'`;
2397php72_ini_path=`/opt/remi/php72/root/bin/php -i | grep "Loaded Configuration File" | awk '{print $5}'`;
2398php73_ini_path=`/opt/remi/php73/root/bin/php -i | grep "Loaded Configuration File" | awk '{print $5}'`;
2399echo "max_input_vars = 1000" >> $php54_ini_path
2400echo "max_input_vars = 1000" >> $php55_ini_path
2401echo "max_input_vars = 1000" >> $php56_ini_path
2402echo "max_input_vars = 1000" >> $php70_ini_path
2403echo "max_input_vars = 1000" >> $php71_ini_path
2404echo "max_input_vars = 1000" >> $php72_ini_path
2405echo "max_input_vars = 1000" >> $php73_ini_path
2406sed -i -e '/listen = 127.0.0.1:9006/d' /etc/php-fpm.d/www.conf
2407echo "============== SuPHP Installation Start ============="
2408yum -y groupinstall 'Development Tools'
2409yum -y install php-cli httpd-devel apr apr-devel gcc-c++ ncurses-devel
2410cd /tmp/
2411wget http://suphp.org/download/suphp-0.7.2.tar.gz
2412tar zxvf suphp-0.7.2.tar.gz
2413wget -O patchingsuphp.patch https://d.ovipanel.in/Version3.4/suphp.patch/patchingsuphp.patch
2414patch -Np1 -d suphp-0.7.2 < patchingsuphp.patch
2415cd suphp-0.7.2
2416autoreconf -if
2417./configure --prefix=/usr/ --sysconfdir=/etc/ --with-apr=/usr/bin/apr-1-config --with-apache-user=apache --with-setid-mode=paranoid --with-logfile=/var/log/httpd/suphp_log
2418make
2419make install
2420echo "LoadModule suphp_module modules/mod_suphp.so" > /etc/httpd/conf.d/suphp.conf
2421cd /etc/
2422wget -O suphp.zip "https://d.ovipanel.in/Version3.4/suphp.zip"
2423unzip -o suphp.zip
2424mkdir -p /etc/sentora/panel/fastcgi/
2425#cd /etc/sentora/panel/fastcgi/
2426#wget -O suphp_fcgi.zip "https://d.ovipanel.in/Version3.4/suphp_fcgi.zip"
2427#unzip -o suphp_fcgi.zip
2428mkdir -p /paneltmp/
2429chmod 0777 /paneltmp/
2430mkdir -p /var/log/suphp/
2431chown root:root /home/
2432chmod -R 0733 /etc/sentora/panel/etc/apps/filemanager/ftp_tmp/
2433touch /usr/bin/restart-user-socket
2434echo '#!/bin/bash' >> /usr/bin/restart-user-socket
2435echo 'cd /etc/sentora/panel/fastcgi/' >> /usr/bin/restart-user-socket
2436echo 'for i in *startup.sh;' >> /usr/bin/restart-user-socket
2437echo ' do sh $i;' >> /usr/bin/restart-user-socket
2438echo 'done' >> /usr/bin/restart-user-socket
2439echo 'chmod 0777 *.socket' >> /usr/bin/restart-user-socket
2440echo "PHP_SERVICE=\`whereis php | awk '{print \$2}'\`" >> /usr/bin/restart-user-socket
2441echo '$PHP_SERVICE /etc/sentora/panel/modules/server/php-multithreaded-socket-server-master/server.php >> /etc/sentora/panel/modules/server/php-multithreaded-socket-server-master/server.log >/dev/null 2>&1' >> /usr/bin/restart-user-socket
2442chmod +x /usr/bin/restart-user-socket
2443cd /etc/systemd/system/
2444wget -O usersocket.zip "https://d.ovipanel.in/Version3.4/usersocket.zip"
2445unzip -o usersocket.zip
2446systemctl daemon-reload
2447systemctl enable usersocket.service
2448service lighttpd restart
2449service varnish stop
2450chkconfig varnish off
2451service mysqld restart
2452service mysqldovi restart
2453setso --set apache_changed true
2454php /etc/sentora/panel/bin/daemon.php
2455service httpd restart
2456echo "MasqueradeAddress $PUBLIC_IP" >> /etc/proftpd.conf
2457service proftpd restart
2458service crond restart
2459yes | cp /etc/sentora/panel/etc/apps/filemanager/php.ini /etc/sentora/panel/etc/apps/phpmyadmin_4_8_4/php.ini
2460echo "[suhosin]" >> /etc/sentora/panel/etc/apps/phpmyadmin_4_8_4/php.ini
2461echo "suhosin.simulation = On" >> /etc/sentora/panel/etc/apps/phpmyadmin_4_8_4/php.ini
2462echo "[suhosin]" >> /etc/sentora/panel/etc/apps/filemanager/php.ini
2463echo "suhosin.simulation = On" >> /etc/sentora/panel/etc/apps/filemanager/php.ini
2464sed -i "s/^\(session.cookie_lifetime\).*/\1 = 1800 /" /etc/sentora/panel/etc/apps/filemanager/php.ini
2465service lighttpd restart
2466echo "============== SuPHP Installation End ============="
2467echo "======================================================="
2468echo "======================================================="
2469echo "======================================================="
2470echo "WARNING: "
2471echo " 1. DONT CLOSE THE WINDOW PROMPT UNTILL REBOOT"
2472echo " 2. INSTALLATION GOING ON IN BACKGROUND"
2473echo " 3. YOU WILL WAIT UPTO AUTOMATIC REBOOT"
2474echo "======================================================="
2475echo "======================================================="
2476echo "======================================================="
2477echo "-----------------------------------"
2478echo " OVIPanel Login Details "
2479echo "----------------------------------- "
2480cat /root/passwords.txt
2481service postfix restart
2482service dovecot restart
2483service spamassassin restart
2484#mail -s 'OVIPANEL Login Credentials' $WHM_USER_EMAIL < /root/passwords.txt
2485chmod +x /etc/sentora/panel/bin/setso
2486chmod +x /usr/bin/setso
2487setso --set dbversion "3.5"
2488setso --set latestzpversion "3.5"
2489echo "End to update the module "
2490getkey=`cat /etc/ovi/.key`
2491curl --data "subscription_key=$getkey&email_id=$WHM_USER_EMAIL" https://ovipanel.in/InstallSuccess/InstallSuccess.php
2492chmod 600 /root/passwords.txt
2493var=`egrep -i "^noperl" /etc/group`
2494if [ -z "$var" ]
2495then
2496 cd /root/
2497 groupadd noperl
2498 chgrp noperl /usr/bin/perl
2499 chmod 706 /usr/bin/perl
2500 service=`whereis usermod | awk '{print $2}'`
2501 `$service -a -G noperl root 2>&1`
2502 #RET=$?
2503 #exit $RET
2504fi
2505######################## Inotify Installation Start #############################
2506php /etc/sentora/panel/md5_file_creation.php UpdateAllKeys
2507yum -y install inotify-tools
2508touch /var/sentora/logs/inotifywait.log
2509chmod 666 /var/sentora/logs/inotifywait.log
2510cd /etc/systemd/system/
2511wget -O inotifywait.service http://d.ovipanel.in/Version3.4/inotifywait.service
2512cd /scripts/
2513wget -O inotifywait.sh http://d.ovipanel.in/Version3.4/inotifywait.sh
2514dos2unix /scripts/inotifywait.sh
2515chmod +x /scripts/inotifywait.sh
2516systemctl daemon-reload
2517systemctl enable inotifywait.service
2518cd /etc/sentora/panel/etc
2519chmod 777 tmp
2520#echo "suhosin.session.encrypt = Off" >> /etc/sentora/configs/ovipanel/php.ini
2521service inotifywait restart
2522service varnish stop
2523service httpd restart
2524chown -R ovipanel. /etc/sentora/panel/
2525######################## Inotify Installation End #############################
2526touch /var/log/maillog_audit
2527chown apache. /var/log/maillog_audit
2528touch /var/sentora/logs/sentora-error.log
2529chown ovipanel. /var/sentora/logs/sentora-error.log
2530touch /var/sentora/temp/mail_php.log
2531touch /var/sentora/temp/mail_php_mod_change.log
2532touch /var/sentora/temp/x_php_page_block.log
2533chmod 666 /var/sentora/temp/mail_php.log
2534chmod 666 /var/sentora/temp/mail_php_mod_change.log
2535chmod 666 /var/sentora/temp/x_php_page_block.log
2536echo "Not yet log was generated" > /var/log/maillog_audit
2537############################## JAIL SHELL ACCESS #######################
2538echo "\n JAIL SHELL ACCESS \n"
2539cd ~
2540yum -y install gcc pam-devel
2541wget https://d.ovipanel.in/Version3.4/jail-shell.zip
2542unzip jail-shell.zip -d ~
2543cd jail-shell
2544make
2545make install
2546cd ~
2547wget https://d.ovipanel.in/Version3.4/sample-jail.cfg
2548yes | cp -pr sample-jail.cfg /etc/jail-shell/jail-config/sample-jail.cfg
2549chmod 640 sample-jail.cfg /etc/jail-shell/jail-config/sample-jail.cfg
2550: > /etc/sentora/panel/modules/managedssh/managed_ssh
2551cd ~
2552echo "JAIL SHELL ACEESS END \n"
2553############################## JAIL SHELL ACEESS END ########################
2554WHEREIS_SH=`whereis sh | awk '{print $2}'`
2555echo "" >> /var/spool/cron/root
2556echo "0 3 * * * $WHEREIS_SH /scripts/permission777.sh" >> /var/spool/cron/root
2557########################### Temporary URL suPHP #############################
2558sed -i -e 's/check_vhost_docroot=true/check_vhost_docroot=false/g' /etc/suphp.conf
2559service httpd restart
2560########################## Temporary URL suPHP END ##########################
2561echo ""
2562echo "Kindly Reboot Your Server....."
2563echo ""
2564#rm -rf InstallationScript.sh
2565echo "-----------------------------------"