From 1738cae3f6ed40924d5c6ce2c45ce5edf0e52871 Mon Sep 17 00:00:00 2001 From: Messi89 Date: Mon, 25 Mar 2024 12:19:46 +0100 Subject: [PATCH 01/10] add debian 12 folder (copied from debian 11) --- distros/debian12/askquestions.sh | 95 +++++++++ distros/debian12/askquestions_multiserver.sh | 204 +++++++++++++++++++ distros/debian12/install_antivirus.sh | 29 +++ distros/debian12/install_basephp.sh | 9 + distros/debian12/install_basics.sh | 23 +++ distros/debian12/install_bind.sh | 12 ++ distros/debian12/install_fail2ban.sh | 105 ++++++++++ distros/debian12/install_fix.sh | 27 +++ distros/debian12/install_ftp.sh | 21 ++ distros/debian12/install_hhvm.sh | 10 + distros/debian12/install_ispconfig.sh | 98 +++++++++ distros/debian12/install_ispconfigbeta.sh | 14 ++ distros/debian12/install_jailkit.sh | 29 +++ distros/debian12/install_mta.sh | 9 + distros/debian12/install_mysql.sh | 20 ++ distros/debian12/install_phpmyadmin.sh | 87 ++++++++ distros/debian12/install_postfix.sh | 32 +++ distros/debian12/install_quota.sh | 30 +++ distros/debian12/install_webmail.sh | 135 ++++++++++++ distros/debian12/install_webserver.sh | 147 +++++++++++++ distros/debian12/install_webstats.sh | 13 ++ distros/debian12/phpmyadmin_nginx.sh | 82 ++++++++ distros/debian12/preinstallcheck.sh | 24 +++ 23 files changed, 1255 insertions(+) create mode 100644 distros/debian12/askquestions.sh create mode 100644 distros/debian12/askquestions_multiserver.sh create mode 100644 distros/debian12/install_antivirus.sh create mode 100644 distros/debian12/install_basephp.sh create mode 100644 distros/debian12/install_basics.sh create mode 100644 distros/debian12/install_bind.sh create mode 100644 distros/debian12/install_fail2ban.sh create mode 100644 distros/debian12/install_fix.sh create mode 100644 distros/debian12/install_ftp.sh create mode 100644 distros/debian12/install_hhvm.sh create mode 100644 distros/debian12/install_ispconfig.sh create mode 100644 distros/debian12/install_ispconfigbeta.sh create mode 100644 distros/debian12/install_jailkit.sh create mode 100644 distros/debian12/install_mta.sh create mode 100644 distros/debian12/install_mysql.sh create mode 100644 distros/debian12/install_phpmyadmin.sh create mode 100644 distros/debian12/install_postfix.sh create mode 100644 distros/debian12/install_quota.sh create mode 100644 distros/debian12/install_webmail.sh create mode 100644 distros/debian12/install_webserver.sh create mode 100644 distros/debian12/install_webstats.sh create mode 100644 distros/debian12/phpmyadmin_nginx.sh create mode 100644 distros/debian12/preinstallcheck.sh diff --git a/distros/debian12/askquestions.sh b/distros/debian12/askquestions.sh new file mode 100644 index 00000000..e79f3682 --- /dev/null +++ b/distros/debian12/askquestions.sh @@ -0,0 +1,95 @@ +#--------------------------------------------------------------------- +# Function: AskQuestions Debian 10 +# Ask for all needed user input +#--------------------------------------------------------------------- +AskQuestions() { + CFG_SETUP_WEB=yes #Needed for Multiserver setup compatibility + CFG_SETUP_MAIL=yes #Needed for Multiserver setup compatibility + CFG_SETUP_NS=yes #Needed for Multiserver setup compatibility + if ! command -v whiptail >/dev/null; then + echo -n "Installing whiptail... " + apt_install whiptail + echo -e "[${green}DONE${NC}]\n" + fi + + while [[ ! "$CFG_MYSQL_ROOT_PWD" =~ $RE ]] + do + CFG_MYSQL_ROOT_PWD=$(whiptail --title "MySQL" --backtitle "$WT_BACKTITLE" --passwordbox "Please specify a root password" --nocancel 10 50 3>&1 1>&2 2>&3) + done + + while [[ ! "$CFG_WEBSERVER" =~ $RE ]] + do + CFG_WEBSERVER=$(whiptail --title "Web server" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Please select Web server type" 10 50 2 "Apache" "(default)" ON "nginx" "" OFF 3>&1 1>&2 2>&3) + done + CFG_WEBSERVER=${CFG_WEBSERVER,,} + + while [[ ! "$CFG_PHP56" =~ $RE ]] + do + CFG_PHP56=$(whiptail --title "Install PHP 5.6" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "By default ISPConfig comes with PHP 7.4, do you want to install also PHP 5.6 version?" 10 50 2 "no" "(default)" ON "yes" "" OFF 3>&1 1>&2 2>&3) + done + + if echo "$ID" | grep -iq 'raspbian'; then + CFG_HHVM="no" + else + while [[ ! "$CFG_HHVM" =~ $RE ]] + do + CFG_HHVM=$(whiptail --title "HHVM" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Do you want to install HHVM (Hip Hop Virtual Machine) as PHP engine?" 10 50 2 "no" "(default)" ON "yes" "" OFF 3>&1 1>&2 2>&3) + done + fi + + while [[ ! "$CFG_PHPMYADMIN" =~ $RE ]] + do + CFG_PHPMYADMIN=$(whiptail --title "Install phpMyAdmin" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Do you want to install phpMyAdmin?" 10 50 2 "yes" "(default)" ON "no" "" OFF 3>&1 1>&2 2>&3) + done + + while [[ ! "$CFG_AVUPDATE" =~ $RE ]] + do + CFG_AVUPDATE=$(whiptail --title "Update Freshclam DB" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Do you want to update Antivirus Database?" 10 50 2 "yes" "(default)" ON "no" "" OFF 3>&1 1>&2 2>&3) + done + + while [[ ! "$CFG_QUOTA" =~ $RE ]] + do + CFG_QUOTA=$(whiptail --title "Quota" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Setup user quota?" 10 50 2 "yes" "(default)" ON "no" "" OFF 3>&1 1>&2 2>&3) + done + + while [[ ! "$CFG_ISPC" =~ $RE ]] + do + CFG_ISPC=$(whiptail --title "ISPConfig Setup" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Would you like full unattended setup of expert mode for ISPConfig?" 10 50 2 "standard" "(default)" ON "expert" "" OFF 3>&1 1>&2 2>&3) + done + + while [[ ! "$CFG_JKIT" =~ $RE ]] + do + CFG_JKIT=$(whiptail --title "Jailkit" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Would you like to install Jailkit (it must be installed before ISPConfig)?" 10 50 2 "yes" "(default)" ON "no" "" OFF 3>&1 1>&2 2>&3) + done + + while [[ ! "$CFG_WEBMAIL" =~ $RE ]] + do + CFG_WEBMAIL=$(whiptail --title "Webmail client" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Please select your webmail client" 10 50 3 "Roundcube" "(default)" ON "SquirrelMail" "" OFF "no" "(Skip)" OFF 3>&1 1>&2 2>&3) + done + CFG_WEBMAIL=${CFG_WEBMAIL,,} + + while [[ ! "$SSL_COUNTRY" =~ $RE ]] + do + SSL_COUNTRY=$(whiptail --title "SSL Country" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - Country Name (2 letter code) (ex. EN)" --nocancel 10 50 "${LANG:3:2}" 3>&1 1>&2 2>&3) + done + + while [[ ! "$SSL_STATE" =~ $RE ]] + do + SSL_STATE=$(whiptail --title "SSL State" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - State or Province Name (full name) (ex. Italy)" --nocancel 10 50 3>&1 1>&2 2>&3) + done + + while [[ ! "$SSL_LOCALITY" =~ $RE ]] + do + SSL_LOCALITY=$(whiptail --title "SSL Locality" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - Locality Name (eg, city) (ex. Udine)" --nocancel 10 50 3>&1 1>&2 2>&3) + done + + while [[ ! "$SSL_ORGANIZATION" =~ $RE ]] + do + SSL_ORGANIZATION=$(whiptail --title "SSL Organization" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - Organization Name (eg, company) (ex. Company L.t.d.)" --nocancel 10 50 3>&1 1>&2 2>&3) + done + + while [[ ! "$SSL_ORGUNIT" =~ $RE ]] + do + SSL_ORGUNIT=$(whiptail --title "SSL Organization Unit" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - Organizational Unit Name (eg, section) (ex. IT Department)" --nocancel 10 50 3>&1 1>&2 2>&3) + done +} diff --git a/distros/debian12/askquestions_multiserver.sh b/distros/debian12/askquestions_multiserver.sh new file mode 100644 index 00000000..d24b8020 --- /dev/null +++ b/distros/debian12/askquestions_multiserver.sh @@ -0,0 +1,204 @@ +#----------------------------------------------------------------------------- +# Function: AskQuestionsCluster Debain 10 +# Ask for all needed user input needed for the possible cluster setup +#----------------------------------------------------------------------------- + +AskQuestionsMultiserver(){ + if ! command -v whiptail >/dev/null; then + echo -n "Installing whiptail... " + apt_install whiptail + echo -e "[${green}DONE${NC}]\n" + fi + + # If no SQL client is installed, ask for it, otherwise remote DB check always fail. + if ! command -v mysql >/dev/null; then + while [[ ! "$_SQLClient" =~ $RE ]] + do + _SQLClient=$(whiptail --title "SQL Server" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Please select SQL Client type" 10 50 2 "MySQL" "(default)" ON "MariaDB" "" OFF 3>&1 1>&2 2>&3) + done + + if [ "$_SQLClient" == "MySQL" ]; then + apt_install mysql-client + elif [ "$_SQLClient" == "MariaDB" ]; then + apt_install mariadb-client + fi + fi + + while [[ ! "$CFG_SQLSERVER" =~ $RE ]] + do + CFG_SQLSERVER=$(whiptail --title "SQL Server" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Please select SQL Server type" 10 50 2 "MySQL" "(default)" ON "MariaDB" "" OFF 3>&1 1>&2 2>&3) + done + + while [[ ! "$CFG_MYSQL_ROOT_PWD" =~ $RE ]] + do + CFG_MYSQL_ROOT_PWD=$(whiptail --title "$CFG_SQLSERVER" --backtitle "$WT_BACKTITLE" --passwordbox "Please specify a root password" --nocancel 10 50 3>&1 1>&2 2>&3) + done + if (whiptail --title "Setup Master" --backtitle "$WT_BACKTITLE" --yesno "Do you want to setup a Master server?" 10 50) then + CFG_SETUP_MASTER=y + else + CFG_SETUP_MASTER=n + fi + + if [ $CFG_SETUP_MASTER == "n" ]; then + while [[ ! "$CHECK_MASTER_CONNECTION" =~ $RE ]] + do + while ! [[ "$CFG_MASTER_FQDN" =~ $RE1 && "$CFG_MASTER_FQDN" =~ $RE2 ]] + do + CFG_MASTER_FQDN=$(whiptail --title "$CFG_SQLSERVER" --backtitle "$WT_BACKTITLE" --inputbox "Please specify the master fully qualified domain name (FQDN)" --nocancel 10 50 example.com 3>&1 1>&2 2>&3) + done + + while [[ ! "$CFG_MASTER_MYSQL_ROOT_PWD" =~ $RE ]] + do + CFG_MASTER_MYSQL_ROOT_PWD=$(whiptail --title "$CFG_SQLSERVER" --backtitle "$WT_BACKTITLE" --passwordbox "Please specify the master root password" --nocancel 10 50 3>&1 1>&2 2>&3) + done + + text="Before you continue, run the following SQL commands on the Master $CFG_SQLSERVER server: + + CREATE USER 'root'@'$(ping -c1 "$CFG_HOSTNAME_FQDN" | grep icmp_seq | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')' IDENTIFIED BY '$CFG_MASTER_MYSQL_ROOT_PWD'; + + GRANT ALL PRIVILEGES ON * . * TO 'root'@'$(ping -c1 "$CFG_HOSTNAME_FQDN" | grep icmp_seq | grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}')' IDENTIFIED BY '$CFG_MASTER_MYSQL_ROOT_PWD' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ; + + CREATE USER 'root'@'$CFG_HOSTNAME_FQDN' IDENTIFIED BY '$CFG_MASTER_MYSQL_ROOT_PWD'; + + GRANT ALL PRIVILEGES ON * . * TO 'root'@'$CFG_HOSTNAME_FQDN' IDENTIFIED BY '$CFG_MASTER_MYSQL_ROOT_PWD' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ; + + Press \"OK\" when done + " + + whiptail --title "$CFG_SQLSERVER commands on Master Server" --msgbox "$text" 25 90 + + if (whiptail --title "Install server types" --backtitle "$WT_BACKTITLE" --yesno "Do you want to setup a Web server?" 10 50) then + CFG_SETUP_WEB=yes + else + CFG_SETUP_WEB=no + CFG_APACHE=n + CFG_NGINX=n + fi + MULTISERVER=y + + if mysql --user=root --password=$CFG_MASTER_MYSQL_ROOT_PWD --host=$CFG_MASTER_FQDN --execute="\q" ; then + CHECK_MASTER_CONNECTION=true # If variable is empty, then the connection when fine, so we set true to exit from cycle + else + text="Sorry but we cannot connect to the Master $CFG_SQLSERVER server + + - Check that you ran the $CFG_SQLSERVER command to allow remote connection + - Check that the FQDN is correct + - Check that the root $CFG_SQLSERVER password is correct" + + whiptail --title "$CFG_SQLSERVER Master Connection Failed" --msgbox "$text" 25 90 + fi + done + else + CFG_SETUP_WEB=yes + MULTISERVER=n + fi + + if (whiptail --title "Install server types" --backtitle "$WT_BACKTITLE" --yesno "Do you want to setup a Mail server?" 10 50) then + CFG_SETUP_MAIL=yes + else + CFG_SETUP_MAIL=no + fi + + if (whiptail --title "Install server types" --backtitle "$WT_BACKTITLE" --yesno "Do you want to setup a Name server?" 10 50) then + CFG_SETUP_NS=yes + else + CFG_SETUP_NS=no + fi + + if (whiptail --title "Install server types" --backtitle "$WT_BACKTITLE" --yesno "Do you want to setup a Database server?" 10 50) then + CFG_SETUP_DB=y + else + CFG_SETUP_DB=n + fi + + if [ $CFG_SETUP_WEB == "yes" ]; then + while [[ ! "$CFG_WEBSERVER" =~ $RE ]] + do + CFG_WEBSERVER=$(whiptail --title "Web server" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Please select Web server type" 10 50 2 "Apache" "(default)" ON "nginx" "" OFF 3>&1 1>&2 2>&3) + done + CFG_WEBSERVER=${CFG_WEBSERVER,,} + + if (whiptail --title "Quota" --backtitle "$WT_BACKTITLE" --yesno "Setup user quota?" 10 50) then + CFG_QUOTA=yes + else + CFG_QUOTA=no + fi + + if (whiptail --title "Jailkit" --backtitle "$WT_BACKTITLE" --yesno "Would you like to install Jailkit (it must be installed before ISPConfig)?" 10 50) then + CFG_JKIT=yes + else + CFG_JKIT=no + fi + + while [[ ! "$CFG_PHPMYADMIN" =~ $RE ]] + do + CFG_PHPMYADMIN=$(whiptail --title "Install phpMyAdmin" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Do you want to install phpMyAdmin?" 10 50 2 "yes" "(default)" ON "no" "" OFF 3>&1 1>&2 2>&3) + done + + while [[ ! "$CFG_WEBMAIL" =~ $RE ]] + do + CFG_WEBMAIL=$(whiptail --title "Webmail client" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Please select your webmail client" 10 50 3 "Roundcube" "(default)" ON "SquirrelMail" "" OFF "no" "(Skip)" OFF 3>&1 1>&2 2>&3) + done + CFG_WEBMAIL=${CFG_WEBMAIL,,} + + if [ "$CFG_WEBMAIL" == "roundcube" ]; then + roundcube_db=$(whiptail --title "RoundCube mail client" --backtitle "$WT_BACKTITLE" --inputbox "Please specify the roundcube database name" --nocancel 10 50 3>&1 1>&2 2>&3) + roundcube_user=$(whiptail --title "RoundCube mail client" --backtitle "$WT_BACKTITLE" --inputbox "Please specify the roundcube user" --nocancel 10 50 "$USER" 3>&1 1>&2 2>&3) + roundcube_pass=$(whiptail --title "RoundCube mail client" --backtitle "$WT_BACKTITLE" --passwordbox "Please specify the roundcube user password" --nocancel 10 50 3>&1 1>&2 2>&3) + else + CFG_WEBMAIL="no"; + fi + else + CFG_WEBMAIL="no" + fi + + if [ $CFG_SETUP_MAIL == "yes" ]; then + while [[ ! "$CFG_MTA" =~ $RE ]] + do + CFG_MTA=$(whiptail --title "Mail Server" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Please select Mail server type" 10 50 2 "Dovecot" "(default)" ON "Courier" "" OFF 3>&1 1>&2 2>&3) + done + CFG_MTA=${CFG_MTA,,} + + while [[ ! "$CFG_AVUPDATE" =~ $RE ]] + do + CFG_AVUPDATE=$(whiptail --title "Update Freshclam DB" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "Do you want to update Antivirus Database?" 10 50 2 "yes" "(default)" ON "no" "" OFF 3>&1 1>&2 2>&3) + done + + if (whiptail --title "DKIM" --backtitle "$WT_BACKTITLE" --yesno "Would you like to skip DomainKeys Identified Mail (DKIM) configuration for Amavis? (not recommended)" 10 50) then + CFG_DKIM=y + else + CFG_DKIM=n + fi + else + CFG_DKIM=y + fi + + + CFG_ISPC=expert +# CFG_WEBMAIL=squirrelmail + + while [[ ! "$SSL_COUNTRY" =~ $RE ]] + do + SSL_COUNTRY=$(whiptail --title "SSL Country" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - Country Name (2 letter code) (ex. EN)" --nocancel 10 50 "${LANG:3:2}" 3>&1 1>&2 2>&3) + done + + while [[ ! "$SSL_STATE" =~ $RE ]] + do + SSL_STATE=$(whiptail --title "SSL State" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - State or Province Name (full name) (ex. Italy)" --nocancel 10 50 3>&1 1>&2 2>&3) + done + + while [[ ! "$SSL_LOCALITY" =~ $RE ]] + do + SSL_LOCALITY=$(whiptail --title "SSL Locality" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - Locality Name (eg, city) (ex. Udine)" --nocancel 10 50 3>&1 1>&2 2>&3) + done + + while [[ ! "$SSL_ORGANIZATION" =~ $RE ]] + do + SSL_ORGANIZATION=$(whiptail --title "SSL Organization" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - Organization Name (eg, company) (ex. Company L.t.d.)" --nocancel 10 50 3>&1 1>&2 2>&3) + done + + while [[ ! "$SSL_ORGUNIT" =~ $RE ]] + do + SSL_ORGUNIT=$(whiptail --title "SSL Organization Unit" --backtitle "$WT_BACKTITLE" --inputbox "SSL Configuration - Organizational Unit Name (eg, section) (ex. IT Department)" --nocancel 10 50 3>&1 1>&2 2>&3) + done +} diff --git a/distros/debian12/install_antivirus.sh b/distros/debian12/install_antivirus.sh new file mode 100644 index 00000000..a73bc56f --- /dev/null +++ b/distros/debian12/install_antivirus.sh @@ -0,0 +1,29 @@ +#--------------------------------------------------------------------- +# Function: InstallAntiVirus +# Install Amavisd, Spamassassin, ClamAV +#--------------------------------------------------------------------- +InstallAntiVirus() { + echo -n "Installing Antivirus utilities (Amavisd-new, ClamAV), Spam filtering (SpamAssassin), Greylisting (Postgrey) and Rootkit detection (rkhunter)... (This may take awhile. Do not abort it...) " + apt_install amavisd-new spamassassin clamav clamav-daemon unzip bzip2 arj nomarch lzop cabextract p7zip p7zip-full unrar lrzip apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl libdbd-mysql-perl postgrey unrar-free unp lz4 liblz4-tool unp + sed -i "s/AllowSupplementaryGroups false/AllowSupplementaryGroups true/" /etc/clamav/clamd.conf + echo "use strict;" > /etc/amavis/conf.d/05-node_id + echo "chomp(\$myhostname = \`hostname --fqdn\`);" >> /etc/amavis/conf.d/05-node_id + echo "\$myhostname = \"$CFG_HOSTNAME_FQDN\";" >> /etc/amavis/conf.d/05-node_id + echo "1;" >> /etc/amavis/conf.d/05-node_id + echo "$CFG_HOSTNAME_FQDN" > /etc/mailname + echo -e "[${green}DONE${NC}]\n" + echo -n "Stopping SpamAssassin... " + systemctl stop spamassassin + echo -e "[${green}DONE${NC}]\n" + echo -n "Disabling SpamAssassin... " + hide_output systemctl disable spamassassin + echo -e "[${green}DONE${NC}]\n" + if [ "$CFG_AVUPDATE" == "yes" ]; then + echo -n "Updating Freshclam Antivirus Database. Please Wait... " + freshclam + echo -e "[${green}DONE${NC}]\n" + fi + echo -n "Restarting ClamAV... " + systemctl restart clamav-daemon + echo -e "[${green}DONE${NC}]\n" +} diff --git a/distros/debian12/install_basephp.sh b/distros/debian12/install_basephp.sh new file mode 100644 index 00000000..de957745 --- /dev/null +++ b/distros/debian12/install_basephp.sh @@ -0,0 +1,9 @@ +#--------------------------------------------------------------------- +# Function: InstallBasePhp Debian 10 +# Install Basic php need to run ispconfig +#--------------------------------------------------------------------- +InstallBasePhp(){ + echo -n "Installing basic PHP modules... " + apt_install php-cli php-mysql php-mcrypt mcrypt php-mbstring + echo -e "[${green}DONE${NC}]\n" +} diff --git a/distros/debian12/install_basics.sh b/distros/debian12/install_basics.sh new file mode 100644 index 00000000..9c6c9636 --- /dev/null +++ b/distros/debian12/install_basics.sh @@ -0,0 +1,23 @@ +#--------------------------------------------------------------------- +# Function: InstallBasics +# Install basic packages +#--------------------------------------------------------------------- +InstallBasics() { + echo -n "Updating apt package database and upgrading currently installed packages... " + hide_output apt-get update + # hide_output apt-get -y upgrade + hide_output apt-get -y dist-upgrade + hide_output apt-get -y autoremove + echo -e "[${green}DONE${NC}]\n" + + echo -n "Installing basic packages (OpenSSH server, NTP, binutils, etc.)... " + apt_install ssh openssh-server nano vim-nox ntp debconf-utils binutils sudo git lsb-release e2fsprogs + echo -e "[${green}DONE${NC}]\n" + + if [ /bin/sh -ef /bin/dash ]; then + echo -n "Changing the default shell from dash to bash... " + echo "dash dash/sh boolean false" | debconf-set-selections + dpkg-reconfigure -f noninteractive dash > /dev/null 2>&1 + echo -e "[${green}DONE${NC}]\n" + fi +} diff --git a/distros/debian12/install_bind.sh b/distros/debian12/install_bind.sh new file mode 100644 index 00000000..33f6b45e --- /dev/null +++ b/distros/debian12/install_bind.sh @@ -0,0 +1,12 @@ +#--------------------------------------------------------------------- +# Function: InstallBind +# Install bind DNS server +#--------------------------------------------------------------------- +InstallBind() { + echo -n "Installing DNS server (Bind)... "; + apt_install bind9 dnsutils + echo -e "[${green}DONE${NC}]\n" + echo -n "Installing haveged... "; + apt_install haveged + echo -e "[${green}DONE${NC}]\n" +} diff --git a/distros/debian12/install_fail2ban.sh b/distros/debian12/install_fail2ban.sh new file mode 100644 index 00000000..748acd24 --- /dev/null +++ b/distros/debian12/install_fail2ban.sh @@ -0,0 +1,105 @@ +#--------------------------------------------------------------------- +# Function: InstallFail2ban +# Install and configure fail2ban +#--------------------------------------------------------------------- +InstallFail2ban() { + echo -n "Installing Intrusion protection (Fail2Ban)... " + apt_install fail2ban + + + case $CFG_MTA in + "courier") +cat > /etc/fail2ban/jail.local < /etc/fail2ban/filter.d/courierpop3.conf <\] +ignoreregex = +EOF + +cat > /etc/fail2ban/filter.d/courierpop3s.conf <\] +ignoreregex = +EOF + +cat > /etc/fail2ban/filter.d/courierimap.conf <\] +ignoreregex = +EOF + +cat > /etc/fail2ban/filter.d/courierimaps.conf <\] +ignoreregex = +EOF + ;; + "dovecot") +cat > /etc/fail2ban/jail.local <> /etc/fail2ban/jail.local <> /etc/amavis/conf.d/20-debian_defaults + if [ -f /etc/init.d/amavisd-new ]; then + echo -n "Restarting Amavisd-new... " + systemctl restart amavisd-new + else + echo -n "Restarting Amavisd... " + systemctl restart amavis + fi + echo -e "[${green}DONE${NC}]\n" + + if [ "$CFG_WEBMAIL" == "roundcube" ]; then + mysql -uroot -p$CFG_MYSQL_ROOT_PWD dbispconfig -e "INSERT INTO remote_user (remote_userid, sys_userid, sys_groupid, sys_perm_user, sys_perm_group, sys_perm_other, remote_username, remote_password, remote_functions) VALUES (1, 1, 1, 'riud', 'riud', '', 'roundcube', MD5('$CFG_ROUNDCUBE_PWD'), 'server_get,get_function_list,client_templates_get_all,server_get_serverid_by_ip,server_ip_get,server_ip_add,server_ip_update,server_ip_delete;client_get_all,client_get,client_add,client_update,client_delete,client_get_sites_by_user,client_get_by_username,client_change_password,client_get_id,client_delete_everything;mail_user_get,mail_user_add,mail_user_update,mail_user_delete;mail_alias_get,mail_alias_add,mail_alias_update,mail_alias_delete;mail_spamfilter_user_get,mail_spamfilter_user_add,mail_spamfilter_user_update,mail_spamfilter_user_delete;mail_policy_get,mail_policy_add,mail_policy_update,mail_policy_delete;mail_fetchmail_get,mail_fetchmail_add,mail_fetchmail_update,mail_fetchmail_delete;mail_spamfilter_whitelist_get,mail_spamfilter_whitelist_add,mail_spamfilter_whitelist_update,mail_spamfilter_whitelist_delete;mail_spamfilter_blacklist_get,mail_spamfilter_blacklist_add,mail_spamfilter_blacklist_update,mail_spamfilter_blacklist_delete;mail_user_filter_get,mail_user_filter_add,mail_user_filter_update,mail_user_filter_delete');" + ln -s /usr/local/ispconfig/interface/ssl/ispserver.crt /usr/local/share/ca-certificates/ispserver.crt + update-ca-certificates > /dev/null 2>&1 + sed -i 's/;openssl.cafile=/openssl.cafile=\/etc\/ssl\/certs\/ca-certificates.crt/' /etc/php/7.3/apache2/php.ini + sed -i 's/;openssl.cafile=/openssl.cafile=\/etc\/ssl\/certs\/ca-certificates.crt/' /etc/php/7.3/fpm/php.ini + if [ "$CFG_WEBSERVER" == "apache" ]; then + systemctl reload apache2 + systemctl reload php7.3-fpm + elif [ "$CFG_WEBSERVER" == "nginx" ]; then + systemctl reload nginx + systemctl reload php7.3-fpm + fi + fi +} diff --git a/distros/debian12/install_ftp.sh b/distros/debian12/install_ftp.sh new file mode 100644 index 00000000..3e45ee84 --- /dev/null +++ b/distros/debian12/install_ftp.sh @@ -0,0 +1,21 @@ +#--------------------------------------------------------------------- +# Function: InstallFTP +# Install and configure PureFTPd +#--------------------------------------------------------------------- +InstallFTP() { + echo -n "Installing FTP server (Pure-FTPd)... " + echo "pure-ftpd-common pure-ftpd/virtualchroot boolean true" | debconf-set-selections + apt_install pure-ftpd-common pure-ftpd-mysql + openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048 + sed -i 's/ftp/\#ftp/' /etc/inetd.conf + echo 1 > /etc/pure-ftpd/conf/TLS + mkdir -p /etc/ssl/private/ + openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem -subj "/C=$SSL_COUNTRY/ST=$SSL_STATE/L=$SSL_LOCALITY/O=$SSL_ORGANIZATION/OU=$SSL_ORGUNIT/CN=$CFG_HOSTNAME_FQDN" + chmod 600 /etc/ssl/private/pure-ftpd.pem + echo -e "[${green}DONE${NC}]\n" + echo -n "Restarting Pure-FTPd... " + systemctl restart openbsd-inetd + systemctl restart pure-ftpd-mysql + echo -e "[${green}DONE${NC}]\n" +} + diff --git a/distros/debian12/install_hhvm.sh b/distros/debian12/install_hhvm.sh new file mode 100644 index 00000000..70f501dd --- /dev/null +++ b/distros/debian12/install_hhvm.sh @@ -0,0 +1,10 @@ +InstallHHVM() { + if [ $CFG_SETUP_WEB = "yes" ]; then + echo -n "Installing HHVM (Hip Hop Virtual Machine)... " + apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xB4112585D386EB94 + echo deb http://dl.hhvm.com/debian stretch main | tee /etc/apt/sources.list.d/hhvm.list + hide_output apt-get update + apt_install hhvm + echo -e "[${green}DONE${NC}]\n" + fi +} diff --git a/distros/debian12/install_ispconfig.sh b/distros/debian12/install_ispconfig.sh new file mode 100644 index 00000000..ee727a8d --- /dev/null +++ b/distros/debian12/install_ispconfig.sh @@ -0,0 +1,98 @@ +#--------------------------------------------------------------------- +# Function: InstallISPConfig +# Start the ISPConfig3 installation script +#--------------------------------------------------------------------- +InstallISPConfig() { + echo "Installing ISPConfig3... " + cd /tmp + if [ "$CFG_ISPCVERSION" == "Beta" ]; then + wget -q -O ISPConfig-3.1-beta.tar.gz https://git.ispconfig.org/ispconfig/ispconfig3/repository/archive.tar.gz + tar xfz ISPConfig-3.1-beta.tar.gz + cd ispconfig3_install* + cd install + else + wget -q https://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz + tar xfz ISPConfig-3-stable.tar.gz + cd ispconfig3_install/install/ + fi + if [ "$CFG_ISPC" == "standard" ]; then + echo "Create INI file" + touch autoinstall.ini + echo "[install]" > autoinstall.ini + echo "language=en" >> autoinstall.ini + echo "install_mode=$CFG_ISPC" >> autoinstall.ini + echo "hostname=$CFG_HOSTNAME_FQDN" >> autoinstall.ini + echo "mysql_hostname=localhost" >> autoinstall.ini + echo "mysql_root_user=root" >> autoinstall.ini + echo "mysql_root_password=$CFG_MYSQL_ROOT_PWD" >> autoinstall.ini + echo "mysql_database=dbispconfig" >> autoinstall.ini + echo "mysql_port=3306" >> autoinstall.ini + echo "mysql_charset=utf8" >> autoinstall.ini + if [ "$CFG_WEBSERVER" == "apache" ]; then + echo "http_server=apache" >> autoinstall.ini + elif [ "$CFG_WEBSERVER" == "nginx" ]; then + echo "http_server=nginx" >> autoinstall.ini + else + echo "http_server=" >> autoinstall.ini + fi + echo "ispconfig_port=8080" >> autoinstall.ini + echo "ispconfig_use_ssl=y" >> autoinstall.ini + echo "ispconfig_admin_password=admin" >> autoinstall.ini + echo + echo "[ssl_cert]" >> autoinstall.ini + echo "ssl_cert_country=$SSL_COUNTRY" >> autoinstall.ini + echo "ssl_cert_state=$SSL_STATE" >> autoinstall.ini + echo "ssl_cert_locality=$SSL_LOCALITY" >> autoinstall.ini + echo "ssl_cert_organisation=$SSL_ORGANIZATION" >> autoinstall.ini + echo "ssl_cert_organisation_unit=$SSL_ORGUNIT" >> autoinstall.ini + echo "ssl_cert_common_name=$CFG_HOSTNAME_FQDN" >> autoinstall.ini + echo + echo "[expert]" >> autoinstall.ini + echo "mysql_ispconfig_user=ispconfig" >> autoinstall.ini + echo "mysql_ispconfig_password=afStEratXBsgatRtsa42CadwhQ" >> autoinstall.ini + echo "join_multiserver_setup=$MULTISERVER" >> autoinstall.ini + echo "mysql_master_hostname=$CFG_MASTER_FQDN" >> autoinstall.ini + echo "mysql_master_root_user=root" >> autoinstall.ini + echo "mysql_master_root_password=$CFG_MASTER_MYSQL_ROOT_PWD" >> autoinstall.ini + echo "mysql_master_database=dbispconfig" >> autoinstall.ini + echo "configure_mail=$CFG_SETUP_MAIL" >> autoinstall.ini + if [ $CFG_SETUP_WEB == "yes" ]; then + echo "configure_jailkit=$CFG_JKIT" >> autoinstall.ini + else + echo "configure_jailkit=n" >> autoinstall.ini + fi + echo "configure_ftp=$CFG_SETUP_WEB" >> autoinstall.ini + echo "configure_dns=$CFG_SETUP_NS" >> autoinstall.ini + echo "configure_apache=$CFG_APACHE" >> autoinstall.ini + echo "configure_nginx=$CFG_NGINX" >> autoinstall.ini + echo "configure_firewall=y" >> autoinstall.ini + echo "install_ispconfig_web_interface=$CFG_SETUP_MASTER" >> autoinstall.ini + echo + echo "[update]" >> autoinstall.ini + echo "do_backup=yes" >> autoinstall.ini + echo "mysql_root_password=$CFG_MYSQL_ROOT_PWD" >> autoinstall.ini + echo "mysql_master_hostname=$CFG_MASTER_FQDN" >> autoinstall.ini + echo "mysql_master_root_user=root" >> autoinstall.ini + echo "mysql_master_root_password=$CFG_MASTER_MYSQL_ROOT_PWD" >> autoinstall.ini + echo "mysql_master_database=dbispconfig" >> autoinstall.ini + echo "reconfigure_permissions_in_master_database=no" >> autoinstall.ini + echo "reconfigure_services=yes" >> autoinstall.ini + echo "ispconfig_port=8080" >> autoinstall.ini + echo "create_new_ispconfig_ssl_cert=no" >> autoinstall.ini + echo "reconfigure_crontab=yes" >> autoinstall.ini + echo | php -q install.php --autoinstall=autoinstall.ini + else + php -q install.php + fi + if [ $CFG_SETUP_WEB == "yes" ]; then + if [ "$CFG_WEBSERVER" == "nginx" ]; then + echo -n "Restarting nginx... " + /etc/init.d/nginx restart + elif [ "$CFG_WEBSERVER" == "apache" ]; then + echo -n "Restarting Apache... " + /etc/init.d/apache2 restart + fi + echo -e "[${green}DONE${NC}]\n" + fi + +} diff --git a/distros/debian12/install_ispconfigbeta.sh b/distros/debian12/install_ispconfigbeta.sh new file mode 100644 index 00000000..392d84e3 --- /dev/null +++ b/distros/debian12/install_ispconfigbeta.sh @@ -0,0 +1,14 @@ +InstallISPConfigBeta() { + # if [ $CFG_SETUP_WEB = "yes" ]; then + # echo -e "Installing HHVM" + # apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0x5a16e7281be7a449 + # echo deb http://dl.hhvm.com/debian jessie main | sudo tee /etc/apt/sources.list.d/hhvm.list + # hide_output apt-get update + # apt_install hhvm + # echo -e "Installing Lets Encrypt" + # mkdir /opt/certbot + # wget -q https://dl.eff.org/certbot-auto -O /opt/certbot/certbot-auto + # chmod a+x /opt/certbot/certbot-auto + # /opt/certbot/certbot-auto + # fi +} diff --git a/distros/debian12/install_jailkit.sh b/distros/debian12/install_jailkit.sh new file mode 100644 index 00000000..20be052b --- /dev/null +++ b/distros/debian12/install_jailkit.sh @@ -0,0 +1,29 @@ +#--------------------------------------------------------------------- +# Function: InstallJailkit +# Install Jailkit +#--------------------------------------------------------------------- + +#Program Versions +JKV="2.21" #Jailkit Version -> Maybe this can be automated +SUM="d316dc22b9f3ab7464c8bd73c2539304" + +InstallJailkit() { + echo -n "Installing Jailkit... " + apt_install build-essential autoconf automake libtool flex bison debhelper binutils python + cd /tmp + wget -q https://olivier.sessink.nl/jailkit/jailkit-$JKV.tar.gz + if [[ ! "$(md5sum jailkit-$JKV.tar.gz | head -c 32)" = "$SUM" ]]; then + echo -e "\n${red}Error: md5sum does not match${NC}" >&2 + echo "Please try running this script again" >&2 + exit 1 + fi + tar xfz jailkit-$JKV.tar.gz + cd jailkit-$JKV + echo 5 > debian/compat + ./debian/rules binary > /dev/null 2>&1 + cd .. + hide_output dpkg -i jailkit_$JKV-1_*.deb + rm -rf jailkit-$JKV* + echo -e "[${green}DONE${NC}]\n" +} + diff --git a/distros/debian12/install_mta.sh b/distros/debian12/install_mta.sh new file mode 100644 index 00000000..627bb5ca --- /dev/null +++ b/distros/debian12/install_mta.sh @@ -0,0 +1,9 @@ +#--------------------------------------------------------------------- +# Function: InstallMTA +# Install chosen MTA. Courier or Dovecot +#--------------------------------------------------------------------- +InstallMTA() { + echo -n "Installing POP3/IMAP Mail server (Dovecot) and Mail signing (OpenDKIM, OpenDMARC)... "; + apt_install dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve dovecot-lmtpd sudo + echo -e "[${green}DONE${NC}]\n" +} diff --git a/distros/debian12/install_mysql.sh b/distros/debian12/install_mysql.sh new file mode 100644 index 00000000..79d3d089 --- /dev/null +++ b/distros/debian12/install_mysql.sh @@ -0,0 +1,20 @@ +#--------------------------------------------------------------------- +# Function: InstallSQLServer +# Install and configure SQL Server +#--------------------------------------------------------------------- +InstallSQLServer() { + echo -n "Installing Database server (MariaDB)... " + echo "maria-db-10.1 mysql-server/root_password password $CFG_MYSQL_ROOT_PWD" | debconf-set-selections + echo "maria-db-10.1 mysql-server/root_password_again password $CFG_MYSQL_ROOT_PWD" | debconf-set-selections + apt_install mariadb-client mariadb-server + sed -i 's/bind-address = 127.0.0.1/#bind-address = 127.0.0.1\nsql-mode="NO_ENGINE_SUBSTITUTION"/' /etc/mysql/mariadb.conf.d/50-server.cnf + echo "update mysql.user set plugin = 'mysql_native_password' where user='root';" | mysql -u root + sed -i 's/password =/password = '$CFG_MYSQL_ROOT_PWD'/' /etc/mysql/debian.cnf + mysql -e "UPDATE mysql.user SET Password = PASSWORD('$CFG_MYSQL_ROOT_PWD') WHERE User = 'root'" + # Make our changes take effect + mysql -e "FLUSH PRIVILEGES" + echo -e "[${green}DONE${NC}]\n" + echo -n "Restarting MariaDB... " + systemctl restart mysql + echo -e "[${green}DONE${NC}]\n" +} diff --git a/distros/debian12/install_phpmyadmin.sh b/distros/debian12/install_phpmyadmin.sh new file mode 100644 index 00000000..bd9e9078 --- /dev/null +++ b/distros/debian12/install_phpmyadmin.sh @@ -0,0 +1,87 @@ +#--------------------------------------------------------------------- +# Function: InstallphpMyAdmin +# Install and configure phpMyAdmin +#--------------------------------------------------------------------- +InstallphpMyAdmin() { + phpMyAdmin="5.1.1" #phpMyAdmin version + blowfish="hu67jty85Fgh6TRfcjiw50720fghTyjT" # blowfish 32 char secret maybe it can be autogenerated + mkdir /usr/share/phpmyadmin + mkdir /etc/phpmyadmin + mkdir -p /var/lib/phpmyadmin/tmp + chown -R www-data:www-data /var/lib/phpmyadmin + touch /etc/phpmyadmin/htpasswd.setup + cd /tmp + wget https://files.phpmyadmin.net/phpMyAdmin/$phpMyAdmin/phpMyAdmin-$phpMyAdmin-all-languages.tar.gz > /dev/null 2>&1 + tar xfz phpMyAdmin-$phpMyAdmin-all-languages.tar.gz > /dev/null 2>&1 + mv phpMyAdmin-$phpMyAdmin-all-languages/* /usr/share/phpmyadmin/ + rm phpMyAdmin-$phpMyAdmin-all-languages.tar.gz + rm -rf phpMyAdmin-$phpMyAdmin-all-languages + cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php + sed -i "s|\$cfg\['blowfish_secret'\]\s=\s'';|\$cfg['blowfish_secret'] = '$blowfish';|" /usr/share/phpmyadmin/config.inc.php + sed -i "$ a\$cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';" /usr/share/phpmyadmin/config.inc.php + if [ "$CFG_WEBSERVER" == "apache" ]; then + touch /etc/apache2/conf-available/phpmyadmin.conf + cat > /etc/apache2/conf-available/phpmyadmin.conf < + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_value include_path . + + + +# Authorize for setup + + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + +EOF + + a2enconf phpmyadmin > /dev/null 2>&1 + systemctl reload apache2 + elif [ "$CFG_WEBSERVER" == "nginx" ]; then + source $APWD/distros/debian10/phpmyadmin_nginx.sh + config_phpMyAdmin_nginx + fi + + mysql -u root -p"$CFG_MYSQL_ROOT_PWD" -e"CREATE DATABASE phpmyadmin;" + mysql -u root -p"$CFG_MYSQL_ROOT_PWD" -e"CREATE USER 'pma'@'localhost' IDENTIFIED BY '$CFG_MYSQL_ROOT_PWD';" + mysql -u root -p"$CFG_MYSQL_ROOT_PWD" -e"GRANT ALL PRIVILEGES ON phpmyadmin.* TO 'pma'@'localhost' IDENTIFIED BY '$CFG_MYSQL_ROOT_PWD' WITH GRANT OPTION;" + mysql -u root -p"$CFG_MYSQL_ROOT_PWD" -e"FLUSH PRIVILEGES;" + mysql -u root -p"$CFG_MYSQL_ROOT_PWD" phpmyadmin < /usr/share/phpmyadmin/sql/create_tables.sql + # used to manipulate storage uncommented and values set + sed -i "s|//\s\$cfg\['Servers'\]\[\$i\]\['controlhost'\]\s=\s'';|\$cfg['Servers'][\$i]['controlhost'] = 'localhost';|" /usr/share/phpmyadmin/config.inc.php + sed -i "s|//\s\$cfg\['Servers'\]\[\$i\]\['controlport'\]\s=\s'';|\$cfg['Servers'][\$i]['controlport'] = '';|" /usr/share/phpmyadmin/config.inc.php + sed -i "s|//\s\$cfg\['Servers'\]\[\$i\]\['controluser'\]\s=\s'pma';|\$cfg['Servers'][\$i]['controluser'] = 'pma';|" /usr/share/phpmyadmin/config.inc.php + sed -i "s|//\s\$cfg\['Servers'\]\[\$i\]\['controlpass'\]\s=\s'pmapass';|\$cfg['Servers'][\$i]['controlpass'] = '$CFG_MYSQL_ROOT_PWD';|" /usr/share/phpmyadmin/config.inc.php + # uncomment the Storage database and tables section + sed -i '/\*\sStorage\sdatabase\sand\stables\s\*/,/\*\*/ s|^//||' /usr/share/phpmyadmin/config.inc.php + +} diff --git a/distros/debian12/install_postfix.sh b/distros/debian12/install_postfix.sh new file mode 100644 index 00000000..194c246d --- /dev/null +++ b/distros/debian12/install_postfix.sh @@ -0,0 +1,32 @@ +#--------------------------------------------------------------------- +# Function: Install Postfix +# Install and configure postfix +#--------------------------------------------------------------------- +InstallPostfix() { + if [ -f /etc/init.d/sendmail ]; then + echo -n "Removing Sendmail... " + systemctl stop sendmail + hide_output update-rc.d -f sendmail remove + apt_remove sendmail + echo -e "[${green}DONE${NC}]\n" + fi + + echo -n "Installing SMTP Mail server (Postfix)... " + echo "postfix postfix/main_mailer_type select Internet Site" | debconf-set-selections + echo "postfix postfix/mailname string $CFG_HOSTNAME_FQDN" | debconf-set-selections + # apt_install postfix postfix-mysql postfix-doc getmail4 + apt_install postfix postfix-mysql postfix-doc postfix-pcre ca-certificates + sed -i "s/#submission inet n - y - - smtpd/submission inet n - - - - smtpd/" /etc/postfix/master.cf + sed -i "s/# -o syslog_name=postfix\/submission/ -o syslog_name=postfix\/submission/" /etc/postfix/master.cf + sed -i "s/# -o smtpd_tls_security_level=encrypt/ -o smtpd_tls_security_level=encrypt/" /etc/postfix/master.cf + sed -i "s/# -o smtpd_sasl_auth_enable=yes/ -o smtpd_sasl_auth_enable=yes\\$(echo -e '\n\r') -o smtpd_client_restrictions=permit_sasl_authenticated,reject/" /etc/postfix/master.cf + sed -i "s/#smtps inet n - y - - smtpd/smtps inet n - - - - smtpd/" /etc/postfix/master.cf + sed -i "s/# -o syslog_name=postfix\/smtps/ -o syslog_name=postfix\/smtps/" /etc/postfix/master.cf + sed -i "s/# -o smtpd_tls_wrappermode=yes/ -o smtpd_tls_wrappermode=yes/" /etc/postfix/master.cf + sed -i "s/# -o smtpd_sasl_auth_enable=yes/ -o smtpd_sasl_auth_enable=yes\\$(echo -e '\n\r') -o smtpd_client_restrictions=permit_sasl_authenticated,reject/" /etc/postfix/master.cf + sed -i "s/#tlsproxy unix - - y - 0 tlsproxy/tlsproxy unix - - y - 0 tlsproxy/" /etc/postfix/master.cf + echo -e "[${green}DONE${NC}]\n" + echo -n "Restarting Postfix... " + systemctl restart postfix + echo -e "[${green}DONE${NC}]\n" +} diff --git a/distros/debian12/install_quota.sh b/distros/debian12/install_quota.sh new file mode 100644 index 00000000..03dabde4 --- /dev/null +++ b/distros/debian12/install_quota.sh @@ -0,0 +1,30 @@ +#--------------------------------------------------------------------- +# Function: InstallQuota +# Install and configure of disk quota +#--------------------------------------------------------------------- +InstallQuota() { + echo -n "Installing Quota... " + apt_install quota quotatool + echo -e "[${green}DONE${NC}]\n" + quotaoff -a + + if ! [ -f /proc/user_beancounters ]; then + echo -n "Initializing Quota, this may take a while... " + if [ "$(grep -c ',usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0' /etc/fstab)" -eq 0 ]; then + sed -i '/\/[[:space:]]\+/ {/tmpfs/!s/errors=remount-ro/errors=remount-ro,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0/}' /etc/fstab + sed -i '/\/[[:space:]]\+/ {/tmpfs/!s/defaults/defaults,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0/}' /etc/fstab + fi + mount -o remount / + # rc.local is deprecated, so following no longer required + #if ! [ -e /dev/root ]; then + # Source: https://www.howtoforge.com/community/threads/new-install-jessie-issue-with-quota.71183/#post-342624 + # ROOT_PARTITION=$(awk '$2~"^/$" {print $1}' /etc/fstab) + # ln -s "$ROOT_PARTITION" /dev/root + # sed -i "/^exit 0/i ln -s $ROOT_PARTITION \/dev\/root" /etc/rc.local + # sed -i '/^exit 0/i \/etc\/init.d\/quota restart\n' /etc/rc.local + #fi + quotacheck -avugm + quotaon -avug + echo -e "[${green}DONE${NC}]\n" + fi +} diff --git a/distros/debian12/install_webmail.sh b/distros/debian12/install_webmail.sh new file mode 100644 index 00000000..64b34bb7 --- /dev/null +++ b/distros/debian12/install_webmail.sh @@ -0,0 +1,135 @@ +#--------------------------------------------------------------------- +# Function: InstallWebmail +# Install the chosen webmail client. Squirrelmail or Roundcube +#--------------------------------------------------------------------- +InstallWebmail() { + case $CFG_WEBMAIL in + "roundcube") + echo -n "Installing Webmail client (Roundcube)... " + echo "CREATE DATABASE roundcube;" | mysql --defaults-file=/etc/mysql/debian.cnf + CFG_ROUNDCUBE_PWD=$(< /dev/urandom tr -dc A-Z-a-z-0-9 | head -c12) + echo "roundcube-core roundcube/dbconfig-install boolean true" | debconf-set-selections + echo "roundcube-core roundcube/database-type select mysql" | debconf-set-selections + echo "roundcube-core roundcube/mysql/admin-pass password $CFG_MYSQL_ROOT_PWD" | debconf-set-selections + echo "roundcube-core roundcube/db/dbname string roundcube" | debconf-set-selections + echo "roundcube-core roundcube/mysql/app-pass password $CFG_ROUNDCUBE_PWD" | debconf-set-selections + echo "roundcube-core roundcube/app-password-confirm password $CFG_ROUNDCUBE_PWD" | debconf-set-selections + echo "roundcube-core roundcube/hosts string localhost" | debconf-set-selections + apt_install roundcube roundcube-core roundcube-mysql roundcube-plugins + echo -n "Installing Webmail client Plugins (Roundcube)... " + cd /tmp + wget -q -O ispconfig3_roundcube.tgz https://github.com/w2c/ispconfig3_roundcube/tarball/master + tar xzf ispconfig3_roundcube.tgz + cp -r /tmp/*ispconfig3_roundcube*/ispconfig3_* /usr/share/roundcube/plugins/ + ln -s /usr/share/roundcube/plugins/ispconfig3_account /var/lib/roundcube/plugins/ispconfig3_account + ln -s /usr/share/roundcube/plugins/ispconfig3_autoreply /var/lib/roundcube/plugins/ispconfig3_autoreply + ln -s /usr/share/roundcube/plugins/ispconfig3_autoselect /var/lib/roundcube/plugins/ispconfig3_autoselect + ln -s /usr/share/roundcube/plugins/ispconfig3_fetchmail /var/lib/roundcube/plugins/ispconfig3_fetchmail + ln -s /usr/share/roundcube/plugins/ispconfig3_filter /var/lib/roundcube/plugins/ispconfig3_filter + ln -s /usr/share/roundcube/plugins/ispconfig3_forward /var/lib/roundcube/plugins/ispconfig3_forward + ln -s /usr/share/roundcube/plugins/ispconfig3_pass /var/lib/roundcube/plugins/ispconfig3_pass + ln -s /usr/share/roundcube/plugins/ispconfig3_spam /var/lib/roundcube/plugins/ispconfig3_spam + ln -s /usr/share/roundcube/plugins/ispconfig3_wblist /var/lib/roundcube/plugins/ispconfig3_wblist + sed -i "/'zipdownload',/a 'jqueryui',\n'ispconfig3_account',\n'ispconfig3_autoreply',\n'ispconfig3_pass',\n'ispconfig3_spam',\n'ispconfig3_fetchmail',\n'ispconfig3_filter',\n'ispconfig3_forward'," /etc/roundcube/config.inc.php + mv /usr/share/roundcube/plugins/ispconfig3_account/config/config.inc.php.dist /usr/share/roundcube/plugins/ispconfig3_account/config/config.inc.php + sed -i "s/\$rcmail_config\['remote_soap_pass'\] = '.*';/\$rcmail_config\['remote_soap_pass'\] = '$CFG_ROUNDCUBE_PWD';/" /usr/share/roundcube/plugins/ispconfig3_account/config/config.inc.php + sed -i "s/\$rcmail_config\['soap_url'\] = '.*';/\$rcmail_config['soap_url'] = 'https\:\/\/$CFG_HOSTNAME_FQDN\:8080\/remote\/';/" /usr/share/roundcube/plugins/ispconfig3_account/config/config.inc.php + mv /usr/share/roundcube/plugins/ispconfig3_pass/config/config.inc.php.dist /usr/share/roundcube/plugins/ispconfig3_pass/config/config.inc.php + sed -i "s/\$rcmail_config\['password_min_length'\] = 6;/\$rcmail_config\['password_min_length'\] = 8;/" /usr/share/roundcube/plugins/ispconfig3_pass/config/config.inc.php + sed -i "s/\$rcmail_config\['password_check_symbol'\] = TRUE;/\$rcmail_config\['password_check_symbol'\] = FALSE;/" /usr/share/roundcube/plugins/ispconfig3_pass/config/config.inc.php + sed -i "s/\$config\['default_host'\] = array(\"localhost\");/\$config['default_host'] = 'localhost';/" /etc/roundcube/config.inc.php + if [ "$CFG_WEBSERVER" == "apache" ]; then + echo "Alias /webmail /var/lib/roundcube" >> /etc/apache2/conf-enabled/roundcube.conf + echo -e "[${green}DONE${NC}]\n" + echo -n "Reloading Apache... " + systemctl reload apache2 + elif [ "$CFG_WEBSERVER" == "nginx" ]; then + cat << "EOF" > /etc/nginx/sites-available/roundcube.vhost +server { + # SSL configuration + listen 443 ssl; + + ssl on; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt; + ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key; + + location /roundcube { + root /var/lib/; + index index.php index.html index.htm; + location ~ ^/roundcube/(.+\.php)$ { + try_files $uri =404; + root /var/lib/; + include /etc/nginx/fastcgi_params; + # To access SquirrelMail, the default user (like www-data on Debian/Ubuntu) mu$ + #fastcgi_pass 127.0.0.1:9000; + fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_buffer_size 128k; + fastcgi_buffers 256 4k; + fastcgi_busy_buffers_size 256k; + fastcgi_temp_file_write_size 256k; + } + location ~* ^/roundcube/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /var/lib/; + } + location ~* /.svn/ { + deny all; + } + location ~* /README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ { + deny all; + } + } + location /webmail { + rewrite ^/* /roundcube last; + } +} +EOF + ln -s /etc/nginx/sites-available/roundcube.vhost /etc/nginx/sites-enabled/roundcube.vhost + fi + + ;; + "squirrelmail") + echo -n "Installing Webmail client (SquirrelMail)... " + if [ "$CFG_WEBSERVER" == "apache" ]; then + echo "dictionaries-common dictionaries-common/default-wordlist select american (American English)" | debconf-set-selections + apt_install squirrelmail wamerican + ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf-available/squirrelmail.conf + a2enconf squirrelmail + sed -i 1d /etc/squirrelmail/apache.conf + sed -i '1iAlias /webmail /usr/share/squirrelmail' /etc/squirrelmail/apache.conf + + case $CFG_MTA in + "courier") + sed -i 's/$imap_server_type = "other";/$imap_server_type = "courier";/' /etc/squirrelmail/config.php + sed -i 's/$optional_delimiter = "detect";/$optional_delimiter = ".";/' /etc/squirrelmail/config.php + sed -i 's/$default_folder_prefix = "";/$default_folder_prefix = "INBOX.";/' /etc/squirrelmail/config.php + sed -i 's/$trash_folder = "INBOX.Trash";/$trash_folder = "Trash";/' /etc/squirrelmail/config.php + sed -i 's/$sent_folder = "INBOX.Sent";/$sent_folder = "Sent";/' /etc/squirrelmail/config.php + sed -i 's/$draft_folder = "INBOX.Drafts";/$draft_folder = "Drafts";/' /etc/squirrelmail/config.php + sed -i 's/$default_sub_of_inbox = true;/$default_sub_of_inbox = false;/' /etc/squirrelmail/config.php + sed -i 's/$delete_folder = false;/$delete_folder = true;/' /etc/squirrelmail/config.php + ;; + "dovecot") + sed -i 's/$imap_server_type = "other";/$imap_server_type = "dovecot";/' /etc/squirrelmail/config.php + sed -i 's/$trash_folder = "INBOX.Trash";/$trash_folder = "Trash";/' /etc/squirrelmail/config.php + sed -i 's/$sent_folder = "INBOX.Sent";/$sent_folder = "Sent";/' /etc/squirrelmail/config.php + sed -i 's/$draft_folder = "INBOX.Drafts";/$draft_folder = "Drafts";/' /etc/squirrelmail/config.php + sed -i 's/$default_sub_of_inbox = true;/$default_sub_of_inbox = false;/' /etc/squirrelmail/config.php + sed -i 's/$delete_folder = false;/$delete_folder = true;/' /etc/squirrelmail/config.php + ;; + esac + fi + ;; + esac + echo -e "[${green}DONE${NC}]\n" + if [ "$CFG_WEBSERVER" == "apache" ]; then + echo -n "Restarting Apache... " + systemctl restart apache2 + elif [ "$CFG_WEBSERVER" == "nginx" ]; then + echo -n "Restarting nginx... " + systemctl restart nginx + fi + echo -e "[${green}DONE${NC}]\n" +} diff --git a/distros/debian12/install_webserver.sh b/distros/debian12/install_webserver.sh new file mode 100644 index 00000000..6fb0c18a --- /dev/null +++ b/distros/debian12/install_webserver.sh @@ -0,0 +1,147 @@ +#--------------------------------------------------------------------- +# Function: InstallWebServer Debian 10 +# Install and configure Apache2, php + modules +#--------------------------------------------------------------------- +InstallWebServer() { + + if [ "$CFG_WEBSERVER" == "apache" ]; then + CFG_NGINX=n + CFG_APACHE=y + echo -n "Installing Web server (Apache) and modules... " + echo "phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2" | debconf-set-selections + # - DISABLED DUE TO A BUG IN DBCONFIG - echo "phpmyadmin phpmyadmin/dbconfig-install boolean false" | debconf-set-selections + echo "dbconfig-common dbconfig-common/dbconfig-install boolean false" | debconf-set-selections + apt_install apache2 apache2-doc apache2-utils libapache2-mod-php libapache2-mod-fcgid apache2-suexec-pristine libruby libapache2-mod-python php-memcache php-imagick libapache2-mod-passenger + echo -e "[${green}DONE${NC}]\n" + echo -n "Installing PHP and modules... " + # Need to check if soemthing is asked before suppress messages + apt_install php7.4 php7.4-common php7.4-gd php7.4-mysql php7.4-imap php7.4-cli php7.4-cgi php-pear php7.4-curl php7.4-intl php7.4-pspell php7.4-sqlite3 php7.4-tidy php7.4-xmlrpc php7.4-xsl php7.4-zip php7.4-mbstring php7.4-soap + echo -e "[${green}DONE${NC}]\n" + echo -n "Installing PHP-FPM... " + #Need to check if soemthing is asked before suppress messages + apt_install php7.4-fpm + #Need to check if soemthing is asked before suppress messages + a2enmod actions > /dev/null 2>&1 + a2enmod proxy_fcgi > /dev/null 2>&1 + a2enmod alias > /dev/null 2>&1 + echo -e "[${green}DONE${NC}]\n" + echo -n "Installing needed programs for PHP and Apache (mcrypt, etc.)... " + apt_install mcrypt imagemagick memcached curl tidy snmp + echo -e "[${green}DONE${NC}]\n" + + if [ "$CFG_PHPMYADMIN" == "yes" ]; then + source $APWD/distros/debian10/install_phpmyadmin.sh + echo -n "Installing phpMyAdmin... " + InstallphpMyAdmin + echo -e "[${green}DONE${NC}]\n" + fi + + if [ "$CFG_PHP56" == "yes" ]; then + echo "Installing PHP 5.6... " + apt_install apt-transport-https > /dev/null 2>&1 + curl https://packages.sury.org/php/apt.gpg | apt-key add - > /dev/null 2>&1 + echo 'deb https://packages.sury.org/php/ bullseye main' > /etc/apt/sources.list.d/deb.sury.org.list + apt-get update > /dev/null 2>&1 + apt_install php5.6 php5.6-common php5.6-gd php5.6-mysql php5.6-imap php5.6-cli php5.6-cgi php5.6-mcrypt php5.6-curl php5.6-intl php5.6-pspell php5.6-recode php5.6-sqlite3 php5.6-tidy php5.6-xmlrpc php5.6-xsl php5.6-zip php5.6-mbstring php5.6-fpm + echo -e "Package: *\nPin: origin packages.sury.org\nPin-Priority: 100" > /etc/apt/preferences.d/deb-sury-org + echo -e "[${green}DONE${NC}]\n" + fi + + echo -n "Activating Apache modules... " + a2enmod suexec > /dev/null 2>&1 + a2enmod rewrite > /dev/null 2>&1 + a2enmod ssl > /dev/null 2>&1 + a2enmod actions > /dev/null 2>&1 + a2enmod include > /dev/null 2>&1 + a2enmod dav_fs > /dev/null 2>&1 + a2enmod dav > /dev/null 2>&1 + a2enmod auth_digest > /dev/null 2>&1 + # a2enmod fastcgi > /dev/null 2>&1 + # a2enmod alias > /dev/null 2>&1 + # a2enmod fcgid > /dev/null 2>&1 + a2enmod cgi > /dev/null 2>&1 + a2enmod headers > /dev/null 2>&1 + echo -e "[${green}DONE${NC}]\n" + + echo -n "Disabling HTTP_PROXY... " + echo "" >> /etc/apache2/conf-available/httpoxy.conf + echo " RequestHeader unset Proxy early" >> /etc/apache2/conf-available/httpoxy.conf + echo "" >> /etc/apache2/conf-available/httpoxy.conf + a2enconf httpoxy > /dev/null 2>&1 + echo -e "[${green}DONE${NC}]\n" + echo -n "Restarting Apache... " + systemctl restart apache2 + echo -e "[${green}DONE${NC}]\n" + + echo -n "Installing Let's Encrypt (Certbot)... " + apt_install certbot + echo -e "[${green}DONE${NC}]\n" + + echo -n "Installing PHP Opcode Cache... " + apt_install php7.4-opcache php-apcu + echo -e "[${green}DONE${NC}]\n" + echo -n "Restarting Apache... " + systemctl restart apache2 + echo -e "[${green}DONE${NC}]\n" + #end of installing apache + elif [ "$CFG_WEBSERVER" == "nginx" ]; then + CFG_NGINX=y + CFG_APACHE=n + echo -n "Installing Web server (nginx) and modules... " + apt_install nginx + systemctl start nginx + apt_install php7.4 php7.4-common php-bcmath php7.4-gd php7.4-mysql php7.4-imap php7.4-cli php7.4-cgi php-pear mcrypt libruby php7.4-curl php7.4-intl php7.4-pspell php7.4-sqlite3 php7.4-tidy php7.4-xmlrpc php7.4-xsl php-memcache php-imagick php7.4-zip php7.4-mbstring php7.4-soap php7.4-opcache + echo -e "[${green}DONE${NC}]\n" + echo -n "Installing PHP-FPM... " + #Need to check if something is asked before suppress messages + apt_install php7.4-fpm + sed -i "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php/7.4/fpm/php.ini + TIME_ZONE=$(echo "$TIME_ZONE" | sed -n 's/ (.*)$//p') + sed -i "s/;date.timezone =/date.timezone=\"${TIME_ZONE//\//\\/}\"/" /etc/php/7.4/fpm/php.ini + echo -e "[${green}DONE${NC}]\n" + echo -n "Installing needed programs for PHP and nginx (mcrypt, etc.)... " + apt_install mcrypt imagemagick memcached curl tidy snmp + echo -e "[${green}DONE${NC}]\n" + echo -n "Reloading PHP-FPM... " + systemctl reload php7.4-fpm + echo -e "[${green}DONE${NC}]\n" + echo -n "Installing fcgiwrap... " + apt_install fcgiwrap + echo -e "[${green}DONE${NC}]\n" + + if [ "$CFG_PHPMYADMIN" == "yes" ]; then + source $APWD/distros/debian10/install_phpmyadmin.sh + echo -n "Installing phpMyAdmin... " + InstallphpMyAdmin + echo -e "[${green}DONE${NC}]\n" + fi + + + if [ "$CFG_PHP56" == "yes" ]; then + echo -n "Installing PHP 5.6... " + apt_install apt-transport-https + curl https://packages.sury.org/php/apt.gpg | apt-key add - > /dev/null 2>&1 + echo 'deb https://packages.sury.org/php/ bullseye main' > /etc/apt/sources.list.d/deb.sury.org.list + apt-get update > /dev/null 2>&1 + apt_install php5.6 php5.6-common php5.6-gd php5.6-mysql php5.6-imap php5.6-cli php5.6-cgi php5.6-mcrypt php5.6-curl php5.6-intl php5.6-pspell php5.6-recode php5.6-sqlite3 php5.6-tidy php5.6-xmlrpc php5.6-xsl php5.6-zip php5.6-mbstring php5.6-fpm + echo -e "Package: *\nPin: origin packages.sury.org\nPin-Priority: 100" > /etc/apt/preferences.d/deb-sury-org + echo -e "[${green}DONE${NC}]\n" + fi + echo -n "Installing Let's Encrypt (Certbot)... " + apt_install certbot + echo -e "[${green}DONE${NC}]\n" + + # echo -n "Installing PHP Opcode Cache... " + # apt_install php7.4-opcache php-apcu + # echo -e "[${green}DONE${NC}]\n" + + fi + if [ "$CFG_PHP56" == "yes" ]; then + echo -e "${red}Attention!!! You have installed php7 and php 5.6, to make php 5.6 work you have to configure the following in ISPConfig ${NC}" + echo -e "${red}Path for PHP FastCGI binary: /usr/bin/php-cgi5.6 ${NC}" + echo -e "${red}Path for php.ini directory: /etc/php/5.6/cgi ${NC}" + echo -e "${red}Path for PHP-FPM init script: /etc/init.d/php5.6-fpm ${NC}" + echo -e "${red}Path for php.ini directory: /etc/php/5.6/fpm ${NC}" + echo -e "${red}Path for PHP-FPM pool directory: /etc/php/5.6/fpm/pool.d ${NC}" + fi +} diff --git a/distros/debian12/install_webstats.sh b/distros/debian12/install_webstats.sh new file mode 100644 index 00000000..0018fd1a --- /dev/null +++ b/distros/debian12/install_webstats.sh @@ -0,0 +1,13 @@ +#--------------------------------------------------------------------- +# Function: InstallWebStats +# Install and configure web stats +#--------------------------------------------------------------------- +InstallWebStats() { + echo -n "Installing Statistics (Webalizer and AWStats)... "; + # apt_install vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl libtimedate-perl + #apt_install webalizer awstats geoip-database libclass-dbi-mysql-perl libtimedate-perl + apt_install awstats geoip-database libclass-dbi-mysql-perl libtimedate-perl + sed -i 's/^/#/' /etc/cron.d/awstats + echo -e "[${green}DONE${NC}]\n" +} + diff --git a/distros/debian12/phpmyadmin_nginx.sh b/distros/debian12/phpmyadmin_nginx.sh new file mode 100644 index 00000000..8b1e0042 --- /dev/null +++ b/distros/debian12/phpmyadmin_nginx.sh @@ -0,0 +1,82 @@ +#--------------------------------------------------------------------- +# Function: Confi_phpMyAdmin_nginx +# Configure phpMyAdmin for nginx +#--------------------------------------------------------------------- +config_phpMyAdmin_nginx() { + touch /etc/nginx/conf.d/phpmyadmin.conf + # Write default ngnix vhost configuration file for phpmyadmin - to be included in all other hosts + cat /etc/nginx/conf.d/phpmyadmin.conf < Date: Mon, 25 Mar 2024 12:24:44 +0100 Subject: [PATCH 02/10] handle check for debian 12 --- functions/check_linux.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/functions/check_linux.sh b/functions/check_linux.sh index f92eaf38..c1f9ff17 100644 --- a/functions/check_linux.sh +++ b/functions/check_linux.sh @@ -101,6 +101,12 @@ CheckLinux() { elif echo "$VERSION_ID" | grep -iq "11"; then DISTRO=debian11 + #--------------------------------------------------------------------- + # Debian 12 Bookworm + #--------------------------------------------------------------------- + + elif echo "$VERSION_ID" | grep -iq "12"; then + DISTRO=debian12 fi elif echo "$ID" | grep -iq "raspbian"; then From 518168df54ee5eb0106f499927207655d8095a15 Mon Sep 17 00:00:00 2001 From: Messi89 Date: Mon, 25 Mar 2024 12:24:57 +0100 Subject: [PATCH 03/10] increase phpmyadmin to 5.2.1 --- distros/debian11/install_phpmyadmin.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distros/debian11/install_phpmyadmin.sh b/distros/debian11/install_phpmyadmin.sh index bd9e9078..1cc09e67 100644 --- a/distros/debian11/install_phpmyadmin.sh +++ b/distros/debian11/install_phpmyadmin.sh @@ -3,7 +3,7 @@ # Install and configure phpMyAdmin #--------------------------------------------------------------------- InstallphpMyAdmin() { - phpMyAdmin="5.1.1" #phpMyAdmin version + phpMyAdmin="5.2.1" #phpMyAdmin version blowfish="hu67jty85Fgh6TRfcjiw50720fghTyjT" # blowfish 32 char secret maybe it can be autogenerated mkdir /usr/share/phpmyadmin mkdir /etc/phpmyadmin From dec3752324ace37ec0eab5bcdeb41a093e9abf63 Mon Sep 17 00:00:00 2001 From: Messi89 Date: Mon, 25 Mar 2024 12:25:53 +0100 Subject: [PATCH 04/10] fix phpmyadmin version --- distros/debian11/install_phpmyadmin.sh | 2 +- distros/debian12/install_phpmyadmin.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/distros/debian11/install_phpmyadmin.sh b/distros/debian11/install_phpmyadmin.sh index 1cc09e67..bd9e9078 100644 --- a/distros/debian11/install_phpmyadmin.sh +++ b/distros/debian11/install_phpmyadmin.sh @@ -3,7 +3,7 @@ # Install and configure phpMyAdmin #--------------------------------------------------------------------- InstallphpMyAdmin() { - phpMyAdmin="5.2.1" #phpMyAdmin version + phpMyAdmin="5.1.1" #phpMyAdmin version blowfish="hu67jty85Fgh6TRfcjiw50720fghTyjT" # blowfish 32 char secret maybe it can be autogenerated mkdir /usr/share/phpmyadmin mkdir /etc/phpmyadmin diff --git a/distros/debian12/install_phpmyadmin.sh b/distros/debian12/install_phpmyadmin.sh index bd9e9078..1cc09e67 100644 --- a/distros/debian12/install_phpmyadmin.sh +++ b/distros/debian12/install_phpmyadmin.sh @@ -3,7 +3,7 @@ # Install and configure phpMyAdmin #--------------------------------------------------------------------- InstallphpMyAdmin() { - phpMyAdmin="5.1.1" #phpMyAdmin version + phpMyAdmin="5.2.1" #phpMyAdmin version blowfish="hu67jty85Fgh6TRfcjiw50720fghTyjT" # blowfish 32 char secret maybe it can be autogenerated mkdir /usr/share/phpmyadmin mkdir /etc/phpmyadmin From ed7a3359f7eadda60ea8dd57de2bbf3e93602735 Mon Sep 17 00:00:00 2001 From: Messi89 Date: Mon, 25 Mar 2024 12:33:42 +0100 Subject: [PATCH 05/10] fix sury php package --- distros/debian12/askquestions.sh | 2 +- distros/debian12/install_webserver.sh | 22 +++++++++++----------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/distros/debian12/askquestions.sh b/distros/debian12/askquestions.sh index e79f3682..bec8954f 100644 --- a/distros/debian12/askquestions.sh +++ b/distros/debian12/askquestions.sh @@ -25,7 +25,7 @@ AskQuestions() { while [[ ! "$CFG_PHP56" =~ $RE ]] do - CFG_PHP56=$(whiptail --title "Install PHP 5.6" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "By default ISPConfig comes with PHP 7.4, do you want to install also PHP 5.6 version?" 10 50 2 "no" "(default)" ON "yes" "" OFF 3>&1 1>&2 2>&3) + CFG_PHP56=$(whiptail --title "Install PHP 5.6" --backtitle "$WT_BACKTITLE" --nocancel --radiolist "By default ISPConfig comes with PHP 8.2, do you want to install also PHP 5.6 version?" 10 50 2 "no" "(default)" ON "yes" "" OFF 3>&1 1>&2 2>&3) done if echo "$ID" | grep -iq 'raspbian'; then diff --git a/distros/debian12/install_webserver.sh b/distros/debian12/install_webserver.sh index 6fb0c18a..e75e8d11 100644 --- a/distros/debian12/install_webserver.sh +++ b/distros/debian12/install_webserver.sh @@ -15,11 +15,11 @@ InstallWebServer() { echo -e "[${green}DONE${NC}]\n" echo -n "Installing PHP and modules... " # Need to check if soemthing is asked before suppress messages - apt_install php7.4 php7.4-common php7.4-gd php7.4-mysql php7.4-imap php7.4-cli php7.4-cgi php-pear php7.4-curl php7.4-intl php7.4-pspell php7.4-sqlite3 php7.4-tidy php7.4-xmlrpc php7.4-xsl php7.4-zip php7.4-mbstring php7.4-soap + apt_install php8.2 php8.2-common php8.2-gd php8.2-mysql php8.2-imap php8.2-cli php8.2-cgi php-pear php8.2-curl php8.2-intl php8.2-pspell php8.2-sqlite3 php8.2-tidy php8.2-xmlrpc php8.2-xsl php8.2-zip php8.2-mbstring php8.2-soap echo -e "[${green}DONE${NC}]\n" echo -n "Installing PHP-FPM... " #Need to check if soemthing is asked before suppress messages - apt_install php7.4-fpm + apt_install php8.2-fpm #Need to check if soemthing is asked before suppress messages a2enmod actions > /dev/null 2>&1 a2enmod proxy_fcgi > /dev/null 2>&1 @@ -40,7 +40,7 @@ InstallWebServer() { echo "Installing PHP 5.6... " apt_install apt-transport-https > /dev/null 2>&1 curl https://packages.sury.org/php/apt.gpg | apt-key add - > /dev/null 2>&1 - echo 'deb https://packages.sury.org/php/ bullseye main' > /etc/apt/sources.list.d/deb.sury.org.list + echo 'deb https://packages.sury.org/php/ bookworm main' > /etc/apt/sources.list.d/deb.sury.org.list apt-get update > /dev/null 2>&1 apt_install php5.6 php5.6-common php5.6-gd php5.6-mysql php5.6-imap php5.6-cli php5.6-cgi php5.6-mcrypt php5.6-curl php5.6-intl php5.6-pspell php5.6-recode php5.6-sqlite3 php5.6-tidy php5.6-xmlrpc php5.6-xsl php5.6-zip php5.6-mbstring php5.6-fpm echo -e "Package: *\nPin: origin packages.sury.org\nPin-Priority: 100" > /etc/apt/preferences.d/deb-sury-org @@ -78,7 +78,7 @@ InstallWebServer() { echo -e "[${green}DONE${NC}]\n" echo -n "Installing PHP Opcode Cache... " - apt_install php7.4-opcache php-apcu + apt_install php8.2-opcache php-apcu echo -e "[${green}DONE${NC}]\n" echo -n "Restarting Apache... " systemctl restart apache2 @@ -90,20 +90,20 @@ InstallWebServer() { echo -n "Installing Web server (nginx) and modules... " apt_install nginx systemctl start nginx - apt_install php7.4 php7.4-common php-bcmath php7.4-gd php7.4-mysql php7.4-imap php7.4-cli php7.4-cgi php-pear mcrypt libruby php7.4-curl php7.4-intl php7.4-pspell php7.4-sqlite3 php7.4-tidy php7.4-xmlrpc php7.4-xsl php-memcache php-imagick php7.4-zip php7.4-mbstring php7.4-soap php7.4-opcache + apt_install php8.2 php8.2-common php-bcmath php8.2-gd php8.2-mysql php8.2-imap php8.2-cli php8.2-cgi php-pear mcrypt libruby php8.2-curl php8.2-intl php8.2-pspell php8.2-sqlite3 php8.2-tidy php8.2-xmlrpc php8.2-xsl php-memcache php-imagick php8.2-zip php8.2-mbstring php8.2-soap php8.2-opcache echo -e "[${green}DONE${NC}]\n" echo -n "Installing PHP-FPM... " #Need to check if something is asked before suppress messages - apt_install php7.4-fpm - sed -i "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php/7.4/fpm/php.ini + apt_install php8.2-fpm + sed -i "s/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/" /etc/php/8.2/fpm/php.ini TIME_ZONE=$(echo "$TIME_ZONE" | sed -n 's/ (.*)$//p') - sed -i "s/;date.timezone =/date.timezone=\"${TIME_ZONE//\//\\/}\"/" /etc/php/7.4/fpm/php.ini + sed -i "s/;date.timezone =/date.timezone=\"${TIME_ZONE//\//\\/}\"/" /etc/php/8.2/fpm/php.ini echo -e "[${green}DONE${NC}]\n" echo -n "Installing needed programs for PHP and nginx (mcrypt, etc.)... " apt_install mcrypt imagemagick memcached curl tidy snmp echo -e "[${green}DONE${NC}]\n" echo -n "Reloading PHP-FPM... " - systemctl reload php7.4-fpm + systemctl reload php8.2-fpm echo -e "[${green}DONE${NC}]\n" echo -n "Installing fcgiwrap... " apt_install fcgiwrap @@ -121,7 +121,7 @@ InstallWebServer() { echo -n "Installing PHP 5.6... " apt_install apt-transport-https curl https://packages.sury.org/php/apt.gpg | apt-key add - > /dev/null 2>&1 - echo 'deb https://packages.sury.org/php/ bullseye main' > /etc/apt/sources.list.d/deb.sury.org.list + echo 'deb https://packages.sury.org/php/ bookworm main' > /etc/apt/sources.list.d/deb.sury.org.list apt-get update > /dev/null 2>&1 apt_install php5.6 php5.6-common php5.6-gd php5.6-mysql php5.6-imap php5.6-cli php5.6-cgi php5.6-mcrypt php5.6-curl php5.6-intl php5.6-pspell php5.6-recode php5.6-sqlite3 php5.6-tidy php5.6-xmlrpc php5.6-xsl php5.6-zip php5.6-mbstring php5.6-fpm echo -e "Package: *\nPin: origin packages.sury.org\nPin-Priority: 100" > /etc/apt/preferences.d/deb-sury-org @@ -132,7 +132,7 @@ InstallWebServer() { echo -e "[${green}DONE${NC}]\n" # echo -n "Installing PHP Opcode Cache... " - # apt_install php7.4-opcache php-apcu + # apt_install php8.2-opcache php-apcu # echo -e "[${green}DONE${NC}]\n" fi From bcc656072770be1b5fd53d3bf3298bf97a0f0f09 Mon Sep 17 00:00:00 2001 From: Messi89 Date: Mon, 25 Mar 2024 15:16:46 +0100 Subject: [PATCH 06/10] fix python dependency --- distros/debian12/install_jailkit.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distros/debian12/install_jailkit.sh b/distros/debian12/install_jailkit.sh index 20be052b..329c8d2c 100644 --- a/distros/debian12/install_jailkit.sh +++ b/distros/debian12/install_jailkit.sh @@ -9,7 +9,7 @@ SUM="d316dc22b9f3ab7464c8bd73c2539304" InstallJailkit() { echo -n "Installing Jailkit... " - apt_install build-essential autoconf automake libtool flex bison debhelper binutils python + apt_install build-essential autoconf automake libtool flex bison debhelper binutils python3 python-is-python3 cd /tmp wget -q https://olivier.sessink.nl/jailkit/jailkit-$JKV.tar.gz if [[ ! "$(md5sum jailkit-$JKV.tar.gz | head -c 32)" = "$SUM" ]]; then From f16254bd6bb9fb119731f981b214b94f5ec293ff Mon Sep 17 00:00:00 2001 From: Messi89 Date: Mon, 25 Mar 2024 15:21:12 +0100 Subject: [PATCH 07/10] fix jailkit --- distros/debian12/install_jailkit.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/distros/debian12/install_jailkit.sh b/distros/debian12/install_jailkit.sh index 329c8d2c..0b607ac9 100644 --- a/distros/debian12/install_jailkit.sh +++ b/distros/debian12/install_jailkit.sh @@ -4,8 +4,8 @@ #--------------------------------------------------------------------- #Program Versions -JKV="2.21" #Jailkit Version -> Maybe this can be automated -SUM="d316dc22b9f3ab7464c8bd73c2539304" +JKV="2.23" #Jailkit Version -> Maybe this can be automated +SUM="c7018645430248613c6241bf529d95ef" InstallJailkit() { echo -n "Installing Jailkit... " From 8111c27602d00e21ca894ff01fc4f851e9ff6699 Mon Sep 17 00:00:00 2001 From: Messi89 Date: Mon, 25 Mar 2024 15:32:05 +0100 Subject: [PATCH 08/10] fix jailkit compatibility level --- distros/debian12/install_jailkit.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/distros/debian12/install_jailkit.sh b/distros/debian12/install_jailkit.sh index 0b607ac9..eab5bad5 100644 --- a/distros/debian12/install_jailkit.sh +++ b/distros/debian12/install_jailkit.sh @@ -19,7 +19,7 @@ InstallJailkit() { fi tar xfz jailkit-$JKV.tar.gz cd jailkit-$JKV - echo 5 > debian/compat + echo 7 > debian/compat ./debian/rules binary > /dev/null 2>&1 cd .. hide_output dpkg -i jailkit_$JKV-1_*.deb From 138a0791ff645dd8a2221602ab43017800779d0a Mon Sep 17 00:00:00 2001 From: Messi89 Date: Mon, 25 Mar 2024 15:45:41 +0100 Subject: [PATCH 09/10] use debian jailkit version --- distros/debian12/install_jailkit.sh | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/distros/debian12/install_jailkit.sh b/distros/debian12/install_jailkit.sh index eab5bad5..a37a43e3 100644 --- a/distros/debian12/install_jailkit.sh +++ b/distros/debian12/install_jailkit.sh @@ -9,21 +9,7 @@ SUM="c7018645430248613c6241bf529d95ef" InstallJailkit() { echo -n "Installing Jailkit... " - apt_install build-essential autoconf automake libtool flex bison debhelper binutils python3 python-is-python3 - cd /tmp - wget -q https://olivier.sessink.nl/jailkit/jailkit-$JKV.tar.gz - if [[ ! "$(md5sum jailkit-$JKV.tar.gz | head -c 32)" = "$SUM" ]]; then - echo -e "\n${red}Error: md5sum does not match${NC}" >&2 - echo "Please try running this script again" >&2 - exit 1 - fi - tar xfz jailkit-$JKV.tar.gz - cd jailkit-$JKV - echo 7 > debian/compat - ./debian/rules binary > /dev/null 2>&1 - cd .. - hide_output dpkg -i jailkit_$JKV-1_*.deb - rm -rf jailkit-$JKV* + apt_install build-essential autoconf automake libtool flex bison debhelper binutils jailkit echo -e "[${green}DONE${NC}]\n" } From 9580bc24d84c9f584211bd8daca7ebc470dd43ba Mon Sep 17 00:00:00 2001 From: Messi89 Date: Mon, 25 Mar 2024 16:16:28 +0100 Subject: [PATCH 10/10] fix spamassassing service --- distros/debian12/install_antivirus.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/distros/debian12/install_antivirus.sh b/distros/debian12/install_antivirus.sh index a73bc56f..699a5a31 100644 --- a/distros/debian12/install_antivirus.sh +++ b/distros/debian12/install_antivirus.sh @@ -13,10 +13,10 @@ InstallAntiVirus() { echo "$CFG_HOSTNAME_FQDN" > /etc/mailname echo -e "[${green}DONE${NC}]\n" echo -n "Stopping SpamAssassin... " - systemctl stop spamassassin + systemctl stop spamd echo -e "[${green}DONE${NC}]\n" echo -n "Disabling SpamAssassin... " - hide_output systemctl disable spamassassin + hide_output systemctl disable spamd echo -e "[${green}DONE${NC}]\n" if [ "$CFG_AVUPDATE" == "yes" ]; then echo -n "Updating Freshclam Antivirus Database. Please Wait... "