#!/usr/bin/env bash
# Official Sentora Automated Installation Script
# =============================================
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
#
# Supported Operating Systems:
# CentOS 6.*/7.* Minimal,
# Fedora 24/25 Minimal,
# Ubuntu server 14.04/18.04
# Debian 7.*/8.*
# 32bit and 64bit
#
# Contributions from:
#
# Pascal Peyremorte (ppeyremorte@sentora.org)
# Yannick Croteau (croteau.yannick@gmail.com)
# Mehdi Blagui
# Kevin Andrews (kevin@zvps.uk)
#
# and all those who participated to this and to previous installers.
# Thanks to all.
##
# SENTORA_CORE/INSTALLER_VERSION
# master - latest unstable
# 1.0.3 - example stable tag
##
SENTORA_INSTALLER_VERSION="master"
# SENTORA_CORE_VERSION="1.0.1"
SENTORA_CORE_VERSION="1.0.3-bugfixes"
PANEL_PATH="/etc/sentora"
PANEL_DATA="/var/sentora"
PANEL_UPGRADE=false
#--- Display the 'welcome' splash/user warning info..
echo ""
echo "############################################################"
echo "# Welcome to the Official Sentora Installer $SENTORA_INSTALLER_VERSION #"
echo "############################################################"
echo -e "\nChecking that minimal requirements are ok"
# Ensure the OS is compatible with the launcher
if [ -f /etc/centos-release ]; then
OS="CentOs"
VERFULL=$(sed 's/^.*release //;s/ (Fin.*$//' /etc/centos-release)
VER=${VERFULL:0:1} # return 6 or 7
elif [ -f /etc/fedora-release ]; then
OS="Fedora"
VER=$(rpm -qa \*-release | grep -Ei "fedora" | cut -d"-" -f3)
elif [ -f /etc/lsb-release ]; then
OS=$(grep DISTRIB_ID /etc/lsb-release | sed 's/^.*=//')
VER=$(grep DISTRIB_RELEASE /etc/lsb-release | sed 's/^.*=//')
elif [ -f /etc/os-release ]; then
OS=$(grep -w ID /etc/os-release | sed 's/^.*=//')
VER=$(grep VERSION_ID /etc/os-release | sed 's/^.*"\(.*\)"/\1/')
else
OS=$(uname -s)
VER=$(uname -r)
fi
ARCH=$(uname -m)
echo "Detected : $OS $VER $ARCH"
if [[ "$OS" = "CentOs" && ("$VER" = "6" || "$VER" = "7" ) ||
"$OS" = "Ubuntu" && ("$VER" = "14.04" || "$VER" = "18.04" ) ||
"$OS" = "Fedora" && ("$VER" = "24" || "$VER" = "25" ) ||
"$OS" = "debian" && ("$VER" = "7" || "$VER" = "8" ) ]] ; then
echo "Ok."
else
echo "Sorry, this OS is not supported by Sentora."
exit 1
fi
# Centos uses repo directory that depends of architecture. Ensure it is compatible
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]] ; then
if [[ "$ARCH" == "i386" || "$ARCH" == "i486" || "$ARCH" == "i586" || "$ARCH" == "i686" ]]; then
ARCH="i386"
elif [[ "$ARCH" != "x86_64" ]]; then
echo "Unexpected architecture name was returned ($ARCH ). :-("
echo "The installer have been designed for i[3-6]8- and x86_64' architectures. If you"
echo " think it may work on your, please report it to the Sentora forum or bugtracker."
exit 1
fi
fi
# Check if the user is 'root' before allowing installation to commence
if [ $UID -ne 0 ]; then
echo "Install failed: you must be logged in as 'root' to install."
echo "Use command 'sudo -i', then enter root password and then try again."
exit 1
fi
# Check for some common control panels that we know will affect the installation/operating of Sentora.
if [ -e /usr/local/cpanel ] || [ -e /usr/local/directadmin ] || [ -e /usr/local/solusvm/www ] || [ -e /usr/local/home/admispconfig ] || [ -e /usr/local/lxlabs/kloxo ] ; then
echo "It appears that a control panel is already installed on your server; This installer"
echo "is designed to install and configure Sentora on a clean OS installation only."
echo -e "\nPlease re-install your OS before attempting to install using this script."
exit 1
fi
# Check for some common packages that we know will affect the installation/operating of Sentora.
if [[ "$OS" = "CentOs" ]] ; then
PACKAGE_INSTALLER="yum -y -q install"
PACKAGE_REMOVER="yum -y -q remove"
inst() {
rpm -q "$1" &> /dev/null
}
if [[ "$VER" = "7" ]]; then
DB_PCKG="mariadb" && echo "DB server will be mariaDB"
else
DB_PCKG="mysql" && echo "DB server will be mySQL"
fi
HTTP_PCKG="httpd"
PHP_PCKG="php"
BIND_PCKG="bind"
elif [[ "$OS" = "Fedora" ]] ; then
PACKAGE_INSTALLER="dnf -y -q install"
PACKAGE_REMOVER="dnf -y -q remove"
inst() {
rpm -q "$1" &> /dev/null
}
DB_PCKG="mariadb" && echo "DB server will be mariaDB"
HTTP_PCKG="httpd"
PHP_PCKG="php"
BIND_PCKG="bind"
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
PACKAGE_INSTALLER="apt-get -yqq install"
PACKAGE_REMOVER="apt-get -yqq remove"
inst() {
dpkg -l "$1" 2> /dev/null | grep '^ii' &> /dev/null
}
HTTP_PCKG="apache2"
BIND_PCKG="bind9"
DB_PCKG="mysql-server"
if [[ "$VER" = "18.04" ]]; then
PHP_PCKG="php"
else
PHP_PCKG="apache2-mod-php5"
fi
fi
# Note : Postfix is installed by default on centos netinstall / minimum install.
# The installer seems to work fine even if Postfix is already installed.
# -> The check of postfix is removed, but this comment remains to remember
# only check for sentora installed systems zpanel can now upgrade using this script
if [ -L "/etc/zpanel" ] && [ -d "/etc/zpanel" ]; then
pkginst="n"
pkginstlist=""
for package in "$DB_PCKG" "dovecot-mysql" "$HTTP_PCKG" "$PHP_PCKG" "proftpd" "$BIND_PCKG" ; do
if (inst "$package"); then
pkginst="y" # At least one package is installed
pkginstlist="$package $pkginstlist"
fi
done
if [ $pkginst = "y" ]; then
echo "It appears that the folowing package(s) are already installed:"
echo "$pkginstlist"
echo "This installer is designed to install and configure Sentora on a clean OS installation only!"
echo -e "\nPlease re-install your OS before attempting to install using this script."
exit 1
fi
unset pkginst
unset pkginstlist
fi
# *************************************************
#--- Prepare or query informations required to install
# Update repositories and Install wget and util used to grab server IP
echo -e "\n-- Installing wget and dns utils required to manage inputs"
if [[ "$OS" = "CentOs" ]]; then
yum -y update
$PACKAGE_INSTALLER bind-utils
elif [[ "$OS" = "Fedora" ]]; then
dnf -y update
$PACKAGE_INSTALLER bind-utils
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
apt-get -yqq update #ensure we can install
$PACKAGE_INSTALLER dnsutils
fi
$PACKAGE_INSTALLER wget
extern_ip="$(wget -qO- http://api.sentora.org/ip.txt)"
#local_ip=$(ifconfig eth0 | sed -En 's|.*inet [^0-9]*(([0-9]*\.){3}[0-9]*).*$|\1|p')
local_ip=$(ip addr show | awk '$1 == "inet" && $3 == "brd" { sub (/\/.*/,""); print $2 }')
# Enable parameters to be entered on commandline, required for vagrant install
# -d
# -i (or -i local or -i public, see below)
# -t
# like :
# sentora_install.sh -t Europe/Paris -d panel.domain.tld -i xxx.xxx.xxx.xxx
# notes:
# -d and -i must be both present or both absent
# -i local force use of local detected ip
# -i public force use of public detected ip
# if -t is used without -d/-i, timezone is set from value given and not asked to user
# if -t absent and -d/-i are present, timezone is not set at all
while getopts d:i:t: opt; do
case $opt in
d)
PANEL_FQDN=$OPTARG
INSTALL="auto"
;;
i)
PUBLIC_IP=$OPTARG
if [[ "$PUBLIC_IP" == "local" ]] ; then
PUBLIC_IP=$local_ip
elif [[ "$PUBLIC_IP" == "public" ]] ; then
PUBLIC_IP=$extern_ip
fi
;;
t)
echo "$OPTARG" > /etc/timezone
tz=$(cat /etc/timezone)
;;
esac
done
if [[ ("$PANEL_FQDN" != "" && "$PUBLIC_IP" == "") ||
("$PANEL_FQDN" == "" && "$PUBLIC_IP" != "") ]] ; then
echo "-d and -i must be both present or both absent."
exit 2
fi
if [[ "$tz" == "" && "$PANEL_FQDN" == "" ]] ; then
# Propose selection list for the time zone
echo "Preparing to select timezone, please wait a few seconds..."
$PACKAGE_INSTALLER tzdata
# setup server timezone
if [[ "$OS" = "CentOs" ]]; then
# make tzselect to save TZ in /etc/timezone
echo "echo \$TZ > /etc/timezone" >> /usr/bin/tzselect
tzselect
tz=$(cat /etc/timezone)
elif [[ "$OS" = "Fedora" ]]; then
cp -n /usr/share/zoneinfo/zone.tab /usr/share/zoneinfo/zone1970.tab
echo "echo \$TZ > /etc/timezone" >> /usr/bin/tzselect
tzselect
tz=$(cat /etc/timezone)
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
dpkg-reconfigure tzdata
tz=$(cat /etc/timezone)
fi
fi
# clear timezone information to focus user on important notice
clear
# Installer parameters
if [[ "$PANEL_FQDN" == "" ]] ; then
echo -e "\n\e[1;33m=== Informations required to build your server ===\e[0m"
echo 'The installer requires 2 pieces of information:'
echo ' 1) the sub-domain that you want to use to access Sentora panel,'
echo ' - do not use your main domain (like domain.com)'
echo ' - use a sub-domain, e.g panel.domain.com'
echo ' - or use the server hostname, e.g server1.domain.com'
echo ' - DNS must already be configured and pointing to the server IP'
echo ' for this sub-domain'
echo ' 2) The public IP of the server.'
echo ''
PANEL_FQDN="$(/bin/hostname)"
PUBLIC_IP=$extern_ip
while true; do
echo ""
read -e -p "Enter the sub-domain you want to access Sentora panel: " -i "$PANEL_FQDN" PANEL_FQDN
if [[ "$PUBLIC_IP" != "$local_ip" ]]; then
echo -e "\nThe public IP of the server is $PUBLIC_IP. Its local IP is $local_ip"
echo " For a production server, the PUBLIC IP must be used."
fi
read -e -p "Enter (or confirm) the public IP for this server: " -i "$PUBLIC_IP" PUBLIC_IP
echo ""
# Checks if the panel domain is a subdomain
sub=$(echo "$PANEL_FQDN" | sed -n 's|\(.*\)\..*\..*|\1|p')
if [[ "$sub" == "" ]]; then
echo -e "\e[1;31mWARNING: $PANEL_FQDN is not a subdomain!\e[0m"
confirm="true"
fi
# Checks if the panel domain is already assigned in DNS
dns_panel_ip=$(host "$PANEL_FQDN"|grep address|cut -d" " -f4)
if [[ "$dns_panel_ip" == "" ]]; then
echo -e "\e[1;31mWARNING: $PANEL_FQDN is not defined in your DNS!\e[0m"
echo " You must add records in your DNS manager (and then wait until propagation is done)."
echo " For more information, read the Sentora documentation:"
echo " - http://docs.sentora.org/index.php?node=7 (Installing Sentora)"
echo " - http://docs.sentora.org/index.php?node=51 (Installer questions)"
echo " If this is a production installation, set the DNS up as soon as possible."
confirm="true"
else
echo -e "\e[1;32mOK\e[0m: DNS successfully resolves $PANEL_FQDN to $dns_panel_ip"
# Check if panel domain matches public IP
if [[ "$dns_panel_ip" != "$PUBLIC_IP" ]]; then
echo -e -n "\e[1;31mWARNING: $PANEL_FQDN DNS record does not point to $PUBLIC_IP!\e[0m"
echo " Sentora will not be reachable from http://$PANEL_FQDN"
confirm="true"
fi
fi
if [[ "$PUBLIC_IP" != "$extern_ip" && "$PUBLIC_IP" != "$local_ip" ]]; then
echo -e -n "\e[1;31mWARNING: $PUBLIC_IP does not match detected IP !\e[0m"
echo " Sentora will not work with this IP..."
confirm="true"
fi
echo ""
# if any warning, ask confirmation to continue or propose to change
if [[ "$confirm" != "" ]] ; then
echo "There are some warnings..."
echo "Are you really sure that you want to setup Sentora with these parameters?"
read -e -p "(y):Accept and install, (n):Change domain or IP, (q):Quit installer? " yn
case $yn in
[Yy]* ) break;;
[Nn]* ) continue;;
[Qq]* ) exit;;
esac
else
read -e -p "All is ok. Do you want to install Sentora now (y/n)? " yn
case $yn in
[Yy]* ) break;;
[Nn]* ) exit;;
esac
fi
done
fi
# ***************************************
# Installation really starts here
#--- Set custom logging methods so we create a log file in the current working directory.
logfile=$(date +%Y-%m-%d_%H.%M.%S_sentora_install.log)
touch "$logfile"
exec > >(tee "$logfile")
exec 2>&1
echo "Installer version $SENTORA_INSTALLER_VERSION"
echo "Sentora core version $SENTORA_CORE_VERSION"
echo ""
echo "Installing Sentora $SENTORA_CORE_VERSION at http://$PANEL_FQDN and ip $PUBLIC_IP"
echo "on server under: $OS $VER $ARCH"
uname -a
# Function to disable a file by appending its name with _disabled
disable_file() {
mv "$1" "$1_disabled_by_sentora" &> /dev/null
}
#--- AppArmor must be disabled to avoid problems
if [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
[ -f /etc/init.d/apparmor ]
if [ $? = "0" ]; then
echo -e "\n-- Disabling and removing AppArmor, please wait..."
/etc/init.d/apparmor stop &> /dev/null
update-rc.d -f apparmor remove &> /dev/null
apt-get remove -y --purge apparmor* &> /dev/null
disable_file /etc/init.d/apparmor &> /dev/null
echo -e "AppArmor has been removed."
fi
fi
#--- Adapt repositories and packages sources
echo -e "\n-- Updating repositories and packages sources"
if [[ "$OS" = "CentOs" ]]; then
#EPEL Repo Install
EPEL_BASE_URL="http://dl.fedoraproject.org/pub/epel/$VER/$ARCH";
if [[ "$VER" = "7" ]]; then
EPEL_FILE=$(wget -q -O- "$EPEL_BASE_URL/e/" | grep -oP '(?<=href=")epel-release.*(?=">)')
wget "$EPEL_BASE_URL/e/$EPEL_FILE"
else
EPEL_FILE=$(wget -q -O- "$EPEL_BASE_URL/" | grep -oP '(?<=href=")epel-release.*(?=">)')
wget "$EPEL_BASE_URL/$EPEL_FILE"
fi
$PACKAGE_INSTALLER -y install epel-release*.rpm
rm "$EPEL_FILE"
#To fix some problems of compatibility use of mirror centos.org to all users
#Replace all mirrors by base repos to avoid any problems.
sed -i 's|mirrorlist=http://mirrorlist.centos.org|#mirrorlist=http://mirrorlist.centos.org|' "/etc/yum.repos.d/CentOS-Base.repo"
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://mirror.centos.org|' "/etc/yum.repos.d/CentOS-Base.repo"
#check if the machine and on openvz
if [ -f "/etc/yum.repos.d/vz.repo" ]; then
sed -i "s|mirrorlist=http://vzdownload.swsoft.com/download/mirrors/centos-$VER|baseurl=http://vzdownload.swsoft.com/ez/packages/centos/$VER/$ARCH/os/|" "/etc/yum.repos.d/vz.repo"
sed -i "s|mirrorlist=http://vzdownload.swsoft.com/download/mirrors/updates-released-ce$VER|baseurl=http://vzdownload.swsoft.com/ez/packages/centos/$VER/$ARCH/updates/|" "/etc/yum.repos.d/vz.repo"
fi
#disable deposits that could result in installation errors
disablerepo() {
if [ -f "/etc/yum.repos.d/$1.repo" ]; then
sed -i 's/enabled=1/enabled=0/g' "/etc/yum.repos.d/$1.repo"
fi
}
disablerepo "elrepo"
disablerepo "epel-testing"
disablerepo "remi"
disablerepo "rpmforge"
disablerepo "rpmfusion-free-updates"
disablerepo "rpmfusion-free-updates-testing"
# We need to disable SELinux...
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
setenforce 0
# Stop conflicting services and iptables to ensure all services will work
service sendmail stop
chkconfig sendmail off
# disable firewall
if [[ "$VER" = "7" ]]; then
FIREWALL_SERVICE="firewalld"
else
FIREWALL_SERVICE="iptables"
fi
service "$FIREWALL_SERVICE" save
service "$FIREWALL_SERVICE" stop
chkconfig "$FIREWALL_SERVICE" off
# Removal of conflicting packages prior to Sentora installation.
if (inst bind-chroot) ; then
$PACKAGE_REMOVER bind-chroot
fi
if (inst qpid-cpp-client) ; then
$PACKAGE_REMOVER qpid-cpp-client
fi
elif [[ "$OS" = "Fedora" ]]; then
#EPEL Repo Install
dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
#To fix some problems of compatibility use of to all users
#Replace all mirrors by base repos to avoid any problems. metalink=http://mirrors.fedoraproject.org/metalink?repo=fedora-$VER&arch=$basearch
sed -i 's|metalink=http://mirrors.fedoraproject.org/metalink?repo=fedora-$VER&arch=$basearch|#metalink=http://mirrors.fedoraproject.org/metalink?repo=fedora-$VER&arch=$basearch|' "/etc/yum.repos.d/fedora.repo"
sed -i 's|#baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/os/|baseurl=http://download.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/os/|' "/etc/yum.repos.d/fedora.repo"
#check if the machine and on openvz
#I set the fedora 23 release for now. Only 1 repo available, so don't need to fix the mirroir. Just add the 24/25 when it will be available. Not tested on Fedora23 with OpenVZ
#if [[ "$VER" = "23" ]]; then
# if dnf repolist --all | grep vzdownload ; then
# dnf config-manager --add-repo http://vzdownload.swsoft.com/download/mirrors/fedora-$VER
# dnf config-manager --add-repo http://vzdownload.swsoft.com/download/mirrors/updates-released-f$VER
# fi
#fi
#disable deposits that could result in installation errors
disablerepo() {
if dnf repolist --all | grep $1 ; then
dnf config-manager --set-disabled $1
echo -e "-- Repo $1 has been disabled"
else
echo -e "-- Repo $1 not enabled"
fi
}
disablerepo "elrepo"
disablerepo "epel-testing"
disablerepo "remi"
disablerepo "rpmforge"
disablerepo "rpmfusion-free"
disablerepo "rpmfusion-free-updates"
disablerepo "rpmfusion-nonfree"
disablerepo "rpmfusion-nonfree-updates"
disablerepo "rpmfusion-free-updates-testing"
# Set it permissive for keep the log only...
sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config
setenforce 0
# Stop conflicting services and iptables to ensure all services will work
if systemctl status sendmail | grep inactive ; then
echo -e "-- Sendmain is inactive"
else
systemctl stop sendmail.service
systemctl disable sendmail.service
fi
FIREWALL_SERVICE="firewalld"
while true; do
read -e -p "Do you want to (D)isable the firewalld or doing the default (S)etup for Sentora (d/s)? " fic
case $fic in
[Dd]* )
systemctl stop "$FIREWALL_SERVICE"
systemctl disable "$FIREWALL_SERVICE"
break;;
[Ss]* )
# That setup in for the default setup for FedoraServer
firewall-cmd --permanent --zone=FedoraServer --add-service=http
firewall-cmd --permanent --zone=FedoraServer --add-service=https
firewall-cmd --permanent --zone=FedoraServer --add-service=pop3
firewall-cmd --permanent --zone=FedoraServer --add-service=imap
firewall-cmd --permanent --zone=FedoraServer --add-service=dns
firewall-cmd --permanent --zone=FedoraServer --add-service=smtp
firewall-cmd --permanent --zone=FedoraServer --add-service=ftp
firewall-cmd --reload
break;;
esac
done
# Removal of conflicting packages prior to Sentora installation.
if (inst bind-chroot) ; then
$PACKAGE_REMOVER bind-chroot
fi
if (inst qpid-cpp-client) ; then
$PACKAGE_REMOVER qpid-cpp-client
fi
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
# Update the enabled Aptitude repositories
echo -ne "\nUpdating Aptitude Repos: " >/dev/tty
mkdir -p "/etc/apt/sources.list.d.save"
cp -R "/etc/apt/sources.list.d/*" "/etc/apt/sources.list.d.save" &> /dev/null
rm -rf "/etc/apt/sources.list/*"
cp "/etc/apt/sources.list" "/etc/apt/sources.list.save"
if [[ "$VER" == "14.04" || "$VER" == "18.04" ]]; then
cat > /etc/apt/sources.list < /etc/apt/sources.list < /etc/apt/sources.list < /etc/apt/sources.list < /etc/hostname
# In file hosts
sed -i "/127.0.1.1[\t ]*$old_hostname/d" /etc/hosts
sed -i "s|$old_hostname|$PANEL_FQDN|" /etc/hosts
# For current session
hostname "$PANEL_FQDN"
# In network file
if [[ "$OS" = "CentOs" && "$VER" = "6" ]]; then
sed -i "s|^\(HOSTNAME=\).*\$|HOSTNAME=$PANEL_FQDN|" /etc/sysconfig/network
/etc/init.d/network restart
fi
#--- Some functions used many times below
# Random password generator function
passwordgen() {
l=$1
[ "$l" == "" ] && l=16
tr -dc A-Za-z0-9 < /dev/urandom | head -c ${l} | xargs
}
#Version checker function dor Mysql & PHP
versioncheck() {
echo "$@" | gawk -F. '{ printf("%03d%03d%03d\n", $1,$2,$3); }';
}
# Add first parameter in hosts file as local IP domain
add_local_domain() {
if ! grep -q "127.0.0.1 $1" /etc/hosts; then
echo "127.0.0.1 $1" >> /etc/hosts;
fi
}
#-----------------------------------------------------------
# Install all softwares and dependencies required by Sentora.
if [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
# Disable the DPKG prompts before we run the software install to enable fully automated install.
export DEBIAN_FRONTEND=noninteractive
fi
#--- MySQL
echo -e "\n-- Installing MySQL"
$PACKAGE_INSTALLER "$DB_PCKG"
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
$PACKAGE_INSTALLER "$DB_PCKG-devel" "$DB_PCKG-server"
MY_CNF_PATH="/etc/my.cnf"
if [[ "$VER" != "6" ]]; then
DB_SERVICE="mariadb"
else
DB_SERVICE="mysqld"
fi
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
$PACKAGE_INSTALLER bsdutils libsasl2-modules-sql libsasl2-modules
if [[ "$VER" = "12.04" || "$VER" = "7" ]]; then
$PACKAGE_INSTALLER db4.7-util
fi
if [[ "$VER" = "18.04" ]]; then
MY_CNF_PATH="/etc/mysql/mysql.cnf"
else
MY_CNF_PATH="/etc/mysql/my.cnf"
fi
DB_SERVICE="mysql"
fi
if [[ "$VER" = "18.04" || "$VER" = "8" ]]; then
systemctl start $DB_SERVICE
else
service $DB_SERVICE start
fi
mysqlversion=`mysql --version|awk '{ print $5 }'|awk -F\, '{ print $1 }'`
patchroot="0"
if [[ "$(versioncheck "$mysqlversion")" < "$(versioncheck "5.5.0")" ]]; then
echo -e "-- Your current Mysql Version installed is $mysqlversion."
echo -e "-- You don't need the user 'root' patch!"
elif [[ "$VER" = "18.04" ]]; then
patchroot="1"
else
while true; do
echo -e "Your current Mysql Version installed is $mysqlversion."
echo -e "In some case, MySQL don't let the 'root' connect through the PHP."
echo -e "This can block Sentora after a MySQL update or that installation may not works."
echo -e "Do you want to create a (S)entoradmin Super user to connect the MySQL through PHP?."
echo -e "Doing this patch may cause others bugs, because that mode is under Alpha phase."
read -e -p "Or do you want to keep the '(R)oot' user to connect to the Mysql database through PHP? (S/R)" msu
case $msu in
[Rr]* )
patchroot="0"
break;;
[Ss]* )
patchroot="1"
break;;
esac
done
fi
# setup mysql root password only if mysqlpassword is empty
if [ -z "$mysqlpassword" ]; then
mysqlpassword=$(passwordgen);
mysqladmin -u root password "$mysqlpassword"
fi
# Bug fix under some MySQL 5.7+ about the sql_mode for "NO_ZERO_IN_DATE,NO_ZERO_DATE"
# Need to be considere on the next .sql build query version.
if [[ "$VER" == "18.04" ]]; then
# sed '/\[mysqld]/a\sql_mode = "NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"' /etc/mysql/mysql.conf.d/mysqld.cnf
# sed 's/^\[mysqld\]/\[mysqld\]\sql_mode = "NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"/' /etc/mysql/mysql.conf.d/mysqld.cnf
if ! grep -q "sql_mode" /etc/mysql/mysql.conf.d/mysqld.cnf; then
echo "sql_mode = 'NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION'" >> /etc/mysql/mysql.conf.d/mysqld.cnf;
systemctl restart $DB_SERVICE
fi
fi
# Sentora Super User for MySQL 5.7+ (under Ubuntu)
if [[ "$patchroot" == "1" ]]; then
sentorapassword=$(passwordgen);
mysql -u root -p"$mysqlpassword" -e "CREATE USER 'sentoradmin'@'localhost' IDENTIFIED BY '$sentorapassword'";
mysql -u root -p"$mysqlpassword" -e "GRANT ALL PRIVILEGES ON * . * TO 'sentoradmin'@'localhost'";
mysql -u root -p"$mysqlpassword" -e "GRANT PROXY ON ''@'%' TO 'sentoradmin'@'localhost' WITH GRANT OPTION";
fi
# small cleaning of mysql access
mysql -u root -p"$mysqlpassword" -e "DELETE FROM mysql.user WHERE User='root' AND Host != 'localhost'";
mysql -u root -p"$mysqlpassword" -e "DELETE FROM mysql.user WHERE User=''";
mysql -u root -p"$mysqlpassword" -e "FLUSH PRIVILEGES";
# remove test table that is no longer used
mysql -u root -p"$mysqlpassword" -e "DROP DATABASE IF EXISTS test";
# secure SELECT "hacker-code" INTO OUTFILE
sed -i "s|\[mysqld\]|&\nsecure-file-priv = /var/tmp|" $MY_CNF_PATH
# setup sentora access and core database
if [ $PANEL_UPGRADE == true ]; then
mysql -u root -p"$mysqlpassword" < $PANEL_CONF/sentora-update/zpanel/sql/update-structure.sql
mysql -u root -p"$mysqlpassword" < $PANEL_CONF/sentora-update/zpanel/sql/update-data.sql
mysqldump -u root -p"$mysqlpassword" zpanel_core | mysql -u root -p"$mysqlpassword" -D sentora_core
mysqldump -u root -p"$mysqlpassword" zpanel_postfix | mysql -u root -p"$mysqlpassword" -D sentora_postfix
mysqldump -u root -p"$mysqlpassword" zpanel_proftpd | mysql -u root -p"$mysqlpassword" -D sentora_proftpd
mysqldump -u root -p"$mysqlpassword" zpanel_roundcube | mysql -u root -p"$mysqlpassword" -D sentora_roundcube
sed -i "s|zpanel_core|sentora_core|" $PANEL_PATH/panel/cnf/db.php
else
if [[ "$patchroot" == "1" ]]; then
sed -i "s|root|sentoradmin|" $PANEL_PATH/panel/cnf/db.php
sed -i "s|YOUR_ROOT_MYSQL_PASSWORD|$sentorapassword|" $PANEL_PATH/panel/cnf/db.php
mysql -u sentoradmin -p"$sentorapassword" < $PANEL_CONF/sentora-install/sql/sentora_core.sql
else
sed -i "s|YOUR_ROOT_MYSQL_PASSWORD|$mysqlpassword|" $PANEL_PATH/panel/cnf/db.php
mysql -u root -p"$mysqlpassword" < $PANEL_CONF/sentora-install/sql/sentora_core.sql
fi
fi
# Register mysql/mariadb service for autostart
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
if [[ "$VER" != "6" ]]; then
systemctl enable "$DB_SERVICE".service
else
chkconfig "$DB_SERVICE" on
fi
fi
#--- Postfix
echo -e "\n-- Installing Postfix"
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
$PACKAGE_INSTALLER postfix postfix-perl-scripts
if [[ "$OS" = "Fedora" ]]; then
$PACKAGE_INSTALLER postfix-mysql
fi
USR_LIB_PATH="/usr/libexec"
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
$PACKAGE_INSTALLER postfix postfix-mysql
USR_LIB_PATH="/usr/lib"
fi
postfixpassword=$(passwordgen);
if [ $PANEL_UPGRADE == false ]; then
mysql -u root -p"$mysqlpassword" < $PANEL_CONF/sentora-install/sql/sentora_postfix.sql
fi
## grant will also create users which don't exist and update existing users with password ##
mysql -u root -p"$mysqlpassword" -e "GRANT ALL PRIVILEGES ON sentora_postfix .* TO 'postfix'@'localhost' identified by '$postfixpassword';";
mkdir $PANEL_DATA/vmail
useradd -r -g mail -d $PANEL_DATA/vmail -s /sbin/nologin -c "Virtual maildir" vmail
chown -R vmail:mail $PANEL_DATA/vmail
chmod -R 770 $PANEL_DATA/vmail
mkdir -p /var/spool/vacation
useradd -r -d /var/spool/vacation -s /sbin/nologin -c "Virtual vacation" vacation
chown -R vacation:vacation /var/spool/vacation
chmod -R 770 /var/spool/vacation
#Removed optional transport that was leaved empty, until it is fully handled.
#ln -s $PANEL_CONF/postfix/transport /etc/postfix/transport
#postmap /etc/postfix/transport
add_local_domain "$PANEL_FQDN"
add_local_domain "autoreply.$PANEL_FQDN"
rm -rf /etc/postfix/main.cf /etc/postfix/master.cf
ln -s $PANEL_CONF/postfix/master.cf /etc/postfix/master.cf
ln -s $PANEL_CONF/postfix/main.cf /etc/postfix/main.cf
ln -s $PANEL_CONF/postfix/vacation.pl /var/spool/vacation/vacation.pl
sed -i "s|!POSTFIX_PASSWORD!|$postfixpassword|" $PANEL_CONF/postfix/*.cf
sed -i "s|!POSTFIX_PASSWORD!|$postfixpassword|" $PANEL_CONF/postfix/vacation.conf
sed -i "s|!PANEL_FQDN!|$PANEL_FQDN|" $PANEL_CONF/postfix/main.cf
sed -i "s|!USR_LIB!|$USR_LIB_PATH|" $PANEL_CONF/postfix/master.cf
sed -i "s|!USR_LIB!|$USR_LIB_PATH|" $PANEL_CONF/postfix/main.cf
sed -i "s|!SERVER_IP!|$PUBLIC_IP|" $PANEL_CONF/postfix/main.cf
VMAIL_UID=$(id -u vmail)
MAIL_GID=$(sed -nr "s/^mail:x:([0-9]+):.*/\1/p" /etc/group)
sed -i "s|!POS_UID!|$VMAIL_UID|" $PANEL_CONF/postfix/main.cf
sed -i "s|!POS_GID!|$MAIL_GID|" $PANEL_CONF/postfix/main.cf
# remove unusued directives that issue warnings
sed -i '/virtual_mailbox_limit_maps/d' $PANEL_CONF/postfix/main.cf
sed -i '/smtpd_bind_address/d' $PANEL_CONF/postfix/master.cf
# Register postfix service for autostart (it is automatically started)
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
if [[ "$VER" != "6" ]]; then
systemctl enable postfix.service
# systemctl start postfix.service
else
chkconfig postfix on
# /etc/init.d/postfix start
fi
fi
#--- Dovecot (includes Sieve)
echo -e "\n-- Installing Dovecot"
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
$PACKAGE_INSTALLER dovecot dovecot-mysql dovecot-pigeonhole
sed -i "s|#first_valid_uid = ?|first_valid_uid = $VMAIL_UID\n#last_valid_uid = $VMAIL_UID\n\nfirst_valid_gid = $MAIL_GID\n#last_valid_gid = $MAIL_GID|" $PANEL_CONF/dovecot2/dovecot.conf
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
$PACKAGE_INSTALLER dovecot-mysql dovecot-imapd dovecot-pop3d dovecot-common dovecot-managesieved dovecot-lmtpd
sed -i "s|#first_valid_uid = ?|first_valid_uid = $VMAIL_UID\nlast_valid_uid = $VMAIL_UID\n\nfirst_valid_gid = $MAIL_GID\nlast_valid_gid = $MAIL_GID|" $PANEL_CONF/dovecot2/dovecot.conf
fi
mkdir -p $PANEL_DATA/sieve
chown -R vmail:mail $PANEL_DATA/sieve
mkdir -p /var/lib/dovecot/sieve/
touch /var/lib/dovecot/sieve/default.sieve
ln -s $PANEL_CONF/dovecot2/globalfilter.sieve $PANEL_DATA/sieve/globalfilter.sieve
rm -rf /etc/dovecot/dovecot.conf
ln -s $PANEL_CONF/dovecot2/dovecot.conf /etc/dovecot/dovecot.conf
sed -i "s|!POSTMASTER_EMAIL!|postmaster@$PANEL_FQDN|" $PANEL_CONF/dovecot2/dovecot.conf
sed -i "s|!POSTFIX_PASSWORD!|$postfixpassword|" $PANEL_CONF/dovecot2/dovecot-dict-quota.conf
sed -i "s|!POSTFIX_PASSWORD!|$postfixpassword|" $PANEL_CONF/dovecot2/dovecot-mysql.conf
sed -i "s|!DOV_UID!|$VMAIL_UID|" $PANEL_CONF/dovecot2/dovecot-mysql.conf
sed -i "s|!DOV_GID!|$MAIL_GID|" $PANEL_CONF/dovecot2/dovecot-mysql.conf
touch /var/log/dovecot.log /var/log/dovecot-info.log /var/log/dovecot-debug.log
chown vmail:mail /var/log/dovecot*
chmod 660 /var/log/dovecot*
# Register dovecot service for autostart and start it
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
if [[ "$VER" != "6" ]]; then
systemctl enable dovecot.service
systemctl start dovecot.service
else
chkconfig dovecot on
/etc/init.d/dovecot start
fi
fi
#--- Apache server
echo -e "\n-- Installing and configuring Apache"
$PACKAGE_INSTALLER "$HTTP_PCKG"
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
$PACKAGE_INSTALLER "$HTTP_PCKG-devel"
HTTP_CONF_PATH="/etc/httpd/conf/httpd.conf"
HTTP_VARS_PATH="/etc/sysconfig/httpd"
HTTP_SERVICE="httpd"
HTTP_USER="apache"
HTTP_GROUP="apache"
if [[ "$VER" != "6" ]]; then
# Disable extra modules in centos 7 & Fedora
disable_file /etc/httpd/conf.modules.d/01-cgi.conf
disable_file /etc/httpd/conf.modules.d/00-lua.conf
disable_file /etc/httpd/conf.modules.d/00-dav.conf
else
disable_file /etc/httpd/conf.d/welcome.conf
disable_file /etc/httpd/conf.d/webalizer.conf
# Disable more extra modules in centos 6.x /etc/httpd/httpd.conf dav/ldap/cgi/proxy_ajp
sed -i "s|LoadModule suexec_module modules|#LoadModule suexec_module modules|" "$HTTP_CONF_PATH"
sed -i "s|LoadModule cgi_module modules|#LoadModule cgi_module modules|" "$HTTP_CONF_PATH"
sed -i "s|LoadModule dav_module modules|#LoadModule dav_module modules|" "$HTTP_CONF_PATH"
sed -i "s|LoadModule dav_fs_module modules|#LoadModule dav_fs_module modules|" "$HTTP_CONF_PATH"
sed -i "s|LoadModule proxy_ajp_module modules|#LoadModule proxy_ajp_module modules|" "$HTTP_CONF_PATH"
fi
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
$PACKAGE_INSTALLER libapache2-mod-bw
HTTP_CONF_PATH="/etc/apache2/apache2.conf"
HTTP_VARS_PATH="/etc/apache2/envvars"
HTTP_SERVICE="apache2"
HTTP_USER="www-data"
HTTP_GROUP="www-data"
a2enmod rewrite
fi
if ! grep -q "Include $PANEL_CONF/apache/httpd.conf" "$HTTP_CONF_PATH"; then
echo "Include $PANEL_CONF/apache/httpd.conf" >> "$HTTP_CONF_PATH";
## Remove old include
if [ $PANEL_UPGRADE == true ]; then
sed -i "s|Include /etc/zpanel/configs/apache/httpd.conf||" "$HTTP_CONF_PATH";
fi
fi
add_local_domain "$(hostname)"
if ! grep -q "apache ALL=NOPASSWD: $PANEL_PATH/panel/bin/zsudo" /etc/sudoers; then
echo "apache ALL=NOPASSWD: $PANEL_PATH/panel/bin/zsudo" >> /etc/sudoers;
fi
# Create root directory for public HTTP docs
mkdir -p $PANEL_DATA/hostdata/zadmin/public_html
chown -R $HTTP_USER:$HTTP_GROUP $PANEL_DATA/hostdata/
chmod -R 770 $PANEL_DATA/hostdata/
mysql -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$HTTP_SERVICE' WHERE so_name_vc='httpd_exe'"
mysql -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$HTTP_SERVICE' WHERE so_name_vc='apache_sn'"
#Set keepalive on (default is off)
sed -i "s|KeepAlive Off|KeepAlive On|" "$HTTP_CONF_PATH"
# Permissions fix for Apache and ProFTPD (to enable them to play nicely together!)
if ! grep -q "umask 002" "$HTTP_VARS_PATH"; then
echo "umask 002" >> "$HTTP_VARS_PATH";
fi
# remove default virtual site to ensure Sentora is the default vhost
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
sed -i "s|DocumentRoot \"/var/www/html\"|DocumentRoot $PANEL_PATH/panel|" "$HTTP_CONF_PATH"
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
# disable completely sites-enabled/000-default.conf
if [[ "$VER" != "12.04" || "$VER" = "8" ]]; then
sed -i "s|IncludeOptional sites-enabled|#&|" "$HTTP_CONF_PATH"
else
sed -i "s|Include sites-enabled|#&|" "$HTTP_CONF_PATH"
fi
fi
# Comment "NameVirtualHost" and Listen directives that are handled in vhosts file
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
sed -i "s|^\(NameVirtualHost .*$\)|#\1\n# NameVirtualHost is now handled in Sentora vhosts file|" "$HTTP_CONF_PATH"
sed -i 's|^\(Listen .*$\)|#\1\n# Listen is now handled in Sentora vhosts file|' "$HTTP_CONF_PATH"
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
sed -i "s|\(Include ports.conf\)|#\1\n# Ports are now handled in Sentora vhosts file|" "$HTTP_CONF_PATH"
disable_file /etc/apache2/ports.conf
fi
# adjustments for apache 2.4
if [[ ("$OS" = "CentOs" && "$VER" = "7") ||
("$OS" = "Fedora") ||
("$OS" = "Ubuntu" && "$VER" != "12.04") ||
("$OS" = "debian" && "$VER" = "8") ]] ; then
# Order deny,allow / Deny from all -> Require all denied
sed -i 's|Order deny,allow|Require all denied|I' $PANEL_CONF/apache/httpd.conf
sed -i '/Deny from all/d' $PANEL_CONF/apache/httpd.conf
# Order allow,deny / Allow from all -> Require all granted
sed -i 's|Order allow,deny|Require all granted|I' $PANEL_CONF/apache/httpd-vhosts.conf
sed -i '/Allow from all/d' $PANEL_CONF/apache/httpd-vhosts.conf
sed -i 's|Order allow,deny|Require all granted|I' $PANEL_PATH/panel/modules/apache_admin/hooks/OnDaemonRun.hook.php
sed -i '/Allow from all/d' $PANEL_PATH/panel/modules/apache_admin/hooks/OnDaemonRun.hook.php
# Remove NameVirtualHost that is now without effect and generate warning
sed -i '/NameVirtualHost/{N;d}' $PANEL_CONF/apache/httpd-vhosts.conf
sed -i '/# NameVirtualHost is/ {N;N;N;N;N;d}' $PANEL_PATH/panel/modules/apache_admin/hooks/OnDaemonRun.hook.php
# Options must have ALL (or none) +/- prefix, disable listing directories
sed -i 's| FollowSymLinks [-]Indexes| +FollowSymLinks -Indexes|' $PANEL_PATH/panel/modules/apache_admin/hooks/OnDaemonRun.hook.php
fi
#--- PHP
echo -e "\n-- Installing and configuring PHP"
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
if [[ "$VER" < "25" ]]; then
$PACKAGE_INSTALLER php php-devel php-gd php-mbstring php-intl php-mysql php-xml php-xmlrpc
else
$PACKAGE_INSTALLER php php-devel php-gd php-mbstring php-intl php-mysqlnd php-xml php-xmlrpc
fi
$PACKAGE_INSTALLER php-mcrypt php-imap #Epel packages
PHP_INI_PATH="/etc/php.ini"
PHP_EXT_PATH="/etc/php.d"
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
if [[ "$VER" == "18.04" ]]; then
$PACKAGE_INSTALLER php5.6 libapache2-mod-php5.6 php5.6-mcrypt php5.6-mbstring php5.6-curl php5.6-cli php5.6-mysql php5.6-gd php5.6-intl php5.6-xsl php5.6-soap php5.6-dom php5.6-json php5.6-common php5.6-readline php5.6-dev php5.6-fpm php5.6-zip
else
$PACKAGE_INSTALLER libapache2-mod-php5 php5-common php5-cli php5-mysql php5-gd php5-mcrypt php5-curl php-pear php5-imap php5-xmlrpc php5-xsl php5-intl
fi
if [[ "$VER" == "14.04" ]]; then
php5enmod mcrypt # missing in the package for Ubuntu 14, is this needed for debian 8 as well?
elif [[ "$VER" == "12.04" || "$VER" == "7" ]]; then
$PACKAGE_INSTALLER php5-suhosin
fi
if [[ "$VER" == "18.04" ]]; then
PHP_INI_PATH="/etc/php/5.6/apache2/php.ini"
PHP_EXT_PATH="/etc/php/5.6/mods-available/"
PHP_EXT_LINK="/etc/php/5.6/apache2/conf.d"
else
PHP_INI_PATH="/etc/php5/apache2/php.ini"
fi
fi
# Setup php upload dir
mkdir -p $PANEL_DATA/temp
chmod 1777 $PANEL_DATA/temp/
chown -R $HTTP_USER:$HTTP_GROUP $PANEL_DATA/temp/
# Setup php session save directory
mkdir "$PANEL_DATA/sessions"
chown $HTTP_USER:$HTTP_GROUP "$PANEL_DATA/sessions"
chmod 733 "$PANEL_DATA/sessions"
chmod +t "$PANEL_DATA/sessions"
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
# Remove session & php values from apache that cause override
sed -i "/php_value/d" /etc/httpd/conf.d/php.conf
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
sed -i "s|;session.save_path = \"/var/lib/php5\"|session.save_path = \"$PANEL_DATA/sessions\"|" $PHP_INI_PATH
fi
sed -i "/php_value/d" $PHP_INI_PATH
echo "session.save_path = $PANEL_DATA/sessions;">> $PHP_INI_PATH
# setup timezone and upload temp dir
sed -i "s|;date.timezone =|date.timezone = $tz|" $PHP_INI_PATH
sed -i "s|;upload_tmp_dir =|upload_tmp_dir = $PANEL_DATA/temp/|" $PHP_INI_PATH
# Check the php version installed on the OS.
# phpver=php -v |grep -Eow '^PHP [^ ]+' |gawk '{ print $2 }'
phpver=`php -r 'echo PHP_VERSION;'`
echo -e "\n-- Your current php Version installed is $phpver"
# Disable php signature in headers to hide it from hackers
sed -i "s|expose_php = On|expose_php = Off|" $PHP_INI_PATH
# Build suhosin for PHP 5.x which is required by Sentora.
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" || "$OS" = "debian" || ( "$OS" = "Ubuntu" && "$VER" != "12.04") ]] ; then
echo -e "\n# Building suhosin"
if [[ ("$OS" = "Ubuntu" && "$VER" != "18.04") || "$OS" = "debian" ]]; then
$PACKAGE_INSTALLER php5-dev
fi
while true; do
if [[ "$(versioncheck "$phpver")" < "$(versioncheck "5.6")" ]]; then
read -e -p "Do you want to install Suhosin from the Sentora (O)riginal version or the (l)ast stable version? (O/L)" suh
else
echo -e "-- Your current php Version installed is $phpver."
echo -e "-- Suhosin doesn't support the $phpver version."
echo -e "-- You can install Suhosin7 with php $phpver support."
echo -e "-- WARNING: Suhosin7 IS PRE-ALPHA SOFTWARE. DO NOT ATTEMPT TO RUN IN PRODUCTION."
read -e -p "Do you want to install Suhosin, Sentora (O)riginal, the (L)ast stable version or Suhosin7 Pre-(A)lpha for php 7.x? (O/L/A)" suh
fi
case $suh in
[Oo]* )
SUHOSIN_VERSION="0.9.37.1"
wget -nv -O suhosin.zip https://github.com/stefanesser/suhosin/archive/$SUHOSIN_VERSION.zip
break;;
[Ll]* )
SUHOSIN_VERSION="0.9.38"
wget -nv -O suhosin.zip https://github.com/sektioneins/suhosin/archive/$SUHOSIN_VERSION.zip
break;;
[Aa]* )
SUHOSIN_VERSION="master"
wget -nv -O suhosin.zip https://github.com/sektioneins/suhosin7/archive/$SUHOSIN_VERSION.zip
break;;
esac
done
unzip -q suhosin.zip
rm -f suhosin.zip
if [[ "$SUHOSIN_VERSION" = "master" ]]; then
cd suhosin7-$SUHOSIN_VERSION
else
cd suhosin-$SUHOSIN_VERSION
fi
phpize &> /dev/null
./configure &> /dev/null
make &> /dev/null
make install
cd ..
if [[ "$SUHOSIN_VERSION" = "master" ]]; then
rm -rf suhosin7-$SUHOSIN_VERSION
else
rm -rf suhosin-$SUHOSIN_VERSION
fi
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
if [[ "$SUHOSIN_VERSION" = "master" ]]; then
echo 'extension=suhosin7.so' > $PHP_EXT_PATH/suhosin.ini
else
echo 'extension=suhosin.so' > $PHP_EXT_PATH/suhosin.ini
fi
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
if [[ "$SUHOSIN_VERSION" = "master" ]]; then
sed -i 'N;/default extension directory./a\extension=suhosin7.so' $PHP_INI_PATH
else
sed -i 'N;/default extension directory./a\extension=suhosin.so' $PHP_INI_PATH
fi
fi
fi
# Register apache(+php) service for autostart and start it
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
if [[ "$VER" != "6" ]]; then
systemctl enable "$HTTP_SERVICE.service"
systemctl start "$HTTP_SERVICE.service"
else
chkconfig "$HTTP_SERVICE" on
"/etc/init.d/$HTTP_SERVICE" start
fi
fi
#--- ProFTPd
echo -e "\n-- Installing ProFTPD"
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
$PACKAGE_INSTALLER proftpd proftpd-mysql
FTP_CONF_PATH='/etc/proftpd.conf'
sed -i "s|nogroup|nobody|" $PANEL_CONF/proftpd/proftpd-mysql.conf
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
$PACKAGE_INSTALLER proftpd-mod-mysql
FTP_CONF_PATH='/etc/proftpd/proftpd.conf'
fi
# Create and init proftpd database
if [ $PANEL_UPGRADE == false ]; then
mysql -u root -p"$mysqlpassword" < $PANEL_CONF/sentora-install/sql/sentora_proftpd.sql
fi
# Create and configure mysql password for proftpd
proftpdpassword=$(passwordgen);
sed -i "s|!SQL_PASSWORD!|$proftpdpassword|" $PANEL_CONF/proftpd/proftpd-mysql.conf
mysql -u root -p"$mysqlpassword" -e "GRANT ALL PRIVILEGES ON sentora_proftpd .* TO 'proftpd'@'localhost' identified by '$proftpdpassword';";
# Assign httpd user and group to all users that will be created
HTTP_UID=$(id -u "$HTTP_USER")
HTTP_GID=$(sed -nr "s/^$HTTP_GROUP:x:([0-9]+):.*/\1/p" /etc/group)
mysql -u root -p"$mysqlpassword" -e "ALTER TABLE sentora_proftpd.ftpuser ALTER COLUMN uid SET DEFAULT $HTTP_UID"
mysql -u root -p"$mysqlpassword" -e "ALTER TABLE sentora_proftpd.ftpuser ALTER COLUMN gid SET DEFAULT $HTTP_GID"
sed -i "s|!SQL_MIN_ID!|$HTTP_UID|" $PANEL_CONF/proftpd/proftpd-mysql.conf
# Setup proftpd base file to call sentora config
rm -f "$FTP_CONF_PATH"
#touch "$FTP_CONF_PATH"
#echo "include $PANEL_CONF/proftpd/proftpd-mysql.conf" >> "$FTP_CONF_PATH";
ln -s "$PANEL_CONF/proftpd/proftpd-mysql.conf" "$FTP_CONF_PATH"
# setup proftpd log dir
mkdir -p $PANEL_DATA/logs/proftpd
chmod -R 644 $PANEL_DATA/logs/proftpd
# Correct bug from package in Ubutu which screw service proftpd restart
# see https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1246245
if [[ "$OS" = "Ubuntu" && "$VER" == "14.04" ]]; then
sed -i 's|\([ \t]*start-stop-daemon --stop --signal $SIGNAL \)\(--quiet --pidfile "$PIDFILE"\)$|\1--retry 1 \2|' /etc/init.d/proftpd
elif [[ "$OS" = "Ubuntu" && "$VER" == "18.04" ]]; then
systemctl start proftpd.service
systemctl start proftpd.service
fi
# Register proftpd service for autostart and start it
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
if [[ "$VER" != "6" ]]; then
systemctl enable proftpd.service
systemctl start proftpd.service
else
chkconfig proftpd on
/etc/init.d/proftpd start
fi
fi
#--- BIND
echo -e "\n-- Installing and configuring Bind"
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
$PACKAGE_INSTALLER bind bind-utils bind-libs
BIND_PATH="/etc/named/"
BIND_FILES="/etc"
BIND_SERVICE="named"
BIND_USER="named"
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
$PACKAGE_INSTALLER bind9 bind9utils
BIND_PATH="/etc/bind/"
BIND_FILES="/etc/bind"
BIND_SERVICE="bind9"
BIND_USER="bind"
mysql -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='' WHERE so_name_vc='bind_log'"
fi
mysql -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$BIND_PATH' WHERE so_name_vc='bind_dir'"
mysql -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$BIND_SERVICE' WHERE so_name_vc='bind_service'"
chmod -R 777 $PANEL_CONF/bind/zones/
# Setup logging directory
mkdir $PANEL_DATA/logs/bind
touch $PANEL_DATA/logs/bind/bind.log $PANEL_DATA/logs/bind/debug.log
chown $BIND_USER $PANEL_DATA/logs/bind/bind.log $PANEL_DATA/logs/bind/debug.log
chmod 660 $PANEL_DATA/logs/bind/bind.log $PANEL_DATA/logs/bind/debug.log
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
chmod 751 /var/named
chmod 771 /var/named/data
sed -i 's|bind/zones.rfc1918|named.rfc1912.zones|' $PANEL_CONF/bind/named.conf
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
mkdir -p /var/named/dynamic
touch /var/named/dynamic/managed-keys.bind
chown -R bind:bind /var/named/
chmod -R 777 $PANEL_CONF/bind/etc
chown root:root $BIND_FILES/rndc.key
chmod 755 $BIND_FILES/rndc.key
fi
# Some link to enable call from path
ln -s /usr/sbin/named-checkconf /usr/bin/named-checkconf
ln -s /usr/sbin/named-checkzone /usr/bin/named-checkzone
ln -s /usr/sbin/named-compilezone /usr/bin/named-compilezone
# Setup acl IP to forbid zone transfer
sed -i "s|!SERVER_IP!|$PUBLIC_IP|" $PANEL_CONF/bind/named.conf
# Build key and conf files
rm -rf $BIND_FILES/named.conf $BIND_FILES/rndc.conf $BIND_FILES/rndc.key
rndc-confgen -a -r /dev/urandom
cat $BIND_FILES/rndc.key $PANEL_CONF/bind/named.conf > $BIND_FILES/named.conf
cat $BIND_FILES/rndc.key $PANEL_CONF/bind/rndc.conf > $BIND_FILES/rndc.conf
rm -f $BIND_FILES/rndc.key
# Register Bind service for autostart and start it
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
if [[ "$VER" != "6" ]]; then
systemctl enable named.service
systemctl start named.service
else
chkconfig named on
/etc/init.d/named start
fi
fi
#--- CRON and ATD
echo -e "\n-- Installing and configuring cron tasks"
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
#cronie & crontabs may be missing
$PACKAGE_INSTALLER cronie crontabs
CRON_DIR="/var/spool/cron"
CRON_SERVICE="crond"
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
$PACKAGE_INSTALLER cron
CRON_DIR="/var/spool/cron/crontabs"
CRON_SERVICE="cron"
fi
CRON_USER="$HTTP_USER"
# prepare daemon crontab
# sed -i "s|!USER!|$CRON_USER|" "$PANEL_CONF/cron/zdaemon" #it screw update search!#
sed -i "s|!USER!|root|" "$PANEL_CONF/cron/zdaemon"
cp "$PANEL_CONF/cron/zdaemon" /etc/cron.d/zdaemon
chmod 644 /etc/cron.d/zdaemon
# prepare user crontabs
CRON_FILE="$CRON_DIR/$CRON_USER"
mysql -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$CRON_FILE' WHERE so_name_vc='cron_file'"
mysql -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$CRON_FILE' WHERE so_name_vc='cron_reload_path'"
mysql -u root -p"$mysqlpassword" -e "UPDATE sentora_core.x_settings SET so_value_tx='$CRON_USER' WHERE so_name_vc='cron_reload_user'"
{
echo "SHELL=/bin/bash"
echo "PATH=/sbin:/bin:/usr/sbin:/usr/bin"
echo ""
} > mycron
crontab -u $HTTP_USER mycron
rm -f mycron
chmod 744 "$CRON_DIR"
chown -R $HTTP_USER:$HTTP_USER "$CRON_DIR"
chmod 644 "$CRON_FILE"
# Register cron and atd services for autostart and start them
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
if [[ "$VER" != "6" ]]; then
systemctl enable crond.service
systemctl start crond.service
systemctl start atd.service
else
chkconfig crond on
/etc/init.d/crond start
/etc/init.d/atd start
fi
fi
while true; do
read -e -p "Do you want to update phpMyAdmin and/or Roundcube to a newer version? In this case you need to install Composer. (Y/N)" comp
case $comp in
[Yy]* )
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
$PACKAGE_INSTALLER composer
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
if [[ "$VER" != "18.04" ]]; then
$PACKAGE_INSTALLER php5.6-cli
fi
$PACKAGE_INSTALLER curl git
curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/local/bin --filename=composer
fi
update_apps="1"
break;;
[Nn]* )
update_apps="0"
break;;
esac
done
#--- phpMyAdmin
echo -e "\n-- Configuring phpMyAdmin"
phpmyadminsecret=$(passwordgen 48);
if [[ "$update_apps" == "1" ]]; then
if [[ "$(versioncheck "$phpver")" < "$(versioncheck "5.5.0")" ]]; then
echo -e "\n-- Your current php Version installed is $phpver, you can't upgrade phpMyAdmin to the last stable version. You need php 5.5+ for upgrade."
else
while true; do
read -e -p "Do you want to keep the (O)riginal phpMyAdmin from Sentora or (U)pdate to the last stable version ? (O/U)" pma
case $pma in
[Uu]* )
PHPMYADMIN_VERSION="STABLE"
cd $PANEL_PATH/panel/etc/apps/
wget -nv -O phpmyadmin.zip https://github.com/phpmyadmin/phpmyadmin/archive/$PHPMYADMIN_VERSION.zip
unzip -q phpmyadmin.zip
mv phpmyadmin phpmyadmin.old
mv phpmyadmin-$PHPMYADMIN_VERSION phpmyadmin
cd phpmyadmin
sed -i "s/memory_limit = .*/memory_limit = 512M/" $PHP_INI_PATH
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
echo 'suhosin.executor.include.whitelist = phar' >> $PHP_EXT_PATH/suhosin.ini
systemctl restart $HTTP_SERVICE
fi
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('SHA384', 'composer-setup.php') === '669656bab3166a7aff8a7506b8cb2d1c292f042046c5a994c43155c0be6190fa0355160742ab2e1c88d40d5be660b410') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
composer update --no-dev
cd $PANEL_PATH/panel/etc/apps/
chmod -R 755 phpmyadmin
chown -R $HTTP_USER:$HTTP_USER phpmyadmin
rm -rf phpmyadmin.zip
rm -rf phpmyadmin.old
break;;
[oO]* )
break;;
esac
done
fi
fi
chmod 644 $PANEL_CONF/phpmyadmin/config.inc.php
sed -i "s|\$cfg\['blowfish_secret'\] \= 'SENTORA';|\$cfg\['blowfish_secret'\] \= '$phpmyadminsecret';|" $PANEL_CONF/phpmyadmin/config.inc.php
ln -s $PANEL_CONF/phpmyadmin/config.inc.php $PANEL_PATH/panel/etc/apps/phpmyadmin/config.inc.php
# Remove phpMyAdmin's setup folder in case it was left behind
rm -rf $PANEL_PATH/panel/etc/apps/phpmyadmin/setup
#--- Roundcube
echo -e "\n-- Configuring Roundcube"
# Import roundcube default table
if [ $PANEL_UPGRADE == false ]; then
mysql -u root -p"$mysqlpassword" < $PANEL_CONF/sentora-install/sql/sentora_roundcube.sql
fi
# Create and configure mysql password for roundcube
roundcubepassword=$(passwordgen);
sed -i "s|!ROUNDCUBE_PASSWORD!|$roundcubepassword|" $PANEL_CONF/roundcube/roundcube_config.inc.php
mysql -u root -p"$mysqlpassword" -e "GRANT ALL PRIVILEGES ON sentora_roundcube .* TO 'roundcube'@'localhost' identified by '$roundcubepassword';";
# Create and configure des key
roundcube_des_key=$(passwordgen 24);
sed -i "s|!ROUNDCUBE_DESKEY!|$roundcube_des_key|" $PANEL_CONF/roundcube/roundcube_config.inc.php
# Create and configure specials directories and rights
chown "$HTTP_USER:$HTTP_GROUP" "$PANEL_PATH/panel/etc/apps/webmail/temp"
mkdir "$PANEL_DATA/logs/roundcube"
chown "$HTTP_USER:$HTTP_GROUP" "$PANEL_DATA/logs/roundcube"
# Map config file in roundcube with symbolic links
ln -s $PANEL_CONF/roundcube/roundcube_config.inc.php $PANEL_PATH/panel/etc/apps/webmail/config/config.inc.php
ln -s $PANEL_CONF/roundcube/sieve_config.inc.php $PANEL_PATH/panel/etc/apps/webmail/plugins/managesieve/config.inc.php
if [[ "$update_apps" == "1" ]]; then
if [[ "$(versioncheck "$phpver")" < "$(versioncheck "5.5.0")" ]]; then
echo -e "\n-- Your current php Version installed is $phpver, you can't upgrade RoundCube to the version 1.2.x. You need php 5.5+ for upgrade."
else
while true; do
read -e -p "Do you want to keep the (O)riginal RoundCube 1.0.4 from Sentora or (U)pdate to the version 1.2.x Compatible php 7? (O/U) " roc
case $roc in
[uU]* )
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
$PACKAGE_INSTALLER php-pear php-pear-Net-IDNA2 php-pear-Mail-mimeDecode php-pear-Net-SMTP
fi
ROUNDCUBE_VERSION="release-1.2"
cd $PANEL_PATH/panel/etc/apps/
wget -nv -O roundcube.zip https://github.com/roundcube/roundcubemail/archive/$ROUNDCUBE_VERSION.zip
unzip -q roundcube.zip
mv webmail webmail.old
mv roundcubemail-$ROUNDCUBE_VERSION webmail
cd webmail
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
echo 'suhosin.session.encrypt=disabled' >> $PHP_EXT_PATH/suhosin.ini
elif [[ "$OS" = "Ubuntu" && "$VER" = "18.04" ]]; then
echo 'suhosin.session.encrypt=disabled' >> $PHP_EXT_PATH/suhosin.ini
ln -s $PHP_EXT_PATH/suhosin.ini $PHP_EXT_LINK/suhosin.ini
fi
if [[ "$VER" = "14.04" ]]; then
service $HTTP_SERVICE restart
else
systemctl restart $HTTP_SERVICE
fi
mv composer.json-dist composer.json
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('SHA384', 'composer-setup.php') === '669656bab3166a7aff8a7506b8cb2d1c292f042046c5a994c43155c0be6190fa0355160742ab2e1c88d40d5be660b410') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
php composer.phar install --no-dev
ln -s $PANEL_CONF/roundcube/roundcube_config.inc.php $PANEL_PATH/panel/etc/apps/webmail/config/config.inc.php
ln -s $PANEL_CONF/roundcube/sieve_config.inc.php $PANEL_PATH/panel/etc/apps/webmail/plugins/managesieve/config.inc.php
./bin/update.sh
cd $PANEL_PATH/panel/etc/apps/
chmod -R 755 webmail
chown -R $HTTP_USER:$HTTP_USER webmail
rm -rf roundcube.zip
rm -rf webmail.old
break;;
[oO]* )
break;;
esac
done
fi
fi
#-- Ask about update phpsysinfo
echo -e "\n-- Configuring phpSysInfo"
while true; do
read -e -p "Do you want to keep the (O)riginal phpSysInfo 3.2.4 from Sentora or (U)pdate to the last stable version ? (O/U)" psi
case $psi in
[uU]* )
PHPSYSINFO_VERSION="stable"
cd $PANEL_PATH/panel/etc/apps/
wget -nv -O phpsysinfo.zip https://github.com/phpsysinfo/phpsysinfo/archive/$PHPSYSINFO_VERSION.zip
mv phpsysinfo phpsysinfo.old
unzip -q phpsysinfo.zip
mv phpsysinfo-$PHPSYSINFO_VERSION phpsysinfo
cd phpsysinfo
cp -p $PANEL_PATH/panel/etc/apps/phpsysinfo.old/phpsysinfo.ini $PANEL_PATH/panel/etc/apps/phpsysinfo/phpsysinfo.ini
cd $PANEL_PATH/panel/etc/apps/
chmod -R 755 phpsysinfo
chown -R $HTTP_USER:$HTTP_USER phpsysinfo
rm -rf phpsysinfo.zip
rm -rf phpsysinfo.old
break;;
[oO]* )
break;;
esac
done
#--- Webalizer
echo -e "\n-- Configuring Webalizer"
$PACKAGE_INSTALLER webalizer
if [[ "$OS" = "CentOs" || "$OS" = "Fedora" ]]; then
rm -rf /etc/webalizer.conf
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
rm -rf /etc/webalizer/webalizer.conf
fi
#--- Set some Sentora database entries using. setso and setzadmin (require PHP)
echo -e "\n-- Configuring Sentora"
zadminpassword=$(passwordgen);
setzadmin --set "$zadminpassword";
$PANEL_PATH/panel/bin/setso --set sentora_domain "$PANEL_FQDN"
$PANEL_PATH/panel/bin/setso --set server_ip "$PUBLIC_IP"
# if not release, set beta version in database
if [[ $(echo "$SENTORA_CORE_VERSION" | sed 's|.*-\(beta\).*$|\1|') = "beta" ]] ; then
$PANEL_PATH/panel/bin/setso --set dbversion "$SENTORA_CORE_VERSION"
fi
# make the daemon to build vhosts file.
$PANEL_PATH/panel/bin/setso --set apache_changed "true"
php -q $PANEL_PATH/panel/bin/daemon.php
#--- Firewall ?
#--- Fail2ban
#--- Logrotate
# Download and install logrotate
echo -e "\n-- Installing Logrotate"
$PACKAGE_INSTALLER logrotate
# Link the configfiles
ln -s $PANEL_CONF/logrotate/Sentora-apache /etc/logrotate.d/Sentora-apache
ln -s $PANEL_CONF/logrotate/Sentora-proftpd /etc/logrotate.d/Sentora-proftpd
ln -s $PANEL_CONF/logrotate/Sentora-dovecot /etc/logrotate.d/Sentora-dovecot
# Configure the postrotatesyntax for different OS
if [[ "$OS" = "CentOs" && "$VER" == "7" || "$OS" = "Fedora" ]]; then
sed -i 's|systemctl reload httpd > /dev/null|service httpd reload > /dev/null|' $PANEL_CONF/logrotate/Sentora-apache
sed -i 's|systemctl reload proftpd > /dev/null|service proftpd reload > /dev/null|' $PANEL_CONF/logrotate/Sentora-proftpd
elif [[ "$OS" = "Ubuntu" || "$OS" = "debian" ]]; then
sed -i 's|systemctl reload httpd > /dev/null|/etc/init.d/apache2 reload > /dev/null|' $PANEL_CONF/logrotate/Sentora-apache
sed -i 's|systemctl reload proftpd > /dev/null|/etc/init.d/proftpd force-reload > /dev/null|' $PANEL_CONF/logrotate/Sentora-proftpd
fi
#--- Resolv.conf deprotect
chattr -i /etc/resolv.conf
#--- Restart all services to capture output messages, if any
if [[ "$OS" = "CentOs" && "$VER" == "7" || "$OS" = "Fedora" ]]; then
# CentOs7 does not return anything except redirection to systemctl :-(
service() {
echo "Restarting $1"
systemctl restart "$1.service"
}
fi
service "$DB_SERVICE" restart
service "$HTTP_SERVICE" restart
service postfix restart
service dovecot restart
service "$CRON_SERVICE" restart
service "$BIND_SERVICE" restart
service proftpd restart
service atd restart
#--- Store the passwords for user reference
{
echo "Server IP address : $PUBLIC_IP"
echo "Panel URL : http://$PANEL_FQDN"
echo "zadmin Password : $zadminpassword"
if [[ "$patchroot" == "1" ]]; then
echo ""
echo "DON'T USE THE ROOT USER TO CONNECT TO THE MYSQL"
echo "DATABASE THROUGH PHPMYADMIN. USE sentoradmin"
echo "INSTEAD ONLY USE THE ROOT FOR THE MYSQL CLI"
echo "IN CASE OF TROUBLESOOTING. THANK YOU!"
fi
echo ""
echo "MySQL Root Password : $mysqlpassword"
if [[ "$patchroot" == "1" ]]; then
echo "MySQL Sentoradmin Passwd : $sentorapassword"
fi
echo "MySQL Postfix Password : $postfixpassword"
echo "MySQL ProFTPd Password : $proftpdpassword"
echo "MySQL Roundcube Password : $roundcubepassword"
} >> /root/passwords.txt
#--- Advise the admin that Sentora is now installed and accessible.
{
echo "########################################################"
echo " Congratulations Sentora has now been installed on your"
echo " server. Please review the log file left in /root/ for "
echo " any errors encountered during installation."
echo ""
echo " Login to Sentora at http://$PANEL_FQDN"
echo " Sentora Username : zadmin"
echo " Sentora Password : $zadminpassword"
if [[ "$patchroot" == "1" ]]; then
echo ""
echo "DON'T USE THE ROOT USER TO CONNECT TO THE MYSQL"
echo "DATABASE THROUGH PHPMYADMIN. USE sentoradmin"
echo "INSTEAD. ONLY USE THE ROOT FOR THE MYSQL CLI"
echo "IN CASE OF TROUBLESOOTING. THANK YOU!"
fi
echo ""
echo " MySQL Root Password : $mysqlpassword"
if [[ "$patchroot" == "1" ]]; then
echo " MySQL Sentoradmin Passwd : $sentorapassword"
fi
echo " MySQL Postfix Password : $postfixpassword"
echo " MySQL ProFTPd Password : $proftpdpassword"
echo " MySQL Roundcube Password : $roundcubepassword"
echo " (theses passwords are saved in /root/passwords.txt)"
echo "########################################################"
echo ""
} &>/dev/tty
# Wait until the user have read before restarts the server...
if [[ "$INSTALL" != "auto" ]] ; then
while true; do
read -e -p "Restart your server now to complete the install (y/n)? " rsn
case $rsn in
[Yy]* ) break;;
[Nn]* ) exit;
esac
done
shutdown -r now
fi