Nemcio/CyberPanel
1
0
Fork 0
mirror of https://github.com/usmannasir/cyberpanel.git synced 2025-11-12 00:06:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

bug fixes and language improvments

Browse Source
This commit is contained in:
usmannasir
2018-11-10 16:05:40 +05:00
parent 4c1b2f8dc2
commit d3340c9e48
39 changed files with 18321 additions and 7915 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
install/install.py
View File

@@ -1436,7 +1436,6 @@ class preFlightsChecks:
self.stdOut("Error converting: " + filename + " from centos defaults to ubuntu defaults: " + str(err), 1,
1, os.EX_OSERR)
def setup_postfix_davecot_config(self, mysql):
try:
logging.InstallLog.writeToFile("Configuring postfix and dovecot...")
@@ -3307,7 +3306,6 @@ def get_distro():
return distro
def get_Ubuntu_release():
release = -1
if exists("/etc/lsb-release"):
@@ -3328,7 +3326,6 @@ def get_Ubuntu_release():
return release
def main():
parser = argparse.ArgumentParser(description='CyberPanel Installer')
@@ -3337,6 +3334,8 @@ def main():
parser.add_argument('--postfix', help='Enable or disable Email Service.')
parser.add_argument('--powerdns', help='Enable or disable DNS Service.')
parser.add_argument('--ftp', help='Enable or disable ftp Service.')
parser.add_argument('--ent', help='Install LS Ent or OpenLiteSpeed')
parser.add_argument('--serial', help='Install LS Ent or OpenLiteSpeed')
args = parser.parse_args()
logging.InstallLog.writeToFile("Starting CyberPanel installation..")
@@ -3365,6 +3364,20 @@ def main():
mysql = args.mysql
preFlightsChecks.stdOut("Dobule MySQL instance version will be installed.")
if args.ent == None:
ent = 0
else:
if args.ent == 'ols':
ent = 0
else:
ent = 1
if args.serial != None:
serial = args.serial
preFlightsChecks.stdOut("LiteSpeed Enterprise Serial detected: " + serial)
else:
preFlightsChecks.stdOut("Installation failed, please specify LiteSpeed Enterprise key using --serial")
os._exit(0)
checks.checkPythonVersion()
checks.setup_account_cyberpanel()
if distro == centos:
@@ -3385,8 +3398,11 @@ def main():
checks.setup_gunicorn()
import installCyberPanel
if ent == 0:
installCyberPanel.Main(cwd, mysql, distro, ent)
else:
installCyberPanel.Main(cwd, mysql, distro, ent, serial)
installCyberPanel.Main(cwd, mysql, distro)
checks.fix_selinux_issue()
checks.install_psmisc()
checks.install_postfix_davecot()
@@ -3399,8 +3415,6 @@ def main():
checks.install_rsync()
checks.downoad_and_install_raindloop()
checks.download_install_phpmyadmin()
checks.installFirewalld()

94
install/installCyberPanel.py
View File

@@ -20,17 +20,19 @@ class InstallCyberPanel:
mysql_Root_password = ""
mysqlPassword = ""
def __init__(self, rootPath, cwd, distro):
def __init__(self, rootPath, cwd, distro, ent, serial = None):
self.server_root_path = rootPath
self.cwd = cwd
self.distro = distro
self.ent = ent
self.serial = serial
@staticmethod
def stdOut(message, log=0, exit=0, code=os.EX_OK):
install.preFlightsChecks.stdOut(message, log, exit, code)
def installLiteSpeed(self):
if self.ent == 0:
try:
count = 0
while (1):
@@ -53,7 +55,59 @@ class InstallCyberPanel:
logging.InstallLog.writeToFile("OpenLiteSpeed successfully installed!")
InstallCyberPanel.stdOut("OpenLiteSpeed successfully installed!")
break
except OSError, msg:
logging.InstallLog.writeToFile(str(msg) + " [installLiteSpeed]")
return 0
except ValueError, msg:
logging.InstallLog.writeToFile(str(msg) + " [installLiteSpeed]")
return 0
return 1
else:
try:
count = 0
while (1):
command = 'wget https://www.litespeedtech.com/packages/5.0/lsws-5.3-ent-x86_64-linux.tar.gz'
cmd = shlex.split(command)
res = subprocess.call(cmd)
command = 'tar zxf lsws-5.3-ent-x86_64-linux.tar.gz'
subprocess.call(shlex.split(command))
writeSerial = open('lsws-5.3/serial.no', 'w')
writeSerial.writelines(self.serial)
writeSerial.close()
shutil.copy('litespeed/install.sh', 'lsws-5.3/')
shutil.copy('litespeed/functions.sh', 'lsws-5.3/')
os.chdir('lsws-5.3')
command = 'chmod +x install.sh'
subprocess.call(shlex.split(command))
command = 'chmod +x functions.sh'
subprocess.call(shlex.split(command))
command = './install.sh'
res = subprocess.call(shlex.split(command))
if res == 1:
logging.InstallLog.writeToFile(
"Failed to install LiteSpeed Enterprise! [installLiteSpeed]")
InstallCyberPanel.stdOut("Failed to install LiteSpeed Enterprise!")
os._exit(0)
os.chdir(self.cwd)
confPath = '/usr/local/lsws/conf/'
shutil.copy('litespeed/httpd_config.xml', confPath)
shutil.copy('litespeed/modsec.conf', confPath)
shutil.copy('litespeed/httpd.conf', confPath)
command = 'chown -R lsadm:lsadm ' + confPath
subprocess.call(shlex.split(command))
break
except OSError, msg:
logging.InstallLog.writeToFile(str(msg) + " [installLiteSpeed]")
return 0
@@ -163,7 +217,6 @@ class InstallCyberPanel:
return self.reStartLiteSpeed()
def changePortTo80(self):
try:
InstallCyberPanel.stdOut("Changing default port to 80..")
@@ -191,6 +244,7 @@ class InstallCyberPanel:
return self.reStartLiteSpeed()
def setupFileManager(self):
if self.ent == 0:
try:
logging.InstallLog.writeToFile("Setting up Filemanager files..")
InstallCyberPanel.stdOut("Setting up Filemanager files..")
@@ -221,6 +275,32 @@ class InstallCyberPanel:
return 0
return 1
else:
try:
logging.InstallLog.writeToFile("Setting up Filemanager files..")
InstallCyberPanel.stdOut("Setting up Filemanager files..")
os.chdir(self.cwd)
fileManagerPath = self.server_root_path + "/FileManager"
shutil.copytree("FileManager", fileManagerPath)
## remove unnecessary files
command = 'chmod -R 777 ' + fileManagerPath
subprocess.call(shlex.split(command))
logging.InstallLog.writeToFile("Filemanager files are set!")
InstallCyberPanel.stdOut("Filemanager files are set!")
except OSError, msg:
logging.InstallLog.writeToFile(str(msg) + " [setupFileManager]")
return 0
except ValueError, msg:
logging.InstallLog.writeToFile(str(msg) + " [setupFileManager]")
return 0
return 1
def installAllPHPVersions(self):
try:
@@ -305,7 +385,6 @@ class InstallCyberPanel:
return 1
def setup_mariadb_repo(self):
try:
@@ -648,7 +727,6 @@ class InstallCyberPanel:
self.stdOut("MariaDB is now setup so it can support Cyberpanel's needs")
def installPureFTPD(self):
try:
@@ -1256,7 +1334,7 @@ class InstallCyberPanel:
def Main(cwd, mysql, distro):
def Main(cwd, mysql, distro, ent):
InstallCyberPanel.mysqlPassword = randomPassword.generate_pass()
InstallCyberPanel.mysql_Root_password = randomPassword.generate_pass()
@@ -1276,12 +1354,14 @@ def Main(cwd, mysql, distro):
else:
InstallCyberPanel.mysqlPassword = InstallCyberPanel.mysql_Root_password
installer = InstallCyberPanel("/usr/local/lsws/",cwd, distro)
installer = InstallCyberPanel("/usr/local/lsws/",cwd, distro, ent)
installer.installLiteSpeed()
if ent == 0:
installer.changePortTo80()
installer.setupFileManager()
installer.installAllPHPVersions()
if ent == 0:
installer.fix_ols_configs()

1364
install/litespeed/functions.sh Normal file
View File

File diff suppressed because it is too large Load Diff

67
install/litespeed/httpd.conf Normal file
View File

@@ -0,0 +1,67 @@
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#
#
# Warning: Do not edit this file directly, this file is autogenerated.
#
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
ServerRoot "/usr/local/lsws"
Listen 0.0.0.0:80
Listen [::]:80
Listen 0.0.0.0:443
Listen [::]:443
User nobody
Group nobody
ServerAdmin root@localhost
<Directory />
AllowOverride none
</Directory>
<Directory /home>
AllowOverride All
Options +Includes -Indexes +ExecCGI
</Directory>
DirectoryIndex index.php index.html
<Files ".ht*">
Require all denied
</Files>
ErrorLog "/usr/local/lsws/logs/error.log"
LogLevel warn
LogFormat '"%v %h %l %u %t \"%r\" %>s %b"' combined
CustomLog "/usr/local/lsws/logs/access.log" combined
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
#AddHandler cgi-script .cgi
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
SSLProtocol all -SSLv3 -TLSv1
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:HIGH:!EDH-RSA-DES-CBC3-SHA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
<IfModule Litespeed>
CacheRoot /home/lscache/
</IfModule>
Include /usr/local/lsws/conf/modsec.conf

388
install/litespeed/httpd_config.xml Normal file
View File

@@ -0,0 +1,388 @@
<?xml version="1.0" encoding="UTF-8"?>
<httpServerConfig>
<serverName>$HOSTNAME</serverName>
<user>nobody</user>
<group>nobody</group>
<priority>0</priority>
<chrootPath>/</chrootPath>
<enableChroot>0</enableChroot>
<inMemBufSize>120M</inMemBufSize>
<swappingDir>/tmp/lshttpd/swap</swappingDir>
<autoFix503>1</autoFix503>
<loadApacheConf>1</loadApacheConf>
<autoReloadApacheConf>0</autoReloadApacheConf>
<apacheConfFile>/usr/local/lsws/conf/httpd.conf</apacheConfFile>
<apachePortOffset>0</apachePortOffset>
<apacheIpOffset>0</apacheIpOffset>
<phpSuExec>1</phpSuExec>
<phpSuExecMaxConn>5</phpSuExecMaxConn>
<mime>$SERVER_ROOT/conf/mime.properties</mime>
<showVersionNumber>0</showVersionNumber>
<autoUpdateInterval>86400</autoUpdateInterval>
<autoUpdateDownloadPkg>1</autoUpdateDownloadPkg>
<adminEmails>usman@cyberpersons.com</adminEmails>
<adminRoot>$SERVER_ROOT/admin/</adminRoot>
<logging>
<log>
<fileName>$SERVER_ROOT/logs/error.log</fileName>
<logLevel>DEBUG</logLevel>
<debugLevel>0</debugLevel>
<rollingSize>10M</rollingSize>
<enableStderrLog>1</enableStderrLog>
<enableAioLog>1</enableAioLog>
</log>
<accessLog>
<fileName>$SERVER_ROOT/logs/access.log</fileName>
<rollingSize>10M</rollingSize>
<keepDays>30</keepDays>
<compressArchive>0</compressArchive>
</accessLog>
</logging>
<indexFiles>index.html, index.php</indexFiles>
<htAccess>
<allowOverride>0</allowOverride>
<accessFileName>.htaccess</accessFileName>
</htAccess>
<expires>
<enableExpires>1</enableExpires>
<expiresByType>image/*=A604800, text/css=A604800, application/x-javascript=A604800, application/javascript=A604800</expiresByType>
</expires>
<tuning>
<eventDispatcher>best</eventDispatcher>
<maxConnections>2000</maxConnections>
<maxSSLConnections>200</maxSSLConnections>
<connTimeout>300</connTimeout>
<maxKeepAliveReq>1000</maxKeepAliveReq>
<smartKeepAlive>0</smartKeepAlive>
<keepAliveTimeout>5</keepAliveTimeout>
<sndBufSize>0</sndBufSize>
<rcvBufSize>0</rcvBufSize>
<maxReqURLLen>8192</maxReqURLLen>
<maxReqHeaderSize>16380</maxReqHeaderSize>
<maxReqBodySize>500M</maxReqBodySize>
<maxDynRespHeaderSize>8K</maxDynRespHeaderSize>
<maxDynRespSize>500M</maxDynRespSize>
<maxCachedFileSize>4096</maxCachedFileSize>
<totalInMemCacheSize>20M</totalInMemCacheSize>
<maxMMapFileSize>256K</maxMMapFileSize>
<totalMMapCacheSize>40M</totalMMapCacheSize>
<useSendfile>1</useSendfile>
<useAIO>1</useAIO>
<AIOBlockSize>4</AIOBlockSize>
<enableGzipCompress>1</enableGzipCompress>
<enableDynGzipCompress>1</enableDynGzipCompress>
<gzipCompressLevel>1</gzipCompressLevel>
<compressibleTypes>text/*,application/x-javascript,application/javascript,application/xml, image/svg+xml</compressibleTypes>
<gzipAutoUpdateStatic>1</gzipAutoUpdateStatic>
<gzipStaticCompressLevel>6</gzipStaticCompressLevel>
<gzipMaxFileSize>1M</gzipMaxFileSize>
<gzipMinFileSize>300</gzipMinFileSize>
<SSLCryptoDevice>null</SSLCryptoDevice>
</tuning>
<quic>
<quicEnable>1</quicEnable>
</quic>
<security>
<fileAccessControl>
<followSymbolLink>1</followSymbolLink>
<checkSymbolLink>0</checkSymbolLink>
<requiredPermissionMask>000</requiredPermissionMask>
<restrictedPermissionMask>000</restrictedPermissionMask>
</fileAccessControl>
<perClientConnLimit>
<staticReqPerSec>0</staticReqPerSec>
<dynReqPerSec>0</dynReqPerSec>
<outBandwidth>0</outBandwidth>
<inBandwidth>0</inBandwidth>
<softLimit>10000</softLimit>
<hardLimit>10000</hardLimit>
<gracePeriod>15</gracePeriod>
<banPeriod>300</banPeriod>
</perClientConnLimit>
<CGIRLimit>
<maxCGIInstances>200</maxCGIInstances>
<minUID>11</minUID>
<minGID>10</minGID>
<priority>0</priority>
<CPUSoftLimit>300</CPUSoftLimit>
<CPUHardLimit>600</CPUHardLimit>
<memSoftLimit>1450M</memSoftLimit>
<memHardLimit>1500M</memHardLimit>
<procSoftLimit>1400</procSoftLimit>
<procHardLimit>1450</procHardLimit>
</CGIRLimit>
<censorshipControl>
<enableCensorship>0</enableCensorship>
<logLevel>0</logLevel>
<defaultAction>deny,log,status:403</defaultAction>
<scanPOST>1</scanPOST>
<uploadTmpDir>/tmp</uploadTmpDir>
<secAuditLog>$SERVER_ROOT/logs/security_audit.log</secAuditLog>
</censorshipControl>
<censorshipRuleSet>
<name>XSS attack</name>
<ruleSetAction>log,deny,status:403,msg:'XSS attack'</ruleSetAction>
<enabled>1</enabled>
<ruleSet>SecFilterSelective ARGS &quot;(alert|expression|eval|url)[[:space:]]*\(&quot;
SecFilterSelective ARGS &quot;(&amp;\{.+\}|(&amp;#[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})&quot;
SecFilterSelective ARGS &quot;((javascript|vbscript):|style[[:space:]]*=)&quot;
SecFilterSelective ARGS &quot;(fromCharCode|http-equiv|&lt;.+&gt;|innerHTML|dynsrc|--&gt;)&quot;
SecFilterSelective ARGS &quot;document\.(body|cookie|location|write)&quot;
SecFilterSelective ARGS_VALUES &quot;jsessionid|phpsessid|onReadyStateChange|xmlHttp&quot;
SecFilterSelective ARGS &quot;&lt;(applet|div|embed|iframe|img|meta|object|script|textarea)&quot;
# JavaScript event handlers
SecFilterSelective ARGS &quot;on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)&quot;</ruleSet>
</censorshipRuleSet>
<censorshipRuleSet>
<name>SQL injection</name>
<ruleSetAction>log,pass,msg:'SQL Injection attack'</ruleSetAction>
<enabled>1</enabled>
<ruleSet>#SQL generic
SecFilterSelective ARGS &quot;drop[[:space:]]+(database|table|column|procedure)&quot;
SecFilterSelective ARGS &quot;delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values&quot;
SecFilterSelective ARGS &quot;select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table&quot;
SecFilterSelective ARGS &quot;or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--&quot;
SecFilterSelective ARGS &quot;into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/&quot;</ruleSet>
</censorshipRuleSet>
<accessDenyDir>
<dir>/</dir>
<dir>/etc/*</dir>
<dir>/dev/*</dir>
<dir>$SERVER_ROOT/conf/*</dir>
<dir>$SERVER_ROOT/admin/conf/*</dir>
</accessDenyDir>
<accessControl>
<allow>ALL</allow>
</accessControl>
</security>
<extProcessorList>
<extProcessor>
<type>lsapi</type>
<name>lsphp5</name>
<address>uds://tmp/lshttpd/lsphp5.sock</address>
<maxConns>35</maxConns>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<respBuffer>0</respBuffer>
<autoStart>3</autoStart>
<path>$SERVER_ROOT/fcgi-bin/lsphp5</path>
<backlog>100</backlog>
<instances>1</instances>
<priority>0</priority>
<memSoftLimit>2047M</memSoftLimit>
<memHardLimit>2047M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>500</procHardLimit>
</extProcessor>
<extProcessor>
<type>lsapi</type>
<name>lsphp53</name>
<address>uds://tmp/lshttpd/lsphp53.sock</address>
<maxConns>35</maxConns>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<respBuffer>0</respBuffer>
<autoStart>3</autoStart>
<path>$SERVER_ROOT/lsphp53/bin/lsphp</path>
<backlog>100</backlog>
<instances>1</instances>
<priority>0</priority>
<memSoftLimit>2047M</memSoftLimit>
<memHardLimit>2047M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>500</procHardLimit>
</extProcessor>
<extProcessor>
<type>lsapi</type>
<name>lsphp54</name>
<address>uds://tmp/lshttpd/lsphp54.sock</address>
<maxConns>35</maxConns>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<respBuffer>0</respBuffer>
<autoStart>3</autoStart>
<path>$SERVER_ROOT/lsphp54/bin/lsphp</path>
<backlog>100</backlog>
<instances>1</instances>
<priority>0</priority>
<memSoftLimit>2047M</memSoftLimit>
<memHardLimit>2047M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>500</procHardLimit>
</extProcessor>
<extProcessor>
<type>lsapi</type>
<name>lsphp55</name>
<address>uds://tmp/lshttpd/lsphp55.sock</address>
<maxConns>35</maxConns>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<respBuffer>0</respBuffer>
<autoStart>3</autoStart>
<path>$SERVER_ROOT/lsphp55/bin/lsphp</path>
<backlog>100</backlog>
<instances>1</instances>
<priority>0</priority>
<memSoftLimit>2047M</memSoftLimit>
<memHardLimit>2047M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>500</procHardLimit>
</extProcessor>
<extProcessor>
<type>lsapi</type>
<name>lsphp56</name>
<address>uds://tmp/lshttpd/lsphp56.sock</address>
<maxConns>35</maxConns>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<respBuffer>0</respBuffer>
<autoStart>3</autoStart>
<path>$SERVER_ROOT/lsphp56/bin/lsphp</path>
<backlog>100</backlog>
<instances>1</instances>
<priority>0</priority>
<memSoftLimit>2047M</memSoftLimit>
<memHardLimit>2047M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>500</procHardLimit>
</extProcessor>
<extProcessor>
<type>lsapi</type>
<name>lsphp70</name>
<address>uds://tmp/lshttpd/lsphp70.sock</address>
<maxConns>35</maxConns>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<respBuffer>0</respBuffer>
<autoStart>3</autoStart>
<path>$SERVER_ROOT/lsphp70/bin/lsphp</path>
<backlog>100</backlog>
<instances>1</instances>
<priority>0</priority>
<memSoftLimit>2047M</memSoftLimit>
<memHardLimit>2047M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>500</procHardLimit>
</extProcessor>
<extProcessor>
<type>lsapi</type>
<name>lsphp71</name>
<address>uds://tmp/lshttpd/lsphp71.sock</address>
<maxConns>35</maxConns>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<respBuffer>0</respBuffer>
<autoStart>3</autoStart>
<path>$SERVER_ROOT/lsphp71/bin/lsphp</path>
<backlog>100</backlog>
<instances>1</instances>
<priority>0</priority>
<memSoftLimit>2047M</memSoftLimit>
<memHardLimit>2047M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>500</procHardLimit>
</extProcessor>
<extProcessor>
<type>lsapi</type>
<name>lsphp72</name>
<address>uds://tmp/lshttpd/lsphp72.sock</address>
<maxConns>35</maxConns>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<respBuffer>0</respBuffer>
<autoStart>3</autoStart>
<path>$SERVER_ROOT/lsphp72/bin/lsphp</path>
<backlog>100</backlog>
<instances>1</instances>
<priority>0</priority>
<memSoftLimit>2047M</memSoftLimit>
<memHardLimit>2047M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>500</procHardLimit>
</extProcessor>
</extProcessorList>
<scriptHandlerList>
<scriptHandler>
<suffix>php</suffix>
<type>lsapi</type>
<handler>lsphp5</handler>
</scriptHandler>
<scriptHandler>
<suffix>php5</suffix>
<type>lsapi</type>
<handler>lsphp5</handler>
</scriptHandler>
<scriptHandler>
<suffix>php53</suffix>
<type>lsapi</type>
<handler>lsphp53</handler>
</scriptHandler>
<scriptHandler>
<suffix>php54</suffix>
<type>lsapi</type>
<handler>lsphp54</handler>
</scriptHandler>
<scriptHandler>
<suffix>php55</suffix>
<type>lsapi</type>
<handler>lsphp55</handler>
</scriptHandler>
<scriptHandler>
<suffix>php56</suffix>
<type>lsapi</type>
<handler>lsphp56</handler>
</scriptHandler>
<scriptHandler>
<suffix>php70</suffix>
<type>lsapi</type>
<handler>lsphp70</handler>
</scriptHandler>
<scriptHandler>
<suffix>php71</suffix>
<type>lsapi</type>
<handler>lsphp71</handler>
</scriptHandler>
<scriptHandler>
<suffix>php72</suffix>
<type>lsapi</type>
<handler>lsphp72</handler>
</scriptHandler>
</scriptHandlerList>
<railsDefaults>
<railsEnv>1</railsEnv>
<maxConns>5</maxConns>
<env>LSAPI_MAX_IDLE=60</env>
<initTimeout>180</initTimeout>
<retryTimeout>0</retryTimeout>
<pcKeepAliveTimeout>60</pcKeepAliveTimeout>
<respBuffer>0</respBuffer>
<backlog>50</backlog>
<runOnStartUp>1</runOnStartUp>
<priority>3</priority>
<memSoftLimit>2047M</memSoftLimit>
<memHardLimit>2047M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>500</procHardLimit>
</railsDefaults>
</httpServerConfig>

506
install/litespeed/install.sh Normal file
View File

@@ -0,0 +1,506 @@
#!/bin/sh
cd `dirname "$0"`
source ./functions.sh 2>/dev/null
if [ $? != 0 ]; then
. ./functions.sh
if [ $? != 0 ]; then
echo [ERROR] Can not include 'functions.sh'.
exit 1
fi
fi
test_license()
{
COPY_LICENSE_KEY=1
if [ -f "$LSWS_HOME/conf/serial.no" ]; then
if [ ! -f "$LSINSTALL_DIR/serial.no" ]; then
cp "$LSWS_HOME/conf/serial.no" "$LSINSTALL_DIR/serial.no"
else
diff "$LSWS_HOME/conf/serial.no" "$LSINSTALL_DIR/serial.no" 1>/dev/null
if [ $? -ne 0 ]; then
COPY_LICENSE_KEY=0
fi
fi
fi
# if [ $COPY_LICENSE_KEY -eq 1 ]; then
# if [ -f "$LSWS_HOME/conf/license.key" ] && [ ! -f "$LSINSTALL_DIR/license.key" ]; then
# cp "$LSWS_HOME/conf/license.key" "$LSINSTALL_DIR/license.key"
# fi
# if [ -f "$LSWS_HOME/conf/license.key" ] && [ -f "$LSINSTALL_DIR/license.key" ]; then
# diff "$LSWS_HOME/conf/license.key" "$LSINSTALL_DIR/license.key"
# if [ $? -ne 0 ]; then
# cp "$LSWS_HOME/conf/license.key" "$LSINSTALL_DIR/license.key"
# fi
# fi
# fi
if [ -f "$LSINSTALL_DIR/license.key" ] && [ -f "$LSINSTALL_DIR/serial.no" ]; then
echo "License key and serial number are available, testing..."
echo
bin/lshttpd -V
if [ $? -eq 0 ]; then
LICENSE_OK=1
if [ -f "$LSINSTALL_DIR/conf/license.key" ]; then
mv "$LSINSTALL_DIR/conf/license.key" "$LSINSTALL_DIR/license.key"
bin/lshttpd -t
fi
fi
echo
fi
if [ "x$LICENSE_OK" = "x" ]; then
if [ -f "$LSINSTALL_DIR/serial.no" ]; then
# echo "Serial number is available."
# printf "Would you like to register a license key for this server? [Y/n]"
# read TMP_YN
# echo ""
# if [ "x$TMP_YN" = "x" ] || [ `expr "$TMP_YN" : '[Yy]'` -gt 0 ]; then
echo "Contacting licensing server ..."
echo ""
$LSINSTALL_DIR/bin/lshttpd -r
if [ $? -eq 0 ]; then
echo "[OK] License key received."
$LSINSTALL_DIR/bin/lshttpd -t
if [ $? -eq 0 ]; then
LICENSE_OK=1
else
echo "The license key received does not work."
fi
fi
# fi
fi
fi
if [ "x$LICENSE_OK" = "x" ]; then
if [ -f "$LSINSTALL_DIR/trial.key" ]; then
$LSINSTALL_DIR/bin/lshttpd -t
if [ $? -ne 0 ]; then
exit 1
fi
else
cat <<EOF
[ERROR] Sorry, installation will abort without a valid license key.
For evaluation purpose, please obtain a trial license key from our web
site http://www.litespeedtech.com, copy it to this directory
and run Installer again.
If a production license has been purchased, please copy the serial number
from your confirmation email to this directory and run Installer again.
NOTE:
Please remember to set ftp to BINARY mode when you ftp trial.key from
another machine.
EOF
exit 1
fi
fi
}
configChroot()
{
ENABLE_CHROOT=0
CHROOT_PATH="/"
if [ -f "$LSWS_HOME/conf/httpd_config.xml" ]; then
OLD_ENABLE_CHROOT_CONF=`grep "<enableChroot>" "$LSWS_HOME/conf/httpd_config.xml"`
OLD_CHROOT_PATH_CONF=`grep "<chrootPath>" "$LSWS_HOME/conf/httpd_config.xml"`
OLD_ENABLE_CHROOT=`expr "$OLD_ENABLE_CHROOT_CONF" : '.*<enableChroot>\(.*\)</enableChroot>.*'`
OLD_CHROOT_PATH=`expr "$OLD_CHROOT_PATH_CONF" : '[^<]*<chrootPath>\([^<]*\)</chrootPath>.*'`
if [ "x$OLD_ENABLE_CHROOT" != "x" ]; then
ENABLE_CHROOT=$OLD_ENABLE_CHROOT
fi
if [ "x$OLD_CHROOT_PATH" != "x" ]; then
CHROOT_PATH=$OLD_CHROOT_PATH
fi
fi
CHANGE_CHROOT=0
if [ $INST_USER = "root" ]; then
CHANGE_CHROOT=1
if [ $INSTALL_TYPE = "upgrade" ]; then
CHANGE_CHROOT=0
if [ $ENABLE_CHROOT -eq 1 ]; then
cat <<EOF
Chroot is enabled with your current setup and root directory is set to
$CHROOT_PATH
EOF
else
echo "Chroot is disabled with your current setup."
echo
fi
printf "%s" "Would you like to change chroot settings [y/N]? "
TMP_URC='n'
echo ""
if [ "x$TMP_URC" != "x" ]; then
if [ `expr "$TMP_URC" : '[Yy]'` -gt 0 ]; then
CHANGE_CHROOT=1
fi
fi
fi
if [ $CHANGE_CHROOT -eq 1 ]; then
cat<<EOF
LiteSpeed Web Server Enterprise Edition can run in chroot environment.
It is impossible for the chrooted process and its children processes to
access files outside the new root directory.
With chroot configured properly, there is no need to worry about sensitive
data being accidentally exposed by insecure CGI programs or web server itself.
Even when a hacker some how gain a shell access, all files he can access is
under the chrooted directory.
This installation script will try to setup the initial chroot environment
automatically.
However, it is not easy to setup a chroot environment and you CGI program may
break. So we do not recommend enabling it for the first time user.
It can be enabled later by running this installation script again.
EOF
SUCC=0
printf "%s" "Enable chroot [y/N]: "
TMP_YN='n'
if [ `expr "x$TMP_YN" : 'x[Yy]'` -gt 1 ]; then
ENABLE_CHROOT=1
fi
LSWS_HOME_LEN=`expr "$LSWS_HOME" : '.*'`
if [ $ENABLE_CHROOT -eq 1 ]; then
while [ $SUCC -eq 0 ]; do
cat <<EOF
Chroot path must be absolute path and the server root
$LSWS_HOME
must be included in the chroot directory tree.
EOF
printf "%s" "Chroot directory without trailing '/': "
TMP_CHROOT='n'
if [ "x$TMP_CHROOT" != "x" ]; then
if [ $TMP_CHROOT = '/' ]; then
echo "Set chroot directory to '/' will disable chroot."
printf "%s" "Are you sure? [y/N]"
read TMP_YN
if [ `expr "x$TMP_YN" : 'x[Yy]'` -gt 1 ]; then
ENABLE_CHROOT=0
SUCC=1
fi
else
CHROOT_LEN=`expr "$TMP_CHROOT" : '.*'`
MATCH_LEN=`expr "$LSWS_HOME" : "$TMP_CHROOT"`
if [ $CHROOT_LEN -ne $MATCH_LEN ]; then
echo "Server root is not included in the chroot directory tree"
else
TMP_CHROOT2="$TMP_CHROOT/"
TMP_HOME="$LSWS_HOME/"
MATCH_LEN=`expr "$TMP_HOME" : "$TMP_CHROOT2"`
if [ $MATCH_LEN -le $CHROOT_LEN ]; then
echo "Server root is not included in the chroot diretory tree"
else
SUCC=1
CHROOT_PATH=$TMP_CHROOT
fi
fi
fi
fi
done
fi
fi
fi
}
changeChroot()
{
util_cpfile "$SDIR_OWN" $EXEC_MOD admin/misc/chroot.sh
if [ $CHANGE_CHROOT -eq 1 ]; then
if [ $ENABLE_CHROOT -eq 1 ]; then
$LSWS_HOME/admin/misc/chroot.sh $CHROOT_PATH
$LSWS_HOME/admin/misc/chroot.sh $CHROOT_PATH $LSWS_HOME/bin/lshttpd
$LSWS_HOME/admin/misc/chroot.sh $CHROOT_PATH $LSWS_HOME/admin/fcgi-bin/admin_php5
$LSWS_HOME/admin/misc/chroot.sh $CHROOT_PATH $LSWS_HOME/bin/lscgid
if [ -f $LSWS_HOME/fcgi-bin/php ]; then
$LSWS_HOME/admin/misc/chroot.sh $CHROOT_PATH $LSWS_HOME/fcgi-bin/php
fi
$LSWS_HOME/admin/misc/chroot.sh $CHROOT_PATH $LSWS_HOME/fcgi-bin/lsphp
if [ `expr "x$CHROOT_PATH" : '^x/[^/]'` -gt 1 ]; then
cp $CHROOT_PATH/etc/passwd $CHROOT_PATH/etc/passwd.ls_bak
cp $CHROOT_PATH/etc/group $CHROOT_PATH/etc/group.ls_bak
egrep "$WS_USER|lsadm" /etc/passwd > $CHROOT_PATH/etc/passwd
grep "$WS_GROUP" /etc/group > $CHROOT_PATH/etc/group
fi
fi
cp $LSWS_HOME/conf/httpd_config.xml $LSWS_HOME/conf/httpd_config.xml.bak
chown "$DIR_OWN" $LSWS_HOME/conf/httpd_config.xml.bak
RES=`grep '</chrootPath>' $LSWS_HOME/conf/httpd_config.xml.bak`
if [ $? -eq 1 ]; then
sed -e "s#</group>#</group><chrootPath>$CHROOT_PATH</chrootPath><enableChroot>$ENABLE_CHROOT</enableChroot>#" "$LSWS_HOME/conf/httpd_config.xml.bak" > "$LSWS_HOME/conf/httpd_config.xml"
else
sed -e "s#<chrootPath>.*<\/chrootPath>#<chrootPath>$CHROOT_PATH<\/chrootPath>#" -e "s/<enableChroot>.*<\/enableChroot>/<enableChroot>$ENABLE_CHROOT<\/enableChroot>/" "$LSWS_HOME/conf/httpd_config.xml.bak" > "$LSWS_HOME/conf/httpd_config.xml"
fi
fi
}
installLicense()
{
if [ -f ./serial.no ]; then
cp -f ./serial.no $LSWS_HOME/conf
chown "$SDIR_OWN" $LSWS_HOME/conf/serial.no
chmod "$DOC_MOD" $LSWS_HOME/conf/serial.no
fi
if [ -f ./license.key ]; then
cp -f ./license.key $LSWS_HOME/conf
chown "$SDIR_OWN" $LSWS_HOME/conf/license.key
chmod "$CONF_MOD" $LSWS_HOME/conf/license.key
fi
if [ -f ./trial.key ]; then
cp -f ./trial.key $LSWS_HOME/conf
chown "$SDIR_OWN" $LSWS_HOME/conf/trial.key
chmod "$DOC_MOD" $LSWS_HOME/conf/trial.key
fi
}
portOffset()
{
SUCC=0
SEL=0
while [ $SUCC -eq "0" ]; do
cat <<EOF
Would you like to run LiteSpeed along side with Apache on another port
to make sure everything work properly? If yes, please set "Port Offset"
to a non-zero value, LiteSpeed will run on Port 80 + "Port Offset",
otherwise, set to "0" to replace Apache.
EOF
printf "%s" "Port Offset [2000]? "
TMPS=0
echo ""
if [ "x$TMPS" != "x" ]; then
if [ `expr "$TMP_PORT" : '.*[^0-9]'` -gt 0 ]; then
echo "[ERROR] Only digits is allowed, try again!"
else
AP_PORT_OFFSET=$TMPS
SUCC=1
fi
else
SUCC=1
fi
done
}
enablePHPsuExec()
{
SUCC=0
SEL=0
while [ $SUCC -eq "0" ]; do
cat <<EOF
PHP suEXEC will run php scripts of each web site as the user who own the
document root directory,
LiteSpeed PHP suEXEC does not have any performance penalty like other PHP
suEXEC implementation, and .htaccess configuration overriden has been fully
supported.
Note: You may need to fix some file/directory permissions if phpSuexec or
suphp was not used with Apache.
Would you like to enable PHP suEXEC?
0. No
1. Yes
2. Only in user's home directory (DirectAdmin should use this)
EOF
printf "%s" "Please select (0-2)? [2]"
TMPS=1
echo ""
if [ "x$TMPS" != "x" ]; then
if [ `expr "$TMPS" : '[012]'` -gt 0 ]; then
PHP_SUEXEC=$TMPS
SUCC=1
else
echo "[ERROR] Wrong selection, try again!"
fi
else
SUCC=1
fi
done
}
hostPanelConfig()
{
SETUP_PHP=1
portOffset
enablePHPsuExec
}
hostPanels()
{
SUCC=0
SEL=0
while [ $SUCC -eq "0" ]; do
cat <<EOF
Will you use LiteSpeed Web Server with a hosting control panel?
0. NONE
1. cPanel
2. DirectAdmin
3. Plesk
4. Hsphere
5. Interworx
6. Lxadmin
7. ISPManager
EOF
printf "%s" "Please select (0-7) [0]? "
TMPS=0
echo ""
if [ "x$TMPS" != "x" ]; then
if [ `expr "$TMPS" : '[01234567]'` -gt 0 ]; then
SEL=$TMPS
SUCC=1
PANEL_VARY=""
if [ $SEL -eq "1" ]; then
HOST_PANEL="cpanel"
WS_USER=nobody
WS_GROUP=nobody
if [ -e "/etc/cpanel/ea4/is_ea4" ] ; then
PANEL_VARY=".ea4"
fi
elif [ $SEL -eq "2" ]; then
HOST_PANEL="directadmin"
WS_USER=apache
WS_GROUP=apache
elif [ $SEL -eq "3" ]; then
HOST_PANEL="plesk"
USER_INFO=`id apache 2>/dev/null`
TST_USER=`expr "$USER_INFO" : 'uid=.*(\(.*\)) gid=.*'`
if [ "x$TST_USER" = "xapache" ]; then
WS_USER=apache
WS_GROUP=apache
else
WS_USER=www-data
WS_GROUP=www-data
# default PID FILE, source the real one, debian and ubuntu different
APACHE_PID_FILE=/var/run/apache2/apache2.pid
source /etc/apache2/envvars 2>/dev/null
if [ $? != 0 ]; then
. /etc/apache2/envvars
fi
PANEL_VARY=".debian"
fi
ADMIN_PORT=7088
elif [ $SEL -eq "4" ]; then
HOST_PANEL="hsphere"
WS_USER=httpd
WS_GROUP=httpd
elif [ $SEL -eq "5" ]; then
HOST_PANEL="interworx"
WS_USER=apache
WS_GROUP=apache
elif [ $SEL -eq "6" ]; then
HOST_PANEL="lxadminh"
WS_USER=apache
WS_GROUP=apache
elif [ $SEL -eq "7" ]; then
HOST_PANEL="ispmanager"
WS_USER=apache
WS_GROUP=apache
fi
fi
DIR_OWN=$WS_USER:$WS_GROUP
CONF_OWN=$WS_USER:$WS_GROUP
else
SUCC=1
fi
done
}
LSINSTALL_DIR=`dirname "$0"`
cd $LSINSTALL_DIR
init
license
install_dir
test_license
admin_login
if [ $INSTALL_TYPE = "reinstall" ]; then
configAdminEmail
if [ $INST_USER = "root" ]; then
hostPanels
fi
if [ "x$HOST_PANEL" = "x" ]; then
getUserGroup
stopLshttpd
getServerPort
getAdminPort
configRuby
enablePHPHandler
else
hostPanelConfig
fi
fi
if [ "x$HOST_PANEL" = "x" ]; then
configChroot
fi
cat <<EOF
Installing, please wait...
EOF
if [ "x$HOST_PANEL" = "xdirectadmin" ]; then
chmod g+x /var/log/httpd/
chgrp apache /var/log/httpd/
chown apache:apache /var/log/httpd/domains
fi
if [ "x$HOST_PANEL" = "x" ]; then
buildConfigFiles
else
buildApConfigFiles
fi
installation
installLicense
if [ "x$HOST_PANEL" = "x" ]; then
changeChroot
# setupPHPAccelerator
installAWStats
fi
finish

21
install/litespeed/modsec.conf Normal file
View File

@@ -0,0 +1,21 @@
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#
#
# Warning: Do not edit this file directly, this file is autogenerated.
#
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
<IfModule security2_module>
SecRuleEngine off
SecAuditEngine on
SecDebugLogLevel 0
SecAuditLogRelevantStatus ^(?:5|4(?!04))
SecAuditLogParts ABIJDEFHZ
SecAuditLogType Serial
SecAuditLog /usr/local/lsws/logs/auditmodsec.log
SecDataDir /usr/local/lsws/modsec
Include /usr/local/lsws/conf/comodo_litespeed/*.conf
Include /usr/local/lsws/conf/rules.conf
</IfModule>

BIN
locale/br/LC_MESSAGES/django.mo
View File

Binary file not shown.

1730
locale/br/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/bs/LC_MESSAGES/django.mo
View File

Binary file not shown.

1836
locale/bs/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/cn/LC_MESSAGES/django.mo
View File

Binary file not shown.

1792
locale/cn/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/es/LC_MESSAGES/django.mo
View File

Binary file not shown.

1821
locale/es/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/fr/LC_MESSAGES/django.mo
View File

Binary file not shown.

1742
locale/fr/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/gr/LC_MESSAGES/django.mo
View File

Binary file not shown.

1846
locale/gr/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/id/LC_MESSAGES/django.mo
View File

Binary file not shown.

1634
locale/id/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/ja/LC_MESSAGES/django.mo
View File

Binary file not shown.

1769
locale/ja/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/pl/LC_MESSAGES/django.mo
View File

Binary file not shown.

1770
locale/pl/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/pt/LC_MESSAGES/django.mo
View File

Binary file not shown.

1846
locale/pt/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/ru/LC_MESSAGES/django.mo
View File

Binary file not shown.

1802
locale/ru/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/tr/LC_MESSAGES/django.mo
View File

Binary file not shown.

1789
locale/tr/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

BIN
locale/vi/LC_MESSAGES/django.mo
View File

Binary file not shown.

1725
locale/vi/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

5
plogical/CyberCPLogFileWriter.py
View File

@@ -39,8 +39,11 @@ class CyberCPLogFileWriter:
return "File was empty"
@staticmethod
def statusWriter(tempStatusPath, mesg):
def statusWriter(tempStatusPath, mesg, append = None):
try:
if append == None:
statusFile = open(tempStatusPath, 'w')
else:
statusFile = open(tempStatusPath, 'a')
statusFile.writelines(mesg)
statusFile.close()

104
plogical/applicationInstaller.py
View File

@@ -59,6 +59,37 @@ class ApplicationInstaller(multi.Thread):
except BaseException, msg:
logging.writeToFile( str(msg) + ' [ApplicationInstaller.installWPCLI]')
def dataLossCheck(self, finalPath, tempStatusPath):
dirFiles = os.listdir(finalPath)
if len(dirFiles) == 1:
if dirFiles[0] == ".well-known" or dirFiles[0] == 'index.html':
return 1
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Target directory should be empty before installation, otherwise data loss could occur." + " [404]")
statusFile.close()
return 0
elif len(dirFiles) == 2:
if ".well-known" in dirFiles and "index.html" in dirFiles:
return 1
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Target directory should be empty before installation, otherwise data loss could occur." + " [404]")
statusFile.close()
return 0
elif len(dirFiles) == 0:
return 1
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Target directory should be empty before installation, otherwise data loss could occur." + " [404]")
statusFile.close()
return 0
def installGit(self):
try:
if os.path.exists("/etc/lsb-release"):
@@ -208,25 +239,8 @@ class ApplicationInstaller(multi.Thread):
## checking for directories/files
dirFiles = os.listdir(finalPath)
if len(dirFiles) == 1:
if dirFiles[0] == ".well-known":
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines("Target directory should be empty before installation, otherwise data loss could occur." + " [404]")
statusFile.close()
if self.dataLossCheck(finalPath, tempStatusPath) == 0:
return 0
elif len(dirFiles) == 0:
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Target directory should be empty before installation, otherwise data loss could occur." + " [404]")
statusFile.close()
return 0
####
@@ -396,23 +410,7 @@ class ApplicationInstaller(multi.Thread):
## checking for directories/files
dirFiles = os.listdir(finalPath)
if len(dirFiles) == 1:
if dirFiles[0] == ".well-known":
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines("Target directory should be empty before installation, otherwise data loss could occur." + " [404]")
statusFile.close()
return 0
elif len(dirFiles) == 0:
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Target directory should be empty before installation, otherwise data loss could occur." + " [404]")
statusFile.close()
if self.dataLossCheck(finalPath, tempStatusPath) == 0:
return 0
####
@@ -564,23 +562,7 @@ class ApplicationInstaller(multi.Thread):
## checking for directories/files
dirFiles = os.listdir(finalPath)
if len(dirFiles) == 1:
if dirFiles[0] == ".well-known":
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines("Target directory should be empty before attaching GIT, otherwise data loss could occur." + " [404]")
statusFile.close()
return 0
elif len(dirFiles) == 0:
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Target directory should be empty before attaching GIT, otherwise data loss could occur." + " [404]")
statusFile.close()
if self.dataLossCheck(finalPath, tempStatusPath) == 0:
return 0
####
@@ -737,23 +719,7 @@ class ApplicationInstaller(multi.Thread):
## checking for directories/files
dirFiles = os.listdir(finalPath)
if len(dirFiles) == 1:
if dirFiles[0] == ".well-known":
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines("Target directory should be empty before installation, otherwise data loss could occur." + " [404]")
statusFile.close()
return 0
elif len(dirFiles) == 0:
pass
else:
statusFile = open(tempStatusPath, 'w')
statusFile.writelines(
"Target directory should be empty before installation, otherwise data loss could occur." + " [404]")
statusFile.close()
if self.dataLossCheck(finalPath, tempStatusPath) == 0:
return 0
## Get Joomla

6
plogical/processUtilities.py
View File

@@ -82,6 +82,12 @@ class ProcessUtilities:
@staticmethod
def killLiteSpeed():
try:
command = 'sudo systemctl stop lsws'
ProcessUtilities.executioner(command)
except:
pass
pids = ProcessUtilities.getLitespeedProcessNumber()
if pids !=0:
for items in pids:

119
plogical/virtualHostUtilities.py
View File

@@ -25,7 +25,7 @@ from dnsUtilities import DNS
from vhost import vhost
from applicationInstaller import ApplicationInstaller
from acl import ACLManager
from processUtilities import ProcessUtilities
## If you want justice, you have come to the wrong place.
@@ -429,23 +429,26 @@ class virtualHostUtilities:
destPrivKey = "/usr/local/lscp/key.pem"
destCert = "/usr/local/lscp/cert.pem"
pathToStoreSSLFullChain = '/etc/letsencrypt/live/' + virtualHost + '/fullchain.pem'
pathToStoreSSLPrivKey = '/etc/letsencrypt/live/' + virtualHost + '/privkey.pem'
## removing old certs for lscpd
if os.path.exists(destPrivKey):
os.remove(destPrivKey)
if os.path.exists(destCert):
os.remove(destCert)
adminEmail = "email@" + virtualHost
if not os.path.exists(pathToStoreSSLFullChain):
retValues = sslUtilities.issueSSLForDomain(virtualHost, adminEmail, path)
if retValues[0] == 0:
print "0," + str(retValues[1])
return 0, retValues[1]
pathToStoreSSLFullChain = '/etc/letsencrypt/live/' + virtualHost + '/fullchain.pem'
pathToStoreSSLPrivKey = '/etc/letsencrypt/live/' + virtualHost + '/privkey.pem'
shutil.copy(pathToStoreSSLPrivKey, destPrivKey)
shutil.copy(pathToStoreSSLFullChain, destCert)
@@ -469,6 +472,7 @@ class virtualHostUtilities:
srcFullChain = '/etc/letsencrypt/live/' + virtualHost + '/fullchain.pem'
srcPrivKey = '/etc/letsencrypt/live/' + virtualHost + '/privkey.pem'
if not os.path.exists(srcFullChain):
adminEmail = "email@" + virtualHost
retValues = sslUtilities.issueSSLForDomain(virtualHost, adminEmail, path)
@@ -567,7 +571,7 @@ class virtualHostUtilities:
print "0, This domain already exists as vHost or Alias."
return
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
confPath = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
data = open(confPath, 'r').readlines()
writeToFile = open(confPath, 'w')
@@ -585,16 +589,36 @@ class virtualHostUtilities:
writeToFile.writelines(items)
writeToFile.close()
else:
completePathToConf = virtualHostUtilities.Server_root + '/conf/vhosts/' + masterDomain + '/vhost.conf'
data = open(completePathToConf, 'r').readlines()
writeToFile = open(completePathToConf, 'w')
for items in data:
if items.find('ServerAlias') > -1:
items = items.strip('\n')
writeToFile.writelines(items + " " + aliasDomain + "\n")
else:
writeToFile.writelines(items)
writeToFile.close()
installUtilities.installUtilities.reStartLiteSpeed()
if ssl == 1:
retValues = sslUtilities.issueSSLForDomain(masterDomain, administratorEmail, sslPath, aliasDomain)
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
if retValues[0] == 0:
print "0," + str(retValues[1])
return
else:
vhost.createAliasSSLMap(confPath, masterDomain, aliasDomain)
else:
retValues = sslUtilities.issueSSLForDomain(masterDomain, administratorEmail, sslPath, aliasDomain)
if retValues[0] == 0:
print "0," + str(retValues[1])
return
website = Websites.objects.get(domain=masterDomain)
@@ -611,19 +635,22 @@ class virtualHostUtilities:
def issueAliasSSL(masterDomain, aliasDomain, sslPath, administratorEmail):
try:
confPath = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
retValues = sslUtilities.issueSSLForDomain(masterDomain, administratorEmail, sslPath, aliasDomain)
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
confPath = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
if retValues[0] == 0:
print "0," + str(retValues[1])
return
else:
vhost.createAliasSSLMap(confPath, masterDomain, aliasDomain)
else:
if retValues[0] == 0:
print "0," + str(retValues[1])
return
print "1,None"
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [issueAliasSSL]")
@@ -631,6 +658,7 @@ class virtualHostUtilities:
@staticmethod
def deleteAlias(masterDomain, aliasDomain):
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
try:
confPath = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
@@ -671,16 +699,38 @@ class virtualHostUtilities:
delAlias.delete()
print "1,None"
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [deleteAlias]")
print "0," + str(msg)
else:
try:
completePathToConf = virtualHostUtilities.Server_root + '/conf/vhosts/' + masterDomain + '/vhost.conf'
data = open(completePathToConf, 'r').readlines()
writeToFile = open(completePathToConf, 'w')
for items in data:
if items.find('ServerAlias') > -1:
writeToFile.writelines(items.replace(' ' + aliasDomain, ''))
else:
writeToFile.writelines(items)
writeToFile.close()
installUtilities.installUtilities.reStartLiteSpeed()
alias = aliasDomains.objects.get(aliasDomain=aliasDomain)
alias.delete()
print "1,None"
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [deleteAlias]")
print "0," + str(msg)
@staticmethod
def changeOpenBasedir(domainName, openBasedirValue):
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
try:
confPath = virtualHostUtilities.Server_root + "/conf/vhosts/" + domainName
completePathToConfigFile = confPath + "/vhost.conf"
@@ -724,8 +774,59 @@ class virtualHostUtilities:
installUtilities.installUtilities.reStartLiteSpeed()
print "1,None"
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [changeOpenBasedir]")
print "0," + str(msg)
else:
try:
confPath = virtualHostUtilities.Server_root + "/conf/vhosts/" + domainName
completePathToConfigFile = confPath + "/vhost.conf"
data = open(completePathToConfigFile, 'r').readlines()
if openBasedirValue == 'Disable':
writeToFile = open(completePathToConfigFile, 'w')
for items in data:
if items.find('open_basedir') > -1:
continue
writeToFile.writelines(items)
writeToFile.close()
else:
## Check if phpini already active
path = ''
try:
childDomain = ChildDomains.objects.get(domain=domainName)
path = childDomain.path
except:
path = '/home/' + domainName + '/public_html'
activate = 0
writeToFile = open(completePathToConfigFile, 'w')
for items in data:
if items.find('CustomLog ') > -1:
activate = 1
writeToFile.writelines(items)
continue
if activate == 1:
activate = 0
if items.find('open_basedir') > -1:
writeToFile.writelines(items)
continue
else:
writeToFile.writelines(
' php_admin_value open_basedir /usr/local/lsws/FileManager:/tmp:' + path + '\n')
writeToFile.writelines(items)
continue
else:
writeToFile.writelines(items)
writeToFile.close()
installUtilities.installUtilities.reStartLiteSpeed()
print "1,None"
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg) + " [changeOpenBasedir]")
print "0," + str(msg)

70
plogical/website.py
View File

@@ -967,6 +967,7 @@ class WebsiteManager:
def getWebsiteCron(self, userID=None, data=None):
try:
currentACL = ACLManager.loadedACL(userID)
admin = Administrator.objects.get(pk=userID)
self.domain = data['domain']
@@ -976,7 +977,6 @@ class WebsiteManager:
else:
return ACLManager.loadErrorJson('getWebsiteCron', 0)
website = Websites.objects.get(domain=self.domain)
if Websites.objects.filter(domain=self.domain).exists():
@@ -999,8 +999,8 @@ class WebsiteManager:
crons = []
try:
f = subprocess.check_output(["sudo", "cat", cronPath])
print f
# f = subprocess.check_output(["sudo", "cat", cronPath])
f = subprocess.check_output(["sudo", "crontab", "-u", website.externalApp, "-l"])
except subprocess.CalledProcessError as error:
dic = {'getWebsiteCron': 0, 'error_message': 'Unable to access Cron file'}
json_data = json.dumps(dic)
@@ -1009,8 +1009,6 @@ class WebsiteManager:
for line in f.split("\n"):
if line:
split = line.split(" ", 5)
print line
print split
if len(split) == 6:
counter += 1
crons.append({"line": counter,
@@ -1021,8 +1019,6 @@ class WebsiteManager:
"weekday": split[4],
"command": split[5]})
print json.dumps(crons)
data_ret = {'getWebsiteCron': 1, "user": website.externalApp, "crons": crons}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
@@ -1046,7 +1042,6 @@ class WebsiteManager:
else:
return ACLManager.loadErrorJson('getWebsiteCron', 0)
if Websites.objects.filter(domain=self.domain).exists():
pass
else:
@@ -1061,7 +1056,8 @@ class WebsiteManager:
crons = []
try:
f = subprocess.check_output(["sudo", "cat", cronPath])
# f = subprocess.check_output(["sudo", "cat", cronPath])
f = subprocess.check_output(["sudo", "/usr/bin/crontab", "-u", website.externalApp, "-l"])
print f
except subprocess.CalledProcessError as error:
dic = {'getWebsiteCron': 0, 'error_message': 'Unable to access Cron file'}
@@ -1124,17 +1120,20 @@ class WebsiteManager:
website = Websites.objects.get(domain=self.domain)
cronPath = "/var/spool/cron/" + website.externalApp
tempPath = "/home/cyberpanel/" + website.externalApp + str(randint(10000, 99999)) + ".cron.tmp"
finalCron = "%s %s %s %s %s %s" % (minute, hour, monthday, month, weekday, command)
o = subprocess.call(['sudo', 'cp', cronPath, tempPath])
if o is not 0:
data_ret = {'addNewCron': 0, 'error_message': 'Unable to copy to temporary files'}
output = subprocess.check_output(["sudo", "/usr/bin/crontab", "-u", website.externalApp, "-l"])
if "no crontab for" in output:
data_ret = {'addNewCron': 0, 'error_message': 'crontab file does not exists for user'}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
with open(tempPath, "w+") as file:
file.write(output)
# Confirming that directory is read/writable
o = subprocess.call(['sudo', 'chown', 'cyberpanel:cyberpanel', tempPath])
if o is not 0:
@@ -1186,23 +1185,17 @@ class WebsiteManager:
line -= 1
website = Websites.objects.get(domain=self.domain)
cronPath = "/var/spool/cron/" + website.externalApp
cmd = 'sudo test -e ' + cronPath + ' && echo Exists'
output = os.popen(cmd).read()
output = subprocess.check_output(["sudo", "/usr/bin/crontab", "-u", website.externalApp, "-l"])
if "Exists" not in output:
data_ret = {'remCronbyLine': 0, 'error_message': 'No Cron exists for this user'}
if "no crontab for" in output:
data_ret = {'addNewCron': 0, 'error_message': 'No Cron exists for this user'}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
cronPath = "/var/spool/cron/" + website.externalApp
tempPath = "/home/cyberpanel/" + website.externalApp + str(randint(10000, 99999)) + ".cron.tmp"
o = subprocess.call(['sudo', 'cp', cronPath, tempPath])
if o is not 0:
data_ret = {'addNewCron': 0, 'error_message': 'Unable to copy to temporary files'}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
with open(tempPath, "w+") as file:
file.write(output)
# Confirming that directory is read/writable
o = subprocess.call(['sudo', 'chown', 'cyberpanel:cyberpanel', tempPath])
@@ -1260,38 +1253,25 @@ class WebsiteManager:
website = Websites.objects.get(domain=self.domain)
cronPath = "/var/spool/cron/" + website.externalApp
cmd = 'sudo test -e ' + cronPath + ' && echo Exists'
output = os.popen(cmd).read()
output = subprocess.check_output(["sudo", "/usr/bin/crontab", "-u", website.externalApp, "-l"])
if "Exists" not in output:
if "no crontab for" in output:
echo = subprocess.Popen(('echo'), stdout=subprocess.PIPE)
output = subprocess.call(('sudo', 'crontab', '-u', website.externalApp, '-'), stdin=echo.stdout)
echo.wait()
echo.stdout.close()
# Confirmation
o = subprocess.call(["sudo", "cp", "/dev/null", cronPath])
cronPath = "/var/spool/cron/" + website.externalApp
if "no crontab for" in output:
data_ret = {'addNewCron': 0, 'error_message': 'Unable to initialise crontab file for user'}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
tempPath = "/home/cyberpanel/" + website.externalApp + str(randint(10000, 99999)) + ".cron.tmp"
finalCron = "%s %s %s %s %s %s" % (minute, hour, monthday, month, weekday, command)
o = subprocess.call(['sudo', 'cp', cronPath, tempPath])
if o is not 0:
data_ret = {'addNewCron': 0, 'error_message': 'Unable to copy to temporary files'}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
# Confirming that directory is read/writable
o = subprocess.call(['sudo', 'chown', 'cyberpanel:cyberpanel', tempPath])
if o is not 0:
data_ret = {'addNewCron': 0, 'error_message': 'Error Changing Permissions'}
final_json = json.dumps(data_ret)
return HttpResponse(final_json)
with open(tempPath, "a") as file:
file.write(finalCron + "\n")
file.write(output + finalCron + "\n")
output = subprocess.call(["sudo", "/usr/bin/crontab", "-u", website.externalApp, tempPath])

44
serverStatus/serverStatusUtil.py
View File

@@ -166,7 +166,7 @@ class ServerStatusUtil:
return 0
if os.path.exists('/etc/letsencrypt/live/' + virtualHostName):
sslUtilities.installSSLForDomain(virtualHostUtilities, website.adminEmail)
sslUtilities.installSSLForDomain(virtualHostName, website.adminEmail)
vhostPath = vhost.Server_root + "/conf/vhosts"
FNULL = open(os.devnull, 'w')
@@ -222,10 +222,24 @@ class ServerStatusUtil:
allWebsites = Websites.objects.all()
for website in allWebsites:
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
"Building vhost conf for:" + website.domain + ".\n")
ServerStatusUtil.createWebsite(website)
"Building vhost conf for: " + website.domain + ".\n", 1)
if ServerStatusUtil.createWebsite(website) == 0:
return 0
childs = website.childdomains_set.all()
for child in childs:
if ServerStatusUtil.createDomain(child) == 0:
return 0
aliases = website.aliasdomains_set.all()
for alias in aliases:
aliasDomain = alias.aliasDomain
alias.delete()
virtualHostUtilities.createAlias(website.domain, aliasDomain, 0, '/home', website.adminEmail, website.admin)
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
"vhost conf successfully built for:" + website.domain + ".\n")
"vhost conf successfully built for: " + website.domain + ".\n", 1)
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg))
return 0
@@ -238,7 +252,7 @@ class ServerStatusUtil:
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,"Starting conversion process..\n")
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
"Removing OpenLiteSpeed..\n")
"Removing OpenLiteSpeed..\n", 1)
## Try to stop current LiteSpeed Process
@@ -247,7 +261,7 @@ class ServerStatusUtil:
if os.path.exists('/usr/local/lsws'):
command = 'tar -zcvf /usr/local/olsBackup.tar.gz /usr/local/lsws'
if ServerStatusUtil.executioner(command, FNULL) == 0:
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath, "Failed to create backup of current LSWS. [404]")
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath, "Failed to create backup of current LSWS. [404]", 1)
ServerStatusUtil.recover()
return 0
@@ -262,43 +276,41 @@ class ServerStatusUtil:
pass
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
"OpenLiteSpeed removed.\n")
"OpenLiteSpeed removed.\n", 1)
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
"Installing LiteSpeed Enterprise Web Server ..\n")
"Installing LiteSpeed Enterprise Web Server ..\n", 1)
if ServerStatusUtil.installLiteSpeed(licenseKey, statusFile) == 0:
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath, "Failed to install LiteSpeed. [404]")
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath, "Failed to install LiteSpeed. [404]", 1)
ServerStatusUtil.recover()
return 0
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
"LiteSpeed Enterprise Web Server installed.\n")
"LiteSpeed Enterprise Web Server installed.\n", 1)
if ServerStatusUtil.setupFileManager(statusFile) == 0:
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath, "Failed to set up File Manager. [404]")
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath, "Failed to set up File Manager. [404]", 1)
ServerStatusUtil.recover()
return 0
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
"Rebuilding vhost conf..\n")
"Rebuilding vhost conf..\n", 1)
ServerStatusUtil.rebuildvConf()
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
"vhost conf successfully built.\n")
"vhost conf successfully built.\n", 1)
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,"Successfully switched to LITESPEED ENTERPRISE WEB SERVER. [200]\n")
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,"Successfully switched to LITESPEED ENTERPRISE WEB SERVER. [200]\n", 1)
except BaseException, msg:
logging.CyberCPLogFileWriter.writeToFile(str(msg))
ServerStatusUtil.recover()
def main():
parser = argparse.ArgumentParser(description='Server Status Util.')