Merge remote-tracking branch 'origin/main' into feature/osal

CHANGELOG.md

@@ -3,7 +3,7 @@ All notable changes to this project will be documented in this file.
 
 ## [DEVELOPMENT]
 ### Features
-- No new features have been introduced in this release.
+- Introduced support for PHPmyAdmin Single Sign On
 
 ### Bugfixes
 - Fixed an issue where user name was duplicated when editing FTP users (#1411)

bin/v-add-backup-host

@@ -4,6 +4,7 @@
 # labels: 
 #
 # example: v-add-backup-host sftp backup.acme.com admin p4$$w@Rd
+#          v-add-backup-host b2 bucketName keyID applicationKey
 #
 # This function adds a backup host
 
@@ -25,6 +26,10 @@ port=$6
 source $HESTIA/func/main.sh
 source $HESTIA/conf/hestia.conf
 
+# Paths
+b2cli="/usr/local/bin/b2"
+b2lnk="https://f000.backblazeb2.com/file/backblazefiles/b2/cli/linux/b2"
+
 # Defining ftp command function
 ftpc() {
     ftp -p -n $host $port <<EOF
@@ -103,9 +108,11 @@ if [ "$type" != 'local' ];then
         which expect >/dev/null 2>&1
         check_result $? "expect command not found"  $E_NOTEXIST
     fi
-    if ! (is_ip_format_valid "$host" >/dev/null); then
-        host "$host" >/dev/null 2>&1
-        check_result $? "host connection failed" "$E_CONNECT"
+    if [ "$type" != 'b2' ]; then
+        if ! (is_ip_format_valid "$host" >/dev/null); then
+            host "$host" >/dev/null 2>&1
+            check_result $? "host connection failed" "$E_CONNECT"
+        fi
     fi
 fi
 
@@ -146,6 +153,7 @@ if [ "$type" = 'ftp' ]; then
         exit $E_FTP
     fi
 fi
+
 if [ "$type" = 'sftp' ]; then
     if [ -z $port ]; then
         port=22
@@ -173,14 +181,46 @@ if [ "$type" = 'sftp' ]; then
     fi
 fi
 
+if [ "$type" = 'b2' ]; then
+    # Download b2 binary
+    if [ ! -f "$b2cli" ]; then
+        wget -O $b2cli $b2lnk > /dev/null 2>&1
+        chmod +x $b2cli > /dev/null 2>&1
+        if [ ! -f "$b2cli" ]; then
+            echo "Error: Binary download failed, b2 doesnt work as expected."
+            exit 3
+        fi
+    fi
+
+    # Validate b2 binary
+    b2version="$(b2 version)"
+    if [[ ! "$b2version" =~ "b2 command line tool" ]]; then
+        echo "Error: Binary download failed, b2 doesnt work as expected."
+        exit 3
+    fi
+    
+    b2 clear-account > /dev/null 2>&1
+    b2 authorize-account "$user" "$raw_password"> /dev/null 2>&1
+    b2 ls --long $host $user > /dev/null 2>&1
+    
+    if [ $? -ne 0 ]; then
+        check_result "$E_CONNECT" "b2 failed to verify connection"
+    fi
+fi
 
 # Adding backup host
-if [ $type != 'local' ]; then
+if [ $type != 'local' ] && [ $type != 'b2' ]; then
     new_timestamp
     str="HOST='$host'\nUSERNAME='$user'\nPASSWORD='$password'"
     str="$str\nBPATH='$path'\nPORT='$port'\nTIME='$time'\nDATE='$date'"
     echo -e "$str" > $HESTIA/conf/$type.backup.conf
     chmod 660 $HESTIA/conf/$type.backup.conf
+elif [ $type == 'b2' ]; then
+    new_timestamp
+    str="BUCKET='$host'\nB2_KEYID='$user'\nB2_KEY='$password'"
+    str="$str\nTIME='$time'\nDATE='$date'"
+    echo -e "$str" > $HESTIA/conf/$type.backup.conf
+    chmod 660 $HESTIA/conf/$type.backup.conf
 fi
 
 

bin/v-add-cron-letsencrypt-job

@@ -21,6 +21,8 @@ source $HESTIA/conf/hestia.conf
 
 is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-cron-reports

@@ -31,6 +31,8 @@ is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-cron-restart-job

@@ -21,6 +21,8 @@ source $HESTIA/conf/hestia.conf
 
 is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-database-host

@@ -34,15 +34,16 @@ source $HESTIA/conf/hestia.conf
 is_mysql_host_alive() {
     mycnf=$(mktemp)
     echo "[client]">$mycnf
-    echo "host='$HOST'" >> $mycnf
-    echo "user='$USER'" >> $mycnf
-    echo "password='$PASSWORD'" >> $mycnf
-    echo "port='$PORT'" >> $mycnf
+    echo "host='$host'" >> $mycnf
+    echo "user='$user'" >> $mycnf
+    echo "password='$password'" >> $mycnf
+    echo "port='$port'" >> $mycnf
     
     chmod 600 $mycnf
     mysql --defaults-file=$mycnf -e 'SELECT VERSION()' >/dev/null 2>&1
     rm $mycnf
-    if [ '0' -ne "$?" ]; then
+    
+    if [ "$?" -ne '0' ]; then
         echo "Error: MySQL connection to $host failed"
         log_event "$E_CONNECT" "$ARGUMENTS"
         exit $E_CONNECT
@@ -52,7 +53,7 @@ is_mysql_host_alive() {
 is_pgsql_host_alive() {
     export PGPASSWORD="$dbpass"
     psql -h $host -U $dbuser -p $port -c "SELECT VERSION()" > /dev/null 2>&1
-    if [ '0' -ne "$?" ]; then
+    if [ "$?" -ne '0' ]; then
         echo "Error: PostgreSQL connection to $host failed"
         log_event "$E_CONNECT" "$ARGUMENTS"
         exit $E_CONNECT
@@ -73,8 +74,8 @@ if [ -z $template ]; then template="template1"; fi
 database_set_default_ports
 
 is_format_valid 'host' 'dbuser' 'max_db' 'charsets' 'template' 'port'
-#is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
-#is_type_valid "$DB_SYSTEM" "$type"
+is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
+is_type_valid "$DB_SYSTEM" "$type"
 is_dbhost_new
 is_password_valid
 dbpass="$password"
@@ -84,6 +85,8 @@ case $type in
     pgsql) is_pgsql_host_alive ;;
 esac
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-database-temp-user

@@ -0,0 +1,82 @@
+#!/bin/bash
+# info: add temp database user
+# options: USER DATABASE [TYPE] [HOST] [TTL]
+# labels: hestia database
+#
+# example: v-add-database-temp-user wordress wordpress_db mysql
+#
+# The function creates an temporary database user mysql_sso_db_XXXXXXXX and a random password 
+# The user has an limited validity and only granted access to the specific database 
+# Returns json to be read SSO Script
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+database="$2"
+type=${3-mysql}
+host=$4
+ttl=$5
+
+if [ "$ttl" == '' ]; then
+    ttl=60
+fi
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/func/db.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DATABASE [TYPE] [HOST]'
+is_format_valid 'user' 'database'
+is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'db' 'DB' "$database"
+is_object_unsuspended 'db' 'DB' "$database"
+get_next_dbhost
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Get database values
+get_database_values
+
+#generate password and unique user 
+dbpass=$(generate_password);
+dbuser="hestia_sso_$(generate_password)";
+
+add_mysql_database_temp_user
+if [ $? -ne 0 ]; then
+    echo "Error: Unable to create temp user"
+    exit 2
+fi;
+
+if [[ "$ttl" -gt 0 ]]; then
+    echo "$BIN/v-delete-database-temp-user $user $database $dbuser mysql $host" | at "now +${ttl} minute" > /dev/null 2>&1
+fi
+echo '{
+    "login": {
+        "user": "'$dbuser'",
+        "password": "'$dbpass'"
+    }
+}'
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+log_history "Granted $dbuser access to $database"
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+exit

bin/v-add-dns-on-web-alias

@@ -37,6 +37,8 @@ if [ -e "$USER_DATA/dns/$alias.conf" ]; then
     exit
 fi
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-fs-archive

@@ -21,6 +21,9 @@ check_args '3' "$#" 'USER ARCHIVE FILE [FILE_2] [FILE_3] [FILE ...]'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd |cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-add-fs-directory

@@ -21,6 +21,9 @@ check_args '2' "$#" 'USER DIR'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-add-fs-file

@@ -21,6 +21,9 @@ check_args '2' "$#" 'USER FILE'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-add-letsencrypt-domain

@@ -106,6 +106,9 @@ debug_log() {
     echo -e "\n==[${1}]==\n${2}\n" >> "$log_file"
 }
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
@@ -136,8 +139,8 @@ $BIN/v-add-letsencrypt-user $user
 if [ "$?" -ne 0  ]; then
     touch $HESTIA/data/queue/letsencrypt.pipe
     sed -i "/ $domain /d" $HESTIA/data/queue/letsencrypt.pipe
-    send_notice "LETSENCRYPT" "Account registration failed"
-    check_result $E_CONNECT "LE account registration" > /dev/null
+    send_notice "LETSENCRYPT" "Account registration failed ($user)"
+    check_result $E_CONNECT "LE account registration ($user)" > /dev/null
 fi
 
 # Parsing LetsEncrypt account data
@@ -202,7 +205,7 @@ if [[ "$status" -ne 200 ]]; then
             fi
         fi
     fi
-    check_result $E_CONNECT "Let's Encrypt nonce request status $status"
+    check_result $E_CONNECT "Let's Encrypt nonce request status $status ($domain)"
 fi
 
 # Placing new order / STEP 2
@@ -233,7 +236,7 @@ if [[ "$status" -ne 201 ]]; then
             fi
         fi
     fi
-    check_result $E_CONNECT "Let's Encrypt new auth status $status"
+    check_result $E_CONNECT "Let's Encrypt new auth status $status ($domain)"
 fi
 
 # Requesting authorization token / STEP 3
@@ -259,7 +262,7 @@ for auth in $authz; do
                 fi
             fi
         fi
-        check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status"
+        check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status ($domain)"
     fi
 
     # Accepting challenge / STEP 4
@@ -272,13 +275,13 @@ for auth in $authz; do
             $BIN/v-delete-dns-record $user $domain $old_record
         done
         $BIN/v-add-dns-record $user $domain "_acme-challenge" "TXT" $record
-        check_result $? "DNS _acme-challenge record wasn't created"
+        check_result $? "DNS _acme-challenge record wasn't created ($domain)"
     else
         if [ -z "$mail" ]; then
             if [ "$WEB_SYSTEM" = 'nginx' ] || [ "$PROXY_SYSTEM" = 'nginx' ]; then
                 conf="$HOMEDIR/$user/conf/web/$domain/nginx.conf_letsencrypt"
                 sconf="$HOMEDIR/$user/conf/web/$domain/nginx.ssl.conf_letsencrypt"
-                echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
+                echo 'location ~ "^/\.well-known/acme-challenge/([-_A-Za-z0-9]+)$" {' \
                     > $conf
                 echo '    default_type text/plain;' >> $conf
                 echo '    return 200 "$1.'$THUMB'";' >> $conf
@@ -354,7 +357,7 @@ for auth in $authz; do
                 fi
             fi
             debug_log "Abort Step 5" "=> Wrong status"
-            check_result $E_CONNECT "Let's Encrypt validation status $status. Details: $details"
+            check_result $E_CONNECT "Let's Encrypt validation status $status ($domain). Details: $details"
         fi
 
         i=$((i + 1))
@@ -371,7 +374,7 @@ for auth in $authz; do
                 fi
             fi
             debug_log "Abort Step 5" "=> Too many validation retries"
-            check_result $E_CONNECT "Let's Encrypt domain validation timeout"
+            check_result $E_CONNECT "Let's Encrypt domain validation timeout ($domain)"
         fi
         sleep $((i*2))
     done
@@ -387,7 +390,7 @@ for auth in $authz; do
                 fi
             fi
         fi
-        check_result $E_CONNECT "Let's Encrypt domain verification failed"
+        check_result $E_CONNECT "Let's Encrypt domain verification failed ($domain)"
     fi
 done
 
@@ -407,7 +410,7 @@ debug_log "Step 6" "- status: ${status}\n- nonce: ${nonce}\n- payload: ${payload
 
 if [[ "$status" -ne 200 ]]; then
     [ -d "$ssl_dir" ] && rm -rf "$ssl_dir"
-    check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
+    check_result $E_CONNECT "Let's Encrypt finalize bad status $status ($domain)"
 fi
 
 # Downloading signed certificate / STEP 7
@@ -442,7 +445,7 @@ debug_log "CERT PEM" "$(cat "$ssl_dir/$domain.pem")"
 
 if [[ "$status" -ne 200 ]]; then
     [ -d "$ssl_dir" ] && rm -rf "$ssl_dir"
-    check_result $E_NOTEXIST "Let's Encrypt downloading signed cert failed status:$status"
+    check_result $E_NOTEXIST "Let's Encrypt downloading signed cert failed status:$status ($domain)"
 fi
 
 # Splitting up downloaded pem
@@ -489,7 +492,7 @@ if [ "$?" -ne '0' ]; then
     [ -d "$ssl_dir" ] && rm -rf "$ssl_dir"
     touch $HESTIA/data/queue/letsencrypt.pipe
     sed -i "/ $domain /d" $HESTIA/data/queue/letsencrypt.pipe
-    send_notice 'LETSENCRYPT' "$domain certificate installation failed"
+    send_notice 'LETSENCRYPT' "$domain certificate installation failed ($domain)"
     check_result $? "SSL install" > /dev/null
 fi
 

bin/v-add-letsencrypt-host

@@ -23,7 +23,8 @@ source $HESTIA/func/main.sh
 source $HESTIA/func/domain.sh
 source $HESTIA/conf/hestia.conf
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#

bin/v-add-letsencrypt-user

@@ -66,7 +66,8 @@ if [ ! -z "$KID" ]; then
     exit
 fi
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-add-mail-account-forward

@@ -34,7 +34,10 @@ format_domain_idn
 #----------------------------------------------------------#
 
 check_args '4' "$#" 'USER DOMAIN ACCOUNT FORWARD'
-is_format_valid 'user' 'domain' 'account' 'email_forward'
+is_format_valid 'user' 'domain' 'account'
+if [ "$email_forward"  != ':blackhole:' ]; then
+    is_format_valid 'email_forward'
+fi
 is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"

bin/v-add-mail-domain

@@ -73,7 +73,7 @@ fi
 new_timestamp
 
 # Adding domain to mail.conf
-s="DOMAIN='$domain' ANTIVIRUS='$antivirus' ANTISPAM='$antispam' DKIM='$dkim'"
+s="DOMAIN='$domain' ANTIVIRUS='$antivirus' ANTISPAM='$antispam' DKIM='$dkim' WEBMAIL=''"
 s="$s SSL='no' LETSENCRYPT='no' CATCHALL='' ACCOUNTS='0' U_DISK='0' SUSPENDED='no' TIME='$time'"
 s="$s DATE='$date'"
 echo $s >> $USER_DATA/mail.conf
@@ -170,7 +170,7 @@ fi
 # Add webmail configuration to mail domain
 if [ ! -z "$WEB_SYSTEM" ] || [ ! -z "$PROXY_SYSTEM" ]; then
     if [ ! -z "$IMAP_SYSTEM" ]; then
-        $BIN/v-add-sys-webmail $user $domain ''
+        $BIN/v-add-sys-webmail $user $domain '' ''
     fi
 fi
     

bin/v-add-remote-dns-domain

@@ -34,6 +34,8 @@ is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
 is_procces_running
 remote_dns_health_check
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-remote-dns-host

@@ -55,7 +55,8 @@ is_password_valid
 is_dnshost_new
 is_dnshost_alive
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-add-remote-dns-record

@@ -35,6 +35,8 @@ is_object_valid 'dns' 'DOMAIN' "$domain"
 is_procces_running
 remote_dns_health_check
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-sys-firewall

@@ -25,6 +25,8 @@ if [ "$FIREWALL_SYSTEM" = 'iptables' ]; then
     exit
 fi
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-sys-pma-sso

@@ -0,0 +1,117 @@
+#!/bin/bash
+# info: enables support for single sign on PHPmyAdmin 
+# options: [mode]
+# labels: 
+#
+# example: v-add-sys-pma-sso
+#
+# Enables support for SSO to PHPmyAdmin
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+MODE=$1
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+PMA_INSTALL="/usr/share/phpmyadmin"
+PMA_CONFIG="/etc/phpmyadmin"
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+# Checking root permissions
+if [ "x$(id -u)" != 'x0' ]; then
+    echo "Error: Script can be run executed only by root"
+    exit 10
+fi
+
+if [ ! -z "$PHPMYADMIN_KEY" ] && [ "$PHPMYADMIN_KEY" != "" ] ; then
+    echo "Error: SSO has been installed before to reenable it please run v-delete-pma-sso first"
+    exit 1;
+fi
+
+# Ensure that $HESTIA (/usr/local/hestia/) and other variables are valid.
+if [ -z "$HESTIA" ]; then
+    HESTIA="/usr/local/hestia"
+fi
+
+if [ -z "$HOMEDIR" ] || [ -z "$HESTIA_INSTALL_DIR" ]; then
+    echo "Error: Hestia environment vars not present"
+    exit 2
+fi
+
+if [ -f "/usr/share/phpmyadmin/hestia-sso.php" ]; then 
+    echo "Error: hestia-sso.php is already installed"
+    exit 2
+fi
+
+if [ -f "/usr/local/hesta/web/api/index.php" ]; then 
+    echo "Error: API script not installed"
+    exit 2
+fi
+
+if [ "$API" != "yes" ]; then 
+    echo "Error: API is not enabled"
+    exit 2
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Generate the keys to secure everything
+phpmyadminkey=$(generate_password);
+apikey=$($BIN/v-generate-api-key);
+
+# copy config dir to /usr/share/phpmyadmin/
+cp -f $HESTIA_INSTALL_DIR/phpmyadmin/hestia-sso.php $PMA_INSTALL/hestia-sso.php
+chmod 644 $PMA_INSTALL/hestia-sso.php 
+
+sed -i "s/%PHPMYADMIN_KEY%/$phpmyadminkey/g" $PMA_INSTALL/hestia-sso.php 
+sed -i "s/%API_KEY%/$apikey/g" $PMA_INSTALL/hestia-sso.php 
+sed -i "s/%API_HOST_NAME%/$(hostname)/g" $PMA_INSTALL/hestia-sso.php 
+sed -i "s/%API_HESTIA_PORT%/$BACKEND_PORT/g" $PMA_INSTALL/hestia-sso.php 
+
+
+# Check if config already contains the keys 
+
+touch $PMA_CONFIG/hestia-sso.inc.php
+chmod 644 $PMA_CONFIG/hestia-sso.inc.php
+echo "<?php
+if(isset(\$_GET['hestia_token']) || isset(\$_COOKIE['SignonSession'])){
+\$cfg['Servers'][\$i]['auth_type'] = 'signon';
+\$cfg['Servers'][\$i]['SignonSession'] = 'SignonSession';
+\$cfg['Servers'][\$i]['SignonURL'] = 'hestia-sso.php';
+\$cfg['Servers'][\$i]['LogoutURL'] = 'hestia-sso.php?logout=1';
+}
+?>" >> $PMA_CONFIG/hestia-sso.inc.php
+
+file=$(cat $PMA_CONFIG/config.inc.php)
+if ! [[  $file =~ "hestia-sso.inc.php" ]]; then 
+    if [[ $file =~ "//Add Hestia SSO code here" ]]; then 
+        sed -i "s|//Add Hestia SSO code here|//Add Hestia SSO code here\n     include ('$PMA_CONFIG/hestia-sso.inc.php');|g" $PMA_CONFIG/config.inc.php
+    else
+        echo "include ('$PMA_CONFIG/hestia-sso.inc.php');" >> $PMA_CONFIG/config.inc.php    
+    fi
+fi
+
+$BIN/v-change-sys-config-value 'PHPMYADMIN_KEY' "$phpmyadminkey"
+
+#----------------------------------------------------------#
+#                       Logging                            #
+#----------------------------------------------------------#
+
+if [ "$MODE" != "quiet" ]; then
+    echo "PMA Hestia-SSO plugin has been succesfully installed"
+fi
+
+log_history "PMA Hestia-SSO plugin has been succesfully installed" '' 'admin'
+log_event "$OK" "$ARGUMENTS"

bin/v-add-sys-quota

@@ -46,7 +46,8 @@ if [ $? -ne 0 ]; then
     fi
 fi
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-add-sys-rainloop

@@ -0,0 +1,165 @@
+#!/bin/bash
+# info: Install Rainloop in HestiaCP
+# options: [MODE]
+# labels: hestia
+#
+# The function installs Rainloop
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+source $HESTIA/install/upgrade/upgrade.conf
+
+MODE=$2
+UPDATE="no"
+# Version and Download paths
+# Version to be moved to upgrade script
+RL_FILE="rainloop-community-latest.zip"
+# For removal of folder
+RL_EXTRACT_MAIN="rainloop"
+
+# Downloading full version
+RL_URL="https://www.rainloop.net/repository/webmail/rainloop-community-latest.zip"
+
+# Folder paths
+RL_INSTALL_DIR="/var/lib/rainloop"
+RL_CONFIG_DIR="/etc/rainloop"
+RL_LOG="/var/log/rainloop"
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Checking root permissions
+if [ "x$(id -u)" != 'x0' ]; then
+    echo "ERROR: v-add-sys-rainloop can be run executed only by root user"
+    exit 10
+fi
+
+# Ensure that $HESTIA (/usr/local/hestia/) and other variables are valid.
+if [ -z "$HESTIA" ]; then
+    HESTIA="/usr/local/hestia"
+fi
+
+if [ -z "$HOMEDIR" ] || [ -z "$HESTIA_INSTALL_DIR" ]; then
+    echo "ERROR: Environment variables not present, installation aborted."
+    exit 2
+fi
+
+# Get current version 
+if [ -f "/var/lib/rainloop/data/VERSION" ]; then
+    version=$(cat $RL_INSTALL_DIR/data/VERSION);
+    if [ "$version" == "$rl_v" ]; then
+        echo "Error: Installed version ($version) is equal as the availble version ($rc_v)"
+        exit 2;
+    else 
+        UPDATE="yes"
+    fi
+fi
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+if [ "$UPDATE" == "no" ]; then
+    rm -f -r $RL_INSTALL_DIR
+    rm -f -r $RL_CONFIG_DIR
+
+    mkdir $RL_INSTALL_DIR
+    mkdir $RL_CONFIG_DIR
+    
+    cd "$RL_INSTALL_DIR"
+    [ ! -f "${RC_INSTALL_DIR}/${RC_FILE}" ] && wget "$RL_URL" --quiet -O "${RL_INSTALL_DIR}/${RL_FILE}"
+    
+    key=$(openssl rand -hex 4);
+    
+    admin_account="admin_$key"
+    admin_password=$(generate_password)
+    r=$(generate_password)
+
+    echo "Username: admin_$key" > ~/.rainloop
+    echo "Password: $admin_password" >> ~/.rainloop
+    echo "Secret key: admin_$key" >> ~/.rainloop
+    
+    unzip -q $RL_FILE
+    
+    mv ./data $RL_CONFIG_DIR/
+    ln -s $RL_CONFIG_DIR/data/ ./data
+
+    SALT=$(openssl rand -base64 64)
+    cp ./data/VERSION ./data/INSTALLED
+    echo "<?php //$SALT" >  ./data/SALT.php
+    echo "Forbidden" >  ./data/index.php
+    echo "Forbidden" >  ./data/index.html
+
+    # Create database
+    mysql -e "DROP DATABASE rainloop"
+    mysql -e "DROP USER rainloop@localhost"
+    mysql -e "CREATE DATABASE rainloop"
+    # Mysql available on system
+    r=$(generate_password)
+    mysql -e "GRANT ALL ON rainloop.*
+     TO rainloop@localhost IDENTIFIED BY '$r'"
+
+    mkdir -p $RL_CONFIG_DIR/data/_data_/_default_/configs
+    php -f $HESTIA_INSTALL_DIR/rainloop/change_password.php "admin_$key" "$admin_password" "$r"
+    mkdir -p $RL_CONFIG_DIR/data/_data_/_default_/domains
+    cp -f $HESTIA_INSTALL_DIR/rainloop/default.ini $RL_CONFIG_DIR/data/_data_/_default_/domains
+    mkdir -p $RL_CONFIG_DIR/data/_data_/_default_/plugins
+    cp -f -r $HESTIA_INSTALL_DIR/rainloop/plugins/hestia-change-password/ $RL_CONFIG_DIR/data/_data_/_default_/plugins
+    mkdir -p $RL_CONFIG_DIR/data/_data_/_default_/plugins/add-x-originating-ip-header
+    # Download add-x-originating-ip-header from rainloop github
+    wget --quiet -O $RL_CONFIG_DIR/data/_data_/_default_/plugins/add-x-originating-ip-header/index.php https://raw.githubusercontent.com/RainLoop/rainloop-webmail/master/plugins/add-x-originating-ip-header/index.php
+    wget --quiet -O $RL_CONFIG_DIR/data/_data_/_default_/plugins/add-x-originating-ip-header/VERSION https://raw.githubusercontent.com/RainLoop/rainloop-webmail/master/plugins/add-x-originating-ip-header/VERSION
+    wget --quiet -O $RL_CONFIG_DIR/data/_data_/_default_/plugins/add-x-originating-ip-header/README https://raw.githubusercontent.com/RainLoop/rainloop-webmail/master/plugins/add-x-originating-ip-header/README
+    wget --quiet -O $RL_CONFIG_DIR/data/_data_/_default_/plugins/add-x-originating-ip-header/LICENSE https://raw.githubusercontent.com/RainLoop/rainloop-webmail/master/plugins/add-x-originating-ip-header/LICENSE
+    
+    cp -f $HESTIA_INSTALL_DIR/rainloop/plugins/plugin-add-x-originating-ip-header.ini $RL_CONFIG_DIR/data/_data_/_default_/configs/plugin-add-x-originating-ip-header.ini
+    cp -f $HESTIA_INSTALL_DIR/rainloop/plugins/plugin-hestia-change-password.ini $RL_CONFIG_DIR/data/_data_/_default_/configs/plugin-hestia-change-password.ini
+    
+    sed -i "s/%hostname%/$(hostname)/g" $RL_CONFIG_DIR/data/_data_/_default_/configs/plugin-hestia-change-password.ini
+    sed -i "s/%port%/$BACKEND_PORT/g" $RL_CONFIG_DIR/data/_data_/_default_/configs/plugin-hestia-change-password.ini
+    
+    
+    chown -R  www-data:www-data ./data
+    chown -R  www-data:www-data $RL_CONFIG_DIR/
+    
+    rm  ${RL_INSTALL_DIR}/${RL_FILE}  
+    # Add robots.txt
+    echo "User-agent: *" > $RL_INSTALL_DIR/robots.txt
+    echo "Disallow: /" >> $RL_INSTALL_DIR/robots.txt
+    
+    # Updating hestia.conf
+    if [ -z "$(grep WEBMAIL_SYSTEM $HESTIA/conf/hestia.conf)" ]; then
+        $BIN/v-change-sys-config-value 'WEBMAIL_SYSTEM' 'rainloop'
+    else
+        if [  -z "$(echo "$WEBMAIL_SYSTEM" | grep -w 'rainloop')" ]; then
+           if [ ! -z "$WEBMAIL_SYSTEM" ]; then
+               $BIN/v-change-sys-config-value 'WEBMAIL_SYSTEM' "rainloop,$WEBMAIL_SYSTEM"
+           else
+               $BIN/v-change-sys-config-value 'WEBMAIL_SYSTEM' "rainloop"
+           fi
+        fi
+    fi
+
+else
+   [ ! -f "${RC_INSTALL_DIR}/${RC_FILE}" ] && wget "$RL_URL" --quiet -O "${RL_INSTALL_DIR}/${RL_FILE}"
+   unzip -q -o $RL_FILE
+   rm $RL_INSTALL_DIR/$RL_FILE
+fi
+
+#----------------------------------------------------------#
+#                       Logging                            #
+#----------------------------------------------------------#
+
+
+
+log_history "Rouncube successfuly installed" '' 'admin'
+log_event "$OK" "$ARGUMENTS"

bin/v-add-sys-roundcube

@@ -0,0 +1,195 @@
+#!/bin/bash
+# info: Install RoundCube for Nginx/Apache2 
+# options: [MODE]
+# labels: hestia
+#
+# The function installs Round Cube
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+source $HESTIA/install/upgrade/upgrade.conf
+
+MODE=$2
+UPDATE="no"
+# Version and Download paths
+RC_FILE="roundcubemail-$rc_v-complete.tar.gz"
+RC_EXTRACT="roundcubemail-$rc_v"
+# Downloading full version
+RC_URL="https://github.com/roundcube/roundcubemail/releases/download/$rc_v/roundcubemail-$rc_v-complete.tar.gz"
+
+# Folder paths
+RC_INSTALL_DIR="/var/lib/roundcube"
+RC_CONFIG_DIR="/etc/roundcube"
+RC_LOG="/var/log/roundcube"
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Checking root permissions
+if [ "x$(id -u)" != 'x0' ]; then
+    echo "ERROR: v-add-sys-roundcube can be run executed only by root user"
+    exit 10
+fi
+
+# Ensure that $HESTIA (/usr/local/hestia/) and other variables are valid.
+if [ -z "$HESTIA" ]; then
+    HESTIA="/usr/local/hestia"
+fi
+
+if [ -z "$HOMEDIR" ] || [ -z "$HESTIA_INSTALL_DIR" ]; then
+    echo "ERROR: Environment variables not present, installation aborted."
+    exit 2
+fi
+
+if [ -z "$(echo "$DB_SYSTEM" | grep -w 'mysql')" ]; then
+    echo "ERROR: Mysql not available. Instalation aborted"
+    exit 2
+fi
+
+if [ -d "/usr/share/roundcube" ]; then
+    echo "ERROR: Install done from atp source unable to continue"
+    exit 2;
+fi
+
+# Get current version 
+if [ -f "/var/lib/roundcube/index.php" ]; then
+    version=$(cat $RC_INSTALL_DIR/index.php | grep -o -E '[0-9].[0-9].[0-9]+' | head -1);
+    if [ "$version" == "$rc_v" ]; then
+        echo "Error: Installed version ($version) is equal as the availble version ($rc_v)"
+        exit 2;
+    else 
+        UPDATE="yes"
+    fi
+fi
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+if [ "$UPDATE" == "no" ]; then
+    rm  -f -r $RC_INSTALL_DIR
+    rm  -f -r $RC_CONFIG_DIR
+    
+    mkdir -p $RC_INSTALL_DIR/
+    mkdir -p $RC_CONFIG_DIR/
+    
+    cd "$RC_INSTALL_DIR"
+    [ ! -f "${RC_INSTALL_DIR}/${RC_FILE}" ] && wget "$RC_URL" --quiet -O "${RC_INSTALL_DIR}/${RC_FILE}"
+    
+    tar xzf $RC_FILE
+    cp -rf $RC_EXTRACT/* $RC_INSTALL_DIR
+    
+    # Delete old config folder
+    cp $RC_INSTALL_DIR/config/defaults.inc.php $RC_CONFIG_DIR/defaults.inc.php
+    rm -f -r $RC_INSTALL_DIR/config/
+    ln -s $RC_CONFIG_DIR/ ./config
+    # Replace with Hestia config
+    cp -f $HESTIA_INSTALL_DIR/roundcube/main.inc.php $RC_CONFIG_DIR/config.inc.php
+    cp -f $HESTIA_INSTALL_DIR/roundcube/mimetypes.php $RC_CONFIG_DIR/mimetypes.php
+    
+    cp -f $HESTIA_INSTALL_DIR/roundcube/hestia.php $RC_INSTALL_DIR/plugins/password/drivers/
+    mkdir -p $RC_CONFIG_DIR/plugins/password
+    mkdir -p $RC_CONFIG_DIR/plugins/newmail_notifier
+    mkdir -p $RC_CONFIG_DIR/plugins/zipdownload
+    
+    # Allow changes to the respective config / Create symlinks to /etc/roundcube/ 
+    cp -f $HESTIA_INSTALL_DIR/roundcube/config.inc.php $RC_CONFIG_DIR/plugins/password/config.inc.php
+    ln -s $RC_CONFIG_DIR/plugins/password/config.inc.php ./plugins/password/config.inc.php
+    cp -f $HESTIA_INSTALL_DIR/roundcube/plugins/config_newmail_notifier.inc.php $RC_CONFIG_DIR/plugins/newmail_notifier/config.inc.php
+    ln -s $RC_CONFIG_DIR/plugins/newmail_notifier/config.inc.php ./plugins/newmail_notifier/config.inc.php
+    cp -f $HESTIA_INSTALL_DIR/roundcube/plugins/config_zipdownload.inc.php $RC_CONFIG_DIR/plugins/zipdownload/config.inc.php
+    ln -s $RC_CONFIG_DIR/plugins/zipdownload/config.inc.php ./plugins/zipdownload/config.inc.php
+    
+    
+    chmod 640 $RC_CONFIG_DIR/config.inc.php
+    chown root:www-data $RC_CONFIG_DIR/config.inc.php
+    
+    # Log file 
+    if [ ! -d  $RC_LOG ];then
+        mkdir $RC_LOG
+    fi
+    chown www-data:root $RC_LOG
+    chmod 751 $RC_LOG
+    
+    if [ ! -z "$(echo "$DB_SYSTEM" | grep -w 'mysql')" ]; then
+        # Remove the following 2 lines when going live
+        mysql -e "DROP DATABASE roundcube"
+        mysql -e "DROP USER roundcube@localhost"
+        mysql -e "CREATE DATABASE roundcube"
+        # Mysql available on system
+        r=$(generate_password)
+        mysql -e "GRANT ALL ON roundcube.*
+         TO roundcube@localhost IDENTIFIED BY '$r'"
+        sed -i "s/%password%/$r/g" $RC_CONFIG_DIR/config.inc.php
+        mysql roundcube < /var/lib/roundcube/SQL/mysql.initial.sql
+    fi
+    # To do in future add support for Postgresql only setup
+    
+    rcDesKey="$(openssl rand -base64 30 | tr -d "/" | cut -c1-24)"
+    sed -i "s/%des_key%/$rcDesKey/g" $RC_CONFIG_DIR/config.inc.php
+    # Change hostname for password change
+    sed -i "s/localhost/$(hostname)/g" $RC_CONFIG_DIR/plugins/password/config.inc.php
+    
+    #Clean up
+    rm -f -r $RC_INSTALL_DIR/installer;
+    rm -f -r $RC_INSTALL_DIR/$RC_FILE;
+    rm -f -r $RC_INSTALL_DIR/$RC_EXTRACT;
+    
+    # Add robots.txt
+    echo "User-agent: *" > /var/lib/roundcube/robots.txt
+    echo "Disallow: /" >> /var/lib/roundcube/robots.txt
+    
+    # Updating hestia.conf
+    if [ -z "$(grep WEBMAIL_SYSTEM $HESTIA/conf/hestia.conf)" ]; then
+        $BIN/v-change-sys-config-value 'WEBMAIL_SYSTEM' 'roundcube'
+    else
+        if [  -z "$(echo "$WEBMAIL_SYSTEM" | grep -w 'roundcube')" ]; then
+           if [ ! -z "$WEBMAIL_SYSTEM" ]; then
+               $BIN/v-change-sys-config-value 'WEBMAIL_SYSTEM' "roundcube,$WEBMAIL_SYSTEM"
+           else
+               $BIN/v-change-sys-config-value 'WEBMAIL_SYSTEM' "roundcube"
+           fi
+        fi
+    fi
+    
+    phpenmod mcrypt > /dev/null 2>&1
+else
+    rm  -f -r $RC_INSTALL_DIR
+    mkdir $RC_INSTALL_DIR
+    cd "$RC_INSTALL_DIR"
+    [ ! -f "${RC_INSTALL_DIR}/${RC_FILE}" ] && wget "$RC_URL" --quiet -O "${RC_INSTALL_DIR}/${RC_FILE}"
+    
+    tar xzf $RC_FILE
+    cp -rf $RC_EXTRACT/* $RC_INSTALL_DIR
+    
+    cp -f $RC_INSTALL_DIR/config/defaults.inc.php $RC_CONFIG_DIR/defaults.inc.php
+    rm -f -r $RC_INSTALL_DIR/config/
+    ln -s $RC_CONFIG_DIR/ ./config
+
+    ln -s $RC_CONFIG_DIR/plugins/password/config.inc.php ./plugins/password/config.inc.php
+    ln -s $RC_CONFIG_DIR/plugins/newmail_notifier/config.inc.php ./plugins/newmail_notifier/config.inc.php
+    ln -s $RC_CONFIG_DIR/plugins/zipdownload/config.inc.php ./plugins/zipdownload/config.inc.php  
+    
+    $RC_INSTALL_DIR/bin/update.sh --version "$version"
+        
+    rm -f -r $RC_INSTALL_DIR/installer;
+    rm -f -r $RC_INSTALL_DIR/$RC_FILE;
+    rm -f -r $RC_INSTALL_DIR/$RC_EXTRACT;  
+fi
+#----------------------------------------------------------#
+#                       Logging                            #
+#----------------------------------------------------------#
+
+
+
+log_history "Rouncube successfuly installed" '' 'admin'
+log_event "$OK" "$ARGUMENTS"

bin/v-add-sys-sftp-jail

@@ -23,6 +23,8 @@ restart=$1
 #                    Verifications                         #
 #----------------------------------------------------------#
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-sys-theme

@@ -26,6 +26,9 @@ source $HESTIA/conf/hestia.conf
 # Define themes repository URL format
 HESTIA_THEMES_REPO="$HESTIA_GIT_REPO/$RELEASE_BRANCH/install/deb/themes"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-add-sys-webmail

@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: add webmail support for a domain
-# options: USER DOMAIN [RESTART] [QUIET]
+# options: USER DOMAIN WEBMAIL [RESTART] [QUIET]
 # labels: hestia
 #
 # example: v-add-sys-webmail user domain.com
@@ -15,8 +15,9 @@
 # Argument definition
 user=$1
 domain=$2
-restart="$3"
-quiet=$4
+webmail=$3
+restart="$4"
+quiet=$5
 
 # Additional argument formatting
 if [[ "$domain" =~ [[:upper:]] ]]; then
@@ -46,15 +47,25 @@ format_domain_idn
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '2' "$#" 'USER DOMAIN [RESTART]'
+if [ -z "$webmail" ]; then
+    for client in ${WEBMAIL_SYSTEM//,/ };do
+        webmail="$client"
+    done
+fi
+
+check_args '3' "$#" 'USER DOMAIN WEBMAIL [RESTART]'
 is_format_valid 'user' 'domain'
 is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
 is_system_enabled "$IMAP_SYSTEM" 'IMAP_SYSTEM'
+is_type_valid "$WEBMAIL_SYSTEM" "$webmail"
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_object_valid 'mail' 'DOMAIN' "$domain"
 is_object_unsuspended 'mail' 'DOMAIN' "$domain"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
@@ -92,16 +103,28 @@ else
             fi
         fi
     fi
-
-    # Add webmail configuration to mail domain
-    WEBMAIL_TEMPLATE="default"
-    if [ "$WEB_SYSTEM" = "nginx" ]; then
-        WEBMAIL_TEMPLATE="web_system"
+    
+    if [ "$webmail" == "roundcube" ]; then
+        WEBMAIL_TEMPLATE="default"
+        if [ ! -z "$PROXY_SYSTEM" ]; then
+            PROXY_TEMPLATE="default"
+        fi
+        # Add webmail configuration to mail domain
+        WEBMAIL_TEMPLATE="default"
+        if [ "$WEB_SYSTEM" = "nginx" ]; then
+            WEBMAIL_TEMPLATE="web_system"
+        fi
+    else
+        WEBMAIL_TEMPLATE="rainloop"
+        if [ ! -z "$PROXY_SYSTEM" ]; then
+            PROXY_TEMPLATE="default_rainloop"
+        fi
     fi
+    
     add_webmail_config "$WEB_SYSTEM" "${WEBMAIL_TEMPLATE}.tpl"
 
     if [ ! -z "$PROXY_SYSTEM" ]; then
-        add_webmail_config "$PROXY_SYSTEM" "default.tpl"
+        add_webmail_config "$PROXY_SYSTEM" "${PROXY_TEMPLATE}.tpl"
     fi
 
     # Enable SSL for webmail if available
@@ -109,16 +132,23 @@ else
         add_webmail_config "$WEB_SYSTEM" "${WEBMAIL_TEMPLATE}.stpl"
 
         if [ ! -z "$PROXY_SYSTEM" ]; then
-            add_webmail_config "$PROXY_SYSTEM" "default.stpl"
+            add_webmail_config "$PROXY_SYSTEM" "${PROXY_TEMPLATE}.stpl"
         fi
     fi
 fi
 
+WEBMAIL=$(get_object_value 'web' 'DOMAIN' "$domain" "$WEBMAIL")
+if [ -z "$WEBMAIL" ]; then
+    add_object_key 'mail' 'DOMAIN' "$domain" 'WEBMAIL' 'SSL'
+fi
+
+# Set SSL as enabled in configuration
+update_object_value 'mail' 'DOMAIN' "$domain" '$WEBMAIL' "$webmail"
 #----------------------------------------------------------#
 #                       Hestia                             #
 #----------------------------------------------------------#
 
-if [ "$3" = 'yes' ]; then 
+if [ "$restart" = 'yes' ]; then 
     # Restarting web server
     $BIN/v-restart-web $restart
     check_result $? "Web restart failed" >/dev/null

bin/v-add-user

@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: add system user
-# options: USER PASSWORD EMAIL [PACKAGE] [NAME]
+# options: USER PASSWORD EMAIL [PACKAGE] [NAME] [LASTNAME]
 # labels: 
 #
 # example: v-add-user admin2 P4$$w@rD bgates@aol.com
@@ -18,7 +18,10 @@ password=$2; HIDE=2
 email=$3
 package=${4-default}
 name=$5
-
+# Last name has been added for backward compatibility with WHMCS / Blesta VestaCP Plugins
+if [ ! -z "$6" ]; then 
+    name="$name $6";
+fi
 # Includes
 source $HESTIA/func/main.sh
 source $HESTIA/conf/hestia.conf

bin/v-add-user-notification

@@ -29,7 +29,8 @@ check_args '2' "$#" 'USER TOPIC NOTICE [TYPE]'
 is_format_valid 'user' 'topic' 'notice'
 is_object_valid 'user' 'USER' "$user"
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-add-user-sftp-jail

@@ -49,6 +49,9 @@ if [[ " ${users[@]} " =~ " ${user} " ]]; then
     exit;
 fi
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-add-user-sftp-key

@@ -27,6 +27,8 @@ check_args '1' "$#" 'USER [TTL]'
 is_format_valid 'user' 'ttl'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-add-web-domain-fast-cgi-cache

@@ -0,0 +1,110 @@
+#!/bin/bash
+# info: Adding fast cgi nginx support
+# options: USER DOMAIN [DEBUG]
+# labels: hestia web
+#
+# example: v-add-web-domain-fast-cgi-cache user domain.tld
+#
+# Function enables fast cgi support for Nginx
+# Add "yes" as last parameter append debug information to response headers
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+debug=$3
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN DEBUG'
+is_format_valid 'user' 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Load domain data
+parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
+
+# Check if web server is NGINX standalone
+if [ "$WEB_SYSTEM" != 'nginx' ]; then
+    echo "Error: NGINX not in Stand Alone mode"
+    exit $E_NOTEXIST
+fi
+
+
+if ! grep --quiet "forcessl" $HESTIA/data/templates/web/nginx/default.tpl; then
+    $BIN/v-update-web-templates
+fi
+fastcgi="$HOMEDIR/$user/conf/web/$domain/$WEB_SYSTEM.fastcgi_cache.conf"
+no_cache='$no_cache'
+cookie_session='$cookie_session'
+http_x_update='$http_x_update'
+status='$upstream_cache_status'
+
+cat << EOF > $fastcgi
+    fastcgi_cache $domain;
+    fastcgi_no_cache $no_cache;
+    fastcgi_cache_bypass $no_cache;
+    fastcgi_cache_bypass $cookie_session $http_x_update;
+EOF
+
+if [ ! -z "$debug" ]; then
+    echo "    add_header \"X-STATUS\" \"$status\";" >> $fastcgi
+fi
+
+chown root:$user $fastcgi
+chmod 640 $fastcgi
+
+str="fastcgi_cache_path /var/cache/nginx/php-fpm/$domain levels=2" 
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
+conf='/etc/nginx/conf.d/01_fast_cgi_caching_pool.conf'
+if [ -e "$conf" ]; then
+    if [ -z "$(grep "=${domain}:" $conf)" ]; then
+        echo "$str" >> $conf
+    fi
+else
+    echo "$str" >> $conf
+fi
+
+mkdir -p /var/cache/nginx/php-fpm/$domain
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+if [ -z "$FASTCGI" ]; then
+    add_object_key "web" 'DOMAIN' "$domain" 'FASTCGI_CACHE' 'ALIAS'
+fi
+
+# Set FASTCGI flag to enabled
+update_object_value 'web' 'DOMAIN' "$domain" '$FASTCGI_CACHE' 'yes'
+
+# Restart web server
+$BIN/v-restart-web
+check_result $? "Web restart failed" > /dev/null
+
+# Logging
+log_history "enabled fast cgi support for $domain"
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-add-web-domain-httpauth

@@ -31,7 +31,8 @@ shtaccess="$htaccess"
 shtpasswd="$htpasswd"
 docroot="$HOMEDIR/$user/web/$domain/public_html"
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#

bin/v-add-web-domain-ssl-preset

@@ -1,5 +1,5 @@
 #!/bin/bash
-# info: add log analyzer to generate domain statitics
+# info: add log analyzer to generate domain statistics
 # options: USER DOMAIN TYPE
 # labels: web
 #

bin/v-add-web-domain-stats-user

@@ -52,8 +52,8 @@ conf_dir="$HOMEDIR/$user/conf/web"
 
 # Adding htaccess file
 if [ "$WEB_SYSTEM" = 'nginx' ]; then
-    echo "auth_basic \"Web Statistics\";" > $conf_dir/$domain.auth
-    echo "auth_basic_user_file $stats_dir/.htpasswd;" >> $conf_dir/$domain.auth
+    echo "auth_basic \"Web Statistics\";" > $stats_dir/auth.conf
+    echo "auth_basic_user_file $stats_dir/.htpasswd;" >> $stats_dir/auth.conf
 else
     echo "AuthUserFile $stats_dir/.htpasswd" > $stats_dir/.htaccess
     echo "AuthName \"Web Statistics\"" >> $stats_dir/.htaccess

bin/v-backup-user

@@ -38,6 +38,8 @@ is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_backup_enabled
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #
@@ -592,6 +594,7 @@ for backup_type in $(echo -e "${BACKUP_SYSTEM//,/\\n}"); do
         ftp)   ftp_backup ;;
         sftp)  sftp_backup ;;
         google) google_backup ;;
+        b2) b2_backup ;;
     esac
 done
 

bin/v-backup-users

@@ -20,7 +20,8 @@ source /etc/profile
 source $HESTIA/func/main.sh
 source $HESTIA/conf/hestia.conf
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-change-dns-record-id

@@ -45,6 +45,8 @@ is_object_unsuspended 'dns' 'DOMAIN' "$domain"
 is_object_valid "dns/$domain" 'ID' "$id"
 is_object_new "dns/$domain" 'ID' "$newid"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-change-fs-file-permission

@@ -22,6 +22,9 @@ check_args '3' "$#" 'USER FILE PERMISSIONS'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-change-remote-dns-domain-exp

@@ -32,6 +32,8 @@ is_object_valid 'dns' 'DOMAIN' "$domain"
 is_procces_running
 remote_dns_health_check
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-change-remote-dns-domain-soa

@@ -34,6 +34,8 @@ is_object_valid 'dns' 'DOMAIN' "$domain"
 is_procces_running
 remote_dns_health_check
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-change-remote-dns-domain-ttl

@@ -34,6 +34,8 @@ is_object_valid 'dns' 'DOMAIN' "$domain"
 is_procces_running
 remote_dns_health_check
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-change-user-php-cli

@@ -58,6 +58,9 @@ if grep -q "alias php='env php$version'" "$FILE"; then
   exit;
 fi
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-change-user-role

@@ -33,6 +33,9 @@ is_object_valid 'user' 'USER' "$user"
 
 is_object_unsuspended 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-change-web-domain-docroot

@@ -3,9 +3,10 @@
 # options: USER DOMAIN SSL_HOME [RESTART]
 # labels: web
 #
-# example: v-change-web-domain-sslhome admin acme.com /home/admin/acme.com/public_shtml
+# example: v-change-web-domain-sslhome admin acme.com single
+# example: v-change-web-domain-sslhome admin acme.com same
 #
-# The function changes SSL home directory.
+# The function changes SSL home directory. Single will seperate the both public_html / public_shtml. Same will always point to public_shtml
 
 #----------------------------------------------------------#
 #                    Variable&Function                     #

bin/v-check-api-key

@@ -22,6 +22,8 @@ time_n_date=$(date +'%T %F')
 time=$(echo "$time_n_date" |cut -f 1 -d \ )
 date=$(echo "$time_n_date" |cut -f 2 -d \ )
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-check-fs-permission

@@ -21,6 +21,9 @@ check_args '2' "$#" 'USER FILE'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-copy-fs-directory

@@ -22,6 +22,9 @@ check_args '3' "$#" 'USER SRC_DIRECTORY DST_DIRECTORY'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-copy-fs-file

@@ -22,6 +22,9 @@ check_args '3' "$#" 'USER SRC_FILE DST_FILE'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-delete-backup-host

@@ -32,7 +32,8 @@ if [ -z "$types" ]; then
     exit $E_INVALID
 fi
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-cron-reports

@@ -31,7 +31,8 @@ is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-cron-restart-job

@@ -21,7 +21,8 @@ source $HESTIA/conf/hestia.conf
 
 is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-database-host

@@ -34,6 +34,8 @@ is_type_valid "$DB_SYSTEM" "$type"
 is_object_valid "../../conf/$type" 'HOST' "$host"
 is_dbhost_free
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-delete-database-temp-user

@@ -0,0 +1,64 @@
+#!/bin/bash
+# info: deletes temp database user
+# options: USER DBUSER [TYPE] [HOST]
+# labels: hestia database
+#
+# example: v-add-database-temp-user wordress hestia_sso_user mysql
+#
+# Revokes "temp user" access to a database and removes the user
+# To be used in combination with v-add-database-temp-user 
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+database=$2
+dbuser=$3
+type=${4-mysql}
+host=$5
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/func/db.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '3' "$#" 'USER DATABASE DBUSER [TYPE] [HOST]'
+is_format_valid 'user' 'dbuser'
+is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'db' 'DB' "$database"
+is_object_unsuspended 'db' 'DB' "$database"
+get_next_dbhost
+
+if [[ $dbuser != *"hestia_sso"* ]]; then
+    echo "DBUSER is invalid SSO user"
+    exit $E_INVALID;
+fi
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Get database values
+get_database_values
+
+delete_mysql_database_temp_user
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+log_history "Revoked $dbuser access to $database"
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+exit

bin/v-delete-dns-on-web-alias

@@ -32,6 +32,8 @@ format_domain
 format_domain_idn
 # TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                    Verifications                         #

bin/v-delete-fs-directory

@@ -22,6 +22,9 @@ check_args '2' "$#" 'USER DIRECTORY'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-delete-fs-file

@@ -22,6 +22,9 @@ check_args '2' "$#" 'USER FILE'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-delete-mail-account-forward

@@ -34,7 +34,9 @@ format_domain_idn
 #----------------------------------------------------------#
 
 check_args '4' "$#" 'USER DOMAIN ACCOUNT FORWARD'
-is_format_valid 'user' 'domain' 'account' 'forward'
+if [ "$forward"  != ':blackhole:' ]; then
+    is_format_valid 'forward'
+fi
 is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"

bin/v-delete-remote-dns-domain

@@ -32,7 +32,8 @@ is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
 is_procces_running
 remote_dns_health_check
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-remote-dns-domains

@@ -28,7 +28,8 @@ is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
 is_procces_running
 remote_dns_health_check
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-remote-dns-host

@@ -30,7 +30,8 @@ is_format_valid 'host'
 is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
 is_object_valid "../../conf/dns-cluster" 'HOST' "$host"
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-remote-dns-record

@@ -33,7 +33,8 @@ is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
 is_procces_running
 remote_dns_health_check
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-sys-pma-sso

@@ -0,0 +1,67 @@
+#!/bin/bash
+# info: disables support for single sign on PHPMYADMIN 
+# options: [mode]
+# labels: hestia
+#
+# example: v-delete-sys-pma-sso
+#
+# Disables support for SSO to PHPmyAdmin
+
+MODE=$1
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+PMA_INSTALL="/usr/share/phpmyadmin"
+PMA_CONFIG="/etc/phpmyadmin"
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+if [ "x$(id -u)" != 'x0' ]; then
+    echo "Error: Script can be run executed only by root"
+    exit 10
+fi
+
+if [ ! -e "$PMA_INSTALL/hestia-sso.php" ]; then
+     echo 'Error:  PMA Single Sign On already disabled'
+     exit 1;
+fi 
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+apikey=$(grep -Po "'API_KEY', '(.*)'" /usr/share/phpmyadmin/hestia-sso.php |  cut "-d'" -f4 )
+
+$BIN/v-revoke-api-key $apikey
+
+#remove new files
+rm /usr/share/phpmyadmin/hestia-sso.php
+rm /etc/phpmyadmin/hestia-sso.inc.php
+
+#revert config
+sed -i "/hestia-sso.inc.php/d" $PMA_CONFIG/config.inc.php
+
+# disable key
+$BIN/v-change-sys-config-value 'PHPMYADMIN_KEY' ""
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+if [ "$MODE" != "quiet" ]; then
+    echo "PMA Hestia-SSO plugin has been succesfully removed/disabled"
+fi
+
+
+log_history "Disabled support SSO" '' 'admin'
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+exit

bin/v-delete-sys-quota

@@ -21,7 +21,8 @@ source $HESTIA/conf/hestia.conf
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-sys-sftp-jail

@@ -25,7 +25,8 @@ source $HESTIA/conf/hestia.conf
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-sys-theme

@@ -20,6 +20,12 @@ theme=$1
 source $HESTIA/func/main.sh
 source $HESTIA/conf/hestia.conf
 
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-sys-webmail

@@ -41,6 +41,9 @@ is_object_unsuspended 'user' 'USER' "$user"
 is_object_valid 'mail' 'DOMAIN' "$domain"
 is_object_unsuspended 'mail' 'DOMAIN' "$domain"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
@@ -65,6 +68,8 @@ else
     echo "Error: WEBMAIL_ALIAS is not defined in hestia.conf."
 fi
 
+# Set SSL as enabled in configuration
+update_object_value 'mail' 'DOMAIN' "$domain" '$WEBMAIL' ""
 #----------------------------------------------------------#
 #                       Hestia                              #
 #----------------------------------------------------------#

bin/v-delete-user-auth-log

@@ -0,0 +1,38 @@
+#!/bin/bash
+# info: Delete auth log file for user
+#
+# The function for deleting a users auth log file
+
+# Argument definition
+user=$1
+date=$(date "+%F %T")
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'USER'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+
+if [ ! -f $USER_DATA/auth.log ]; then
+    touch  $USER_DATA/auth.log
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+rm $USER_DATA/auth.log
+
+log_history "Authentication log for $user was cleared on $date."
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-user-sftp-jail

@@ -40,7 +40,8 @@ if [[ ! " ${users[@]} " =~ " ${user} " ]]; then
     exit
 fi
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-delete-web-domain-fast-cgi-cache

@@ -0,0 +1,77 @@
+#!/bin/bash
+# info: remove fast cgi nginx support
+# options: USER DOMAIN [RESTART]
+# labels: hestia web
+#
+# example: v-delete-web-domain-fast-cgi-cache user domain.tld
+#
+# The function removes fast cgi cache.
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+restart=$3
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN'
+is_format_valid 'user' 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+is_object_valid 'web' 'DOMAIN' "$domain" "$FASTCGI_CACHE"
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Load domain data
+parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
+
+# Remove fast cgi configs
+if [ -f $HOMEDIR/$user/conf/web/$domain/$WEB_SYSTEM.fastcgi_cache.conf ]; then
+    rm -f $HOMEDIR/$user/conf/web/$domain/$WEB_SYSTEM.fastcgi_cache.conf
+fi
+
+# Delete cache folder on disabling
+if [ -d /var/cache/nginx/php-fpm/$domain ]; then
+    rm -f /var/cache/nginx/php-fpm/$domain
+fi
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+if [ -z "$FASTCGI_CACHE" ]; then
+    add_object_key "web" 'DOMAIN' "$domain" 'FASTCGI_CACHE' 'ALIAS'
+fi
+
+# Set FASTCGI flag to disabled
+update_object_value 'web' 'DOMAIN' "$domain" '$FASTCGI_CACHE' ''
+
+# Restart services if requested
+if [ ! -z "$restart" ]; then
+    $BIN/v-restart-web
+    check_result $? "Web restart failed" >/dev/null
+fi
+
+# Logging
+log_history "disabled fast cgi support for $domain"
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-delete-web-domain-stats-user

@@ -1,5 +1,5 @@
 #!/bin/bash
-# info: disable webdomain stats  authentication support
+# info: disable web domain stats authentication support
 # options: USER DOMAIN [RESTART]
 # labels: web
 #
@@ -47,14 +47,14 @@ check_hestia_demo_mode
 #                       Action                             #
 #----------------------------------------------------------#
 
-# Defining statistic dir
-rm -f $HOMEDIR/$user/web/$domain/stats/.htpasswd
-rm -f $HOMEDIR/$user/web/$domain/stats/.htaccess
+# Deleting statistic dir
+stats_dir="$HOMEDIR/$user/web/$domain/stats"
+rm -f $stats_dir/.htpasswd
+rm -f $stats_dir/.htaccess
 
 # Deleting nginx auth config
 if [ "$WEB_SYSTEM" = 'nginx' ]; then
-    conf_dir="$HOMEDIR/$user/conf/web"
-    rm -f $conf_dir/$domain.auth 2>/dev/null
+    rm -f $stats_dir/auth.conf 2>/dev/null
     $BIN/v-restart-web $restart
     check_result $? "Web restart failed" >/dev/null
 fi

bin/v-download-backup

@@ -40,6 +40,9 @@ source $HESTIA/func/backup.sh
 check_args '2' "$#" 'USER BACKUP'
 is_format_valid 'user' 'backup'
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-extract-fs-archive

@@ -25,6 +25,9 @@ check_args '3' "$#" 'USER ARCHIVE DIRECTORY [SELECTED_DIR] [STRIP] [TEST]'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-generate-api-key

@@ -12,13 +12,16 @@
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 
+source $HESTIA/func/main.sh
+
 keygen() {
     < /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-32};echo;
 }
 KEYS="$HESTIA/data/keys/"
 HASH=$(keygen)
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-generate-ssl-cert

@@ -76,6 +76,9 @@ if [ ! -f /root/.rnd ]; then
     touch /root/.rnd
 fi
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-insert-dns-domain

@@ -44,6 +44,8 @@ if [ "$flush" = 'no' ]; then
     is_domain_new 'dns' $domain
 fi
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-insert-dns-record

@@ -33,6 +33,8 @@ is_object_unsuspended 'user' 'USER' "$user"
 is_object_valid 'dns' 'DOMAIN' "$domain"
 parse_object_kv_list "$data"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-insert-dns-records

@@ -32,6 +32,8 @@ is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_object_valid 'dns' 'DOMAIN' "$domain"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-list-backup-host

@@ -21,6 +21,8 @@ source $HESTIA/func/main.sh
 
 # JSON list function
 json_list() {
+    case $type in 
+    'sftp' | 'ftp')
     echo '{'
     echo '    "'$type'": {
         "HOST": "'$HOST'",
@@ -32,10 +34,25 @@ json_list() {
         "DATE": "'$DATE'"
     }'
     echo '}'
+    ;;
+    'b2')
+     echo '{'
+     echo '    "'$type'": {
+         "BUCKET": "'$BUCKET'",
+         "TYPE": "'$type'",
+         "B2_KEY_ID": "'$B2_KEYID'",
+         "TIME": "'$TIME'",
+         "DATE": "'$DATE'"
+     }'
+     echo '}' 
+    ;;
+    esac
 }
 
 # SHELL list function
 shell_list() {
+    case $type in
+    'sftp' | 'ftp')
     echo "HOST:           $HOST"
     echo "USERNAME:       $USERNAME"
     echo "PORT:           $PORT"
@@ -43,17 +60,41 @@ shell_list() {
     echo "PATH:           $BPATH"
     echo "TIME:           $TIME"
     echo "DATE:           $DATE"
+    ;;
+    'b2')
+    echo "BUCKET          $BUCKET"
+    echo "TYPE            $type"
+    echo "B2_KEY_ID       $B2_KEYID"
+    echo "TIME:           $TIME"
+    echo "DATE:           $DATE"
+    ;;
+    esac
 }
 
 # PLAIN list function
 plain_list() {
+    case $type in
+    'sftp' | 'ftp')
     echo -e "$HOST\t$USERNAME\t$PORT\t$type\t$BPATH\t$TIME\t$DATE"
+    ;;
+    'b2')
+    echo -e "$BUCKET\t$type\t$B2_KEYID\t$TIME\t$DATE"
+    ;;
+    esac 
 }
 
 # CSV list function
 csv_list() {
+    case $type in
+    'sftp' | 'ftp')
     echo "HOST,USERNAME,PORT,TYPE,PATH,TIME,DATE"
     echo "$HOST,$USERNAME,$PORT,$type,$BPATH,$TIME,$DATE"
+    ;;
+    'b2')
+    echo "BUCKET,TYPE,B2_KEYID,TIME,DATE"
+    echo "$BUCKET,$type,$B2_KEYID,$TIME,$DATE"
+    ;;
+    esac 
 }
 
 # Type format validator

bin/v-list-mail-domain

@@ -37,7 +37,8 @@ json_list() {
         "SUSPENDED": "'$SUSPENDED'",
         "TIME": "'$TIME'",
         "DATE": "'$DATE'",
-        "WEBMAIL_ALIAS": "'$WEBMAIL_ALIAS.$domain'"
+        "WEBMAIL_ALIAS": "'$WEBMAIL_ALIAS.$domain'",
+        "WEBMAIL":"'$WEBMAIL'"
         }'
     echo '}'
 }
@@ -57,20 +58,21 @@ shell_list() {
     echo "TIME:           $TIME"
     echo "DATE:           $DATE"
     echo "WEBMAIL_ALIAS:  $WEBMAIL_ALIAS.$domain"
+    echo "WEBMAIL:        $WEBMAIL"
 }
 
 # PLAIN list function
 plain_list() {
     echo -ne "$DOMAIN\t$ANTIVIRUS\t$ANTISPAM\t$DKIM\t$CATCHALL\t"
-    echo -e "$ACCOUNTS\t$U_DISK\t$SSL\t$LETSENCRYPT\t$SUSPENDED\t$TIME\t$DATE\t$WEBMAIL_ALIAS.$domain"
+    echo -e "$ACCOUNTS\t$U_DISK\t$SSL\t$LETSENCRYPT\t$SUSPENDED\t$TIME\t$DATE\t$WEBMAIL_ALIAS.$domain\t$WEBMAIL"
 }
 
 # CSV list function
 csv_list() {
     echo -n "DOMAIN,ANTIVIRUS,ANTISPAM,DKIM,CATCHALL,ACCOUNTS,U_DISK,"
-    echo "SSL,LETSENCRYPT,SUSPENDED,TIME,DATE"
+    echo "SSL,LETSENCRYPT,SUSPENDED,TIME,DATE,WEBMAIL_ALIAS,WEBMAIL"
     echo -n "$DOMAIN,$ANTIVIRUS,$ANTISPAM,$DKIM,$CATCHALL,$ACCOUNTS,$U_DISK"
-    echo "$SSL,$LETSENCRYPT,$SUSPENDED,$TIME,$DATE,$WEBMAIL_ALIAS.$domain"
+    echo "$SSL,$LETSENCRYPT,$SUSPENDED,$TIME,$DATE,$WEBMAIL_ALIAS.$domain,$WEBMAIL"
 }
 
 

bin/v-list-mail-domains

@@ -37,7 +37,9 @@ json_list() {
         "SSL": "'$SSL'",
         "SUSPENDED": "'$SUSPENDED'",
         "TIME": "'$TIME'",
-        "DATE": "'$DATE'"
+        "DATE": "'$DATE'",
+        "WEBMAIL_ALIAS": "'$WEBMAIL_ALIAS'",
+        "WEBMAIL": "'$WEBMAIL'"
     }'
         if [ "$i" -lt "$objects" ]; then
             echo ','
@@ -67,7 +69,7 @@ plain_list() {
     while read str; do
         parse_object_kv_list "$str"
         echo -ne "$DOMAIN\t$ANTIVIRUS\t$ANTISPAM\t$DKIM\t$SSL\$CATCHALL\t"
-        echo -e "$ACCOUNTS\t$U_DISK\t$SUSPENDED\t$TIME\t$DATE"
+        echo -e "$ACCOUNTS\t$U_DISK\t$SUSPENDED\t$TIME\t$DATE\t$WEBMAIL_ALIAS\t$WEBMAIL"
     done < <(cat $USER_DATA/mail.conf)
 }
 
@@ -75,11 +77,11 @@ plain_list() {
 csv_list() {
     IFS=$'\n'
     echo -n "DOMAIN,ANTIVIRUS,ANTISPAM,DKIM,SSL,CATCHALL,ACCOUNTS,U_DISK,"
-    echo "SUSPENDED,TIME,DATE"
+    echo "SUSPENDED,TIME,DATE,WEBMAIL_ALIAS,WEBMAIL"
     while read str; do
         parse_object_kv_list "$str"
         echo -n "$DOMAIN,$ANTIVIRUS,$ANTISPAM,$DKIM,$SSL,$CATCHALL,$ACCOUNTS,"
-        echo "'$U_DISK,$SUSPENDED,$TIME,$DATE"
+        echo "'$U_DISK,$SUSPENDED,$TIME,$DATE,$WEBMAIL_ALIAS,$WEBMAIL"
         echo
     done < <(cat $USER_DATA/mail.conf)
 }

bin/v-list-sys-config

@@ -1,7 +1,7 @@
 #!/bin/bash
 # info: list system configuration
 # options: [FORMAT]
-# labels: 
+# labels:
 #
 # example: v-list-sys-config json
 #
@@ -58,12 +58,14 @@ json_list() {
         "BACKUP": "'$BACKUP'",
         "BACKUP_MODE": "'$BACKUP_MODE'",
         "WEBMAIL_ALIAS": "'$WEBMAIL_ALIAS'",
+        "WEBMAIL_SYSTEM": "'$WEBMAIL_SYSTEM'",
         "DB_PMA_ALIAS": "'$DB_PMA_ALIAS'",
         "DB_PGA_ALIAS": "'$DB_PGA_ALIAS'",
         "LOGIN_STYLE": "'$LOGIN_STYLE'",
-        "SOFTACULOUS": "'$SOFTACULOUS'"
+        "INACTIVE_SESSION_TIMEOUT": "'$INACTIVE_SESSION_TIMEOUT'",
+        "PHPMYADMIN_KEY": "'$PHPMYADMIN_KEY'"
     }
-}'
+    }'
 }
 
 # Shell list

bin/v-list-sys-services

@@ -294,8 +294,12 @@ fi
 
 # Checking FIREWALL Fail2ban extention
 if [ ! -z "$FIREWALL_EXTENSION" ]; then
-    if [ "$(lsb_release -s -r)" = "20.04" ]; then
-        get_srv_state $FIREWALL_EXTENSION f2b/server script
+    if [ -e '/usr/bin/lsb_release' ]; then
+        if [ "$(lsb_release -s -r)" = "20.04" ]; then
+            get_srv_state $FIREWALL_EXTENSION f2b/server script
+        else
+            get_srv_state $FIREWALL_EXTENSION fail2ban-server script
+        fi
     else
         get_srv_state $FIREWALL_EXTENSION fail2ban-server script
     fi

bin/v-list-sys-webmail

@@ -0,0 +1,80 @@
+#!/bin/bash
+# info: listing available webmail clients
+# options: [FORMAT]
+# labels: hestia mail
+#
+# example: v-list-sys-webmail
+#
+# List available webmail clients
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+format=${1-shell}
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+# JSON list function
+json_list() {
+    i=1
+    objects=$(echo -e "${WEBMAIL_SYSTEM//,/\\n}" |wc -l)
+    echo '['
+    for client in ${WEBMAIL_SYSTEM//,/ };do
+        if [ "$i" -ne "$objects" ]; then
+            echo -e  "\t\"$client\","
+        else
+            echo -e  "\t\"$client\""
+        fi
+        (( ++i))
+    done
+    echo ']'  
+}
+
+# SHELL list function
+shell_list() {
+    echo "Webmail Client"
+    echo "--------"
+    for client in ${WEBMAIL_SYSTEM//,/ };do
+        echo "$client"
+    done
+}
+
+# PLAIN list function
+plain_list() {
+    for client in ${WEBMAIL_SYSTEM//,/ };do
+        echo "$client"
+    done
+}
+
+# CSV list function
+csv_list() {
+    echo "CLIENT"
+    for client in ${WEBMAIL_SYSTEM//,/ };do
+        echo "$client"
+    done
+}
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Listing data
+case $format in
+    json)   json_list ;;
+    plain)  plain_list ;;
+    csv)    csv_list ;;
+    shell)  shell_list ;;
+esac
+
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+exit

bin/v-list-user-auth-log

@@ -0,0 +1,118 @@
+#!/bin/bash
+# info: list user log
+# options: USER [FORMAT]
+#
+# The function of obtaining the list of 10 last users commands.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+format=${2-shell}
+
+# Includes
+source $HESTIA/func/main.sh
+
+# JSON list function
+json_list() {
+    IFS=$'\n'
+    i=1
+    objects=$(echo "$logs" |wc -l)
+    echo "{"
+    for str in $logs; do
+        IP=$(echo "$str" |cut -f 2 -d \')
+        FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
+        DATE=$(echo "$str" |cut -f 6 -d \')
+        TIME=$(echo "$str" |cut -f 8 -d \')
+        ACTIVE=$(echo "$str" |cut -f 10 -d \')
+        echo -n '    "'$i'": {
+            "IP": "'$IP'",
+            "FINGERPRINT": "'$FINGERPRINT'",
+            "TIME": "'$TIME'",
+            "DATE": "'$DATE'",
+            "ACTIVE": "'$ACTIVE'"
+        }'
+        if [ "$i" -lt "$objects" ]; then
+            echo ','
+        else
+            echo
+        fi
+        ((i++))
+        done
+    echo '}'
+}
+
+shell_list() {
+    IFS=$'\n'
+    echo "DATE~TIME~IP~FINGERPRINT~ACTIVE"
+    echo "----~----~--~-----------~------"
+    for str in $logs; do
+        IP=$(echo "$str" |cut -f 2 -d \')
+        FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
+        DATE=$(echo "$str" |cut -f 6 -d \')
+        TIME=$(echo "$str" |cut -f 8 -d \')
+        ACTIVE=$(echo "$str" |cut -f 10 -d \')
+        echo "$DATE~$TIME~$IP~$FINGERPRINT~$ACTIVE"
+    done
+}
+
+# PLAIN list function
+plain_list() {
+    IFS=$'\n'
+    for str in $logs; do
+        IP=$(echo "$str" |cut -f 2 -d \')
+        FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
+        DATE=$(echo "$str" |cut -f 6 -d \')
+        TIME=$(echo "$str" |cut -f 8 -d \')
+        ACTIVE=$(echo "$str" |cut -f 10 -d \')
+        echo -e "$DATE\t$TIME\t$IP\t$FINGERPRINT\t$ACTIVE"
+    done
+}
+
+# CSV list function
+csv_list() {
+    IFS=$'\n'
+    echo "ID,CMD,UNDO,TIME,DATE"
+    for str in $logs; do
+        IP=$(echo "$str" |cut -f 2 -d \')
+        FINGERPRINT=$(echo "$str" |cut -f 4 -d \')
+        DATE=$(echo "$str" |cut -f 6 -d \')
+        TIME=$(echo "$str" |cut -f 8 -d \')
+        ACTIVE=$(echo "$str" |cut -f 10 -d \')
+        echo "$DATE,$TIME,$IP,$FINGERPRINT,$ACTIVE"
+
+    done
+}
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Parsing history log
+logs=$(tail -n 10 $USER_DATA/auth.log 2>/dev/null)
+
+case $format in
+    json)   json_list ;;
+    plain)  plain_list ;;
+    csv)    csv_list ;;
+    shell)  shell_list |column -t -s '~';;
+esac
+
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+exit

bin/v-list-web-domain

@@ -44,6 +44,7 @@ json_list() {
         "BACKEND": "'$BACKEND'",
         "PROXY": "'$PROXY'",
         "PROXY_EXT": "'$PROXY_EXT'",
+        "FASTCGI_CACHE": "'$FASTCGI_CACHE'",
         "CUSTOM_DOCROOT": "'$CUSTOM_DOCROOT'",
         "SUSPENDED": "'$SUSPENDED'",
         "TIME": "'$TIME'",

bin/v-log-user-login

@@ -0,0 +1,45 @@
+#!/bin/bash
+# info: add user login
+# options: USER IP [FINGERPRINT]
+
+# Argument definition
+user=$1
+ip=$2
+fingerprint=${3}
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER IP [FINGERPRINT]'
+is_format_valid 'user' 'ip'
+is_object_valid 'user' 'USER' "$user"
+
+browser=$(echo $browser | sed -e "s/\'//g");
+
+# Generating timestamp
+time_n_date=$(date +'%T %F')
+time=$(echo "$time_n_date" |cut -f 1 -d \ )
+date=$(echo "$time_n_date" |cut -f 2 -d \ )
+
+if [ ! -f $USER_DATA/auth.log ]; then
+    touch  $USER_DATA/auth.log
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $USER_DATA/auth.log   
+
+echo "IP='$ip' FINGERPRINT='$fingerprint' DATE='$date' TIME='$time' active='yes'" >> $USER_DATA/auth.log
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+exit

bin/v-log-user-logout

@@ -0,0 +1,35 @@
+#!/bin/bash
+# info: Log User logout event
+# options: USER FINGERPRINT
+
+# Argument definition
+user=$1
+fingerprint=$2
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER FINGERPRINT'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+
+if [ ! -f $USER_DATA/auth.log ]; then
+    touch  $USER_DATA/auth.log
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+awk -i inplace -v finger="FINGERPRINT='$fingerprint'" -v active="active='no'" '$2 == finger {$5=active}1' $USER_DATA/auth.log 
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+exit

bin/v-move-fs-directory

@@ -23,6 +23,9 @@ check_args '3' "$#" 'USER SRC_DIRECTORY DST_DIRECTORY'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-move-fs-file

@@ -23,6 +23,9 @@ check_args '3' "$#" 'USER SRC_FILE DST_FILE'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
 # Checking user homedir
 homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
 if [ -z $homedir ]; then

bin/v-purge-web-domain-nginx-cache

@@ -0,0 +1,67 @@
+#!/bin/bash
+# info: Empty nginx cache
+# options: USER DOMAIN MODE
+# labels: hestia web
+#
+# example: v-purge-web-domain-nginx-cache user domain.tld proxy
+#
+# The function clears Nginx cache.
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN'
+is_format_valid 'user' 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+is_object_valid 'web' 'DOMAIN' "$domain" "$FASTCGI_CACHE"
+
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Load domain data
+parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
+
+# Empty Fast CGI Cache 
+if [ -d /var/cache/nginx/php-fpm/$domain ]; then
+    rm -fr /var/cache/nginx/php-fpm/$domain/*
+fi
+# Empty Proxy Cache
+if [ -d /var/cache/nginx/$domain ]; then
+    rm -fr /var/cache/nginx/$domain/*
+fi
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Restart services if requested
+if [ ! -z "$restart" ]; then
+    $BIN/v-restart-web
+    check_result $? "Web restart failed" >/dev/null
+fi
+
+# Logging
+log_history "purged nginx cache for $domain"
+log_event "$OK" "$ARGUMENTS"
+
+exit

bin/v-rebuild-all

@@ -37,6 +37,8 @@ is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 
 #----------------------------------------------------------#
 #                       Action                             #

bin/v-rebuild-cron-jobs

@@ -30,7 +30,8 @@ is_format_valid 'user'
 is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-rebuild-database

@@ -33,7 +33,8 @@ is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'db' 'DB' "$database"
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-rebuild-databases

@@ -31,7 +31,8 @@ is_format_valid 'user'
 is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-rebuild-dns-domain

@@ -36,7 +36,8 @@ is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_object_valid 'dns' 'DOMAIN' "$domain"
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-rebuild-dns-domains

@@ -37,7 +37,8 @@ if [ "$DNS_SYSTEM" = 'remote' ]; then
     exit
 fi
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-rebuild-mail-domain

@@ -46,7 +46,8 @@ if [ "$MAIL_SYSTEM" = 'remote' ]; then
     exit
 fi
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
@@ -57,8 +58,9 @@ rebuild_mail_domain_conf
 # Rebuild webmail configuration
 if [ ! -z "$WEB_SYSTEM" ] || [ ! -z "$PROXY_SYSTEM" ]; then
     if [ ! -z "$IMAP_SYSTEM" ]; then
+        WEBMAIL=$(get_object_value 'web' 'DOMAIN' "$domain" "$WEBMAIL")
         $BIN/v-delete-sys-webmail $user $domain '' 'yes'
-        $BIN/v-add-sys-webmail $user $domain '' 'yes'
+        $BIN/v-add-sys-webmail $user $domain $WEBMAIL '' 'yes'
     fi
 fi
 

bin/v-rebuild-mail-domains

@@ -42,7 +42,8 @@ if [ "$MAIL_SYSTEM" = 'remote' ]; then
     exit
 fi
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

bin/v-rebuild-user

@@ -34,7 +34,8 @@ is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 
-
+# Perform verification if read-only mode is enabled
+check_hestia_demo_mode
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#