Make some more changes

func/upgrade.sh

@@ -624,7 +624,7 @@ upgrade_phpmyadmin() {
 				chown root:hestiamail /var/lib/phpmyadmin/blowfish_secret.inc.php
 				chmod 0640 /var/lib/phpmyadmin/blowfish_secret.inc.php
 			fi
-			chown root:hestiamail /usr/share/phpmyadmin/tmp
+			chown hestiamail:hestiamail /usr/share/phpmyadmin/tmp
 			chmod 0770 /usr/share/phpmyadmin/tmp
 		else
 			# Display upgrade information
@@ -649,7 +649,7 @@ upgrade_phpmyadmin() {
 			# Create temporary folder and change permissions
 			if [ ! -d /usr/share/phpmyadmin/tmp ]; then
 				mkdir /usr/share/phpmyadmin/tmp
-				chown root:hestiamail /usr/share/phpmyadmin/tmp
+				chown hestiamail:hestiamail /usr/share/phpmyadmin/tmp
 				chmod 0770 /usr/share/phpmyadmin/tmp
 
 			fi

install/deb/nginx/phppgadmin.inc

@@ -6,7 +6,7 @@ location /%pga_alias% {
 		include       /etc/nginx/fastcgi_params;
 		fastcgi_index index.php;
 		fastcgi_param HTTP_EARLY_DATA $rfc_early_data if_not_empty;
-		fastcgi_param SCRIPT_FILENAME $request_filename;
-		fastcgi_pass  127.0.0.1:9000;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		fastcgi_pass  unix:/run/php/www.sock;
 	}
 }

install/deb/pga/phppgadmin.conf

@@ -18,7 +18,7 @@ allow from all
 <IfModule mpm_event_module>
  # Use www.conf instead
  <FilesMatch \.php$>
-     SetHandler "proxy:fcgi://127.0.0.1:9000"
+    SetHandler "proxy:unix:/run/php/www.sock|fcgi://localhost"
  </FilesMatch>
 </IfModule>
 <IfModule !mod_php5.c>

install/deb/php-fpm/www.conf

@@ -8,7 +8,7 @@ listen.mode = 0660
 
 ;"hestiamail" user created to prevent users from abusing this config
 user = hestiamail
-group = www-data
+group = hestiamail
 
 pm = ondemand
 pm.max_children = 4

install/upgrade/versions/1.9.0.sh

@@ -17,11 +17,11 @@
 ####### You can use \n within the string to create new lines.                   #######
 #######################################################################################
 
-upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false'
-upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false'
-upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false'
+upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'true'
+upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'true'
+upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'true'
 upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'yes'
-upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false'
+upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'true'
 
 # update config sftp jail
 $BIN/v-delete-sys-sftp-jail
@@ -92,9 +92,25 @@ if [ -s /etc/exim4/exim4.conf.template ] && ! grep -Fq "smtp_accept_max" /etc/ex
 	sed -i '/disable_ipv6 = true/a\smtp_accept_max = 100\nsmtp_accept_max_per_host = 20' /etc/exim4/exim4.conf.template
 fi
 
-# Update phymyadmin.inc for nginx
-if [ -s /etc/nginx/conf.d/phpmyadmin.inc ]; then
-	cp -f $HESTIA_INSTALL_DIR/nginx/phpmyadmin.inc /etc/nginx/conf.d/phpmyadmin.inc
+# Update www.conf due security issue
+php_versions=$($BIN/v-list-sys-php plain)
+# Substitute php-fpm service name formats
+for version in $php_versions; do
+	if [ -f "/etc/php/$version/fpm/pool.d/www.conf" ]; then
+		cp -f $HESTIA_INSTALL_DIR/php-fpm/www.conf "/etc/php/$version/fpm/pool.d/www.conf"
+	fi
+done
+
+# Recreate PHPMYADMIN / PHPGADMIN conf correctly
+if [ -n "$DB_PMA_ALIAS" ]; then
+	old=$DB_PMA_ALIAS
+	$BIN/v-change-sys-db-alias pma "randomstring"
+	$BIN/v-change-sys-db-alias pma "$old"
+fi
+if [ -n "$DB_PGA_ALIAS" ]; then
+	old=$DB_PMA_ALIAS
+	$BIN/v-change-sys-db-alias pga "randomstring"
+	$BIN/v-change-sys-db-alias pga "$old"
 fi
 
 # Fix MySQL lc-messages-dir path for mariadb