Nginx

bin/module/nginx/install.inc

@@ -0,0 +1,71 @@
+#!/bin/bash
+
+hestia_module_nginx_install() {
+    source $HESTIA/bin/module/func.inc
+
+    module_installed=$(hestia_module_isinstalled nginx)
+    if [ "$module_installed" ] && [ ! "$param_force" ]; then
+        echo "Nginx module is already installed. See 'hestia module info nginx'."
+        exit 1
+    fi
+
+    echo "Installing Nginx module..."
+
+    osal_service_stop $OSAL_SERVICE_NGINX > /dev/null 2>&1
+    hestia_config_backup 'nginx-install' $OSAL_PATH_NGINX_CONF
+
+    if [ "$OS_BASE" = 'debian' ]; then
+        # Add Nginx repo
+        echo "deb [arch=amd64] http://nginx.org/packages/mainline/$VERSION/ $codename nginx" > $apt/nginx.list
+        wget --quiet http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key
+        APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add /tmp/nginx_signing.key > /dev/null 2>&1
+    elif [ "$OS_BASE" = 'rhel' ]; then
+        nrepo="/etc/yum.repos.d/nginx.repo"
+        echo "[nginx]" > $nrepo
+        echo "name=nginx repo" >> $nrepo
+        echo "baseurl=https://nginx.org/packages/centos/$release/\$basearch/" >> $nrepo
+        echo "gpgcheck=0" >> $nrepo
+        echo "enabled=1" >> $nrepo
+    fi
+
+    osal_package_preinstall
+    osal_package_install $OSAL_PKG_NGINX
+
+    rm -f $OSAL_PATH_NGINX_CONF_D/*.conf
+    cp -f $HESTIA_INSTALL_DIR/nginx/nginx.conf $OSAL_PATH_NGINX_CONF/
+    cp -f $HESTIA_INSTALL_DIR/nginx/status.conf $OSAL_PATH_NGINX_CONF_D/
+    #FIXME: move the following to *admin install
+    #cp -f $HESTIA_INSTALL_DIR/nginx/phpmyadmin.inc $OSAL_PATH_NGINX_CONF_D/
+    #cp -f $HESTIA_INSTALL_DIR/nginx/phppgadmin.inc $OSAL_PATH_NGINX_CONF_D/
+    cp -f $HESTIA_INSTALL_DIR/logrotate/nginx $OSAL_PATH_LOGROTATE_CONF_D/
+    mkdir -p $OSAL_PATH_NGINX_CONF_D/domains
+    mkdir -p $OSAL_PATH_NGINX_CONF/modules-enabled
+    mkdir -p /var/log/nginx/domains
+
+    # Update dns servers in nginx.conf
+    dns_resolver=$(cat /etc/resolv.conf | grep -i '^nameserver' | cut -d ' ' -f2 | tr '\r\n' ' ' | xargs)
+    for ip in $dns_resolver; do
+        if [[ $ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            resolver="$ip $resolver"
+        fi
+    done
+    if [ ! -z "$resolver" ]; then
+        sed -i "s/1.0.0.1 1.1.1.1/$resolver/g" $OSAL_PATH_NGINX_CONF/nginx.conf
+        # FIXME: the following should be done on hestia-nginx install, not on nginx install
+        sed -i "s/1.0.0.1 1.1.1.1/$resolver/g" $HESTIA/nginx/conf/nginx.conf
+    fi
+
+    osal_service_enable $OSAL_SERVICE_NGINX
+    osal_service_start $OSAL_SERVICE_NGINX
+    check_result $? "Nginx start failed"
+
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'installed' '1'
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'description' 'Hestia Nginx module'
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'enabled' '1'
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'variant' 'nginx'
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'version' '1'
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'service_name' $OSAL_PKG_NGINX
+
+    # Setup web module (depending on Nginx and/or Apache config)
+    hestia module web setup
+}

bin/module/nginx/remove.inc

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+hestia_module_nginx_remove() {
+    source $HESTIA/bin/module/func.inc
+
+    module_installed=$(hestia_module_isinstalled nginx)
+    if [ ! "$module_installed" ] && [ ! "$param_force" ]; then
+        echo "Nginx module is not installed. See 'hestia module info nginx'."
+        exit 1
+    fi
+
+    echo "Removing Nginx module..."
+
+    osal_service_stop $OSAL_SERVICE_NGINX
+    osal_service_disable $OSAL_SERVICE_NGINX
+
+    hestia_config_backup 'nginx-remove' $OSAL_PATH_NGINX_CONF
+
+    osal_package_remove $OSAL_PKG_NGINX
+
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'installed' '0'
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'description' ''
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'enabled' '0'
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'variant' ''
+    osal_kv_write $HESTIA_CONF_MODULES/nginx.conf 'version' '0'
+
+    # Setup web module (depending on Nginx and/or Apache config)
+    hestia module web setup
+}

bin/module/web/setup.inc

@@ -0,0 +1,102 @@
+#!/bin/bash
+
+hestia_module_web_setup() {
+    source $HESTIA/bin/module/func.inc
+
+    apache_installed=$(hestia_module_isinstalled apache)
+    nginx_installed=$(hestia_module_isinstalled nginx)
+
+    if [ "$apache_installed" = 'yes' ] && [ "$nginx_installed" = 'no' ] ; then
+        echo "Setup Web module (Apache only)..."
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SYSTEM' 'apache2'
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_RGROUPS' $OSAL_USER_APACHE_DATA
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_PORT' '80'
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SSL_PORT' '443'
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SSL' 'mod_ssl'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'PROXY_SYSTEM'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'PROXY_PORT'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'PROXY_SSL_PORT'
+
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'installed' '1'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'enabled' '1'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'variant' 'apache2'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'version' '1'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'service_name' $OSAL_SERVICE_APACHE
+    elif [ "$apache_installed" = 'yes' ] && [ "$nginx_installed"  = 'yes' ] ; then
+        echo "Setup Web module (Apache + Nginx)..."
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SYSTEM' 'apache2'
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_RGROUPS' $OSAL_USER_APACHE_DATA
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_PORT' '8080'
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SSL_PORT' '8443'
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SSL' 'mod_ssl'
+        osal_kv_write $HESTIA/conf/hestia.conf  'PROXY_SYSTEM' 'nginx'
+        osal_kv_write $HESTIA/conf/hestia.conf  'PROXY_PORT' '80'
+        osal_kv_write $HESTIA/conf/hestia.conf  'PROXY_SSL_PORT' '443'
+
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'installed' '1'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'enabled' '1'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'variant' 'apache2+nginx'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'version' '1'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'service_name' "$OSAL_SERVICE_APACHE $OSAL_SERVICE_NGINX"
+    elif [ "$apache_installed" = 'no' ] && [ "$nginx_installed"  = 'yes' ]; then
+        echo "Setup Web module (Nginx only)..."
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SYSTEM' 'nginx'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'WEB_RGROUPS'
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_PORT' '80'
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SSL_PORT' '443'
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SSL' 'openssl'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'PROXY_SYSTEM'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'PROXY_PORT'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'PROXY_SSL_PORT'
+
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'installed' '1'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'enabled' '1'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'variant' 'nginx'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'version' '1'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'service_name' $OSAL_SERVICE_NGINX
+    else
+        echo "Remove Web module setup..."
+        osal_kv_write $HESTIA/conf/hestia.conf  'WEB_SYSTEM' 'no'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'WEB_RGROUPS'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'WEB_PORT' '80'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'WEB_SSL_PORT' '443'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'WEB_SSL' 'openssl'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'PROXY_SYSTEM'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'PROXY_PORT'
+        osal_kv_delete $HESTIA/conf/hestia.conf 'PROXY_SSL_PORT'
+
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'installed' '0'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'enabled' '0'
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'variant' ''
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'version' ''
+        osal_kv_write $HESTIA_CONF_MODULES/web.conf 'service_name' ''
+    fi
+
+    osal_kv_write $HESTIA_CONF_MODULES/web.conf 'description' 'Hestia Web module'
+
+    if [ "$OS_BASE" = 'debian' ]; then
+        # Configuring libapache2-mod-remoteip
+        if [ "$apache_installed" = 'yes' ] && [ "$nginx_installed"  = 'yes' ] ; then
+            # FIXME: RHEL version
+            cd /etc/apache2/mods-available
+            echo "<IfModule mod_remoteip.c>" > remoteip.conf
+            echo "  RemoteIPHeader X-Real-IP" >> remoteip.conf
+            if [ "$local_ip" != "127.0.0.1" ] && [ "$pub_ip" != "127.0.0.1" ]; then
+                echo "  RemoteIPInternalProxy 127.0.0.1" >> remoteip.conf
+            fi
+            if [ ! -z "$local_ip" ] && [ "$local_ip" != "$pub_ip" ]; then
+                echo "  RemoteIPInternalProxy $local_ip" >> remoteip.conf
+            fi
+            if [ ! -z "$pub_ip" ]; then
+                echo "  RemoteIPInternalProxy $pub_ip" >> remoteip.conf
+            fi
+            echo "</IfModule>" >> remoteip.conf
+            sed -i "s/LogFormat \"%h/LogFormat \"%a/g" /etc/apache2/apache2.conf
+            a2enmod remoteip >> $LOG
+            systemctl restart apache2
+        fi
+    fi
+
+    # FIXME: move the following to awstats install
+    osal_kv_write $HESTIA/conf/hestia.conf 'STATS_SYSTEM' 'awstats'
+}

func/osal_debian_based.sh

@@ -5,49 +5,72 @@
 # Variables                                                         #
 #-------------------------------------------------------------------#
 
-# Services
+# Apache
 OSAL_SERVICE_APACHE=apache2
+OSAL_USER_APACHE_DATA=www-data
+OSAL_PKG_APACHE=apache2
+OSAL_PKG_APACHE_MOD_RUID2=libapache2-mod-ruid2
+OSAL_PATH_APACHE_CONF=/etc/apache2
+
+# Bind
 OSAL_SERVICE_BIND=bind9
+OSAL_USER_BIND=bind
+OSAL_PKG_BIND=bind9
+OSAL_PATH_BIND_DATA=/var/cache/bind
+
+# ClamAV
 OSAL_SERVICE_CLAMAV=clamav-daemon
+OSAL_USER_CLAMAV=clamav
+OSAL_PKG_CLAMAV=clamav-daemon
+OSAL_PATH_CLAMAV_CONF=/etc/clamav/clamd.conf
+OSAL_PATH_CLAMAV_CONF_D=/etc/clamd.d
+
+# Cron
 OSAL_SERVICE_CRON=cron
+
+# Dovecot
 OSAL_SERVICE_DOVECOT=dovecot
-OSAL_SERVICE_EXIM=exim4
-OSAL_SERVICE_SPAMASSASSIN=spamassassin
+OSAL_PKG_DOVECOT='dovecot-imapd dovecot-pop3d'
+OSAL_PATH_DOVECOT_CONF=/etc/dovecot
 
-# Users
-OSAL_USER_APACHE_DATA=www-data
-OSAL_USER_BIND=bind
-OSAL_USER_CLAMAV=clamav
+# Exim
+OSAL_SERVICE_EXIM=exim4
 OSAL_USER_EXIM=Debian-exim
-OSAL_USER_NOBODY=nobody
-OSAL_USER_NOGROUP=nogroup
+OSAL_PKG_EXIM='exim4 exim4-daemon-heavy'
+OSAL_PATH_EXIM_CONF=/etc/exim4
 
-# Commands
-OSAL_CMD_PACKAGE_MANAGER=/usr/bin/apt-get
+# Nginx
+OSAL_SERVICE_NGINX=nginx
+OSAL_USER_NGINX=nginx
+OSAL_PKG_NGINX=nginx
+OSAL_PATH_NGINX_CONF=/etc/nginx
+OSAL_PATH_NGINX_CONF_D=/etc/nginx/conf.d
 
-# Packages
-OSAL_PKG_APACHE=apache2
-OSAL_PKG_APACHE_MOD_RUID2=libapache2-mod-ruid2
-OSAL_PKG_BIND=bind9
-OSAL_PKG_CLAMAV=clamav-daemon
-OSAL_PKG_DOVECOT='dovecot-imapd dovecot-pop3d'
-OSAL_PKG_EXIM='exim4 exim4-daemon-heavy'
+# phpMyAdmin
 OSAL_PKG_PHPMYADMIN=phpmyadmin
-OSAL_PKG_ROUNDCUBE=roundcube
-OSAL_PKG_SPAMASSASSIN=spamassassin
 
-# Paths
-OSAL_PATH_APACHE_CONF=/etc/apache2
-OSAL_PATH_BIND_DATA=/var/cache/bind
-OSAL_PATH_CLAMAV_CONF=/etc/clamav/clamd.conf
-OSAL_PATH_CLAMAV_CONF_D=/etc/clamd.d
-OSAL_PATH_DOVECOT_CONF=/etc/dovecot
-OSAL_PATH_EXIM_CONF=/etc/exim4
-OSAL_PATH_LOGROTATE_CONF=/etc/logrotate.d
+# RoundCube
+OSAL_PKG_ROUNDCUBE=roundcube
 OSAL_PATH_ROUNDCUBE_INSTALL_MYSQL=/usr/share/dbconfig-common/data/roundcubemail/install/mysql
+
+# SpamAssassin
+OSAL_SERVICE_SPAMASSASSIN=spamassassin
+OSAL_PKG_SPAMASSASSIN=spamassassin
 OSAL_PATH_SPAMASSASSIN_CONF=/etc/spamassassin
+
+# vsftp
 OSAL_PATH_VSFTPD_CONF=/etc/vsftpd.conf
 
+# Misc. users
+OSAL_USER_NOBODY=nobody
+OSAL_USER_NOGROUP=nogroup
+
+# Misc. commands
+OSAL_CMD_PACKAGE_MANAGER=/usr/bin/apt-get
+
+# Misc. paths
+OSAL_PATH_LOGROTATE_CONF_D=/etc/logrotate.d
+
 #-------------------------------------------------------------------#
 # Functions                                                         #
 #-------------------------------------------------------------------#

func/osal_rhel_based.sh

@@ -5,49 +5,72 @@
 # Variables                                                         #
 #-------------------------------------------------------------------#
 
-# Services
+# Apache
 OSAL_SERVICE_APACHE=httpd
+OSAL_USER_APACHE_DATA=apache
+OSAL_PKG_APACHE=httpd
+OSAL_PKG_APACHE_MOD_RUID2=mod_ruid2
+OSAL_PATH_APACHE_CONF=/etc/httpd
+
+# Bind
 OSAL_SERVICE_BIND=named
+OSAL_USER_BIND=named
+OSAL_PKG_BIND=bind
+OSAL_PATH_BIND_DATA=/var/named
+
+# ClamAV
 OSAL_SERVICE_CLAMAV=clamd
+OSAL_USER_CLAMAV=clamav
+OSAL_PKG_CLAMAV='clamav clamav-update'
+OSAL_PATH_CLAMAV_CONF=/etc/clamd.conf
+OSAL_PATH_CLAMAV_CONF_D=/etc/clamd.d
+
+# Cron
 OSAL_SERVICE_CRON=crond
+
+# Dovecot
 OSAL_SERVICE_DOVECOT=dovecot
-OSAL_SERVICE_EXIM=exim
-OSAL_SERVICE_SPAMASSASSIN=spamassassin
+OSAL_PKG_DOVECOT=dovecot
+OSAL_PATH_DOVECOT_CONF=/etc/dovecot
 
-# Users
-OSAL_USER_APACHE_DATA=apache
-OSAL_USER_BIND=named
-OSAL_USER_CLAMAV=clamav
+# Exim
+OSAL_SERVICE_EXIM=exim
 OSAL_USER_EXIM=exim
-OSAL_USER_NOBODY=nobody
-OSAL_USER_NOGROUP=nobody
+OSAL_PKG_EXIM=exim
+OSAL_PATH_EXIM_CONF=/etc/exim
 
-# Commands
-OSAL_CMD_PACKAGE_MANAGER=/usr/bin/dnf
+# Nginx
+OSAL_SERVICE_NGINX=nginx
+OSAL_USER_NGINX=nginx
+OSAL_PKG_NGINX=nginx
+OSAL_PATH_NGINX_CONF=/etc/nginx
+OSAL_PATH_NGINX_CONF_D=/etc/nginx/conf.d
 
-# Packages
-OSAL_PKG_APACHE=httpd
-OSAL_PKG_APACHE_MOD_RUID2=mod_ruid2
-OSAL_PKG_BIND=bind
-OSAL_PKG_CLAMAV='clamav clamav-update'
-OSAL_PKG_DOVECOT=dovecot
-OSAL_PKG_EXIM=exim
+# phpMyAdmin
 OSAL_PKG_PHPMYADMIN=phpMyAdmin
-OSAL_PKG_ROUNDCUBE=roundcubemail
-OSAL_PKG_SPAMASSASSIN=spamassassin
 
-# Paths
-OSAL_PATH_APACHE_CONF=/etc/httpd
-OSAL_PATH_BIND_DATA=/var/named
-OSAL_PATH_CLAMAV_CONF=/etc/clamd.conf
-OSAL_PATH_CLAMAV_CONF_D=/etc/clamd.d
-OSAL_PATH_DOVECOT_CONF=/etc/dovecot
-OSAL_PATH_EXIM_CONF=/etc/exim
-OSAL_PATH_LOGROTATE_CONF=/etc/logrotate.d
+# RoundCube
+OSAL_PKG_ROUNDCUBE=roundcubemail
 OSAL_PATH_ROUNDCUBE_INSTALL_MYSQL=/usr/share/roundcubemail/SQL/mysql
+
+# SpamAssassin
+OSAL_SERVICE_SPAMASSASSIN=spamassassin
+OSAL_PKG_SPAMASSASSIN=spamassassin
 OSAL_PATH_SPAMASSASSIN_CONF=/etc/mail/spamassassin
+
+# vsftpd
 OSAL_PATH_VSFTPD_CONF=/etc/vsftpd
 
+# Misc. users
+OSAL_USER_NOBODY=nobody
+OSAL_USER_NOGROUP=nobody
+
+# Misc. commands
+OSAL_CMD_PACKAGE_MANAGER=/usr/bin/dnf
+
+# Misc. paths
+OSAL_PATH_LOGROTATE_CONF_D=/etc/logrotate.d
+
 #-------------------------------------------------------------------#
 # Functions                                                         #
 #-------------------------------------------------------------------#