|
|
@@ -384,13 +384,16 @@ echo ' | _ | __/\__ \ |_| | (_| | |___| __/ '
|
|
|
echo ' |_| |_|\___||___/\__|_|\__,_|\____|_| '
|
|
|
echo
|
|
|
echo ' Hestia Control Panel'
|
|
|
-echo -e "\n\n"
|
|
|
-
|
|
|
-echo 'The following software will be installed on your system:'
|
|
|
+echo ' v1.0.1'
|
|
|
+echo -e "\n"
|
|
|
+echo "=============================================================================="
|
|
|
+echo -e "\n"
|
|
|
+echo 'The following server components will be installed on your system:'
|
|
|
+echo
|
|
|
|
|
|
# Web stack
|
|
|
if [ "$nginx" = 'yes' ]; then
|
|
|
- echo ' - Nginx Web Server'
|
|
|
+ echo ' - NGINX Web / Proxy Server'
|
|
|
fi
|
|
|
if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then
|
|
|
echo ' - Apache Web Server'
|
|
|
@@ -416,9 +419,12 @@ if [ "$exim" = 'yes' ]; then
|
|
|
if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ] ; then
|
|
|
echo -n ' + '
|
|
|
if [ "$clamd" = 'yes' ]; then
|
|
|
- echo -n 'ClamAV'
|
|
|
+ echo -n 'ClamAV '
|
|
|
fi
|
|
|
if [ "$spamd" = 'yes' ]; then
|
|
|
+ if [ "$clamd" = 'yes' ]; then
|
|
|
+ echo -n '+ '
|
|
|
+ fi
|
|
|
echo -n 'SpamAssassin'
|
|
|
fi
|
|
|
fi
|
|
|
@@ -449,13 +455,15 @@ if [ "$iptables" = 'yes' ]; then
|
|
|
echo -n ' - Iptables Firewall'
|
|
|
fi
|
|
|
if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then
|
|
|
- echo -n ' + Fail2Ban'
|
|
|
+ echo -n ' + Fail2Ban Access Monitor'
|
|
|
fi
|
|
|
-echo -e "\n\n"
|
|
|
+echo -e "\n"
|
|
|
+echo "=============================================================================="
|
|
|
+echo -e "\n"
|
|
|
|
|
|
# Asking for confirmation to proceed
|
|
|
if [ "$interactive" = 'yes' ]; then
|
|
|
- read -p 'Would you like to continue? [y/n]: ' answer
|
|
|
+ read -p 'Would you like to continue with the installation? [Y/N]: ' answer
|
|
|
if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then
|
|
|
echo 'Goodbye'
|
|
|
exit 1
|
|
|
@@ -500,7 +508,7 @@ if [ -z "$email" ]; then
|
|
|
fi
|
|
|
|
|
|
# Defining backup directory
|
|
|
-echo -e "\nInstallation backup directory: $hst_backups"
|
|
|
+echo -e "Installation backup directory: $hst_backups"
|
|
|
|
|
|
# Print Log File Path
|
|
|
echo "Installation log file: $LOG"
|
|
|
@@ -549,10 +557,14 @@ check_result $? 'apt-get upgrade failed'
|
|
|
apt=/etc/apt/sources.list.d
|
|
|
|
|
|
# Updating system
|
|
|
-echo "Installing required repository keys... "
|
|
|
+echo "Adding required repositories to proceed with installation:"
|
|
|
+echo
|
|
|
|
|
|
# Installing nginx repo
|
|
|
echo "(*) NGINX"
|
|
|
+if [ -e $apt/nginx.list ]; then
|
|
|
+ rm $apt/nginx.list
|
|
|
+fi
|
|
|
echo "deb [arch=amd64] http://nginx.org/packages/mainline/$VERSION/ $codename nginx" \
|
|
|
> $apt/nginx.list
|
|
|
wget --quiet http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key
|
|
|
@@ -564,15 +576,21 @@ LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php > /dev/null 2>&1
|
|
|
|
|
|
# Installing MariaDB repo
|
|
|
echo "(*) MariaDB"
|
|
|
+if [ -e $apt/mariadb.list ]; then
|
|
|
+ rm $apt/mariadb.list
|
|
|
+fi
|
|
|
echo "deb [arch=amd64] http://ams2.mirrors.digitalocean.com/mariadb/repo/10.4/$VERSION $codename main" > $apt/mariadb.list
|
|
|
APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1D8 > /dev/null 2>&1
|
|
|
|
|
|
# Installing hestia repo
|
|
|
echo "(*) Hestia Control Panel"
|
|
|
+if [ -e $apt/hestia.list ]; then
|
|
|
+ rm $apt/hestia.list
|
|
|
+fi
|
|
|
echo "deb https://$RHOST/ $codename main" > $apt/hestia.list
|
|
|
wget --quiet https://gpg.hestiacp.com/deb_signing.key -O /tmp/deb_signing.key
|
|
|
APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add /tmp/deb_signing.key > /dev/null 2>&1
|
|
|
-
|
|
|
+echo
|
|
|
|
|
|
#----------------------------------------------------------#
|
|
|
# Backup #
|
|
|
@@ -819,8 +837,9 @@ echo -e '#!/bin/sh\nexit 101' > /usr/sbin/policy-rc.d
|
|
|
chmod a+x /usr/sbin/policy-rc.d
|
|
|
|
|
|
# Installing apt packages
|
|
|
-echo "Installing Hestia Control Panel and required dependencies..."
|
|
|
+echo "Now installing Hestia Control Panel and all required dependencies."
|
|
|
echo -ne "NOTE: This process may take 10 to 15 minutes to complete, please wait... "
|
|
|
+echo
|
|
|
apt-get -y install $software > /dev/null 2>&1 &
|
|
|
BACK_PID=$!
|
|
|
|
|
|
@@ -862,7 +881,7 @@ rm -f /usr/sbin/policy-rc.d
|
|
|
# Configure system #
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
-echo "Configure System"
|
|
|
+echo "(*) Configuring system settings..."
|
|
|
# Enable SSH password authentication
|
|
|
sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config
|
|
|
|
|
|
@@ -914,7 +933,7 @@ chmod 755 /usr/bin/rssh
|
|
|
# Configure Hestia #
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
-echo "Configure Hestia"
|
|
|
+echo "(*) Configuring Hestia Control Panel..."
|
|
|
# Installing sudo configuration
|
|
|
mkdir -p /etc/sudoers.d
|
|
|
cp -f $hestiacp/sudo/admin /etc/sudoers.d/
|
|
|
@@ -1055,7 +1074,7 @@ cp -rf $hestiacp/firewall $HESTIA/data/
|
|
|
$HESTIA/bin/v-change-sys-hostname $servername > /dev/null 2>&1
|
|
|
|
|
|
# Generating SSL certificate
|
|
|
-echo "Generate ssl certificate"
|
|
|
+echo "(*) Generating default self-signed SSL certificate..."
|
|
|
$HESTIA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \
|
|
|
'San Francisco' 'Hestia Control Panel' 'IT' > /tmp/hst.pem
|
|
|
|
|
|
@@ -1065,7 +1084,6 @@ key_start=$(grep -n "BEGIN RSA" /tmp/hst.pem |cut -f 1 -d:)
|
|
|
key_end=$(grep -n "END RSA" /tmp/hst.pem |cut -f 1 -d:)
|
|
|
|
|
|
# Adding SSL certificate
|
|
|
-echo "Add ssl certificate to Hestia"
|
|
|
cd $HESTIA/ssl
|
|
|
sed -n "1,${crt_end}p" /tmp/hst.pem > certificate.crt
|
|
|
sed -n "$key_start,${key_end}p" /tmp/hst.pem > certificate.key
|
|
|
@@ -1084,7 +1102,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$nginx" = 'yes' ]; then
|
|
|
- echo "Configure Nginx Webserver"
|
|
|
+ echo "(*) Configuring NGINX..."
|
|
|
rm -f /etc/nginx/conf.d/*.conf
|
|
|
cp -f $hestiacp/nginx/nginx.conf /etc/nginx/
|
|
|
cp -f $hestiacp/nginx/status.conf /etc/nginx/conf.d/
|
|
|
@@ -1094,7 +1112,7 @@ if [ "$nginx" = 'yes' ]; then
|
|
|
mkdir -p /etc/nginx/conf.d/domains
|
|
|
mkdir -p /var/log/nginx/domains
|
|
|
if [ "$apache" = 'no' ] && [ "$multiphp" = 'yes' ]; then
|
|
|
- echo "Configure Nginx MultiPHP"
|
|
|
+ echo "(*) Configuring Multi-PHP..."
|
|
|
rm -fr $HESTIA/data/templates/web/nginx/*
|
|
|
for v in "${multiphp_v[@]}"; do
|
|
|
update-rc.d php$v-fpm defaults > /dev/null 2>&1
|
|
|
@@ -1140,7 +1158,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$apache" = 'yes' ]; then
|
|
|
- echo "Configure Apache Webserver"
|
|
|
+ echo "(*) Configuring Apache Web Server..."
|
|
|
cp -f $hestiacp/apache2/apache2.conf /etc/apache2/
|
|
|
cp -f $hestiacp/apache2/status.conf /etc/apache2/mods-enabled/
|
|
|
cp -f $hestiacp/logrotate/apache2 /etc/logrotate.d/
|
|
|
@@ -1188,7 +1206,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$phpfpm" = 'yes' ]; then
|
|
|
- echo "Configure PHP-FPM"
|
|
|
+ echo "(*) Configuring PHP-FPM..."
|
|
|
cp -f $hestiacp/php-fpm/www.conf /etc/php/$fpm_v/fpm/pool.d/www.conf
|
|
|
update-rc.d php$fpm_v-fpm defaults > /dev/null 2>&1
|
|
|
service php$fpm_v-fpm start >> $LOG
|
|
|
@@ -1199,7 +1217,8 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
# Configure PHP #
|
|
|
#----------------------------------------------------------#
|
|
|
-echo "Configure PHP Timezone"
|
|
|
+
|
|
|
+echo "(*) Configuring PHP..."
|
|
|
ZONE=$(timedatectl > /dev/null 2>&1|grep Timezone|awk '{print $2}')
|
|
|
if [ -z "$ZONE" ]; then
|
|
|
ZONE='UTC'
|
|
|
@@ -1221,7 +1240,7 @@ chmod 755 /etc/cron.daily/php-session-cleanup
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$vsftpd" = 'yes' ]; then
|
|
|
- echo "Configure Vsftpd"
|
|
|
+ echo "(*) Configuring Vsftpd server..."
|
|
|
cp -f $hestiacp/vsftpd/vsftpd.conf /etc/
|
|
|
touch /var/log/vsftpd.log
|
|
|
chown root:adm /var/log/vsftpd.log
|
|
|
@@ -1241,7 +1260,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$proftpd" = 'yes' ]; then
|
|
|
- echo "Configure ProFTPD server"
|
|
|
+ echo "(*) Configuring ProFTPD server..."
|
|
|
echo "127.0.0.1 $servername" >> /etc/hosts
|
|
|
cp -f $hestiacp/proftpd/proftpd.conf /etc/proftpd/
|
|
|
update-rc.d proftpd defaults > /dev/null 2>&1
|
|
|
@@ -1255,7 +1274,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$mysql" = 'yes' ]; then
|
|
|
- echo "Configure MariaDB server"
|
|
|
+ echo "(*) Configuring MariaDB database server..."
|
|
|
mycnf="my-small.cnf"
|
|
|
if [ $memory -gt 1200000 ]; then
|
|
|
mycnf="my-medium.cnf"
|
|
|
@@ -1301,7 +1320,7 @@ fi
|
|
|
|
|
|
if [ "$mysql" = 'yes' ]; then
|
|
|
# Display upgrade information
|
|
|
- echo "Installing phpMyAdmin version v$pma_v..."
|
|
|
+ echo "(*) Installing phpMyAdmin version v$pma_v..."
|
|
|
|
|
|
# Download latest phpmyadmin release
|
|
|
wget --quiet https://files.phpmyadmin.net/phpMyAdmin/$pma_v/phpMyAdmin-$pma_v-all-languages.tar.gz
|
|
|
@@ -1334,7 +1353,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$postgresql" = 'yes' ]; then
|
|
|
- echo "Configure PostgreSQL database server"
|
|
|
+ echo "(*) Configuring PostgreSQL database server..."
|
|
|
ppass=$(gen_pass)
|
|
|
cp -f $hestiacp/postgresql/pg_hba.conf /etc/postgresql/*/main/
|
|
|
service postgresql restart
|
|
|
@@ -1353,7 +1372,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$named" = 'yes' ]; then
|
|
|
- echo "Configure Bind DNS server"
|
|
|
+ echo "(*) Configuring Bind DNS server..."
|
|
|
cp -f $hestiacp/bind/named.conf /etc/bind/
|
|
|
cp -f $hestiacp/bind/named.conf.options /etc/bind/
|
|
|
chown root:bind /etc/bind/named.conf
|
|
|
@@ -1385,7 +1404,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$exim" = 'yes' ]; then
|
|
|
- echo "Configure Exim mail server"
|
|
|
+ echo "(*) Configuring Exim mail server..."
|
|
|
gpasswd -a Debian-exim mail > /dev/null 2>&1
|
|
|
cp -f $hestiacp/exim/exim4.conf.template /etc/exim4/
|
|
|
cp -f $hestiacp/exim/dnsbl.conf /etc/exim4/
|
|
|
@@ -1421,7 +1440,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$dovecot" = 'yes' ]; then
|
|
|
- echo "Configure Dovecot"
|
|
|
+ echo "(*) Configuring Dovecot POP/IMAP mail server..."
|
|
|
gpasswd -a dovecot mail > /dev/null 2>&1
|
|
|
cp -rf $hestiacp/dovecot /etc/
|
|
|
cp -f $hestiacp/logrotate/dovecot /etc/logrotate.d/
|
|
|
@@ -1444,7 +1463,7 @@ if [ "$clamd" = 'yes' ]; then
|
|
|
gpasswd -a clamav Debian-exim > /dev/null 2>&1
|
|
|
cp -f $hestiacp/clamav/clamd.conf /etc/clamav/
|
|
|
update-rc.d clamav-daemon defaults
|
|
|
- echo -ne "Installing ClamAV anti-virus definitions... "
|
|
|
+ echo -ne "(*) Installing ClamAV anti-virus definitions... "
|
|
|
/usr/bin/freshclam >> $LOG &
|
|
|
BACK_PID=$!
|
|
|
spin_i=1
|
|
|
@@ -1463,7 +1482,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$spamd" = 'yes' ]; then
|
|
|
- echo "Configure SpamAssassin"
|
|
|
+ echo "(*) Configuring SpamAssassin..."
|
|
|
update-rc.d spamassassin defaults > /dev/null 2>&1
|
|
|
sed -i "s/ENABLED=0/ENABLED=1/" /etc/default/spamassassin
|
|
|
service spamassassin start >> $LOG
|
|
|
@@ -1480,7 +1499,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$dovecot" = 'yes' ] && [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
|
|
|
- echo "Configure Roundcube"
|
|
|
+ echo "(*) Configuring Roundcube webmail client..."
|
|
|
if [ "$apache" = 'yes' ]; then
|
|
|
cp -f $hestiacp/roundcube/apache.conf /etc/roundcube/
|
|
|
ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf
|
|
|
@@ -1528,7 +1547,7 @@ fi
|
|
|
#----------------------------------------------------------#
|
|
|
|
|
|
if [ "$fail2ban" = 'yes' ]; then
|
|
|
- echo "Configure Fail2ban"
|
|
|
+ echo "(*) Configuring fail2ban access monitor..."
|
|
|
cp -rf $hestiacp/fail2ban /etc/
|
|
|
if [ "$dovecot" = 'no' ]; then
|
|
|
fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2)
|
Kristan Kenney