Compare commits

...

30 Commits

Author SHA1 Message Date
Marek Miklewicz 83e9b2e66f Bump dapostinstall to 2.0.1 2026-07-04 10:54:28 +02:00
Marek Miklewicz 6e3d6e7667 Add selective plugin install toggles 2026-06-14 14:04:05 +02:00
Marek Miklewicz 89fab85e8e Enable CustomBuild targets before building 2026-06-13 22:46:40 +02:00
Marek Miklewicz 9e8b4aee67 Enable Composer before CustomBuild install 2026-06-13 22:42:41 +02:00
Marek Miklewicz fdfab822c8 Remove invalid http_methods CustomBuild option 2026-06-13 22:17:24 +02:00
Marek Miklewicz c24dc98a45 Use current CustomBuild PHP extension options 2026-06-13 21:50:19 +02:00
Marek Miklewicz c0261418c8 Fix hostname SSL toggle and PHP mode option 2026-06-13 21:25:45 +02:00
Marek Miklewicz 678cbc9066 Use DirectAdmin server_cert for hostname certificate 2026-06-13 21:15:07 +02:00
Marek Miklewicz bd6c5925d3 Do not abort when DA certificate request fails 2026-06-13 21:08:46 +02:00
Marek Miklewicz 091ac31dee Use MARIADB_USAGE for MariaDB memory budget 2026-06-13 21:00:45 +02:00
Marek Miklewicz db01ba1ea0 Tune MariaDB config generation 2026-06-13 20:49:00 +02:00
Marek Miklewicz d0ac04f38b Make SSH port configurable 2026-06-13 20:35:09 +02:00
Marek Miklewicz 79f7952aac Move imapsync into local plugin archives 2026-06-13 20:29:07 +02:00
Marek Miklewicz 9be960ab9d Use redis fresh install for new plugin setup 2026-06-13 20:21:38 +02:00
Marek Miklewicz 0e04667160 Install local DirectAdmin plugins 2026-06-13 20:16:49 +02:00
Marek Miklewicz 76818500b1 Update default PHP releases 2026-06-13 19:11:24 +02:00
Marek Miklewicz f880333fe5 Use local branding archives 2026-06-13 19:07:09 +02:00
Marek Miklewicz fee4de3e2b Repack enhanced translation without macOS metadata 2026-06-13 18:51:48 +02:00
Marek Miklewicz 0ecb158b3d Fix dapostinstall update step under set -e 2026-06-13 18:44:52 +02:00
Marek Miklewicz 6c377b2242 Prepare dapostinstall v2 2026-06-13 18:28:04 +02:00
Marek Miklewicz 53db10cd17 Update directadmin configuration settings
Add restrictions for CustomBuild plugin access and update username length.
2025-12-23 14:29:08 +01:00
Marek Miklewicz 4a15a02699 Add PHP DA_PHP5 to the welcome email 2025-12-16 09:18:03 +01:00
Marek Miklewicz 297692a24e Refactor variable assignments and add PHP version support
Refactor variable assignments to use modern syntax and add support for additional PHP versions.
2025-12-16 09:15:53 +01:00
Marek Miklewicz 08cd154e9e Update SSH configuration to allow password authentication
Enable password authentication for SSH.
2025-12-16 08:59:37 +01:00
Marek Miklewicz b2d3e9159a Add PHP settings and update script commands
Added PHP settings configuration and modified script execution.
2025-10-30 12:56:16 +01:00
Marek Miklewicz 4d511175c6 Create PHP configuration script for DirectAdmin
This script generates PHP configuration files for different PHP versions found in the specified directories. It includes settings for opcache and other PHP directives, and rebuilds Apache/PHP configurations in DirectAdmin.
2025-10-30 12:53:14 +01:00
Marek Miklewicz 1c9eb110dd Update dapostinstall.sh 2025-04-10 14:52:13 +02:00
Marek Miklewicz 4258236123 Usunięcie poprawek PhpMyAdmin 2025-04-10 14:50:28 +02:00
Marek Miklewicz 6c5ac4110e usunięcie automatycznej subdomeny poczta 2025-04-10 14:48:37 +02:00
Marek Miklewicz e9e35f6c6b Update dapostinstall.sh
spamd start fil
2025-04-08 10:15:28 +02:00
19 changed files with 1152 additions and 468 deletions
Binary file not shown.
Binary file not shown.
+2 -4
View File
@@ -3,13 +3,12 @@
#gedas@mc2.dev
### VARS ###
DEFAULTPACKAGE=NO_LIMIT
DEFAULTPACKAGE=NO-LIMIT
DNSMASTER="185.242.132.100" # IP address of this server that should be used on the client host for multiserver
DNSSLAVE="193.178.43.30" # the second DNS server. This server should be able to login to DNSSLAVE via ssh
DNSSLAVEPORT="22" # port for dnsslave
ADMINUSER="admin" # server main admin user
TRUSTED_IPS="127.0.0.1,185.242.134.92,185.242.134.93,185.242.134.94,193.177.165.192,193.177.165.193,193.177.165.194,193.177.165.195,193.177.165.196" #comma s
eparated list of IP addresses
TRUSTED_IPS="127.0.0.1,185.242.134.92,185.242.134.93,185.242.134.94,193.177.165.192,193.177.165.193,193.177.165.194,193.177.165.195,193.177.165.196" # comma separated list of IP addresses
### END VARS ###
######### FUNCTIONS
@@ -1443,4 +1442,3 @@ case "$1" in
createemptybackup) createemptybackup ;;
*) listFunctions ;;
esac
+296 -359
View File
@@ -1,5 +1,7 @@
#!/bin/bash
# VERSION 1.6.6-30.03.2025
# VERSION 2.0.1-04.07.2026
set -euo pipefail
if [ -f "/var/log/dapostinstall.done" ]; then
echo -e "\e[31mSkrypt DApostinstall był już uruchomiony na tym serwerze - przerywam działanie.\e[0m"
exit 1
@@ -10,20 +12,203 @@ DADIR=/usr/local/directadmin
CBDIR=/usr/local/directadmin/custombuild
LOG_FILE=/var/log/dapostinstall.log
HTLINK="https://ht.zenadmin.pl"
MIN_PASSWORD_LENGTH=18
MAX_PASSWORD_LENGTH=24
ITERATION_LIMIT=100
DEFAULT_NS1=dns3.hitme.net.pl
DEFAULT_NS2=dns4.hitme.net.pl
SSH_PORT=10022
REDIS_VERSION=8
HOSTNAME_SSL=1
SETUP_TXT="$DADIR/conf/setup.txt"
PLUGIN_ARCHIVE_DIR="$DAPOSTINSTALL_DIR/plugins"
# PLUGINY
# Nazwa zmiennej odpowiada nazwie paczki: borg-restore.tar.gz -> PLUGIN_BORG_RESTORE.
PLUGIN_BORG_RESTORE=1
PLUGIN_DB_MANAGER=1
PLUGIN_IMAPSYNC=1
PLUGIN_REDIS_MANAGER=1
BRANDING_DIR="$DAPOSTINSTALL_DIR/branding"
DA_TEMPLATES_ARCHIVE="$BRANDING_DIR/da_templates.tar"
DA_BRANDING_ARCHIVE="$BRANDING_DIR/da-branding-hitme.tar.gz"
# PHP versions and extensions managed through DirectAdmin CustomBuild.
php1_release=8.4
php2_release=8.5
php3_release=8.3
php4_release=8.2
php5_release=8.1
php6_release=7.4
php7_release=7.3
php8_release=7.2
php9_release=5.6
ioncube=yes
zend=yes
opcache=yes
imap=yes
imagick=yes
configure_custombuild_php() {
local idx
local release
local release_var
cd "$CBDIR"
da build update
for idx in 1 2 3 4 5 6 7 8 9; do
release_var="php${idx}_release"
release="${!release_var}"
da build set "php${idx}_release" "$release"
done
da build set "php1_mode" "php-fpm"
da build php
da build rewrite_confs
}
build_php_extension() {
local enabled="$1"
local extension="$2"
[[ "$enabled" == "yes" ]] || return 0
cd "$CBDIR"
da build set "$extension" yes
da build "$extension"
}
plugin_config_var() {
local plugin_name="$1"
local var_name
var_name="${plugin_name//-/_}"
var_name="PLUGIN_${var_name^^}"
printf '%s\n' "$var_name"
}
is_plugin_enabled() {
local plugin_name="$1"
local var_name
local enabled
var_name="$(plugin_config_var "$plugin_name")"
enabled="${!var_name:-1}"
[[ "$enabled" != "0" ]]
}
install_local_plugin_archive() {
local archive="$1"
local plugin_name
local plugin_config
local plugin_dir
local install_script
plugin_name="$(basename "$archive" .tar.gz)"
plugin_config="$(plugin_config_var "$plugin_name")"
if ! is_plugin_enabled "$plugin_name"; then
echo "$plugin_config=0 - pomijam instalacje pluginu $plugin_name"
return 0
fi
plugin_dir="$DADIR/plugins/$plugin_name"
echo "Instalacja pluginu $plugin_name"
rm -rf "$plugin_dir"
mkdir -p "$plugin_dir"
tar -zxf "$archive" -C "$plugin_dir"
chown -R diradmin:diradmin "$plugin_dir"
if [[ -f "$plugin_dir/install.sh" ]]; then
install_script="./install.sh"
chmod 755 "$plugin_dir/install.sh"
elif [[ -f "$plugin_dir/scripts/install.sh" ]]; then
install_script="./scripts/install.sh"
chmod 755 "$plugin_dir/scripts/install.sh"
else
fail "Brak install.sh w $plugin_dir"
fi
(
cd "$plugin_dir"
"$install_script"
)
if [[ "$plugin_name" == "imapsync" ]]; then
echo 'imapsync=ON' >> /usr/local/directadmin/data/users/admin/user.conf
cp "$DAPOSTINSTALL_DIR/lang_pl.php" "$plugin_dir/lang"
chown -R diradmin:diradmin "$plugin_dir"
fi
if [[ "$plugin_name" == "redis-manager" ]]; then
require_file "$DADIR/plugins/redis-manager/scripts/redis_install.sh"
chmod 755 "$DADIR/plugins/redis-manager/scripts/redis_install.sh"
(
cd "$plugin_dir"
./scripts/redis_install.sh "$REDIS_VERSION"
)
fi
}
install_local_plugins() {
local archive
local found=0
shopt -s nullglob
for archive in "$PLUGIN_ARCHIVE_DIR"/*.tar.gz; do
found=1
install_local_plugin_archive "$archive"
done
shopt -u nullglob
if [[ "$found" -eq 0 ]]; then
fail "Brak paczek pluginów w $PLUGIN_ARCHIVE_DIR"
fi
}
request_directadmin_certificate() {
if [[ "$HOSTNAME_SSL" == "0" ]]; then
echo "HOSTNAME_SSL=0 - pomijam certyfikat Let's Encrypt dla hostname DirectAdmin"
return 0
fi
echo "Instalacja certyfikatu Let's Encrypt dla hostname DirectAdmin"
if ! "$DADIR/scripts/letsencrypt.sh" server_cert; then
echo "Nie udalo sie wystawic certyfikatu DirectAdmin dla hostname - pomijam ten krok."
echo "Sprawdz hostname/servername w DirectAdmin oraz DNS i uruchom Let's Encrypt recznie po instalacji."
fi
}
update_daupdate_tools() {
echo "update..."
wget "$HTLINK/daupdate.sh" -O /sbin/daupdate
chmod +x /sbin/daupdate
wget "$HTLINK/daupdate.sh" -O /opt/daupdate
wget "$HTLINK/da_cli.sh" -O /sbin/dacli
chmod +x /sbin/dacli
}
exec > >(tee -ia "$LOG_FILE") 2>&1
cd $DAPOSTINSTALL_DIR
cd "$DAPOSTINSTALL_DIR"
# shellcheck source=lib/common.sh
source "$DAPOSTINSTALL_DIR/lib/common.sh"
require_root
require_dir "$DADIR"
require_dir "$CBDIR"
require_file "$CBDIR/build"
require_file "$SETUP_TXT"
require_dir "$PLUGIN_ARCHIVE_DIR"
require_file "$DA_TEMPLATES_ARCHIVE"
require_file "$DA_BRANDING_ARCHIVE"
yum -y install epel-release
yum -y install htop wget rsync nano mc ncdu borgbackup screen net-tools htop libmemcached libmemcached-devel
cp daupdate.sh /opt
chmod 700 /opt/daupdate.sh
cd /opt/
/opt/daupdate.sh update
cd $DAPOSTINSTALL_DIR
update_daupdate_tools
cd "$DAPOSTINSTALL_DIR"
clear
cd $DAPOSTINSTALL_DIR
cd "$DAPOSTINSTALL_DIR"
echo "Blokada logowania roota hasłem"
sed -i '/PermitRootLogin yes/s/^#//g' /etc/ssh/sshd_config
@@ -41,7 +226,7 @@ chmod 600 $DADIR/data/users/admin/packages.list
echo "NO-LIMIT" > $DADIR/data/users/admin/packages.list
chown -R diradmin:diradmin $DADIR/data/users/admin/packages*
echo "Instalacja spolszczenia DirectAdmina"
echo "language=pl" >> $DADIR/conf/directadmin.conf
echo "language=pl" >> "$DADIR/conf/directadmin.conf"
sed -i 's/language=en/language=pl/gI' $DADIR/data/users/admin/user.conf
sed -i 's/language=en/language=pl/gI' $DADIR/data/users/admin/user.conf
sed -i 's/language=en/language=pl/gI' $DADIR/data/users/admin/packages/NO-LIMIT.pkg
@@ -79,65 +264,31 @@ cp pl.po login-pl.po $DADIR/data/skins/evolution/lang/
clear
PS3='Jaka skorke ustawic jako domyslna: '
options=("Enhanced" "Evolution")
select opt in "${options[@]}"
do
case $opt in
"Enhanced")
sed -i 's/evolution/enhanced/gI' $DADIR/conf/directadmin.conf
sed -i 's/evolution/enhanced/gI' $DADIR/data/users/admin/packages/NO-LIMIT.pkg
sed -i 's/evolution/enhanced/gI' $DADIR/data/users/admin/user.conf
systemctl restart directadmin
break
;;
"Evolution")
rm -f $DADIR/data/templates/custom/login.html
echo "Skorka evolution zostala ustawiona jako domyslna"
systemctl restart directadmin
break
;;
*) echo "Niewlasciwa opcja $REPLY";;
esac
done
echo "Wybierz tryb instalacji"
echo "Instalacja automatyczna instaluje wszystkie dodatki i przyjmuje domyslne ustawienia dla hitme."
echo "Instalacja niestandardowa pozwala pominac niektore komponenty, np. nie instalowac ModSecurity, okreslic inny niz 10022 port SSH czy serwery DNS niz standardowe dla hitme zadajac dodatkowe pytania podczas wykonywania skryptu"
PS3='Wybierz tryb instalacji: '
options=("Automatyczna" "Niestandardowa")
select opt in "${options[@]}"
do
case $opt in
"Automatyczna")
echo "Ustawienie DNSów hitme"
sed -i "/ns1=/c\ns1=dns3.hitme.net.pl" $DADIR/conf/directadmin.conf
sed -i "/ns2=/c\ns2=dns4.hitme.net.pl" $DADIR/conf/directadmin.conf
sed -i "/ns1=/c\ns1=dns3.hitme.net.pl" $DADIR/data/users/admin/user.conf
sed -i "/ns2=/c\ns2=dns4.hitme.net.pl" $DADIR/data/users/admin/user.conf
sed -i "/ns1=/c\ns1=dns3.hitme.net.pl" $DADIR/data/users/admin/reseller.conf
sed -i "/ns2=/c\ns2=dns4.hitme.net.pl" $DADIR/data/users/admin/reseller.conf
set_key_value "$DADIR/conf/directadmin.conf" "ns1" "$DEFAULT_NS1"
set_key_value "$DADIR/conf/directadmin.conf" "ns2" "$DEFAULT_NS2"
set_key_value "$DADIR/data/users/admin/user.conf" "ns1" "$DEFAULT_NS1"
set_key_value "$DADIR/data/users/admin/user.conf" "ns2" "$DEFAULT_NS2"
set_key_value "$DADIR/data/users/admin/reseller.conf" "ns1" "$DEFAULT_NS1"
set_key_value "$DADIR/data/users/admin/reseller.conf" "ns2" "$DEFAULT_NS2"
systemctl restart directadmin
echo "Ustawienie domyslnego portu SSH na 10022"
SSH_PORT=10022
echo "Ustawienie domyslnego portu SSH na $SSH_PORT"
sed -i '/Port 22/s/^#//g' /etc/ssh/sshd_config
sed -i "s/Port 22/Port 10022/g" /etc/ssh/sshd_config
sed -i "s/,22,/,22,10022,/g" /etc/csf/csf.conf
sed -i "s/Port 22/Port $SSH_PORT/g" /etc/ssh/sshd_config
sed -i "s/,22,/,22,$SSH_PORT,/g" /etc/csf/csf.conf
echo "Ustawienie dodatkowych zabezpieczen SSH"
if ! grep -q '^Match User root' /etc/ssh/sshd_config; then
daupdate secssh2
fi
echo "Dodanie autoryzacji hasłem"
sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
echo "Ustawienie kluczy logowania do DirectAdmina i kluczy SSH hitme"
@@ -157,22 +308,23 @@ echo "Instalacja Modsecurity i regułek malware experts"
daupdate antybots
echo "Instaluje branding hitme dla skorki evolution i serwera www"
templates_tmp="$(mktemp -d)"
trap 'rm -rf "$templates_tmp"' EXIT
cd $DAPOSTINSTALL_DIR
tar -xvf skin_customizations.tar -C $DADIR/data/users/admin/
cd $DAPOSTINSTALL_DIR
wget https://cdn.hitme.pl/da_templates.tar
tar -xf da_templates.tar
cp da_templates/*[1-9]* /home/admin/domains/default/
cp da_templates/index.html /home/admin/domains/default/index.html
cp da_templates/suspended.shtml /home/admin/domains/suspended/index.html
cp da_templates/index-hitme.html /var/www/html/index.html
tar -xf "$DA_TEMPLATES_ARCHIVE" -C "$templates_tmp"
cp "$templates_tmp"/da_templates/*[1-9]* /home/admin/domains/default/
cp "$templates_tmp"/da_templates/index.html /home/admin/domains/default/index.html
cp "$templates_tmp"/da_templates/suspended.shtml /home/admin/domains/suspended/index.html
if [[ -f "$templates_tmp"/da_templates/index-hitme.html ]]; then
cp "$templates_tmp"/da_templates/index-hitme.html /var/www/html/index.html
else
cp "$templates_tmp"/da_templates/index.html /var/www/html/index.html
fi
cd $DAPOSTINSTALL_DIR
echo "Login branging hitme"
cd /
wget https://cdn.hitme.pl/da_files/da-branding-hitme.tar.gz
tar xvzf da-branding-hitme.tar.gz
rm -rf da-branding-hitme.tar.gz
tar -xzf "$DA_BRANDING_ARCHIVE" -C /
cd $DAPOSTINSTALL_DIR/login_branding
cp admin/* $DADIR/data/admin/
cp -rfp users/admin/skin_customizations//evolution/* $DADIR/data/users/admin/skin_customizations/evolution
@@ -183,244 +335,66 @@ echo "Instalacja Security headers"
cd $DAPOSTINSTALL_DIR
cat security-headers.conf >>/etc/httpd/conf/extra/httpd-includes.conf
cd $CBDIR
./build rewrite_confs
da build rewrite_confs
cd $DAPOSTINSTALL_DIR
echo "Instalacja certyfikatu Let's Encrypt"
$DADIR/scripts/letsencrypt.sh request_single `hostname` 4096
break
;;
"Niestandardowa")
read -p "Podaj adres NS1 [dns3.hitme.net.pl]: " NS1_DEFAULT
NS1_DEFAULT=${NS1_DEFAULT:-dns3.hitme.net.pl}
read -p "Podaj adres NS2 [dns4.hitme.net.pl]: " NS2_DEFAULT
NS2_DEFAULT=${NS2_DEFAULT:-dns4.hitme.net.pl}
sed -i "/ns1=/c\ns1=$NS1_DEFAULT" $DADIR/conf/directadmin.conf
sed -i "/ns2=/c\ns2=$NS2_DEFAULT" $DADIR/conf/directadmin.conf
sed -i "/ns1=/c\ns1=$NS1_DEFAULT" $DADIR/data/users/admin/user.conf
sed -i "/ns2=/c\ns2=$NS2_DEFAULT" $DADIR/data/users/admin/user.conf
sed -i "/ns1=/c\ns1=$NS1_DEFAULT" $DADIR/data/users/admin/reseller.conf
sed -i "/ns2=/c\ns2=$NS2_DEFAULT" $DADIR/data/users/admin/reseller.conf
systemctl restart directadmin
read -p "Podaj port SSH [10022]: " SSH_PORT
SSH_PORT=${SSH_PORT:-10022}
sed -i '/Port 22/s/^#//g' /etc/ssh/sshd_config
sed -i "s/Port 22/Port $SSH_PORT/g" /etc/ssh/sshd_config
sed -i "s/,22,/,22,$SSH_PORT,/g" /etc/csf/csf.conf
while true; do
read -p "Czy aktywowac dodatkowe zabezpiecznia SSH (T/N)? " yn
case $yn in
[Tt] ) echo "Aktywacja dodatkowych zabezpieczen SSH"
tee -a /etc/ssh/sshd_config > /dev/null <<EOT
Match User root Address 185.242.134.0/24,185.242.133.37,185.242.134.92,185.242.134.93,193.177.165.192,193.177.165.193,193.177.165.194,193.177.165.195,193.177.165.196
PubkeyAuthentication yes
PasswordAuthentication yes
PermitRootLogin yes
EOT
break;;
[nN] ) echo "Pomijam aktywacje dodatkowych zabezpieczen SSH";
break;;
* ) echo "Niewlasciwa odpowiedz";;
esac
done
while true; do
read -p "Czy instalowac klucze logowania HITME do SSH (T/N)? " yn
case $yn in
[Tt] ) echo "Instaluje klucze logowania HITME do SSH"
cd /opt
sh daupdate keyput
break;;
[nN] ) echo "Pomijam instalacje kluczy logowania do SSH";
break;;
* ) echo "Niewlasciwa odpowiedz";;
esac
done
while true; do
read -p "Czy instalowac klucze logowania HITME do DirectAdmina (T/N)? " yn
case $yn in
[Tt] ) echo "Instaluje klucze logowania HITME do DirectAdmina"
cd /opt
sh daupdate klucze
break;;
[nN] ) echo "Pomijam instalacje kluczy logowania do DirectAdmina";
break;;
* ) echo "Niewlasciwa odpowiedz";;
esac
done
echo "Instalacja ModSecurity"
while true; do
read -p "Czy instalowac ModSecurity z reglłkami Malware Experts (T/N)? " yn
case $yn in
[Tt] ) echo "Instaluje ModSecurity + Malware Experts"
wget $HTLINK/hitmemodsec.sh -O /opt/hitmemodsec.sh
sh /opt/hitmemodsec.sh
rm -f hitmemodsec.sh
daupdate antybots
break;;
[nN] ) echo "Pomijam instalacje ModSecurity";
break;;
* ) echo "Niewlasciwa odpowiedz";;
esac
done
while true; do
read -p "Czy instalowac brandowanie hitme dla skorki evolution i serwera www (T/N)? " yn
case $yn in
[Tt] ) echo "Instaluje branowanie hitme dla skorki evolution"
cd $DAPOSTINSTALL_DIR
tar -xvf skin_customizations.tar -C $DADIR/data/users/admin/
wget https://cdn.hitme.pl/da_templates.tar
tar -xf da_templates.tar
cp da_templates/*[1-9]* /home/admin/domains/default/
cp da_templates/index.html /home/admin/domains/default/index.html
cp da_templates/suspended.shtml /home/admin/domains/suspended/index.html
cp da_templates/index-hitme.html /var/www/html/index.html
cd $DAPOSTINSTALL_DIR
break;;
[nN] ) echo "Pomijam instalacje brandowania hitme dla skorki evolution";
break;;
* ) echo "Niewlasciwa odpowiedz";;
esac
done
echo "Certyfikat SSL dla DirectAdmina"
while true; do
read -p "Czy instalowac Let's Encrypt dla DirectAdmina dla hostname `hostname` (T/N)? " yn
case $yn in
[Tt] ) echo "Instaluje Let's encrypt"
$DADIR/scripts/letsencrypt.sh request_single `hostname` 4096
break;;
[nN] ) echo "Pomijam instalacje Let's Encrypt";
break;;
* ) echo "Niewlasciwa odpowiedz";;
esac
done
while true; do
read -p "Czy instalowac Security Headers (T/N)? " yn
case $yn in
[Tt] ) echo "Instalacja Security Headers?"
cd $DAPOSTINSTALL_DIR
cat security-headers.conf >>/etc/httpd/conf/extra/httpd-includes.conf
cd $CBDIR
./build rewrite_confs
cd $DAPOSTINSTALL_DIR
break;;
[nN] ) echo "Pomijam instalacje Security Headers";
break;;
* ) echo "Niewlasciwa odpowiedz";;
esac
done
break
;;
*) echo "Niewlasciwa opcja $REPLY";;
esac
done
request_directadmin_certificate
echo -e "\e[96mMam wszystkie informacje - rozpoczynam konfiguracje\e[0m"
echo "Konfiguracja i kompilacja PHP"
configure_custombuild_php
echo "Generowanie maila powitalnego"
cd $DAPOSTINSTALL_DIR
chmod 755 da_cli.sh
echo "Generowanie hasla DirectAdmin"
echo "Pobieranie hasla DirectAdmin z $SETUP_TXT"
count=0
DA_ADMINPASS=$(
while true; do
((count++))
[ "$count" -gt "$ITERATION_LIMIT" ] && { echo "Błąd: przekroczono limit iteracji generowania hasła" >&2; exit 1; }
base_part=$(tr -dc '[:alnum:]' < /dev/urandom | tr -d 'oO0l1I' | fold -w "$((RANDOM % (MAX_PASSWORD_LENGTH - MIN_PASSWORD_LENGTH + 1) + MIN_PASSWORD_LENGTH))" | head -n1)
special_char=$(tr -dc '[:graph:]' < /dev/urandom | tr -d '#|oO0l1I' | fold -w 1 | head -n1)
special_index=$((RANDOM % ${#base_part}))
password="${base_part:0:special_index}${special_char}${base_part:special_index}"
if echo "$password" | grep -qP '^(?=.*[[:digit:]])(?=.*[[:upper:]])(?=.*[^[:alnum:]]).+$'; then
echo "$password"
break
fi
done
)
DA_ADMINPASS=$(get_key_value "$SETUP_TXT" "adminpass")
DA_OPTIONSCONF=$CBDIR/options.conf
DA_USERCONF=$DADIR/data/users/admin/user.conf
DA_HOSTNAME=$(hostname -f)
DA_IP=`cat $DA_USERCONF | grep ip= | cut -d= -f2`
DA_NS1=`cat $DA_USERCONF | grep ns1= | cut -d= -f2`
DA_NS2=`cat $DA_USERCONF | grep ns1= | cut -d= -f2`
DA_PHP1=`cat $DA_OPTIONSCONF | grep php1_release= | cut -d= -f2`
DA_PHP2=`cat $DA_OPTIONSCONF | grep php2_release= | cut -d= -f2`
DA_PHP3=`cat $DA_OPTIONSCONF | grep php3_release= | cut -d= -f2`
DA_PHP4=`cat $DA_OPTIONSCONF | grep php4_release= | cut -d= -f2`
sed -i 's/DA_HOSTNAME/'"$DA_HOSTNAME"'/g' mail_powitalny.txt
DA_IP=$(cat "$DA_USERCONF" | grep 'ip=' | cut -d= -f2)
DA_NS1=$(cat "$DA_USERCONF" | grep 'ns1=' | cut -d= -f2)
DA_NS2=$(cat "$DA_USERCONF" | grep 'ns2=' | cut -d= -f2)
DA_PHP_LIST=$(get_php_release_list "$DA_OPTIONSCONF")
export DA_HOSTNAME
export DA_IP
export DA_NS1
export DA_NS2
export DA_ADMINPASS
export DA_HASLO="$DA_ADMINPASS"
export SSH_PORT
export DA_PHP_LIST
sed -i 's/DA_HOSTNAME/'"$DA_HOSTNAME"'/g' options.conf
sed -i 's/DA_IP/'"$DA_IP"'/g' mail_powitalny.txt
sed -i 's/DA_NS1/'"$DA_NS1"'/g' mail_powitalny.txt
sed -i 's/DA_NS2/'"$DA_NS2"'/g' mail_powitalny.txt
sed -i 's/DA_HASLO/'"$DA_ADMINPASS"'/g' mail_powitalny.txt
sed -i 's/SSH_PORT/'"$SSH_PORT"'/g' mail_powitalny.txt
sed -i 's/DA_PHP1/'"$DA_PHP1"'/g' mail_powitalny.txt
sed -i 's/DA_PHP2/'"$DA_PHP2"'/g' mail_powitalny.txt
sed -i 's/DA_PHP3/'"$DA_PHP3"'/g' mail_powitalny.txt
sed -i 's/DA_PHP4/'"$DA_PHP4"'/g' mail_powitalny.txt
mv mail_powitalny.txt /root
render_template "$DAPOSTINSTALL_DIR/mail_powitalny.txt" "/root/mail_powitalny.txt"
echo "instalacja SpamBlocker"
cd $CBDIR
./build update
./build set eximconf yes
./build set eximconf_release 4.5
./build set blockcracking yes
./build set easy_spam_fighter yes
./build set spamd spamassassin
./build set exim yes
./build exim
./build set dovecot_conf yes
./build dovecot_conf
./build spamassassin
./build update
./build exim_conf
da build update
da build set eximconf yes
da build set blockcracking yes
da build set easy_spam_fighter yes
da build set spamd spamassassin
da build set exim yes
da build exim
da build set dovecot_conf yes
da build dovecot_conf
da build spamassassin
da build update
da build exim_conf
systemctl enable spamassassin
systemctl restart spamd
echo "Dodanie SpamAssassin dla wszystkich uzytkownikow"
@@ -436,6 +410,9 @@ cp spam_assassin_all_users_on.sh $DADIR/scripts/custom/
chmod 755 $DADIR/scripts/custom/spam_assassin_all_users_on.sh
$DADIR/scripts/custom/spam_assassin_all_users_on.sh
echo "Dodawanie ustawoeń PHP"
bash php_settings.sh
echo "Naprawa komunikacji URIBL"
echo "dns_server 127.0.0.1 # Naprawa zapytan URIBL i DNSWL" >> /etc/mail/spamassassin/local.cf
@@ -445,36 +422,32 @@ cd $DADIR
./directadmin set one_click_webmail_login 1
service directadmin restart
cd custombuild
./build update
./build dovecot_conf
./build exim_conf
./build roundcube
da build update
da build dovecot_conf
da build exim_conf
da build set roundcube yes
da build roundcube
echo "OneClick PhpMyAdmin"
cd $DADIR/
./directadmin set one_click_pma_login 1
systemctl restart directadmin
cd custombuild
./build update
./build phpmyadmin
da build update
da build set phpmyadmin yes
da build phpmyadmin
echo "PhpMyAdmin tylko z poziomu DirectAdmina"
cd $CBDIR
./build update
./build set phpmyadmin_public no
./build phpmyadmin
da build update
da build set phpmyadmin yes
da build set phpmyadmin_public no
da build phpmyadmin
systemctl restart directadmin
cd $DAPOSTINSTALL_DIR
echo "Naprawa PhpMyAdmin"
cd $DAPOSTINSTALL_DIR
chmod 755 fix_phpmyadmin.sh
./fix_phpmyadmin.sh
cd $DAPOSTINSTALL_DIR
echo "Automatyczna konfiguracja Thunderbirda"
mkdir -p /var/www/html/.well-known/autoconfig/mail/
da config-set mail_autoconfig 0
@@ -488,29 +461,29 @@ mkdir -p $CBDIR/custom/ap2/conf/extra
cp -Rfp /etc/httpd/conf/extra/httpd-alias.conf $CBDIR/custom/ap2/conf/extra
echo "Alias /.well-known/autoconfig /var/www/html/.well-known/autoconfig" >> $CBDIR/custom/ap2/conf/extra/httpd-alias.conf
echo "Alias /poczta /var/www/html/roundcube" >> $CBDIR/custom/ap2/conf/extra/httpd-alias.conf
$CBDIR/build rewrite_confs
da build rewrite_confs
echo "Instalacja Imagick i WebP"
echo "Instalacja zaleznosci Imagick i WebP"
cd $DAPOSTINSTALL_DIR
if [[ "$imagick" == "yes" ]]; then
dnf -y install mesa-libGL giflib freeglut
# rpm -ivh libwebp-tools-1.0.0-8.el8_7.x86_64.rpm
dnf config-manager --set-enabled crb
dnf install -y giflib-devel
dnf -y install libwebp-devel libjpeg-devel libpng-devel libwebp-tools giflib libvpx libvpx-devel libtiff-devel libXpm-devel libpng-devel ImageMagick-devel
# $CBDIR/build set imagick yes
# $CBDIR/build imagick
sed -i 's/imagick=no/imagick=yes/g' /usr/local/directadmin/custombuild/options.conf
da build imagick
fi
echo "Instalacja IMAP"
sed -i 's/imap=no/imap=yes/gI' $CBDIR/options.conf
$CBDIR/build php_imap
echo "Instalacja rozszerzen PHP z CustomBuild"
build_php_extension "$ioncube" "php_ioncube"
build_php_extension "$zend" "php_zend"
build_php_extension "$opcache" "php_opcache"
build_php_extension "$imap" "php_imap"
build_php_extension "$imagick" "php_imagick"
echo "Instalacja Memcache i redis"
echo "Instalacja Memcache"
yum -y install memcached libmemcached
systemctl enable memcached
systemctl restart memcached
yum -y install redis redis-devel
echo "Instalacja rozszerzen PECL od poralixa"
cd $DADIR/scripts/custom
@@ -522,46 +495,24 @@ cd $DAPOSTINSTALL_DIR
cd $CBDIR
touch custom/php_disable_functions
echo "exec,system,passthru,shell_exec,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname" > custom/php_disable_functions
./build secure_php
# Poprawka redis dla AlmaLinux 9
if grep -q "AlmaLinux release 9" /etc/redhat-release; then
ln -s /etc/redis/redis.conf /etc/redis.conf
fi
da build set secure_php yes
da build secure_php
echo "Optymalizacja MySQL"
cd $DAPOSTINSTALL_DIR
\cp -f my.cnf /etc/my.cnf
bash "$DAPOSTINSTALL_DIR/my-cnf-gen.sh" --output /etc/my.cnf
systemctl restart mysqld
echo "Dodawanie subdomeny poczta do kazdej domeny"
mkdir -p $DADIR/data/templates/custom/
\cp virtual_host2.conf.CUSTOM.4.post $DADIR/data/templates/custom/virtual_host2.conf.CUSTOM.4.post
\cp virtual_host2_secure.conf.CUSTOM.4.post $DADIR/data/templates/custom/virtual_host2_secure.conf.CUSTOM.4.post
echo "action=rewrite&value=httpd" >> $DADIR/data/task.queue
cd $DADIR/data/templates
cp dns_a.conf custom/
cd custom
sed -i '/pop/i poczta=|IP|' $DADIR/data/templates/custom/dns_a.conf
echo "Instalacja bezpiecznego DMARC"
cd $DADIR/data/templates/custom
cp ../dns_txt.conf .
echo '_dmarc="v=DMARC1;p=quarantine;pct=100;sp=none;fo=0:d:s;aspf=s;adkim=r;"' >> dns_txt.conf
echo "Dopuszczenie wszystkich metod HTTPD"
cd $CBDIR
./build set http_methods ALL
./build rewrite_confs
echo "Instalacja composera"
cd $CBDIR
./build composer
da build set composer yes
da build composer
cd $DAPOSTINSTALL_DIR
echo "Instalacja wp-cli"
@@ -592,31 +543,19 @@ touch /etc/ssh/sshd_config_placebo
sed -i 's^/etc/ssh/sshd_config^/etc/ssh/sshd_config_placebo^g' $DADIR/conf/directadmin.conf
systemctl restart directadmin
echo "Instalacja NetData"
cd $CBDIR
./build netdata
echo "Instalacja REDISa"
cd $DADIR/scripts/custom
./php-extension.sh install redis
mkdir $DADIR/plugins/redis_management
cd $DAPOSTINSTALL_DIR
tar -zxf redis_management.tar.gz -C $DADIR/plugins/redis_management
$DADIR/plugins/redis_management/scripts/install.sh
cd $DAPOSTINSTALL_DIR
echo "Instalacja IMAPsync"
echo "Instalacja pluginów DirectAdmin"
echo "Instalacja pakietu IMAPsync"
dnf -y install imapsync
mkdir $DADIR/plugins/imapsync
tar -zxf imapsync.tar.gz -C $DADIR/plugins/imapsync
$DADIR/plugins/imapsync/scripts/install.sh
echo 'imapsync=ON' >> /usr/local/directadmin/data/users/admin/user.conf
cp lang_pl.php $DADIR/plugins/imapsync/lang
cd $DAPOSTINSTALL_DIR
install_local_plugins
cd $DAPOSTINSTALL_DIR
echo "instalacja promptów"
sh prompt.sh
echo "Blokada dostępu do pluginu CustomBuild i informacjach o licencji"
echo "never_commands=custombuild:updates:license" >> /usr/local/directadmin/conf/directadmin.conf
echo "wydłużenie dopuszczalnej długości nazwy użytkownika do 14 znaków"
echo "max_username_length=14" >> /usr/local/directadmin/conf/directadmin.conf
systemctl restart directadmin
rm -rf /usr/local/directadmin/data/users/skin*
da build rewrite_confs
@@ -624,10 +563,8 @@ da build rewrite_confs
cd $DAPOSTINSTALL_DIR
echo "dodaje JIT dla PHP"
sh php_zmienne.sh
sh da_cli.sh disablenamed
sh da_cli.sh disablemultiserverpage
sh da_cli.sh disablecreateadmin
sh da_cli.sh changeuserpass admin $DA_ADMINPASS
sh da_cli.sh createemptybackup
+22
View File
@@ -0,0 +1,22 @@
# Status tlumaczenia skorki enhanced
Porownanie wykonane pomiedzy:
- angielska skorka: `/Users/marek/GPT/ChatGPT/dapostinstall/enhanced/lang/en`
- polskie tlumaczenie: `spolszczenie_enhanced.tar.gz` -> `pl/`
Stan po aktualizacji:
- brakujace pliki wzgledem `lang/en`: 0
- brakujace klucze `LANG_*`: 0
Dodano brakujace pliki:
- `pl/admin/admin_ssl.html`
- `pl/user/dnsprovider.html`
- `pl/user/mod_security.html`
- `pl/user/php_settings.html`
Uzupelniono brakujace klucze w istniejacych plikach, w tym obszary SSL/ACME/HSTS, ModSecurity, DNS Provider, limity wysylki, licencja, Rspamd, PHP Settings oraz nowe pozycje menu.
Uwaga: polskie archiwum nadal zawiera starsze pliki, ktorych nie ma w aktualnym `lang/en`, m.in. katalog `internal/`, obrazki i kilka starszych plikow user-level. Nie blokuje to kompletności aktualnych kluczy `LANG_*`.
BIN
View File
Binary file not shown.
+2 -2
View File
@@ -1,6 +1,6 @@
PLUGIN_HOME_TITLE="Migracja poczty za pomocą IMAPSync";
PLUGIN_DESC_HEADER="";
PLUGIN_HOME_DESCRIPTION="Ta strona wyświetla wszystkie migracje skrzynek pocztowych z wykorzystaniem narzędzia IMAPSync. Nowe migracje mogą zostać rozpoczęte za pomocą przycisku "Nowa Migracja Skrzynki e-mail" lub "Nowa Migracja Wielu Skrzynek e-mail.<br><br>zobacz zakończone migracje dostępne w <a href='/CMD_TICKET?sort1=-1' target='_top' id='px_message_link'>Centrum Wiadomości</a>";
PLUGIN_HOME_DESCRIPTION="Ta strona wyświetla wszystkie migracje skrzynek pocztowych z wykorzystaniem narzędzia IMAPSync. Nowe migracje mogą zostać rozpoczęte za pomocą przycisku \"Nowa Migracja Skrzynki e-mail\" lub \"Nowa Migracja Wielu Skrzynek e-mail\".<br><br>zobacz zakończone migracje dostępne w <a href='/CMD_TICKET?sort1=-1' target='_top' id='px_message_link'>Centrum Wiadomości</a>";
PLUGIN_ACCESS_DENIED="Nie masz uprawnień do korzystania z tej strony! Skontaktuj się z administratorem aby uzyskać więcej informacje.";
PLUGIN_IMPORT_LINK="Nowa Migracja Skrzynki E-mail";
@@ -57,7 +57,7 @@ PLUGIN_BUTTON_TITLE2="Rozpoczynam Migrację";
PLUGIN_NO_DATA="Nie ma jeszcze nic do pokazania";
PLUGIN_LOGS_NOT_FOUND_ERROR="Żądane logi nie zostały odnalezione na serwerze;
PLUGIN_LOGS_NOT_FOUND_ERROR="Żądane logi nie zostały odnalezione na serwerze";
PLUGIN_REMOVED_LOGS_ERROR="Błąd podczas usuwania wybranych logów z serwera ";
PLUGIN_EMPTY_BAD_DATA_ERROR="Otrzymano puste lub uszkodzone dane z serwera.";
PLUGIN_SAVED_TASK_ERROR="Błąd podczas dodawania zadania proszę spróbować później.";
+87
View File
@@ -0,0 +1,87 @@
#!/usr/bin/env bash
log() {
printf '[%s] %s\n' "$(date '+%Y-%m-%d %H:%M:%S')" "$*"
}
fail() {
printf 'ERROR: %s\n' "$*" >&2
exit 1
}
run_step() {
local message="$1"
shift
log "$message"
"$@"
}
require_root() {
[[ "${EUID}" -eq 0 ]] || fail "Ten skrypt musi byc uruchomiony jako root."
}
require_file() {
local path="$1"
[[ -f "$path" ]] || fail "Brak wymaganego pliku: $path"
}
require_dir() {
local path="$1"
[[ -d "$path" ]] || fail "Brak wymaganego katalogu: $path"
}
set_key_value() {
local path="$1"
local key="$2"
local value="$3"
touch "$path"
if grep -qE "^${key}=" "$path"; then
sed -i -E "s|^${key}=.*|${key}=${value}|" "$path"
else
printf '%s=%s\n' "$key" "$value" >> "$path"
fi
}
get_key_value() {
local path="$1"
local key="$2"
local value
value="$(grep -m1 -E "^${key}=" "$path" | cut -d= -f2-)"
[[ -n "$value" ]] || fail "Brak wartosci $key w $path"
printf '%s\n' "$value"
}
get_optional_key_value() {
local path="$1"
local key="$2"
grep -m1 -E "^${key}=" "$path" | cut -d= -f2- || true
}
get_php_release_list() {
local path="$1"
local value
local first=1
local idx
for idx in 1 2 3 4 5 6 7 8 9; do
value="$(get_optional_key_value "$path" "php${idx}_release")"
[[ -n "$value" && "$value" != "no" ]] || continue
if [[ "$first" -eq 1 ]]; then
printf 'PHP %s (domyślna)' "$value"
first=0
else
printf '\nPHP %s' "$value"
fi
done
}
render_template() {
local template="$1"
local output="$2"
perl -pe 's/\{\{([A-Z0-9_]+)\}\}/exists $ENV{$1} ? $ENV{$1} : $&/ge' "$template" > "$output"
}
+11 -14
View File
@@ -12,29 +12,29 @@ i zarządzać backupami. Opcję można skonfigurować tak, aby było to robione
W razie potrzeby dostosowania indywidualnych ustawień, czy też konfiguracji usługi zapraszam do kontaktu.
DANE DO PANELU DIRECTADMIN
Adres do panelu: https://DA_HOSTNAME:2222
Adres do panelu: https://{{DA_HOSTNAME}}:2222
Login administratora: admin
Hasło administratora: DA_HASLO
Adres IP serwera: DA_IP
Port SSH: SSH_PORT
Server Hostname: DA_HOSTNAME
Hasło administratora: {{DA_HASLO}}
Adres IP serwera: {{DA_IP}}
Port SSH: {{SSH_PORT}}
Server Hostname: {{DA_HOSTNAME}}
Logując się na konto administratora, jeżeli chcemy dodawać użytkowników, należy na poziomie administratora skorzystać z opcji "Dodaj użytkownika." Standardowo użytkownik ma nieograniczoną powierzchnie serwera jak również inne parametry takie jak ilość domen, ilość baz danych czy ilość kont e-maili
W ten sposób można zakładać końcowych userów, którym można wydzielać: przestrzeń dyskową, transfer
bazy danych, ftp, ilość domen, limity, a co najważniejsze dostęp do panelu, do którego będzie można logować się poprzez adres
np. http://zaparkowanadomena.pl:2222 lub poprzez adres https://DA_HOSTNAME:2222 jak powyżej.
np. http://zaparkowanadomena.pl:2222 lub poprzez adres https://{{DA_HOSTNAME}}:2222 jak powyżej.
POCZTA
Po podpięciu domeny i stworzeniu kont pocztowych można korzystać z klientów webowych, czyli webmail (link dostępny w panelu DA)
lub logując się bezpośrednio do poczty z adresu:
https://DA_HOSTNAME/poczta (nazwę DA_HOSTNAME można zastąpić nazwą domeny po jej zaparkowaniu).
https://{{DA_HOSTNAME}}/poczta (nazwę {{DA_HOSTNAME}} można zastąpić nazwą domeny po jej zaparkowaniu).
Jeśli chcecie Państwo skorzystać z poczty poprzez programy pocztowe takie jak: Outlook czy Mozilla Thunderbird należy użyć następujących danych w programie pocztowym
Nazwa użytkownika (Login): Pełen adres e-mail do skrzynki
Hasło: Hasło, które zostało podane podczas zakładania skrzynki:
Adres Serwera dla POP / IMAP oraz SMTP: DA_HOSTNAME
Adres Serwera dla POP / IMAP oraz SMTP: {{DA_HOSTNAME}}
Port serwera POP3: 995 (Szyfrowanie SSL / TLS)
Port serwera IMAP: 993 (Szyfrowanie SSL/TLS)
Port SMTP: 465 (szyfrowanie SSL) lub 587 (Szyfrowanie TLS)
@@ -43,18 +43,15 @@ Port SMTP: 465 (szyfrowanie SSL) lub 587 (Szyfrowanie TLS)
DNS
Adresy DNS, na które należy oddelegować domeny do zaparkowania, dodane w panelu DirectAdmin.
dns3.hitme.net.pl ip: 185.242.132.100
dns4.hitme.net.pl ip: 193.178.43.30
{{DA_NS1}}
{{DA_NS2}}
Tak oto przygotowana domena będzie można oddelegować na dane DNSy u operatora, u którego jest wykupiona domena.
Po zmianie dnsów, domena będzie działać i wyświetlać się z serwera.
Zmiana wersji PHP oraz Wiki
Na serwerze zainstalowane są następujące wersje PHP
PHP DA_PHP1 (domyślna)
PHP DA_PHP2
PHP DA_PHP3
PHP DA_PHP4
{{DA_PHP_LIST}}
Zmiana domyślnej wersji PHP możliwa jest dla każdej domeny z poziomu panelu DirectAdmin zgodnie z poradnikiem pod adresem: https://wiki.hitme.pl/pomoc/hosting-dedykowany/php/zmiana-wersji-php-w-panelu-directadmin/
Jeśli potrzebna jest inna wersja PHP prosimy o kontakt z naszym supportem.
Executable
+274
View File
@@ -0,0 +1,274 @@
#!/usr/bin/env bash
set -euo pipefail
MARIADB_USAGE="${MARIADB_USAGE:-25}"
MIN_BUFFER_POOL_MB=256
MAX_CONNECTIONS_MIN=80
MAX_CONNECTIONS_MAX=300
usage() {
cat <<'EOF'
Usage:
my-cnf-gen.sh [--output PATH]
Generates a conservative MariaDB 10.6 my.cnf for DirectAdmin servers.
The InnoDB buffer pool is sized from MARIADB_USAGE percent of RAM so other DA services
such as web, exim, dovecot, redis and spam filtering keep enough memory.
EOF
}
read_mem_total_mb() {
local mem_bytes
if [[ -n "${MYSQL_GEN_MEM_MB:-}" ]]; then
printf '%s\n' "$MYSQL_GEN_MEM_MB"
return 0
fi
if [[ -r /proc/meminfo ]]; then
awk '/^MemTotal:/ { printf "%d\n", int($2 / 1024) }' /proc/meminfo
return 0
fi
mem_bytes="$(sysctl -n hw.memsize 2>/dev/null || true)"
if [[ -n "$mem_bytes" ]]; then
printf '%d\n' "$((mem_bytes / 1024 / 1024))"
return 0
fi
echo "Unable to detect total memory" >&2
exit 1
}
read_cpu_cores() {
local cores
cores=""
if [[ -n "${MYSQL_GEN_CPU_CORES:-}" ]]; then
printf '%s\n' "$MYSQL_GEN_CPU_CORES"
return 0
fi
if [[ -r /proc/cpuinfo ]]; then
cores="$(grep -c '^processor[[:space:]]*:' /proc/cpuinfo 2>/dev/null || true)"
fi
if [[ -z "$cores" || "$cores" -lt 1 ]]; then
cores="$(getconf _NPROCESSORS_ONLN 2>/dev/null || true)"
fi
if [[ -z "$cores" || "$cores" -lt 1 ]]; then
cores=1
fi
printf '%s\n' "$cores"
}
round_down_mb() {
local value_mb="$1"
local step_mb="$2"
local rounded
rounded=$((value_mb / step_mb * step_mb))
if (( rounded < step_mb )); then
rounded="$step_mb"
fi
printf '%s\n' "$rounded"
}
format_size() {
local value_mb="$1"
if (( value_mb >= 1024 && value_mb % 1024 == 0 )); then
printf '%sG\n' "$((value_mb / 1024))"
else
printf '%sM\n' "$value_mb"
fi
}
calc_buffer_pool_mb() {
local mem_mb="$1"
local pool_mb
pool_mb=$((mem_mb * MARIADB_USAGE / 100))
if (( pool_mb < MIN_BUFFER_POOL_MB )); then
pool_mb="$MIN_BUFFER_POOL_MB"
fi
round_down_mb "$pool_mb" 128
}
calc_buffer_pool_instances() {
local pool_mb="$1"
local cores="$2"
local instances=1
if (( pool_mb >= 8192 && cores >= 4 )); then
instances=4
elif (( pool_mb >= 4096 && cores >= 2 )); then
instances=2
fi
printf '%s\n' "$instances"
}
calc_max_connections() {
local mem_mb="$1"
local cores="$2"
local connections
connections=$((mem_mb / 128))
if (( connections < MAX_CONNECTIONS_MIN )); then
connections="$MAX_CONNECTIONS_MIN"
fi
if (( connections > MAX_CONNECTIONS_MAX )); then
connections="$MAX_CONNECTIONS_MAX"
fi
if (( cores <= 2 && connections > 120 )); then
connections=120
fi
printf '%s\n' "$connections"
}
calc_log_file_mb() {
local pool_mb="$1"
local log_mb
log_mb=$((pool_mb / 4))
if (( log_mb < 128 )); then
log_mb=128
elif (( log_mb > 1024 )); then
log_mb=1024
fi
round_down_mb "$log_mb" 128
}
generate_config() {
local mem_mb="$1"
local cores="$2"
local pool_mb="$3"
local pool_instances="$4"
local max_connections="$5"
local log_file_mb="$6"
local io_capacity="$7"
local io_capacity_max="$8"
cat <<EOF
# Generated by my-cnf-gen.sh for MariaDB 10.6 and DirectAdmin stack hosts.
# Detected RAM: ${mem_mb}M
# Detected CPU cores: ${cores}
# MariaDB memory budget: ${MARIADB_USAGE}% RAM
[client]
port=3306
socket=/var/lib/mysql/mysql.sock
default-character-set=utf8mb4
[mysql]
default-character-set=utf8mb4
[mysqld]
user=mysql
port=3306
socket=/var/lib/mysql/mysql.sock
pid-file=/var/lib/mysql/mysql.pid
datadir=/var/lib/mysql
local_infile=0
skip_name_resolve=1
symbolic_links=0
max_connect_errors=1000000
max_allowed_packet=64M
character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
skip-character-set-client-handshake
default_storage_engine=InnoDB
myisam_recover_options=FORCE,BACKUP
key_buffer_size=32M
max_connections=${max_connections}
max_user_connections=50
thread_cache_size=64
table_open_cache=2048
table_definition_cache=1024
open_files_limit=65535
sort_buffer_size=512K
join_buffer_size=512K
read_buffer_size=256K
read_rnd_buffer_size=512K
tmp_table_size=32M
max_heap_table_size=32M
query_cache_type=0
query_cache_size=0
innodb_buffer_pool_size=$(format_size "$pool_mb")
innodb_buffer_pool_instances=${pool_instances}
innodb_log_file_size=$(format_size "$log_file_mb")
innodb_log_files_in_group=2
innodb_flush_log_at_trx_commit=1
innodb_flush_method=O_DIRECT
innodb_file_per_table=1
innodb_io_capacity=${io_capacity}
innodb_io_capacity_max=${io_capacity_max}
log_error=/var/lib/mysql/mysql-error.log
slow_query_log=0
slow_query_log_file=/var/lib/mysql/mysql-slow.log
long_query_time=2
log_queries_not_using_indexes=0
EOF
}
main() {
local output=""
local mem_mb
local cores
local pool_mb
local pool_instances
local max_connections
local log_file_mb
local io_capacity
local io_capacity_max
while [[ $# -gt 0 ]]; do
case "$1" in
--output)
shift
[[ $# -gt 0 ]] || { echo "Missing value for --output" >&2; exit 1; }
output="$1"
;;
--help|-h)
usage
exit 0
;;
*)
echo "Unknown argument: $1" >&2
usage >&2
exit 1
;;
esac
shift
done
mem_mb="$(read_mem_total_mb)"
cores="$(read_cpu_cores)"
pool_mb="$(calc_buffer_pool_mb "$mem_mb")"
pool_instances="$(calc_buffer_pool_instances "$pool_mb" "$cores")"
max_connections="$(calc_max_connections "$mem_mb" "$cores")"
log_file_mb="$(calc_log_file_mb "$pool_mb")"
io_capacity=$((cores * 100))
if (( io_capacity < 200 )); then
io_capacity=200
elif (( io_capacity > 800 )); then
io_capacity=800
fi
io_capacity_max=$((io_capacity * 2))
if [[ -n "$output" ]]; then
generate_config "$mem_mb" "$cores" "$pool_mb" "$pool_instances" "$max_connections" "$log_file_mb" "$io_capacity" "$io_capacity_max" > "$output"
else
generate_config "$mem_mb" "$cores" "$pool_mb" "$pool_instances" "$max_connections" "$log_file_mb" "$io_capacity" "$io_capacity_max"
fi
}
main "$@"
+54 -49
View File
@@ -1,67 +1,72 @@
[mysql]
[client]
port=3306
socket=/var/lib/mysql/mysql.sock
default-character-set=utf8mb4
[mysql]
default-character-set=utf8mb4
[mysqld]
local-infile = 0
character-set-server=utf8
collation-server=utf8_general_ci
sort_buffer_size=512K
skip-character-set-client-handshake
# GENERAL #
# MariaDB 10.6 baseline for DirectAdmin stack hosts.
user=mysql
default-storage-engine = InnoDB
port=3306
socket=/var/lib/mysql/mysql.sock
pid-file=/var/lib/mysql/mysql.pid
datadir=/var/lib/mysql
#Odhasowac tylko i wylaczenie gdy w kodzie sa stosowane zapytania i niewlasciwej skladni,
#od nowszych wersji mysql jest wymuszneie prawidlowej, optymalnej skladni do wersji 10.1 nie byla sprawdzana
# Security and compatibility
local_infile=0
skip_name_resolve=1
symbolic_links=0
max_connect_errors=1000000
max_allowed_packet=64M
#sql_mode=""
# Character set
character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
skip-character-set-client-handshake
# MyISAM #
key-buffer-size = 128M
myisam-recover-options = FORCE,BACKUP
# Storage engines
default_storage_engine=InnoDB
myisam_recover_options=FORCE,BACKUP
key_buffer_size=32M
# SAFETY #
max-allowed-packet = 16M
max-connect-errors = 1000000
skip-name-resolve
# Connection and table limits
max_connections=200
max_user_connections=50
thread_cache_size=64
table_open_cache=2048
table_definition_cache=1024
open_files_limit=65535
# DATA STORAGE #
datadir = /var/lib/mysql/
# Per-connection buffers kept intentionally small for shared DA hosts
sort_buffer_size=512K
join_buffer_size=512K
read_buffer_size=256K
read_rnd_buffer_size=512K
# CACHES AND LIMITS #
tmp-table-size = 32M
max-heap-table-size = 32M
query-cache-type = 1
query-cache-limit = 256K
query-cache-min-res-unit = 2k
query-cache-size = 80M
max-connections = 500
max-user-connections = 100
thread-cache-size = 16
open-files-limit = 65535
table-definition-cache = 4096
table-open-cache = 10240
# Temporary tables
tmp_table_size=32M
max_heap_table_size=32M
# INNODB #
innodb-log-files-in-group = 2
innodb-log-file-size = 128M
innodb-flush-log-at-trx-commit = 1
innodb-buffer-pool-size = 1G
innodb-buffer-pool-instances = 1
# Query cache disabled for multi-core mixed workloads
query_cache_type=0
query_cache_size=0
# InnoDB
innodb_buffer_pool_size=1G
innodb_buffer_pool_instances=1
innodb_log_file_size=256M
innodb_log_files_in_group=2
innodb_flush_log_at_trx_commit=1
innodb_flush_method=O_DIRECT
#moze opozniac dzialania jak create zalecane gdy duze bazy danych
innodb_file_per_table=1
innodb_file_format = barracuda
innodb_io_capacity=200
innodb_io_capacity_max=400
# LOGGING #
log-error = /var/lib/mysql/mysql-error.log
log-queries-not-using-indexes = 1
slow-query-log = 0
slow-query-log-file = /var/lib/mysql/mysql-slow.log
# Logging
log_error=/var/lib/mysql/mysql-error.log
slow_query_log=0
slow_query_log_file=/var/lib/mysql/mysql-slow.log
long_query_time=2
log_queries_not_using_indexes=0
+79
View File
@@ -0,0 +1,79 @@
#!/usr/bin/env bash
set -euo pipefail
mapfile -t PHP_INI_DIRS < <(compgen -G "/usr/local/php*/lib/php.conf.d" || true)
if [[ ${#PHP_INI_DIRS[@]} -eq 0 ]]; then
echo "Brak katalogów /usr/local/phpXX/lib/php.conf.d do przetworzenia." >&2
exit 1
fi
for dir in "${PHP_INI_DIRS[@]}"; do
[[ -d "$dir" ]] || continue
php_tag="$(basename "$(dirname "$(dirname "$dir")")")"
num="${php_tag#php}"
major="${num:0:1}"
read -r -d '' OPCACHE_BLOCK <<'OPC_END' || true
[opcache]
opcache.enable=1
opcache.enable_cli=0
opcache.memory_consumption=256
opcache.interned_strings_buffer=32
opcache.max_accelerated_files=16229
opcache.max_wasted_percentage=10
opcache.revalidate_freq=10
opcache.fast_shutdown=1
opcache.enable_file_override=0
opcache.max_file_size=0
opcache.validate_timestamps=1
opcache.revalidate_path=0
OPC_END
JIT_BLOCK=""
if [[ "$major" -ge 8 ]]; then
JIT_BLOCK=$'opcache.jit_buffer_size=256M\nopcache.jit=1255\n'
fi
target="${dir}/20-hitme.ini"
echo "Tworzę ${target}"
cat >"$target" <<INI
[Date]
date.timezone = Europe/Warsaw
[Session]
session.auto_start = Off
[PHP]
short_open_tag = Off
display_errors = Off
magic_quotes_gpc = off
memory_limit = 512M
max_execution_time = 1500
max_input_time = 1500
upload_max_filesize = 512M
post_max_size = 512M
max_input_vars = 100000
allow_url_fopen = on
${OPCACHE_BLOCK}
${JIT_BLOCK}
INI
done
echo "Przebudowuję konfiguracje Apache/PHP w DirectAdmin..."
if command -v da >/dev/null 2>&1; then
da build rewrite_confs
elif [[ -x /usr/local/directadmin/custombuild/build ]]; then
/usr/local/directadmin/custombuild/build rewrite_confs
else
echo "Nie znaleziono polecenia build rewrite_confs" >&2
exit 2
fi
echo "Gotowe."
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
+315
View File
@@ -0,0 +1,315 @@
#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
fail() {
echo "FAIL: $*" >&2
exit 1
}
assert_file_contains() {
local file="$1"
local pattern="$2"
grep -qE "$pattern" "$file" || fail "$file does not contain pattern: $pattern"
}
assert_file_not_contains() {
local file="$1"
local pattern="$2"
if grep -qE "$pattern" "$file"; then
fail "$file contains forbidden pattern: $pattern"
fi
}
assert_bash_syntax() {
local file="$1"
bash -n "$file" || fail "$file has invalid bash syntax"
}
assert_archive_clean_for_linux_tar() {
local archive="$1"
local metadata_entries
local xattr_entries
metadata_entries="$(tar -tzf "$archive" | grep -E '(^|/)\._|(^|/)\.DS_Store$|(^|/)__MACOSX(/|$)' || true)"
if [[ -n "$metadata_entries" ]]; then
fail "$archive contains macOS metadata files"
fi
xattr_entries="$(gzip -dc "$archive" | strings | grep -E 'LIBARCHIVE\.xattr|SCHILY\.xattr|com\.apple' || true)"
if [[ -n "$xattr_entries" ]]; then
fail "$archive contains macOS extended attributes"
fi
}
assert_gzip_tar_contains() {
local archive="$1"
local path="$2"
tar -tzf "$archive" | grep -qx "$path" || fail "$archive does not contain $path"
}
assert_plain_tar_archive_clean_for_linux_tar() {
local archive="$1"
local metadata_entries
local xattr_entries
metadata_entries="$(tar -tf "$archive" | grep -E '(^|/)\._|(^|/)\.DS_Store$|(^|/)__MACOSX(/|$)' || true)"
if [[ -n "$metadata_entries" ]]; then
fail "$archive contains macOS metadata files"
fi
xattr_entries="$(tar -xOf "$archive" 2>/dev/null | strings | grep -E 'LIBARCHIVE\.xattr|SCHILY\.xattr|com\.apple' || true)"
if [[ -n "$xattr_entries" ]]; then
fail "$archive contains macOS extended attributes"
fi
}
assert_bash_syntax "$ROOT_DIR/dapostinstall.sh"
assert_bash_syntax "$ROOT_DIR/da_cli.sh"
assert_bash_syntax "$ROOT_DIR/daupdate.sh"
assert_bash_syntax "$ROOT_DIR/my-cnf-gen.sh"
php -l "$ROOT_DIR/lang_pl.php" >/dev/null || fail "lang_pl.php has invalid PHP syntax"
assert_archive_clean_for_linux_tar "$ROOT_DIR/spolszczenie_enhanced.tar.gz"
[[ -f "$ROOT_DIR/branding/da_templates.tar" ]] || fail "missing local da_templates archive"
[[ -f "$ROOT_DIR/branding/da-branding-hitme.tar.gz" ]] || fail "missing local DA branding archive"
assert_plain_tar_archive_clean_for_linux_tar "$ROOT_DIR/branding/da_templates.tar"
assert_archive_clean_for_linux_tar "$ROOT_DIR/branding/da-branding-hitme.tar.gz"
[[ -f "$ROOT_DIR/plugins/borg-restore.tar.gz" ]] || fail "missing borg-restore plugin archive"
[[ -f "$ROOT_DIR/plugins/db-manager.tar.gz" ]] || fail "missing db-manager plugin archive"
[[ -f "$ROOT_DIR/plugins/redis-manager.tar.gz" ]] || fail "missing redis-manager plugin archive"
[[ -f "$ROOT_DIR/plugins/imapsync.tar.gz" ]] || fail "missing imapsync plugin archive"
assert_archive_clean_for_linux_tar "$ROOT_DIR/plugins/borg-restore.tar.gz"
assert_archive_clean_for_linux_tar "$ROOT_DIR/plugins/db-manager.tar.gz"
assert_archive_clean_for_linux_tar "$ROOT_DIR/plugins/redis-manager.tar.gz"
assert_archive_clean_for_linux_tar "$ROOT_DIR/plugins/imapsync.tar.gz"
assert_gzip_tar_contains "$ROOT_DIR/plugins/borg-restore.tar.gz" './install.sh'
assert_gzip_tar_contains "$ROOT_DIR/plugins/db-manager.tar.gz" './install.sh'
assert_gzip_tar_contains "$ROOT_DIR/plugins/redis-manager.tar.gz" './install.sh'
assert_gzip_tar_contains "$ROOT_DIR/plugins/redis-manager.tar.gz" './scripts/redis_install.sh'
assert_gzip_tar_contains "$ROOT_DIR/plugins/redis-manager.tar.gz" './scripts/redis_migrate.sh'
assert_gzip_tar_contains "$ROOT_DIR/plugins/imapsync.tar.gz" './scripts/install.sh'
assert_file_contains "$ROOT_DIR/da_cli.sh" '^DEFAULTPACKAGE=NO-LIMIT$'
assert_file_not_contains "$ROOT_DIR/da_cli.sh" '^eparated list of IP addresses$'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'c\\ns1='
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'c\\ns2='
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'set_key_value "\$DADIR/conf/directadmin\.conf" "ns1"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'set_key_value "\$DADIR/conf/directadmin\.conf" "ns2"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^DEFAULT_NS1=dns3\.hitme\.net\.pl$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^DEFAULT_NS2=dns4\.hitme\.net\.pl$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^SSH_PORT=10022$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^REDIS_VERSION=8$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^HOSTNAME_SSL=1$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^PLUGIN_ARCHIVE_DIR="\$DAPOSTINSTALL_DIR/plugins"$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^PLUGIN_BORG_RESTORE=1$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^PLUGIN_DB_MANAGER=1$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^PLUGIN_IMAPSYNC=1$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^PLUGIN_REDIS_MANAGER=1$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^BRANDING_DIR="\$DAPOSTINSTALL_DIR/branding"$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^DA_TEMPLATES_ARCHIVE="\$BRANDING_DIR/da_templates\.tar"$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^DA_BRANDING_ARCHIVE="\$BRANDING_DIR/da-branding-hitme\.tar\.gz"$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^php1_release='
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^php2_release='
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^php9_release='
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build set "php1_mode" "php-fpm"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'php\$?\{?idx\}?_mode'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'php[2-9]_mode'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^ioncube=yes$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^zend=yes$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^opcache=yes$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^imap=yes$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^imagick=yes$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^SETUP_TXT="\$DADIR/conf/setup\.txt"$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^update_daupdate_tools\(\) \{$'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" '/opt/daupdate\.sh update'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'require_file "\$SETUP_TXT"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'require_file "\$DA_TEMPLATES_ARCHIVE"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'require_file "\$DA_BRANDING_ARCHIVE"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'require_dir "\$PLUGIN_ARCHIVE_DIR"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'https://cdn\.hitme\.pl/da_templates\.tar'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'https://cdn\.hitme\.pl/da_files/da-branding-hitme\.tar\.gz'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'tar -xf "\$DA_TEMPLATES_ARCHIVE" -C "\$templates_tmp"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'tar -xzf "\$DA_BRANDING_ARCHIVE" -C /'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'index-hitme\.html'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'DA_ADMINPASS=\$\(get_key_value "\$SETUP_TXT" "adminpass"\)'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'set_key_value "\$DADIR/conf/directadmin\.conf" "ns1" "\$DEFAULT_NS1"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'set_key_value "\$DADIR/conf/directadmin\.conf" "ns2" "\$DEFAULT_NS2"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'sed -i "s/Port 22/Port \$SSH_PORT/g" /etc/ssh/sshd_config'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'sed -i "s/,22,/,22,\$SSH_PORT,/g" /etc/csf/csf\.conf'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'Port 10022'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" ',22,10022,'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'MIN_PASSWORD_LENGTH'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'MAX_PASSWORD_LENGTH'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'ITERATION_LIMIT'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" '/dev/urandom'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'changeuserpass admin'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^configure_custombuild_php\(\) \{$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'release_var="php\$\{idx\}_release"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'release="\$\{!release_var\}"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build set "php\$\{idx\}_release" "\$release"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build set "php1_mode" "php-fpm"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'da build set "php\$\{idx\}_mode"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build php'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build rewrite_confs'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'eximconf_release'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" '\./build'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" '^[[:space:]]*\$CBDIR/build'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'http_methods'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build set composer yes'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build set phpmyadmin yes'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build set roundcube yes'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build set secure_php yes'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build set eximconf yes'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'da build exim_conf'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'build_php_extension "\$ioncube" "php_ioncube"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'build_php_extension "\$zend" "php_zend"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'build_php_extension "\$opcache" "php_opcache"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'build_php_extension "\$imap" "php_imap"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'build_php_extension "\$imagick" "php_imagick"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'build_php_extension "\$ioncube" "ioncube"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'build_php_extension "\$zend" "zend"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'build_php_extension "\$opcache" "opcache"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'build_php_extension "\$imagick" "imagick"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'sed -i .*imagick=no'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'sed -i .*imap=no'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'yum -y install redis redis-devel'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" '\./php-extension\.sh install redis'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'ln -s /etc/redis/redis\.conf /etc/redis\.conf'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" "sed -i 's/DA_.*mail_powitalny.txt"
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'mv mail_powitalny.txt /root'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'DA_PHP_LIST=\$\(get_php_release_list "\$DA_OPTIONSCONF"\)'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'render_template "\$DAPOSTINSTALL_DIR/mail_powitalny.txt" "/root/mail_powitalny.txt"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'PS3='
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" '^select opt in'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" '"Niestandardowa"\)'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'Czy instalowac'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'Czy aktywowac'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'Podaj adres NS'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'Jaka skorke ustawic'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'Wybierz tryb instalacji'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" "s/evolution/enhanced"
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'request_directadmin_certificate\(\)'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '\[\[ "\$HOSTNAME_SSL" == "0" \]\]'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'HOSTNAME_SSL=0 - pomijam certyfikat'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'letsencrypt\.sh" server_cert'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'Nie udalo sie wystawic certyfikatu DirectAdmin'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'request_single "\$da_hostname" 4096'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'request_single `hostname`'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'Skorka evolution zostala ustawiona jako domyslna'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^is_plugin_enabled\(\) \{$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '^install_local_plugin_archive\(\) \{$'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'local found=0'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'for archive in "\$PLUGIN_ARCHIVE_DIR"/\*\.tar\.gz; do'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'found=1'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'if ! is_plugin_enabled "\$plugin_name"; then'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '\$plugin_config=0 - pomijam instalacje pluginu'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'Brak paczek pluginów w \$PLUGIN_ARCHIVE_DIR'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'plugin_name="\$\(basename "\$archive" \.tar\.gz\)"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'mkdir -p "\$plugin_dir"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'tar -zxf "\$archive" -C "\$plugin_dir"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'chown -R diradmin:diradmin "\$plugin_dir"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'chmod 755 "\$plugin_dir/install\.sh"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'chmod 755 "\$plugin_dir/scripts/install\.sh"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'cd "\$plugin_dir"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '\./install\.sh'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '\./scripts/install\.sh'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'chmod 755 "\$DADIR/plugins/redis-manager/scripts/redis_install\.sh"'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" '\./scripts/redis_install\.sh "\$REDIS_VERSION"'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'redis_migrate\.sh'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'redis_management\.tar\.gz'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'plugins/redis_management'
assert_file_not_contains "$ROOT_DIR/dapostinstall.sh" 'tar -zxf imapsync\.tar\.gz'
assert_file_contains "$ROOT_DIR/dapostinstall.sh" 'bash "\$DAPOSTINSTALL_DIR/my-cnf-gen\.sh" --output /etc/my\.cnf'
assert_file_contains "$ROOT_DIR/my.cnf" 'character-set-server=utf8mb4'
assert_file_contains "$ROOT_DIR/my.cnf" 'collation-server=utf8mb4_unicode_ci'
assert_file_contains "$ROOT_DIR/my.cnf" 'query_cache_type=0'
assert_file_contains "$ROOT_DIR/my.cnf" 'query_cache_size=0'
assert_file_not_contains "$ROOT_DIR/my.cnf" 'query-cache-type'
assert_file_not_contains "$ROOT_DIR/my.cnf" 'query-cache-size'
assert_file_not_contains "$ROOT_DIR/my.cnf" 'innodb_file_format'
assert_file_contains "$ROOT_DIR/my-cnf-gen.sh" 'MARIADB_USAGE="\$\{MARIADB_USAGE:-25\}"'
assert_file_not_contains "$ROOT_DIR/my-cnf-gen.sh" 'MARIADB_MEMORY_PERCENT'
assert_file_contains "$ROOT_DIR/my-cnf-gen.sh" 'MYSQL_GEN_MEM_MB'
assert_file_contains "$ROOT_DIR/my-cnf-gen.sh" 'MYSQL_GEN_CPU_CORES'
assert_file_contains "$ROOT_DIR/my-cnf-gen.sh" '/proc/meminfo'
assert_file_contains "$ROOT_DIR/my-cnf-gen.sh" '/proc/cpuinfo'
assert_file_contains "$ROOT_DIR/my-cnf-gen.sh" 'innodb_buffer_pool_size'
assert_file_contains "$ROOT_DIR/my-cnf-gen.sh" 'MariaDB 10.6'
assert_file_contains "$ROOT_DIR/mail_powitalny.txt" '\{\{DA_HOSTNAME\}\}'
assert_file_contains "$ROOT_DIR/mail_powitalny.txt" '\{\{DA_HASLO\}\}'
assert_file_contains "$ROOT_DIR/mail_powitalny.txt" '\{\{DA_PHP_LIST\}\}'
assert_file_contains "$ROOT_DIR/mail_powitalny.txt" '\{\{DA_NS1\}\}'
assert_file_contains "$ROOT_DIR/mail_powitalny.txt" '\{\{DA_NS2\}\}'
assert_file_not_contains "$ROOT_DIR/mail_powitalny.txt" 'DA_PHP1'
COMMON_SH="$ROOT_DIR/lib/common.sh"
[[ -f "$COMMON_SH" ]] || fail "missing lib/common.sh"
# shellcheck source=/dev/null
source "$COMMON_SH"
tmp_dir="$(mktemp -d)"
trap 'rm -rf "$tmp_dir"' EXIT
generated_my_cnf="$tmp_dir/generated-my.cnf"
MYSQL_GEN_MEM_MB=8192 MYSQL_GEN_CPU_CORES=4 "$ROOT_DIR/my-cnf-gen.sh" --output "$generated_my_cnf"
grep -qx 'innodb_buffer_pool_size=2G' "$generated_my_cnf" || fail "generated my.cnf should allocate 25% of 8G to InnoDB"
grep -qx 'max_connections=80' "$generated_my_cnf" || fail "generated my.cnf should keep low-RAM max_connections conservative"
grep -qx 'query_cache_size=0' "$generated_my_cnf" || fail "generated my.cnf should disable query cache"
MARIADB_USAGE=50 MYSQL_GEN_MEM_MB=8192 MYSQL_GEN_CPU_CORES=4 "$ROOT_DIR/my-cnf-gen.sh" --output "$generated_my_cnf"
grep -qx 'innodb_buffer_pool_size=4G' "$generated_my_cnf" || fail "MARIADB_USAGE override should change InnoDB allocation"
kv_file="$tmp_dir/example.conf"
printf 'ns1=old.example\nother=value\n' > "$kv_file"
set_key_value "$kv_file" "ns1" "dns3.hitme.net.pl"
set_key_value "$kv_file" "ns2" "dns4.hitme.net.pl"
grep -qx 'ns1=dns3.hitme.net.pl' "$kv_file" || fail "set_key_value did not replace ns1"
grep -qx 'ns2=dns4.hitme.net.pl' "$kv_file" || fail "set_key_value did not append ns2"
[[ "$(grep -c '^ns1=' "$kv_file")" -eq 1 ]] || fail "set_key_value duplicated ns1"
setup_file="$tmp_dir/setup.txt"
printf 'hostname=server.example\nadminpass=hG7KZfTPq1z8f4KC3N5J4\n' > "$setup_file"
[[ "$(get_key_value "$setup_file" "adminpass")" == "hG7KZfTPq1z8f4KC3N5J4" ]] || fail "get_key_value did not read adminpass"
php_options="$tmp_dir/options.conf"
printf 'php1_release=8.3\nphp2_release=8.2\nphp3_release=no\nphp9_release=7.4\n' > "$php_options"
expected_php=$'PHP 8.3 (domyślna)\nPHP 8.2\nPHP 7.4'
[[ "$(get_php_release_list "$php_options")" == "$expected_php" ]] || fail "get_php_release_list returned unexpected output"
php1_release=8.3
php2_release=8.2
php3_release=8.1
php4_release=7.4
php5_release=no
php6_release=no
php7_release=no
php8_release=no
php9_release=5.6
php_commands="$tmp_dir/php_commands.log"
for idx in 1 2 3 4 5 6 7 8 9; do
release_var="php${idx}_release"
release="${!release_var}"
printf 'da build set php%s_release %s\n' "$idx" "$release" >> "$php_commands"
done
grep -qx 'da build set php1_release 8.3' "$php_commands" || fail "php1_release command is wrong"
grep -qx 'da build set php2_release 8.2' "$php_commands" || fail "php2_release command is wrong"
grep -qx 'da build set php9_release 5.6' "$php_commands" || fail "php9_release command is wrong"
[[ "$(cut -d' ' -f5 "$php_commands" | sort -u | wc -l | tr -d ' ')" -gt 2 ]] || fail "php release commands appear to reuse a single value"
template_file="$tmp_dir/template.txt"
output_file="$tmp_dir/output.txt"
printf 'Host: {{DA_HOSTNAME}}\nPass: {{DA_HASLO}}\nPHP:\n{{DA_PHP_LIST}}\n' > "$template_file"
export DA_HOSTNAME='server.example'
export DA_HASLO='abc/123&xyz'
export DA_PHP_LIST="$expected_php"
render_template "$template_file" "$output_file"
grep -qx 'Host: server.example' "$output_file" || fail "render_template did not replace hostname"
grep -qx 'Pass: abc/123&xyz' "$output_file" || fail "render_template did not safely replace password"
grep -qx 'PHP 8.3 (domyślna)' "$output_file" || fail "render_template did not replace multiline PHP list"
echo "quality checks passed"
-30
View File
@@ -1,30 +0,0 @@
#!/bin/bash
#file should be created as /usr/local/directadmin/scripts/custom/user_modify_pre.sh
#chown diradmin:diradmin /usr/local/directadmin/scripts/custom/user_modify_pre.sh
#chmod 700 /usr/local/directadmin/scripts/custom/user_modify_pre.sh
#Create a login key on destination (mail) server with CMD_MODIFY_USER permissions
da_host='mx1.hitme.net.pl'
da_user='admin'
da_pass='R1g4W43e458H28ObOX1x747S61J57511lyDpfc7fRGXZfo1IX0UrhPP1tZ3apx29'
if [ "${action}" = "package" ]; then
json_data=$(cat <<- EOF
{
"user":"${user}",
"package":"${package}",
"json":"yes",
"action":"package"
}
EOF
)
response=$(curl -s --request "POST" --data "${json_data}" "https://${da_user}:${da_pass}@${da_host}:2222/CMD_MODIFY_USER?json=yes")
if ! echo "${response}" | grep -q \"success\"; then
echo "Problem with a package on ${da_host}:</br>"
echo "${response}"
exit 1
fi
fi