From 0402e9ac0e78cb9ed588f1e761c4b7d1506e19bd Mon Sep 17 00:00:00 2001 From: Alexey Berezhok Date: Wed, 10 Jul 2024 23:01:39 +0300 Subject: [PATCH] Delete deprecated updates --- install/upgrade/versions/0.9.8-29.sh | 30 --- install/upgrade/versions/1.0.1.sh | 16 -- install/upgrade/versions/1.0.2.sh | 74 ------ install/upgrade/versions/1.0.3.sh | 7 - install/upgrade/versions/1.0.4.sh | 7 - install/upgrade/versions/1.0.5.sh | 7 - install/upgrade/versions/1.0.6.sh | 7 - install/upgrade/versions/1.00.0-190618.sh | 278 -------------------- install/upgrade/versions/1.1.0.sh | 239 ----------------- install/upgrade/versions/1.1.1.sh | 20 -- install/upgrade/versions/1.2.0.sh | 219 ---------------- install/upgrade/versions/1.2.1.sh | 7 - install/upgrade/versions/1.2.2.sh | 48 ---- install/upgrade/versions/1.2.3.sh | 7 - install/upgrade/versions/1.3.0.sh | 76 ------ install/upgrade/versions/1.3.1.sh | 21 -- install/upgrade/versions/1.3.2.sh | 7 - install/upgrade/versions/1.3.3.sh | 21 -- install/upgrade/versions/1.3.4.sh | 17 -- install/upgrade/versions/1.4.0.sh | 198 -------------- install/upgrade/versions/1.4.1.sh | 7 - install/upgrade/versions/1.4.10.sh | 7 - install/upgrade/versions/1.4.11.sh | 27 -- install/upgrade/versions/1.4.12.sh | 16 -- install/upgrade/versions/1.4.13.sh | 51 ---- install/upgrade/versions/1.4.14.sh | 21 -- install/upgrade/versions/1.4.15.sh | 29 --- install/upgrade/versions/1.4.16.sh | 20 -- install/upgrade/versions/1.4.17.sh | 20 -- install/upgrade/versions/1.4.2.sh | 29 --- install/upgrade/versions/1.4.3.sh | 20 -- install/upgrade/versions/1.4.4.sh | 37 --- install/upgrade/versions/1.4.5.sh | 7 - install/upgrade/versions/1.4.6.sh | 12 - install/upgrade/versions/1.4.7.sh | 11 - install/upgrade/versions/1.4.8.sh | 28 -- install/upgrade/versions/1.4.9.sh | 7 - install/upgrade/versions/1.5.0.sh | 89 ------- install/upgrade/versions/1.5.1.sh | 56 ---- install/upgrade/versions/1.5.10.sh | 40 --- install/upgrade/versions/1.5.11.sh | 50 ---- install/upgrade/versions/1.5.2.sh | 22 -- install/upgrade/versions/1.5.3.sh | 22 -- install/upgrade/versions/1.5.4.sh | 22 -- install/upgrade/versions/1.5.5.sh | 103 -------- install/upgrade/versions/1.5.6.sh | 27 -- install/upgrade/versions/1.5.7.sh | 22 -- install/upgrade/versions/1.5.8.sh | 33 --- install/upgrade/versions/1.5.9.sh | 22 -- install/upgrade/versions/1.6.0.sh | 133 ---------- install/upgrade/versions/1.6.1.sh | 51 ---- install/upgrade/versions/1.6.10.sh | 25 -- install/upgrade/versions/1.6.12.sh | 33 --- install/upgrade/versions/1.6.13.sh | 22 -- install/upgrade/versions/1.6.14.sh | 29 --- install/upgrade/versions/1.6.2.sh | 38 --- install/upgrade/versions/1.6.3.sh | 30 --- install/upgrade/versions/1.6.4.sh | 22 -- install/upgrade/versions/1.6.5.sh | 22 -- install/upgrade/versions/1.6.6.sh | 30 --- install/upgrade/versions/1.6.7.sh | 30 --- install/upgrade/versions/1.6.8.sh | 46 ---- install/upgrade/versions/1.6.9.sh | 28 -- install/upgrade/versions/1.7.0.sh | 121 --------- install/upgrade/versions/1.7.1.sh | 53 ---- install/upgrade/versions/1.7.2.sh | 24 -- install/upgrade/versions/1.7.3.sh | 29 --- install/upgrade/versions/1.7.4.sh | 24 -- install/upgrade/versions/1.7.5.sh | 24 -- install/upgrade/versions/1.7.6.sh | 24 -- install/upgrade/versions/1.7.7.sh | 24 -- install/upgrade/versions/1.8.0.sh | 298 ---------------------- install/upgrade/versions/1.8.1.sh | 34 --- src/rpm/hestia/hestia.spec | 3 +- 74 files changed, 2 insertions(+), 3358 deletions(-) delete mode 100644 install/upgrade/versions/0.9.8-29.sh delete mode 100644 install/upgrade/versions/1.0.1.sh delete mode 100644 install/upgrade/versions/1.0.2.sh delete mode 100644 install/upgrade/versions/1.0.3.sh delete mode 100644 install/upgrade/versions/1.0.4.sh delete mode 100644 install/upgrade/versions/1.0.5.sh delete mode 100644 install/upgrade/versions/1.0.6.sh delete mode 100644 install/upgrade/versions/1.00.0-190618.sh delete mode 100644 install/upgrade/versions/1.1.0.sh delete mode 100644 install/upgrade/versions/1.1.1.sh delete mode 100644 install/upgrade/versions/1.2.0.sh delete mode 100644 install/upgrade/versions/1.2.1.sh delete mode 100644 install/upgrade/versions/1.2.2.sh delete mode 100644 install/upgrade/versions/1.2.3.sh delete mode 100644 install/upgrade/versions/1.3.0.sh delete mode 100644 install/upgrade/versions/1.3.1.sh delete mode 100644 install/upgrade/versions/1.3.2.sh delete mode 100644 install/upgrade/versions/1.3.3.sh delete mode 100644 install/upgrade/versions/1.3.4.sh delete mode 100644 install/upgrade/versions/1.4.0.sh delete mode 100644 install/upgrade/versions/1.4.1.sh delete mode 100644 install/upgrade/versions/1.4.10.sh delete mode 100644 install/upgrade/versions/1.4.11.sh delete mode 100644 install/upgrade/versions/1.4.12.sh delete mode 100644 install/upgrade/versions/1.4.13.sh delete mode 100644 install/upgrade/versions/1.4.14.sh delete mode 100644 install/upgrade/versions/1.4.15.sh delete mode 100644 install/upgrade/versions/1.4.16.sh delete mode 100644 install/upgrade/versions/1.4.17.sh delete mode 100644 install/upgrade/versions/1.4.2.sh delete mode 100644 install/upgrade/versions/1.4.3.sh delete mode 100644 install/upgrade/versions/1.4.4.sh delete mode 100644 install/upgrade/versions/1.4.5.sh delete mode 100644 install/upgrade/versions/1.4.6.sh delete mode 100644 install/upgrade/versions/1.4.7.sh delete mode 100644 install/upgrade/versions/1.4.8.sh delete mode 100644 install/upgrade/versions/1.4.9.sh delete mode 100644 install/upgrade/versions/1.5.0.sh delete mode 100644 install/upgrade/versions/1.5.1.sh delete mode 100644 install/upgrade/versions/1.5.10.sh delete mode 100644 install/upgrade/versions/1.5.11.sh delete mode 100644 install/upgrade/versions/1.5.2.sh delete mode 100644 install/upgrade/versions/1.5.3.sh delete mode 100644 install/upgrade/versions/1.5.4.sh delete mode 100644 install/upgrade/versions/1.5.5.sh delete mode 100644 install/upgrade/versions/1.5.6.sh delete mode 100644 install/upgrade/versions/1.5.7.sh delete mode 100644 install/upgrade/versions/1.5.8.sh delete mode 100644 install/upgrade/versions/1.5.9.sh delete mode 100644 install/upgrade/versions/1.6.0.sh delete mode 100644 install/upgrade/versions/1.6.1.sh delete mode 100644 install/upgrade/versions/1.6.10.sh delete mode 100644 install/upgrade/versions/1.6.12.sh delete mode 100644 install/upgrade/versions/1.6.13.sh delete mode 100644 install/upgrade/versions/1.6.14.sh delete mode 100644 install/upgrade/versions/1.6.2.sh delete mode 100644 install/upgrade/versions/1.6.3.sh delete mode 100644 install/upgrade/versions/1.6.4.sh delete mode 100644 install/upgrade/versions/1.6.5.sh delete mode 100644 install/upgrade/versions/1.6.6.sh delete mode 100644 install/upgrade/versions/1.6.7.sh delete mode 100644 install/upgrade/versions/1.6.8.sh delete mode 100644 install/upgrade/versions/1.6.9.sh delete mode 100644 install/upgrade/versions/1.7.0.sh delete mode 100644 install/upgrade/versions/1.7.1.sh delete mode 100644 install/upgrade/versions/1.7.2.sh delete mode 100644 install/upgrade/versions/1.7.3.sh delete mode 100644 install/upgrade/versions/1.7.4.sh delete mode 100644 install/upgrade/versions/1.7.5.sh delete mode 100644 install/upgrade/versions/1.7.6.sh delete mode 100644 install/upgrade/versions/1.7.7.sh delete mode 100644 install/upgrade/versions/1.8.0.sh delete mode 100644 install/upgrade/versions/1.8.1.sh diff --git a/install/upgrade/versions/0.9.8-29.sh b/install/upgrade/versions/0.9.8-29.sh deleted file mode 100644 index b389ede..0000000 --- a/install/upgrade/versions/0.9.8-29.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 0.9.8-28 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Add amd64 to repositories to prevent notifications - https://goo.gl/hmsSV7 -if ! grep -q 'arch=amd64' /etc/apt/sources.list.d/nginx.list; then - sed -i s/"deb "/"deb [arch=amd64] "/g /etc/apt/sources.list.d/nginx.list -fi -if ! grep -q 'arch=amd64' /etc/apt/sources.list.d/mariadb.list; then - sed -i s/"deb "/"deb [arch=amd64] "/g /etc/apt/sources.list.d/mariadb.list -fi - -# Fix named rule for AppArmor - https://goo.gl/SPqHdq -if [ "$DNS_SYSTEM" = 'bind9' ] && [ ! -f /etc/apparmor.d/local/usr.sbin.named ]; then - echo "/home/** rwm," >> /etc/apparmor.d/local/usr.sbin.named 2> /dev/null -fi - -# Remove obsolete ports.conf if exists. -if [ -f /usr/local/hestia/data/firewall/ports.conf ]; then - rm -f /usr/local/hestia/data/firewall/ports.conf -fi - -# Move clamav to proper location - https://goo.gl/zNuM11 -if [ ! -d /usr/local/hestia/web/edit/server/clamav-daemon ]; then - mv /usr/local/hestia/web/edit/server/clamd /usr/local/web/edit/server/clamav-daemon -fi diff --git a/install/upgrade/versions/1.0.1.sh b/install/upgrade/versions/1.0.1.sh deleted file mode 100644 index d2966cf..0000000 --- a/install/upgrade/versions/1.0.1.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.0.1 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Remove global options from nginx.conf to prevent conflicts with other web packages -# and remove OCSP SSL stapling from global configuration as it has moved to per-domain availability in this release. -if [ -e /etc/nginx/nginx.conf ]; then - sed -i "/add_header X-Frame-Options SAMEORIGIN;/d" /etc/nginx/nginx.conf - sed -i "/add_header X-Content-Type-Options nosniff;/d" /etc/nginx/nginx.conf - sed -i "/ssl_stapling on;/d" /etc/nginx/nginx.conf - sed -i "/ssl_stapling_verify on;/d" /etc/nginx/nginx.conf -fi diff --git a/install/upgrade/versions/1.0.2.sh b/install/upgrade/versions/1.0.2.sh deleted file mode 100644 index e68ac84..0000000 --- a/install/upgrade/versions/1.0.2.sh +++ /dev/null @@ -1,74 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.0.2 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Replace dhparam 1024 with dhparam 4096 -echo "[ * ] Increasing Diffie-Hellman Parameter strength to 4096-bit..." -if [ -e /etc/ssl/dhparam.pem ]; then - mv /etc/ssl/dhparam.pem $HESTIA_BACKUP/conf/ -fi -cp -f $HESTIA/install/deb/ssl/dhparam.pem /etc/ssl/ -chmod 600 /etc/ssl/dhparam.pem - -# Enhance Vsftpd security -if [ "$FTP_SYSTEM" = "vsftpd" ]; then - echo "[ * ] Hardening Vsftpd SSL configuration..." - cp -f /etc/vsftpd.conf $HESTIA_BACKUP/conf/ - sed -i "s|ssl_tlsv1=YES|ssl_tlsv1=NO|g" /etc/vsftpd.conf -fi - -# Enhance Dovecot security -if [ "$IMAP_SYSTEM" = "dovecot" ]; then - echo "[ * ] Hardening Dovecot SSL configuration..." - mv /etc/dovecot/conf.d/10-ssl.conf $HESTIA_BACKUP/conf/ - cp -f $HESTIA/install/deb/dovecot/conf.d/10-ssl.conf /etc/dovecot/conf.d/ -fi - -# Update DNS resolvers in hestia-nginx's configuration -echo "[ * ] Updating DNS resolvers for Hestia Internal Web Server..." -dns_resolver=$(cat /etc/resolv.conf | grep -i '^nameserver' | cut -d ' ' -f2 | tr '\r\n' ' ' | xargs) -for ip in $dns_resolver; do - if [[ $ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - resolver="$ip $resolver" - fi -done -if [ ! -z "$resolver" ]; then - sed -i "s/1.0.0.1 1.1.1.1/$resolver/g" /usr/local/hestia/nginx/conf/nginx.conf -fi - -# Remove Webalizer and set AWStats as default -WEBALIZER_CHECK=$(cat $HESTIA/conf/hestia.conf | grep webalizer) -if [ ! -z "$WEBALIZER_CHECK" ]; then - echo "[ * ] Set awstats as default web statistics backend..." - $HESTIA/bin/v-change-sys-config-value 'STATS_SYSTEM' 'awstats' -fi - -# Remove old hestia.conf files from Apache & NGINX if they exist -if [ -f "/etc/apache2/conf.d/hestia.conf" ]; then - echo "[ * ] Removing old Apache configuration file from previous version of Hestia Control Panel..." - rm -f /etc/apache2/conf.d/hestia.conf -fi -if [ -f "/etc/httpd/conf.h.d/hestia.conf" ]; then - echo "[ * ] Removing old Apache configuration file from previous version of Hestia Control Panel..." - rm -f /etc/httpd/conf.h.d/hestia.conf -fi -if [ -f "/etc/nginx/conf.d/hestia.conf" ]; then - echo "[ * ] Removing old NGINX configuration file from previous version of Hestia Control Panel..." - rm -f /etc/nginx/conf.d/hestia.conf -fi - -# Update webmail templates to enable OCSP/SSL stapling -if [ ! -z "$IMAP_SYSTEM" ]; then - echo "[ * ] Enabling OCSP stapling support for webmail services..." - $BIN/v-update-mail-templates > /dev/null 2>&1 -fi - -# Enhance webmail security -if [ -e "/etc/nginx/conf.d/webmail.inc" ]; then - cp -f /etc/nginx/conf.d/webmail.inc $HESTIA_BACKUP/conf/ - sed -i "s/config|temp|logs/README.md|config|temp|logs|bin|SQL|INSTALL|LICENSE|CHANGELOG|UPGRADING/g" /etc/nginx/conf.d/webmail.inc -fi diff --git a/install/upgrade/versions/1.0.3.sh b/install/upgrade/versions/1.0.3.sh deleted file mode 100644 index 3e0b248..0000000 --- a/install/upgrade/versions/1.0.3.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.0.3 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.0.4.sh b/install/upgrade/versions/1.0.4.sh deleted file mode 100644 index a9e1513..0000000 --- a/install/upgrade/versions/1.0.4.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.0.4 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.0.5.sh b/install/upgrade/versions/1.0.5.sh deleted file mode 100644 index a9fc368..0000000 --- a/install/upgrade/versions/1.0.5.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.0.5 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.0.6.sh b/install/upgrade/versions/1.0.6.sh deleted file mode 100644 index 63c795f..0000000 --- a/install/upgrade/versions/1.0.6.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.0.6 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.00.0-190618.sh b/install/upgrade/versions/1.00.0-190618.sh deleted file mode 100644 index dede153..0000000 --- a/install/upgrade/versions/1.00.0-190618.sh +++ /dev/null @@ -1,278 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.00.0-190618 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -if [ "$WEB_SYSTEM" = "httpd" ]; then - confd="conf.h.d" -else - confd="conf.d" -fi -if [ "$PROXY_SYSTEM" = "httpd" ]; then - pconfd="conf.h.d" -else - pconfd="conf.d" -fi - -# Add webmail alias variable to system configuration if non-existent -if [ -z "$WEBMAIL_ALIAS" ]; then - echo "[ * ] Updating webmail alias configuration..." - $HESTIA/bin/v-change-sys-config-value 'WEBMAIL_ALIAS' "webmail" -fi - -# Update Apache and Nginx configuration to support new file structure -if [ -f /etc/apache2/apache.conf ]; then - echo "[ * ] Updating Apache configuration..." - mv /etc/apache2/apache.conf $HESTIA_BACKUP/conf/ - cp -f $HESTIA_INSTALL_DIR/apache2/apache.conf /etc/apache2/apache.conf -fi -if [ -f /etc/nginx/nginx.conf ]; then - echo "[ * ] Updating NGINX configuration..." - mv /etc/nginx/nginx.conf $HESTIA_BACKUP/conf/ - cp -f $HESTIA_INSTALL_DIR/nginx/nginx.conf /etc/nginx/nginx.conf -fi - -# Generate dhparam -if [ ! -e /etc/ssl/dhparam.pem ]; then - echo "[ * ] Enabling HTTPS Strict Transport Security (HSTS) support..." - mv /etc/nginx/nginx.conf $HESTIA_BACKUP/conf/ - cp -f $HESTIA_INSTALL_DIR/nginx/nginx.conf /etc/nginx/ - - # Copy dhparam - cp -f $HESTIA_INSTALL_DIR/ssl/dhparam.pem /etc/ssl/ - - # Update DNS servers in nginx.conf - dns_resolver=$(cat /etc/resolv.conf | grep -i '^nameserver' | cut -d ' ' -f2 | tr '\r\n' ' ' | xargs) - sed -i "s/1.0.0.1 1.1.1.1/$dns_resolver/g" /etc/nginx/nginx.conf -fi - -# Back up default package and install latest version -if [ -d $HESTIA/data/packages/ ]; then - echo "[ * ] Replacing default packages..." - cp -f $HESTIA/data/packages/default.pkg $HESTIA_BACKUP/packages/ -fi - -# Remove old Office 365 template as there is a newer version with an updated name -if [ -f $HESTIA/data/templates/dns/o365.tpl ]; then - rm -f $HESTIA/data/templates/dns/o365.tpl -fi - -# Back up and remove default index.html if it exists -if [ -f /var/www/html/index.html ]; then - mv /var/www/html/index.html $HESTIA_BACKUP/templates/ -fi - -# Configure default success page and set permissions on CSS, JavaScript, and Font dependencies for unassigned hosts -if [ ! -d /var/www/html ]; then - mkdir -p /var/www/html/ -fi - -if [ ! -d /var/www/document_errors/ ]; then - mkdir -p /var/www/document_errors/ -fi - -cp -rf $HESTIA_INSTALL_DIR/templates/web/unassigned/* /var/www/html/ -cp -rf $HESTIA_INSTALL_DIR/templates/web/skel/document_errors/* /var/www/document_errors/ -chmod 644 /var/www/html/* -chmod 644 /var/www/document_errors/* - -for user in $($BIN/v-list-users plain | cut -f1); do - USER_DATA=$HESTIA/data/users/$user - for domain in $($BIN/v-list-web-domains $user plain | cut -f 1); do - WEBFOLDER="/home/$user/web/$domain/public_html" - folderchecksum=$(find "$WEBFOLDER/css" "$WEBFOLDER/js" "$WEBFOLDER/webfonts" -type f -print0 2> /dev/null | sort -z | xargs -r0 cat | md5sum | cut -d" " -f1) - if [ "$folderchecksum" = "926feacc51384fe13598631f9d1360c3" ]; then - rm -rf "$WEBFOLDER/css" "$WEBFOLDER/js" "$WEBFOLDER/webfonts" - fi - unset folderchecksum - unset WEBFOLDER - done -done -folderchecksum=$(find /var/www/html/css /var/www/html/js /var/www/html/webfonts -type f -print0 2> /dev/null | sort -z | xargs -r0 cat | md5sum | cut -d" " -f1) -if [ "$folderchecksum" = "d148d5173e5e4162d7af0a60585392cb" ]; then - rm -rf /var/www/html/css /var/www/html/js /var/www/html/webfonts -fi -unset folderchecksum - -# Correct other permissions -if [ -d "/var/cache/bind" ]; then - chown bind:bind /var/cache/bind -fi -if [ -d "/etc/roundcube" ]; then - chmod 640 /etc/roundcube/debian-db* - chown root:www-data /etc/roundcube/debian-db* -fi - -# Add a general group for normal users created by Hestia -echo "[ * ] Verifying ACLs and hardening user permissions..." -if [ -z "$(grep ^hestia-users: /etc/group)" ]; then - groupadd --system "hestia-users" -fi - -# Make sure non-admin users belong to correct Hestia group -for user in $($BIN/v-list-users plain | cut -f1); do - if [ "$user" != "admin" ]; then - usermod -a -G "hestia-users" "$user" - setfacl -m "u:$user:r-x" "$HOMEDIR/$user" - - # Update FTP users groups membership - uid=$(id -u $user) - for ftp_user in $(cat /etc/passwd | grep -v "^$user:" | grep "^$user.*:$uid:$uid:" | cut -d ":" -f1); do - usermod -a -G "hestia-users" "$ftp_user" - done - fi - setfacl -m "g:hestia-users:---" "$HOMEDIR/$user" -done - -# Add unassigned hosts configuration to Nginx and Apache -for ipaddr in $($BIN/v-list-sys-ips plain | cut -f1); do - - web_conf="/etc/$WEB_SYSTEM/$confd/$ipaddr.conf" - rm -f $web_conf - - if [ "$WEB_SYSTEM" = "apache2" ]; then - echo "[ * ] Adding unassigned hosts configuration to Apache..." - if [ -z "$(/usr/sbin/apache2 -v | grep Apache/2.4)" ]; then - echo "NameVirtualHost $ipaddr:$WEB_PORT" > $web_conf - fi - echo "Listen $ipaddr:$WEB_PORT" >> $web_conf - cat $HESTIA_INSTALL_DIR/apache2/unassigned.conf >> $web_conf - sed -i 's/directIP/'$ipaddr'/g' $web_conf - sed -i 's/directPORT/'$WEB_PORT'/g' $web_conf - - if [ "$WEB_SSL" = 'mod_ssl' ]; then - if [ -z "$(/usr/sbin/apache2 -v | grep Apache/2.4)" ]; then - sed -i "1s/^/NameVirtualHost $ipaddr:$WEB_SSL_PORT\n/" $web_conf - fi - sed -i "1s/^/Listen $ipaddr:$WEB_SSL_PORT\n/" $web_conf - sed -i 's/directSSLPORT/'$WEB_SSL_PORT'/g' $web_conf - fi - - elif [ "$WEB_SYSTEM" = "nginx" ]; then - cp -f $HESTIA_INSTALL_DIR/nginx/unassigned.inc $web_conf - sed -i 's/directIP/'$ipaddr'/g' $web_conf - fi - - if [ "$PROXY_SYSTEM" = "nginx" ]; then - echo "[ * ] Adding unassigned hosts configuration to Nginx..." - cat $WEBTPL/$PROXY_SYSTEM/proxy_ip.tpl \ - | sed -e "s/%ip%/$ipaddr/g" \ - -e "s/%web_port%/$WEB_PORT/g" \ - -e "s/%proxy_port%/$PROXY_PORT/g" \ - > /etc/$PROXY_SYSTEM/$pconfd/$ipaddr.conf - fi -done - -# Cleanup php session files not changed in the last 7 days (60*24*7 minutes) -if [ ! -f /etc/cron.daily/php-session-cleanup ]; then - echo '#!/bin/sh' > /etc/cron.daily/php-session-cleanup - echo "find -O3 /home/*/tmp/ -ignore_readdir_race -depth -mindepth 1 -name 'sess_*' -type f -cmin '+10080' -delete > /dev/null 2>&1" >> /etc/cron.daily/php-session-cleanup - echo "find -O3 $HESTIA/data/sessions/ -ignore_readdir_race -depth -mindepth 1 -name 'sess_*' -type f -cmin '+10080' -delete > /dev/null 2>&1" >> /etc/cron.daily/php-session-cleanup -fi -chmod 755 /etc/cron.daily/php-session-cleanup - -# Fix empty pool error message for MultiPHP -php_versions=$(ls /etc/php/*/fpm -d 2> /dev/null | wc -l) -if [ "$php_versions" -gt 1 ]; then - echo "[ * ] Updating Multi-PHP configuration..." - for v in $($BIN/v-list-sys-php plain); do - if [ ! -d "/etc/php/$v/fpm/pool.d/" ]; then - continue - fi - cp -f $HESTIA_INSTALL_DIR/php-fpm/dummy.conf /etc/php/$v/fpm/pool.d/ - v1=$(echo "$v" | sed -e 's/[.]//') - sed -i "s/9999/99$v1/g" /etc/php/$v/fpm/pool.d/dummy.conf - done -fi - -# Set Purge to false in Roundcube configuration - https://goo.gl/3Nja3u -echo "[ * ] Updating Roundcube configuration..." -if [ -f /etc/roundcube/config.inc.php ]; then - sed -i "s/\['flag_for_deletion'] = 'Purge';/\['flag_for_deletion'] = false;/gI" /etc/roundcube/config.inc.php -fi -if [ -f /etc/roundcube/defaults.inc.php ]; then - sed -i "s/\['flag_for_deletion'] = 'Purge';/\['flag_for_deletion'] = false;/gI" /etc/roundcube/defaults.inc.php -fi -if [ -f /etc/roundcube/main.inc.php ]; then - sed -i "s/\['flag_for_deletion'] = 'Purge';/\['flag_for_deletion'] = false;/gI" /etc/roundcube/main.inc.php -fi - -# Remove old OS-specific installation files if they exist to free up space -if [ -d $HESTIA/install/ubuntu ]; then - echo "[ * ] Removing old HestiaCP installation files for Ubuntu..." - rm -rf $HESTIA/install/ubuntu -fi -if [ -d $HESTIA/install/debian ]; then - echo "[ * ] Removing old HestiaCP installation files for Debian..." - rm -rf $HESTIA/install/debian -fi - -# Fix Dovecot configuration -echo "[ * ] Updating Dovecot IMAP/POP server configuration..." -if [ -f /etc/dovecot/conf.d/15-mailboxes.conf ]; then - mv /etc/dovecot/conf.d/15-mailboxes.conf $HESTIA_BACKUP/conf/ -fi -if [ -f /etc/dovecot/dovecot.conf ]; then - # Update Dovecot configuration and restart Dovecot service - mv /etc/dovecot/dovecot.conf $HESTIA_BACKUP/conf/ - cp -f $HESTIA_COMMON_DIR/dovecot/dovecot.conf /etc/dovecot/dovecot.conf - systemctl restart dovecot - sleep 0.5 -fi - -# Fix Exim configuration -if [ -f /etc/exim4/exim4.conf.template ]; then - echo "[ * ] Updating Exim SMTP server configuration..." - mv /etc/exim4/exim4.conf.template $HESTIA_BACKUP/conf/ - cp -f $HESTIA_INSTALL_DIR/exim/exim4.conf.template /etc/exim4/exim4.conf.template - # Reconfigure spam filter and virus scanning - if [ ! -z "$ANTISPAM_SYSTEM" ]; then - sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template - sed -i "s/#SPAM_SCORE/SPAM_SCORE/g" /etc/exim4/exim4.conf.template - fi - if [ ! -z "$ANTIVIRUS_SYSTEM" ]; then - sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template - fi -fi - -# Add IMAP system variable to configuration if Dovecot is installed -if [ -z "$IMAP_SYSTEM" ]; then - if [ -f /usr/bin/dovecot ]; then - echo "[ * ] Adding missing IMAP_SYSTEM variable to hestia.conf..." - echo "IMAP_SYSTEM = 'dovecot'" >> $HESTIA/conf/hestia.conf - fi -fi - -# Run sftp jail once -$HESTIA/bin/v-add-sys-sftp-jail - -# Enable SFTP subsystem for SSH -sftp_subsys_enabled=$(grep -iE "^#?.*subsystem.+(sftp )?sftp-server" /etc/ssh/sshd_config) -if [ ! -z "$sftp_subsys_enabled" ]; then - echo "[ * ] Updating SFTP subsystem configuration..." - sed -i -E "s/^#?.*Subsystem.+(sftp )?sftp-server/Subsystem sftp internal-sftp/g" /etc/ssh/sshd_config - systemctl restart ssh -fi - -# Remove and migrate obsolete object keys -for user in $($BIN/v-list-users plain | cut -f1); do - USER_DATA=$HESTIA/data/users/$user - - # Web keys - for domain in $($BIN/v-list-web-domains $user plain | cut -f 1); do - obskey=$(get_object_value 'web' 'DOMAIN' "$domain" '$FORCESSL') - if [ ! -z "$obskey" ]; then - echo "[ * ] Fixing HTTP-to-HTTPS redirection for $domain" - update_object_value 'web' 'DOMAIN' "$domain" '$FORCESSL' '' - - # copy value under new key name - add_object_key "web" 'DOMAIN' "$domain" 'SSL_FORCE' 'SSL_HOME' - update_object_value 'web' 'DOMAIN' "$domain" '$SSL_FORCE' "$obskey" - fi - unset FORCESSL - done - sed -i "s/\sFORCESSL=''//g" $USER_DATA/web.conf -done diff --git a/install/upgrade/versions/1.1.0.sh b/install/upgrade/versions/1.1.0.sh deleted file mode 100644 index 0bfca37..0000000 --- a/install/upgrade/versions/1.1.0.sh +++ /dev/null @@ -1,239 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.1.0 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Set default theme -if [ -z $THEME ]; then - echo "[ * ] Enabling support for themes..." - $BIN/v-change-sys-theme 'default' -fi - -# Reduce SSH login grace time -if [ -e /etc/ssh/sshd_config ]; then - echo "[ * ] Hardening SSH daemon configuration..." - sed -i "s/LoginGraceTime 2m/LoginGraceTime 1m/g" /etc/ssh/sshd_config - sed -i "s/#LoginGraceTime 2m/LoginGraceTime 1m/g" /etc/ssh/sshd_config -fi - -# Implement recidive jail for fail2ban -if [ ! -z "$FIREWALL_EXTENSION" ]; then - if ! cat /etc/fail2ban/jail.local | grep -q "\[recidive\]"; then - echo -e "\n\n[recidive]\nenabled = true\nfilter = recidive\naction = hestia[name=HESTIA]\nlogpath = /var/log/fail2ban.log\nmaxretry = 3\nfindtime = 86400\nbantime = 864000" >> /etc/fail2ban/jail.local - fi -fi - -# Enable OCSP SSL stapling and harden nginx configuration for roundcube -if [ ! -z "$IMAP_SYSTEM" ]; then - echo "[ * ] Hardening security of Roundcube webmail..." - $BIN/v-update-mail-templates > /dev/null 2>&1 - if [ -e /etc/nginx/conf.d/webmail.inc ]; then - cp -f /etc/nginx/conf.d/webmail.inc $HESTIA_BACKUP/conf/ - sed -i "s/config|temp|logs/README.md|config|temp|logs|bin|SQL|INSTALL|LICENSE|CHANGELOG|UPGRADING/g" /etc/nginx/conf.d/webmail.inc - fi -fi - -# Fix restart queue -if [ -z "$($BIN/v-list-cron-jobs admin | grep 'v-update-sys-queue restart')" ]; then - command="sudo $BIN/v-update-sys-queue restart" - $BIN/v-add-cron-job 'admin' '*/2' '*' '*' '*' '*' "$command" -fi - -# Remove deprecated line from ClamAV configuration file -if [ -e "/etc/clamav/clamd.conf" ]; then - clamd_conf_update_check=$(grep DetectBrokenExecutables /etc/clamav/clamd.conf) - if [ ! -z "$clamd_conf_update_check" ]; then - echo "[ * ] Updating ClamAV configuration..." - sed -i '/DetectBrokenExecutables/d' /etc/clamav/clamd.conf - fi -fi - -# Remove errornous history.log file created by certain builds due to bug in v-restart-system -if [ -e $HESTIA/data/users/history.log ]; then - rm -f $HESTIA/data/users/history.log -fi - -# Use exim4 server hostname instead of mail domain and remove hardcoded mail prefix -if [ ! -z "$MAIL_SYSTEM" ]; then - echo "[ * ] Updating exim configuration..." - if cat /etc/exim4/exim4.conf.template | grep -q 'helo_data = mail.${sender_address_domain}'; then - sed -i 's/helo_data = mail.${sender_address_domain}/helo_data = ${primary_hostname}/g' /etc/exim4/exim4.conf.template - fi - if ! grep -q '^OUTGOING_IP = /' /etc/exim4/exim4.conf.template; then - sed -i '/^OUTGOING_IP/d' /etc/exim4/exim4.conf.template - sed -i 's|^begin acl|OUTGOING_IP = /etc/exim4/domains/$sender_address_domain/ip\nbegin acl|' /etc/exim4/exim4.conf.template - fi - if ! grep -q 'interface =' /etc/exim4/exim4.conf.template; then - sed -i '/interface =/d' /etc/exim4/exim4.conf.template - sed -i 's|dkim_strict = 0|dkim_strict = 0\n interface = ${if exists{OUTGOING_IP}{${readfile{OUTGOING_IP}}}}|' /etc/exim4/exim4.conf.template - fi -fi - -# Members of admin group should be permitted to enter admin folder -if [ -d /home/admin ]; then - setfacl -m "g:admin:r-x" /home/admin -fi - -# Fix sftp jail cronjob -if [ -e "/etc/cron.d/hestia-sftp" ]; then - if ! cat /etc/cron.d/hestia-sftp | grep -q 'root'; then - echo "@reboot root /usr/local/hestia/bin/v-add-sys-sftp-jail" > /etc/cron.d/hestia-sftp - fi -fi - -# Create default writeable folders for all users -echo "[ * ] Updating default writable folders for all users..." -for user in $($HESTIA/bin/v-list-sys-users plain); do - mkdir -p \ - $HOMEDIR/$user/.cache \ - $HOMEDIR/$user/.config \ - $HOMEDIR/$user/.local \ - $HOMEDIR/$user/.composer \ - $HOMEDIR/$user/.ssh - - chown $user:$user \ - $HOMEDIR/$user/.cache \ - $HOMEDIR/$user/.config \ - $HOMEDIR/$user/.local \ - $HOMEDIR/$user/.composer \ - $HOMEDIR/$user/.ssh -done - -# Remove redundant fail2ban jail -if fail2ban-client status sshd > /dev/null 2>&1; then - fail2ban-client stop sshd > /dev/null 2>&1 - if [ -f /etc/fail2ban/jail.d/defaults-debian.conf ]; then - mkdir -p $HESTIA_BACKUP/conf/fail2ban/jail.d - mv /etc/fail2ban/jail.d/defaults-debian.conf $HESTIA_BACKUP/conf/fail2ban/jail.d/ - fi -fi - -# Update Office 365/Microsoft 365 DNS template -if [ -e "$HESTIA/data/templates/dns/office365.tpl" ]; then - echo "[ * ] Updating DNS template for Office 365..." - cp -f $HESTIA/install/deb/templates/dns/office365.tpl $HESTIA/data/templates/dns/office365.tpl -fi - -# Ensure that backup compression level is correctly set -GZIP_LVL_CHECK=$(cat $HESTIA/conf/hestia.conf | grep BACKUP_GZIP) -if [ -z "$GZIP_LVL_CHECK" ]; then - echo "[ * ] Updating backup compression level variable..." - $BIN/v-change-sys-config-value "BACKUP_GZIP" '9' -fi - -# Randomize Roundcube des_key for better security -if [ -f "/etc/roundcube/config.inc.php" ]; then - rcDesKey="$(openssl rand -base64 30 | tr -d "/" | cut -c1-24)" - sed -i "s/vtIOjLZo9kffJoqzpSbm5r1r/$rcDesKey/g" /etc/roundcube/config.inc.php -fi - -# Place robots.txt to prevent webmail crawling by search engine bots. -if [ -e "/var/lib/roundcube/" ]; then - if [ ! -f "/var/lib/roundcube/robots.txt" ]; then - echo "User-agent: *" > /var/lib/roundcube/robots.txt - echo "Disallow: /" >> /var/lib/roundcube/robots.txt - fi -fi - -# Installing postgresql repo -if [ -e "/etc/postgresql" ]; then - echo "[ * ] Enabling native PostgreSQL APT repository..." - osname="$(cat /etc/os-release | grep "^ID\=" | sed "s/ID\=//g")" - if [ "$osname" = "ubuntu" ]; then - codename="$(lsb_release -s -c)" - else - codename="$(cat /etc/os-release | grep VERSION= | cut -f 2 -d \( | cut -f 1 -d \))" - fi - echo "deb http://apt.postgresql.org/pub/repos/apt/ $codename-pgdg main" > /etc/apt/sources.list.d/postgresql.list - wget --quiet https://www.postgresql.org/media/keys/ACCC4CF8.asc -O /tmp/psql_signing.key - APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add /tmp/psql_signing.key > /dev/null 2>&1 - rm /tmp/psql_signing.key -fi - -# Hardening MySQL configuration, prevent local infile. -if [ -e "/etc/mysql/my.cnf" ]; then - mysql_local_infile_check=$(grep local-infile /etc/mysql/my.cnf) - if [ -z "$mysql_local_infile_check" ]; then - echo "[ * ] Hardening MySQL configuration..." - sed -i '/symbolic-links\=0/a\local-infile=0' /etc/mysql/my.cnf - fi -fi - -# Hardening nginx configuration, drop TLSv1.1 support. -if [ -e "/etc/nginx/nginx.conf" ]; then - nginx_tls_check=$(grep TLSv1.1 /etc/nginx/nginx.conf) - if [ ! -z "$nginx_tls_check" ]; then - echo "[ * ] Updating nginx security settings - disabling TLS v1.1..." - sed -i 's/TLSv1.1 //g' /etc/nginx/nginx.conf - fi -fi - -# Fix logrotate permission bug for nginx -if [ -e "/etc/logrotate/nginx" ]; then - sed -i "s/create 640 nginx adm/create 640/g" /etc/logrotate.d/nginx -fi - -# Fix logrotate permission bug for apache -if [ -e "/etc/logrotate/apache2" ]; then - sed -i "s/create 640 root adm/create 640/g" /etc/logrotate.d/apache2 -fi - -# Repair messed up user log permissions from the logrotate bug. Ignoring errors -for user in $($HESTIA/bin/v-list-users plain | cut -f1); do - for domain in $($HESTIA/bin/v-list-web-domains $user plain | cut -f1); do - chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* > /dev/null 2>&1 - for sub_domain in $($HESTIA/bin/v-list-web-domain $user $domain plain | cut -f7 | tr ',' '\n'); do - chown root:$user /var/log/$WEB_SYSTEM/domains/$sub_domain.* > /dev/null 2>&1 - done - done -done - -chown root:root /var/log/$WEB_SYSTEM/domains/$WEBMAIL_ALIAS* > /dev/null 2>&1 - -# Enable IMAP/POP3 quota information -if [ "$IMAP_SYSTEM" = "dovecot" ]; then - echo "[ * ] Enabling IMAP quota information reporting..." - if [ -e /etc/dovecot/conf.d/20-pop3.conf ]; then - if [ -e /etc/redhat-release ]; then - cp -f $HESTIA/install/rpm/dovecot/conf.d/20-pop3.conf /etc/dovecot/conf.d/20-pop3.conf - else - cp -f $HESTIA/install/deb/dovecot/conf.d/20-pop3.conf /etc/dovecot/conf.d/20-pop3.conf - fi - fi - if [ -e /etc/dovecot/conf.d/20-imap.conf ]; then - if [ -e /etc/redhat-release ]; then - cp -f $HESTIA/install/rpm/dovecot/conf.d/20-imap.conf /etc/dovecot/conf.d/20-imap.conf - else - cp -f $HESTIA/install/deb/dovecot/conf.d/20-imap.conf /etc/dovecot/conf.d/20-imap.conf - fi - fi - if [ -e /etc/dovecot/conf.d/90-quota.conf ]; then - if [ -e /etc/redhat-release ]; then - cp -f $HESTIA/install/deb/dovecot/conf.d/90-quota.conf /etc/dovecot/conf.d/90-quota.conf - else - cp -f $HESTIA/install/deb/dovecot/conf.d/90-quota.conf /etc/dovecot/conf.d/90-quota.conf - fi - fi -fi - -# Trigger multiphp legacy migration script -num_php_versions=$(ls -d /etc/php/*/fpm/pool.d 2> /dev/null | wc -l) -if [ "$num_php_versions" -gt 1 ] && [ -z "$WEB_BACKEND" ]; then - echo "[ * ] Enabling modular Multi-PHP backend..." - cp -rf $HESTIA/data/templates/web $HESTIA_BACKUP/templates/web - bash $HESTIA/install/upgrade/manual/migrate_multiphp.sh > /dev/null 2>&1 -fi - -# Disable global subfolder alias for webmail in favor of subdomain -if [ -e /etc/nginx/conf.d/webmail.inc ]; then - rm -f /etc/nginx/conf.d/webmail.inc -fi -if [ -e /etc/apache2/conf.d/roundcube.conf ]; then - rm -f /etc/apache2/conf.d/roundcube.conf -fi -if [ -e /etc/httpd/conf.h.d/roundcube.conf ]; then - rm -f /etc/httpd/conf.h.d/roundcube.conf -fi diff --git a/install/upgrade/versions/1.1.1.sh b/install/upgrade/versions/1.1.1.sh deleted file mode 100644 index 6205cd4..0000000 --- a/install/upgrade/versions/1.1.1.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.1.1 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Remove 5s delay when sending mail through exim4 -if [ -e "/etc/exim4/exim4.conf.template" ]; then - echo "[ * ] Updating exim4 configuration..." - sed -i "s|rfc1413_query_timeout = 5s|rfc1413_query_timeout = 0s|g" /etc/exim4/exim4.conf.template -fi - -# Fix phpMyAdmin blowfish and tmp directory issues -if [ -e "/usr/share/phpmyadmin/libraries/vendor_config.php" ]; then - echo "[ * ] Updating phpMyAdmin configuration..." - sed -i "s|define('CONFIG_DIR', ROOT_PATH);|define('CONFIG_DIR', '/etc/phpmyadmin/');|" /usr/share/phpmyadmin/libraries/vendor_config.php - sed -i "s|define('TEMP_DIR', ROOT_PATH . 'tmp/');|define('TEMP_DIR', '/var/lib/phpmyadmin/tmp/');|" /usr/share/phpmyadmin/libraries/vendor_config.php -fi diff --git a/install/upgrade/versions/1.2.0.sh b/install/upgrade/versions/1.2.0.sh deleted file mode 100644 index 89beea5..0000000 --- a/install/upgrade/versions/1.2.0.sh +++ /dev/null @@ -1,219 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.2.0 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Check iptables paths and add symlinks when necessary - -if [ ! -e "/sbin/iptables" ]; then - if which iptables; then - ln -s "$(which iptables)" /sbin/iptables - elif [ -e "/usr/sbin/iptables" ]; then - ln -s /usr/sbin/iptables /sbin/iptables - elif whereis -B /bin /sbin /usr/bin /usr/sbin -f -b iptables; then - autoiptables=$(whereis -B /bin /sbin /usr/bin /usr/sbin -f -b iptables | cut -d '' -f 2) - if [ -x "$autoiptables" ]; then - ln -s "$autoiptables" /sbin/iptables - fi - fi -fi - -if [ ! -e "/sbin/iptables-save" ]; then - if which iptables-save; then - ln -s "$(which iptables-save)" /sbin/iptables-save - elif [ -e "/usr/sbin/iptables-save" ]; then - ln -s /usr/sbin/iptables-save /sbin/iptables-save - elif whereis -B /bin /sbin /usr/bin /usr/sbin -f -b iptables-save; then - autoiptables_save=$(whereis -B /bin /sbin /usr/bin /usr/sbin -f -b iptables-save | cut -d '' -f 2) - if [ -x "$autoiptables_save" ]; then - ln -s "$autoiptables_save" /sbin/iptables-save - fi - fi -fi - -if [ ! -e "/sbin/iptables-restore" ]; then - if which iptables-restore; then - ln -s "$(which iptables-restore)" /sbin/iptables-restore - elif [ -e "/usr/sbin/iptables-restore" ]; then - ln -s /usr/sbin/iptables-restore /sbin/iptables-restore - elif whereis -B /bin /sbin /usr/bin /usr/sbin -f -b iptables-restore; then - autoiptables_restore=$(whereis -B /bin /sbin /usr/bin /usr/sbin -f -b iptables-restore | cut -d '' -f 2) - if [ -x "$autoiptables_restore" ]; then - ln -s "$autoiptables_restore" /sbin/iptables-restore - fi - fi -fi - -if [ -e "/etc/apache2/mods-enabled/status.conf" ]; then - sed -i '/Allow from all/d' /etc/apache2/mods-enabled/status.conf -fi - -# Add sury apache2 repository -if [ "$WEB_SYSTEM" = "apache2" ] && [ ! -e "/etc/apt/sources.list.d/apache2.list" ]; then - echo "[ * ] Configuring sury.org Apache2 repository..." - - # Check OS and install related repository - if [ -e "/etc/os-release" ]; then - type=$(grep "^ID=" /etc/os-release | cut -f 2 -d '=') - if [ "$type" = "ubuntu" ]; then - codename="$(lsb_release -s -c)" - echo "deb http://ppa.launchpad.net/ondrej/apache2/ubuntu $codename main" > /etc/apt/sources.list.d/apache2.list - elif [ "$type" = "debian" ]; then - codename="$(cat /etc/os-release | grep VERSION= | cut -f 2 -d \( | cut -f 1 -d \))" - echo "deb https://packages.sury.org/apache2/ $codename main" > /etc/apt/sources.list.d/apache2.list - wget --quiet https://packages.sury.org/apache2/apt.gpg -O /tmp/apache2_signing.key - APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt-key add /tmp/apache2_signing.key > /dev/null 2>&1 - fi - fi -fi - -# Roundcube fixes for PHP 7.4 compatibility -if [ -d /usr/share/roundcube ]; then - echo "[ * ] Updating Roundcube configuration..." - [ -f "/usr/share/roundcube/plugins/enigma/lib/enigma_ui.php" ] && sed -i 's/$identities, "\\n"/"\\n", $identities/g' /usr/share/roundcube/plugins/enigma/lib/enigma_ui.php - [ -f "/usr/share/roundcube/program/lib/Roundcube/rcube_contacts.php" ] && sed -i 's/(array_keys($post_search), \x27|\x27)/(\x27|\x27, array_keys($post_search))/g' /usr/share/roundcube/program/lib/Roundcube/rcube_contacts.php - [ -f "/usr/share/roundcube/program/lib/Roundcube/rcube_db.php" ] && sed -i 's/implode($name, \x27.\x27)/implode(\x27.\x27, $name)/g' /usr/share/roundcube/program/lib/Roundcube/rcube_db.php - [ -f "/usr/share/roundcube/program/steps/addressbook/search.inc" ] && sed -i 's/$fields, \x27,\x27/\x27,\x27, $fields/g' /usr/share/roundcube/program/steps/addressbook/search.inc - [ -f "/usr/share/roundcube/program/steps/addressbook/search.inc" ] && sed -i 's/implode($fields, \x27,\x27)/implode(\x27,\x27, $fields)/g' /usr/share/roundcube/program/steps/addressbook/search.inc - [ -f "/usr/share/roundcube/program/steps/mail/sendmail.inc" ] && sed -i 's/implode($bstyle, \x27; \x27)/implode(\x27; \x27, $bstyle)/g' /usr/share/roundcube/program/steps/mail/sendmail.inc -fi - -# Enable Roundcube plugins -if [ -d /usr/share/roundcube ]; then - cp -f $HESTIA_INSTALL_DIR/roundcube/plugins/config_newmail_notifier.inc.php /etc/roundcube/plugins/newmail_notifier/config.inc.php - cp -f $HESTIA_INSTALL_DIR/roundcube/plugins/config_zipdownload.inc.php /etc/roundcube/plugins/zipdownload/config.inc.php - [ -f "/etc/roundcube/config.inc.php" ] && sed -i "s/array('password')/array('password','newmail_notifier','zipdownload')/g" /etc/roundcube/config.inc.php -fi - -# HELO support for multiple domains and IPs -if [ -e "/etc/exim4/exim4.conf.template" ]; then - echo "[ * ] Updating exim4 configuration..." - sed -i 's|helo_data = ${primary_hostname}|helo_data = ${if exists {\/etc\/exim4\/mailhelo.conf}{${lookup{$sender_address_domain}lsearch*{\/etc\/exim4\/mailhelo.conf}{$value}{$primary_hostname}}}{$primary_hostname}}|g' /etc/exim4/exim4.conf.template -fi - -# Add daily midnight cron -if [ -z "$($BIN/v-list-cron-jobs admin | grep 'v-update-sys-queue daily')" ]; then - echo "[ * ] Updating cron jobs..." - command="sudo $BIN/v-update-sys-queue daily" - $BIN/v-add-cron-job 'admin' '01' '00' '*' '*' '*' "$command" -fi -[ ! -f "touch $HESTIA/data/queue/daily.pipe" ] && touch $HESTIA/data/queue/daily.pipe - -# Remove existing network-up hooks so they get regenerated when updating the firewall -# - network hook will also restore ipset config during start-up -if [ -f "/usr/lib/networkd-dispatcher/routable.d/50-ifup-hooks" ]; then - rm "/usr/lib/networkd-dispatcher/routable.d/50-ifup-hooks" - $BIN/v-update-firewall -fi -if [ -f "/etc/network/if-pre-up.d/iptables" ]; then - rm "/etc/network/if-pre-up.d/iptables" - $BIN/v-update-firewall -fi - -# Add hestia-event.conf, if the server is running apache2 -if [ "$WEB_SYSTEM" = "apache2" ]; then - echo "[ * ] Updating Apache2 configuration..." - # Cleanup - rm --force /etc/apache2/mods-available/hestia-event.conf - rm --force /etc/apache2/mods-enabled/hestia-event.conf - rm --force /etc/apache2/conf-available/hestia-event.conf - rm --force /etc/apache2/conf-enabled/hestia-event.conf - - if [ $(a2query -M) = 'event' ] && [ ! -e "/etc/apache2/conf.d/hestia-event.conf" ]; then - cp -f $HESTIA_INSTALL_DIR/apache2/hestia-event.conf /etc/apache2/conf.d/ - fi - - # Move apache mod_status config to /mods-available and rename it to prevent losing changes on upgrade - cp -f $HESTIA_INSTALL_DIR/apache2/status.conf /etc/apache2/mods-available/hestia-status.conf - cp -f /etc/apache2/mods-available/status.load /etc/apache2/mods-available/hestia-status.load - a2dismod --quiet status > /dev/null 2>&1 - a2enmod --quiet hestia-status > /dev/null 2>&1 - rm --force /etc/apache2/mods-enabled/status.conf # a2dismod will not remove the file if it isn't a symlink -fi - -# Install File Manager during upgrade if environment variable oesn't already exist and isn't set to false -# so that we don't override preference -FILE_MANAGER_CHECK=$(cat $HESTIA/conf/hestia.conf | grep "FILE_MANAGER='false'") -if [ -z "$FILE_MANAGER_CHECK" ]; then - if [ ! -e "$HESTIA/web/fm/configuration.php" ]; then - echo "[ ! ] Installing File Manager..." - # Install the File Manager - $HESTIA/bin/v-add-sys-filemanager quiet - else - echo "[ * ] Updating File Manager configuration..." - # Update configuration.php - cp -f $HESTIA_INSTALL_DIR/filemanager/filegator/configuration.php $HESTIA/web/fm/configuration.php - # Set environment variable for interface - $HESTIA/bin/v-change-sys-config-value 'FILE_MANAGER' 'true' - fi -fi - -# Enable nginx module loading -if [ -f "/etc/nginx/nginx.conf" ]; then - echo "[ * ] Updating NGINX configuration..." - if [ ! -d "/etc/nginx/modules-enabled" ]; then - mkdir -p "/etc/nginx/modules-enabled" - fi - - if ! grep --silent "include /etc/nginx/modules-enabled" /etc/nginx/nginx.conf; then - sed -i '/^pid/ a include /etc/nginx/modules-enabled/*.conf;' /etc/nginx/nginx.conf - fi -fi - -# Fix public_(s)html group ownership -echo "[ * ] Updating public_(s)html ownership..." -for user in $($HESTIA/bin/v-list-sys-users plain); do - # skip users with missing home folder - [[ -d /home/${user}/ ]] || continue - - # skip users without web domains - ls /home/${user}/web/*/public_*html > /dev/null 2>&1 || continue - - chown --silent --no-dereference :www-data /home/$user/web/*/public_*html -done - -# Fix phpMyAdmin blowfish_secret error message due to incorrect permissions -if [ -e /var/lib/phpmyadmin/blowfish_secret.inc.php ]; then - echo "[ * ] Updating phpMyAdmin permissions..." - chmod 0644 /var/lib/phpmyadmin/blowfish_secret.inc.php -fi - -# Ensure that backup compression level is correctly set -GZIP_LVL_CHECK=$(cat $HESTIA/conf/hestia.conf | grep BACKUP_GZIP) -if [ -z "$GZIP_LVL_CHECK" ]; then - echo "[ * ] Updating backup compression level variable..." - $BIN/v-change-sys-config-value "BACKUP_GZIP" '9' -fi - -# Update phpMyAdmin/phpPgAdmin templates and set missing alias variables if necessary -if [ -e "/var/lib/phpmyadmin" ]; then - PMA_ALIAS_CHECK=$(cat $HESTIA/conf/hestia.conf | grep DB_PMA_ALIAS) - if [ -z "$PMA_ALIAS_CHECK" ]; then - echo "[ * ] Updating phpMyAdmin alias..." - $HESTIA/bin/v-change-sys-db-alias "pma" "phpMyAdmin" - else - echo "[ * ] Updating phpMyAdmin configuration..." - $HESTIA/bin/v-change-sys-db-alias "pma" "$DB_PMA_ALIAS" - fi -fi - -if [ -e "/var/lib/phppgadmin" ]; then - PGA_ALIAS_CHECK=$(cat $HESTIA/conf/hestia.conf | grep DB_PGA_ALIAS) - if [ -z "$PGA_ALIAS_CHECK" ]; then - echo "[ * ] Updating phpPgAdmin alias..." - $HESTIA/bin/v-change-sys-db-alias "pga" "phpPgAdmin" - else - echo "[ * ] Updating phpPgAdmin configuration..." - $HESTIA/bin/v-change-sys-db-alias "pga" "$DB_PGA_ALIAS" - fi -fi - -# Ensure that backup compression level is correctly set -GZIP_LVL_CHECK=$(cat $HESTIA/conf/hestia.conf | grep BACKUP_GZIP) -if [ -z "$GZIP_LVL_CHECK" ]; then - echo "[ * ] Updating backup compression level variable..." - $BIN/v-change-sys-config-value "BACKUP_GZIP" '9' -fi diff --git a/install/upgrade/versions/1.2.1.sh b/install/upgrade/versions/1.2.1.sh deleted file mode 100644 index 45c057b..0000000 --- a/install/upgrade/versions/1.2.1.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.2.1 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.2.2.sh b/install/upgrade/versions/1.2.2.sh deleted file mode 100644 index eb326bc..0000000 --- a/install/upgrade/versions/1.2.2.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.2.2 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Enhance Vsftpd security -if [ "$FTP_SYSTEM" = "vsftpd" ]; then - echo "[ ! ] Hardening Vsftpd TLS configuration..." - if [ -e /etc/vsftpd.conf ]; then - rm -f /etc/vsftpd.conf - fi - cp -f $HESTIA_INSTALL_DIR/vsftpd/vsftpd.conf /etc/ - chmod 644 /etc/vsftpd.conf -fi - -# Rework apt repositories -apt="/etc/apt/sources.list.d" -echo "[ * ] Hardening APT repositories..." -if [ -f "$apt/nginx.list" ]; then - if grep -q "http://nginx.org/packages/mainline/" $apt/nginx.list; then - echo " ----- NGINX" - sed -i "s/http\:\/\/nginx.org/https\:\/\/nginx.org/g" $apt/nginx.list - fi -fi - -if [ -f "$apt/php.list" ]; then - if grep -q "http://packages.sury.org/" $apt/php.list; then - echo " ----- PHP" - sed -i "s/http\:\/\/packages.sury.org/https\:\/\/packages.sury.org/g" $apt/php.list - fi -fi - -if [ -f "$apt/mariadb.list" ]; then - if grep -q "http://ams2.mirrors.digitalocean.com" $apt/mariadb.list; then - echo " ----- MariaDB" - sed -i "s/http\:\/\/ams2.mirrors.digitalocean.com/https\:\/\/mirror.mva-n.net/g" $apt/mariadb.list - fi -fi - -if [ -f "$apt/postgresql.list" ]; then - if grep -q "http://apt.postgresql.org" $apt/postgresql.list; then - echo " ----- PostgreSQL" - sed -i "s/http\:\/\/apt.postgresql.org/https\:\/\/apt.postgresql.org/g" $apt/postgresql.list - fi -fi diff --git a/install/upgrade/versions/1.2.3.sh b/install/upgrade/versions/1.2.3.sh deleted file mode 100644 index 1a6b4c7..0000000 --- a/install/upgrade/versions/1.2.3.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.2.3 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.3.0.sh b/install/upgrade/versions/1.3.0.sh deleted file mode 100644 index 4da1a4a..0000000 --- a/install/upgrade/versions/1.3.0.sh +++ /dev/null @@ -1,76 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.3.0 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Add NPM to the default writeable folder list -echo "[ * ] Updating default writable folders for all users..." -for user in $($HESTIA/bin/v-list-sys-users plain); do - mkdir -p \ - $HOMEDIR/$user/.npm - - chown $user:$user \ - $HOMEDIR/$user/.npm -done - -# Add default SSL Certificate config when ip is visited -if [ "$PROXY_SYSTEM" = "nginx" ]; then - echo "[ * ] Updating nginx configuration..." - while read IP; do - rm /etc/nginx/conf.d/$IP.conf - cat $WEBTPL/$PROXY_SYSTEM/proxy_ip.tpl \ - | sed -e "s/%ip%/$IP/g" \ - -e "s/%web_port%/$WEB_PORT/g" \ - -e "s/%proxy_port%/$PROXY_PORT/g" \ - -e "s/%proxy_ssl_port%/$PROXY_SSL_PORT/g" \ - > /etc/$PROXY_SYSTEM/conf.d/$IP.conf - done < <(ls $HESTIA/data/ips/) -fi - -if [ "$FTP_SYSTEM" == "proftpd" ]; then - echo "[ * ] Updating ProFTPd TLS configuration..." - if [ -e /etc/proftpd/proftpd.conf ]; then - rm /etc/proftpd/proftpd.conf - fi - if [ -e /etc/proftpd/tls.conf ]; then - rm /etc/proftpd/tls.conf - fi - - cp -f $HESTIA_INSTALL_DIR/proftpd/proftpd.conf /etc/proftpd/ - cp -f $HESTIA_INSTALL_DIR/proftpd/tls.conf /etc/proftpd/ - -fi - -# Update exim configuration -if [ -e "/etc/exim4/exim4.conf.template" ]; then - echo "[ * ] Updating exim4 configuration..." - sed -i 's/${if match {${lc:$mime_filename}}{\\N(\\.ade|\\.adp|\\.bat|\\.chm|\\.cmd|\\.com|\\.cpl|\\.exe|\\.hta|\\.ins|\\.isp|\\.jse|\\.lib|\\.lnk|\\.mde|\\.msc|\\.msp|\\.mst|\\.pif|\\.scr|\\.sct|\\.shb|\\.sys|\\.vb|\\.vbe|\\.vbs|\\.vxd|\\.wsc|\\.wsf|\\.wsh)$\\N}{1}{0}}/${if match {${lc:$mime_filename}}{\\N(\\.ace|\\.ade|\\.adp|\\.app|\\.arj|\\.asp|\\.aspx|\\.asx|\\.bas|\\.bat|\\.cab|\\.cer|\\.chm|\\.cmd|\\.cnt|\\.com|\\.cpl|\\.crt|\\.csh|\\.der|\\.diagcab|\\.dll|\\.efi|\\.exe|\\.fla|\\.fon|\\.fxp|\\.gadget|\\.grp|\\.hlp|\\.hpj|\\.hta|\\.htc|\\.img|\\.inf|\\.ins|\\.iso|\\.isp|\\.its|\\.jar|\\.jnlp|\\.js|\\.jse|\\.ksh|\\.lib|\\.lnk|\\.mad|\\.maf|\\.mag|\\.mam|\\.maq|\\.mar|\\.mas|\\.mat|\\.mau|\\.mav|\\.maw|\\.mcf|\\.mda|\\.mdb|\\.mde|\\.mdt|\\.mdw|\\.mdz|\\.msc|\\.msh|\\.msh1|\\.msh1xml|\\.msh2|\\.msh2xml|\\.mshxml|\\.msi|\\.msp|\\.mst|\\.msu|\\.ops|\\.osd|\\.pcd|\\.pif|\\.pl|\\.plg|\\.prf|\\.prg|\\.printerexport|\\.ps1|\\.ps1xml|\\.ps2|\\.ps2xml|\\.psc1|\\.psc2|\\.psd1|\\.psdm1|\\.pst|\\.py|\\.pyc|\\.pyo|\\.pyw|\\.pyz|\\.pyzw|\\.reg|\\.scf|\\.scr|\\.sct|\\.sfx|\\.shb|\\.shs|\\.swf|\\.sys|\\.theme|\\.tmp|\\.ttf|\\.url|\\.vb|\\.vba|\\.vbe|\\.vbp|\\.vbs|\\.vhd|\\.vhdx|\\.vsmacros|\\.vsw|\\.vxd|\\.webpnp|\\.website|\\.wim|\\.ws|\\.wsc|\\.wsf|\\.wsh|\\.xbap|\\.xll|\\.xnk)$\\N}{1}{0}}/g' /etc/exim4/exim4.conf.template -fi - -# Restrict access to /proc fs -if [ ! -e "/etc/cron.d/hestia-proc" ]; then - echo "[ * ] Restricting access to /proc fs..." - mount -o remount,defaults,hidepid=2 /proc > /dev/null 2>&1 - if [ $? -ne 0 ]; then - echo "[ ! ] WARNING: Cannot remount /proc (LXC containers require additional permissions be added to host apparmor profile)" - else - echo "@reboot root sleep 5 && mount -o remount,defaults,hidepid=2 /proc" > /etc/cron.d/hestia-proc - fi -fi - -# Change backup mode to zstd. -echo "[ * ] Setting zstd backup compression type as default..." -$BIN/v-change-sys-config-value "BACKUP_MODE" "zstd" - -# Set LOGIN_STYLE variable in hestia.conf -echo "[ * ] Updating configuration file: hestia.conf..." -$BIN/v-change-sys-config-value "LOGIN_STYLE" "default" - -# Remove old lanugage files. -if [ -e $HESTIA/web/inc/i18n/en.php ]; then - echo "[ * ] Performing language library clean-up..." - rm -fr $HESTIA/web/inc/i18n -fi diff --git a/install/upgrade/versions/1.3.1.sh b/install/upgrade/versions/1.3.1.sh deleted file mode 100644 index 9271b64..0000000 --- a/install/upgrade/versions/1.3.1.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.3.1 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Remove duplicate values in U_SYS_USERS variable for ips -for ip in $($BIN/v-list-sys-ips plain | cut -f1); do - current_usr=$(grep "U_SYS_USERS=" $HESTIA/data/ips/$ip | cut -f 2 -d \') - - new_usr=$(echo "$current_usr" \ - | sed "s/,/\n/g" \ - | sort -u \ - | sed ':a;N;$!ba;s/\n/,/g') - - if [ -n "$new_usr" ]; then - sed -i "s/U_SYS_USERS='$current_usr'/U_SYS_USERS='$new_usr'/g" $HESTIA/data/ips/$ip - fi -done diff --git a/install/upgrade/versions/1.3.2.sh b/install/upgrade/versions/1.3.2.sh deleted file mode 100644 index 04e0324..0000000 --- a/install/upgrade/versions/1.3.2.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.3.2 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.3.3.sh b/install/upgrade/versions/1.3.3.sh deleted file mode 100644 index a8c86ab..0000000 --- a/install/upgrade/versions/1.3.3.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.3.3 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Check if keys folder exists and adjust permissions -if [ -d "$HESTIA/data/keys" ]; then - echo '[ * ] Update permissions' - chmod 750 "$HESTIA/data/keys" - chown admin:root "$HESTIA/data/keys" -fi - -if [[ ! -e /etc/hestiacp/hestia.conf ]]; then - echo '[ * ] Create global Hestia config' - - mkdir -p /etc/hestiacp - echo -e "# Do not edit this file, will get overwritten on next upgrade, use /etc/hestiacp/local.conf instead\n\nexport HESTIA='/usr/local/hestia'\n\n[[ -f /etc/hestiacp/local.conf ]] && source /etc/hestiacp/local.conf" > /etc/hestiacp/hestia.conf -fi diff --git a/install/upgrade/versions/1.3.4.sh b/install/upgrade/versions/1.3.4.sh deleted file mode 100644 index 55fbd70..0000000 --- a/install/upgrade/versions/1.3.4.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.3.4 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -echo '[ * ] Updating System Administrator account permissions...' -$HESTIA/bin/v-change-user-role admin admin - -# Send end-of-life notification to admin user on servers running Ubuntu 16.04 -if [ "$OS_TYPE" = "Ubuntu" ]; then - if [ "$OS_VERSION" = '16.04' ]; then - $HESTIA/bin/v-add-user-notification admin 'IMPORTANT: End of support for Ubuntu 16.04 LTS' 'Hestia Control Panel no longer supports Ubuntu 16.04 LTS, as a result your server will no longer receive upgrades or security patches after v1.3.4.

Please upgrade to a supported operating system.' - fi -fi diff --git a/install/upgrade/versions/1.4.0.sh b/install/upgrade/versions/1.4.0.sh deleted file mode 100644 index 4f9290a..0000000 --- a/install/upgrade/versions/1.4.0.sh +++ /dev/null @@ -1,198 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.0 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Add support for nginx FastCGI cache (standalone) -if [ -e "/etc/nginx/nginx.conf" ]; then - check=$(cat /etc/nginx/nginx.conf | grep 'fastcgi_cache_path') - if [ -z "$check" ]; then - echo "[ * ] Enabling nginx FastCGI cache support..." - sed -i 's/# Cache bypass/# FastCGI cache\n fastcgi_cache_path \/var\/cache\/nginx\/micro levels=1:2 keys_zone=microcache:10m max_size=1024m inactive=30m;\n fastcgi_cache_key \"$scheme$request_method$host$request_uri\";\n fastcgi_cache_methods GET HEAD;\n fastcgi_cache_use_stale updating error timeout invalid_header http_500 http_503;\n fastcgi_ignore_headers Cache-Control Expires Set-Cookie;\n add_header X-FastCGI-Cache \$upstream_cache_status;\n\n # Cache bypass/g' /etc/nginx/nginx.conf - sed -i 's/ fastcgi_cache_lock_timeout 5s;/ fastcgi_cache_lock_timeout 5s;\n fastcgi_cache_background_update on;\n fastcgi_cache_revalidate on;/g' /etc/nginx/nginx.conf - fi -fi - -if [ -e "/etc/nginx/nginx.conf" ]; then - echo "[ * ] Updating nginx configuration with changes to Cloudflare IP addresses" - sed -i 's/ set_real_ip_from 104.16.0.0\/12;/ set_real_ip_from 104.16.0.0\/13;\n set_real_ip_from 104.24.0.0\/14;/g' /etc/nginx/nginx.conf -fi - -# Populating HELO/SMTP Banner for existing IPs -if [ "$MAIL_SYSTEM" == "exim4" ]; then - - # Check if we've already done this upgrade before proceeding - if ! grep -q ^smtp_active_hostname /etc/exim4/exim4.conf.template; then - - source $HESTIA/func/ip.sh - - echo "[ * ] Populating HELO/SMTP Banner value for existing IP addresses..." - > /etc/exim4/mailhelo.conf - - for ip in $($BIN/v-list-sys-ips plain | cut -f1); do - helo=$(is_ip_rdns_valid $ip) - - if [ ! -z "$helo" ]; then - $BIN/v-change-sys-ip-helo $ip $helo - fi - done - - # Update exim configuration - echo "[ * ] Updating exim4 configuration..." - - # Add new smtp_active_hostname variable to exim config - sed -i '/^smtp_banner = \$smtp_active_hostname$/a smtp_active_hostname = ${if exists {\/etc\/exim4\/mailhelo.conf}{${lookup{$interface_address}lsearch{\/etc\/exim4\/mailhelo.conf}{$value}{$primary_hostname}}}{$primary_hostname}}' /etc/exim4/exim4.conf.template - - # Lookup HELO address by sending ip instead of sending domain - sed -i 's/helo_data = \${if exists {\/etc\/exim4\/mailhelo.conf}{${lookup{\$sender_address_domain}lsearch\*{\/etc\/exim4\/mailhelo.conf}{\$value}{\$primary_hostname}}}{\$primary_hostname}}/helo_data = ${if exists {\/etc\/exim4\/mailhelo.conf}{${lookup{$sending_ip_address}lsearch{\/etc\/exim4\/mailhelo.conf}{$value}{$primary_hostname}}}{$primary_hostname}}/' /etc/exim4/exim4.conf.template - fi -fi - -# Upgrading Mail System -if [ "$MAIL_SYSTEM" == "exim4" ]; then - if ! grep -q "send_via_smtp_relay" /etc/exim4/exim4.conf.template; then - - echo '[ * ] Enabling SMTP relay support...' - if grep -q "driver = plaintext" /etc/exim4/exim4.conf.template; then - disable_smtp_relay=true - echo '[ ! ] ERROR: SMTP Relay upgrade failed:' - echo '' - echo 'Because of the complexity of the SMTP Relay upgrade,' - echo 'we were unable to safely modify your existing exim config file.' - echo 'If you would like to use the new SMTP Relay features,' - echo 'you will have to replace or modify your config with the one found' - echo 'on GitHub at https://github.com/hestiacp/hestiacp/blob/release/install/deb/exim/exim4.conf.template.' - echo 'Your exim config file will be found here: /etc/exim4/exim4.conf.template' - $HESTIA/bin/v-add-user-notification admin 'SMTP Relay upgrade failed' 'Because of the complexity of the SMTP Relay upgrade, we were unable to safely modify your existing exim config file.

If you would like to use the new SMTP Relay features, you will have to replace or modify your config with the one found on GitHub.

Your exim config file will be found here:

/etc/exim4/exim4.conf.template' - else - disable_smtp_relay=false - fi - - # Add smtp relay macros to exim config - insert='SMTP_RELAY_FILE = ${if exists{/etc/exim4/domains/${sender_address_domain}/smtp_relay.conf}{/etc/exim4/domains/$sender_address_domain/smtp_relay.conf}{/etc/exim4/smtp_relay.conf}}\n\SMTP_RELAY_HOST=${lookup{host}lsearch{SMTP_RELAY_FILE}}\n\SMTP_RELAY_PORT=${lookup{port}lsearch{SMTP_RELAY_FILE}}\n\SMTP_RELAY_USER=${lookup{user}lsearch{SMTP_RELAY_FILE}}\n\SMTP_RELAY_PASS=${lookup{pass}lsearch{SMTP_RELAY_FILE}}\n' - - if [ "$disable_smtp_relay" = true ]; then - insert=$(sed 's/^/#/g; s/\\n/\\n#/g; s/.$//' <<< $insert) - fi - - line=$(expr $(sed -n '/ACL CONFIGURATION/=' /etc/exim4/exim4.conf.template) - 1) - sed -i "${line}i $insert" /etc/exim4/exim4.conf.template - - # Add smtp relay authenticator - insert='smtp_relay_login:\n\ driver = plaintext\n\ public_name = LOGIN\n\ hide client_send = : SMTP_RELAY_USER : SMTP_RELAY_PASS\n' - - if [ "$disable_smtp_relay" = true ]; then - insert=$(sed 's/^/#/g; s/\\n/\\n#/g; s/.$//' <<< $insert) - fi - - line=$(expr $(sed -n '/begin authenticators/=' /etc/exim4/exim4.conf.template) + 2) - sed -i "${line}i $insert" /etc/exim4/exim4.conf.template - - # Add smtp relay router - insert='send_via_smtp_relay:\n\ driver = manualroute\n\ address_data = SMTP_RELAY_HOST:SMTP_RELAY_PORT\n\ domains = !+local_domains\n\ require_files = SMTP_RELAY_FILE\n\ transport = smtp_relay_smtp\n\ route_list = * ${extract{1}{:}{$address_data}}::${extract{2}{:}{$address_data}}\n\ no_more\n\ no_verify\n' - - if [ "$disable_smtp_relay" = true ]; then - insert=$(sed 's/^/#/g; s/\\n/\\n#/g; s/.$//' <<< $insert) - fi - - line=$(expr $(sed -n '/begin routers/=' /etc/exim4/exim4.conf.template) + 2) - sed -i "${line}i $insert" /etc/exim4/exim4.conf.template - - # Add smtp relay transport - insert='smtp_relay_smtp:\n\ driver = smtp\n\ hosts_require_auth = $host_address\n\ hosts_require_tls = $host_address\n' - - if [ "$disable_smtp_relay" = true ]; then - insert=$(sed 's/^/#/g; s/\\n/\\n#/g; s/.$//' <<< $insert) - fi - - line=$(expr $(sed -n '/begin transports/=' /etc/exim4/exim4.conf.template) + 2) - sed -i "${line}i $insert" /etc/exim4/exim4.conf.template - fi -fi - -# Set default webmail system for mail domains -if [ -n "$WEBMAIL_SYSTEM" ]; then - for user in $($BIN/v-list-users plain | cut -f1); do - for domain in $($BIN/v-list-mail-domains $user plain | cut -f1); do - $BIN/v-add-mail-domain-webmail $user $domain '' no - done - done -fi - -# Fix PostgreSQL repo -if [ -f /etc/apt/sources.list.d/postgresql.list ]; then - echo "[ * ] Updating PostgreSQL repository..." - sed -i 's|deb https://apt.postgresql.org/pub/repos/apt/|deb [arch=amd64] https://apt.postgresql.org/pub/repos/apt/|g' /etc/apt/sources.list.d/postgresql.list -fi - -# Remove API file if API is set to "no" -if [ "$API" = "no" ]; then - if [ -f "$HESTIA/web/api/index.php" ]; then - echo "[ * ] Disabling API access..." - $HESTIA/bin/v-change-sys-api remove - fi -fi - -# Back up users existing configuration data to $HESTIA/conf/defaults/hestia.conf -if [ ! -f "$HESTIA/conf/defaults/hestia.conf" ]; then - echo "[ * ] Creating known good configuration data for system recovery..." - if [ ! -d "$HESTIA/conf/defaults/" ]; then - mkdir -p "$HESTIA/conf/defaults/" - fi - cp -f $HESTIA/conf/hestia.conf $HESTIA/conf/defaults/hestia.conf -fi - -if [ -f "/usr/lib/networkd-dispatcher/routable.d/50-ifup-hooks" ]; then - echo "[ * ] Fix potenial issue with multiple network adapters and netplan..." - rm "/usr/lib/networkd-dispatcher/routable.d/50-ifup-hooks" - $BIN/v-update-firewall -fi - -# Consolidate nginx (standalone) templates used by active websites -if [ "$WEB_SYSTEM" = "nginx" ]; then - echo "[ * ] Consolidating nginx templates for Drupal & CodeIgniter..." - sed -i "s|TPL='drupal6'|TPL='drupal'|g" $HESTIA/data/users/*/web.conf - sed -i "s|TPL='drupal7'|TPL='drupal'|g" $HESTIA/data/users/*/web.conf - sed -i "s|TPL='drupal8'|TPL='drupal'|g" $HESTIA/data/users/*/web.conf - sed -i "s|TPL='codeigniter2'|TPL='codeigniter'|g" $HESTIA/data/users/*/web.conf - sed -i "s|TPL='codeigniter3'|TPL='codeigniter'|g" $HESTIA/data/users/*/web.conf -fi - -# Remove outdated nginx templates -echo "[ * ] Removing outdated nginx templates..." -rm -rf $HESTIA/data/templates/web/nginx/php-fpm/drupal6.*tpl -rm -rf $HESTIA/data/templates/web/nginx/php-fpm/drupal7.*tpl -rm -rf $HESTIA/data/templates/web/nginx/php-fpm/drupal8.*tpl -rm -rf $HESTIA/data/templates/web/nginx/php-fpm/codeigniter2.*tpl -rm -rf $HESTIA/data/templates/web/nginx/php-fpm/codeigniter3.*tpl - -# Clean up old Hestia controlled webapps -if [ -d "$HESTIA/web/images/webapps/" ]; then - echo "[ * ] Clean up old web apps code..." - rm -rf $HESTIA/web/images/webapps/ - rm -rf $HESTIA/web/src/app/WebApp/Installers/LaravelSetup.php - rm -rf $HESTIA/web/src/app/WebApp/Installers/OpencartSetup.php - rm -rf $HESTIA/web/src/app/WebApp/Installers/PrestashopSetup.php - rm -rf $HESTIA/web/src/app/WebApp/Installers/SymfonySetup.php - rm -rf $HESTIA/web/src/app/WebApp/Installers/WordpressSetup.php - rm -rf $HESTIA/web/src/app/WebApp/Installers/Joomla -fi - -# Update ClamAV configuration file -if [ -f "/etc/clamav/clamd.conf" ]; then - cp -f $HESTIA_INSTALL_DIR/clamav/clamd.conf /etc/clamav/ - $HESTIA/bin/v-add-user-notification admin 'ClamAV config has been overwritten' 'Warning: If you have manualy changed /etc/clamav/clamd.conf and any changes you made will be lost an backup has been created in the /root/hst_backups folder with the original config. If you have not changed the config file you can ignore this message' -fi - -##### COMMANDS FOR V1.5.X - -# Back up default package and install latest version -if [ -d $HESTIA/data/packages/ ]; then - echo "[ * ] Migrating legacy default package for all users..." - $HESTIA/bin/v-rename-user-package default custom > /dev/null 2>&1 - echo "[ * ] Replacing default package..." - cp -f $HESTIA_INSTALL_DIR/packages/default.pkg $HESTIA/data/packages/ -fi diff --git a/install/upgrade/versions/1.4.1.sh b/install/upgrade/versions/1.4.1.sh deleted file mode 100644 index 6c48433..0000000 --- a/install/upgrade/versions/1.4.1.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.1 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.4.10.sh b/install/upgrade/versions/1.4.10.sh deleted file mode 100644 index 412edde..0000000 --- a/install/upgrade/versions/1.4.10.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.10 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.4.11.sh b/install/upgrade/versions/1.4.11.sh deleted file mode 100644 index 754c733..0000000 --- a/install/upgrade/versions/1.4.11.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.11 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Fix the potential issue of loading firewall rules -if [ "$FIREWALL_SYSTEM" = "iptables" ]; then - echo "[ * ] Updating firewall configuration..." - # Just in case, delete the legacy version loading script again to prevent any residue - rm -f /usr/lib/networkd-dispatcher/routable.d/50-ifup-hooks /etc/network/if-pre-up.d/iptables - # The firewall rules are loading by Systemd, the old loading script is no longer needed - rm -f /usr/lib/networkd-dispatcher/routable.d/10-hestia-iptables /etc/network/if-pre-up.d/hestia-iptables - $BIN/v-update-firewall -fi - -if [ -f "/etc/exim4/exim4.conf.template" ]; then - test=$(grep 'require_files = ${local_part}:+${home}/.forward' /etc/exim4/exim4.conf.template) - if [ -z "$test" ]; then - echo "[ * ] Fix bug where email send to news@domain.com is handled by /var/spool/news" - insert="\ require_files = \${local_part}:+\${home}/.forward\n\ domains = +local_domains" - line=$(expr $(sed -n '/userforward/=' /etc/exim4/exim4.conf.template) + 1) - sed -i "${line}i $insert" /etc/exim4/exim4.conf.template - fi -fi diff --git a/install/upgrade/versions/1.4.12.sh b/install/upgrade/versions/1.4.12.sh deleted file mode 100644 index 5bf56db..0000000 --- a/install/upgrade/versions/1.4.12.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.12 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -exim_version=$(exim4 --version | head -1 | awk '{print $3}' | cut -f -2 -d .) -if [ "$exim_version" = "4.94" ]; then - echo "[ ! ] Fixing issue with Exim 4.94 (#2087 - Unable send email)..." - if [ -f "/etc/exim4/exim4.conf.template" ]; then - sed -i 's|OUTGOING_IP = /etc/exim4/domains/$sender_address_domain/ip|OUTGOING_IP = /etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains}}/ip|g' /etc/exim4/exim4.conf.template - sed -i 's|SMTP_RELAY_FILE = ${if exists{/etc/exim4/domains/${sender_address_domain}/smtp_relay.conf}{/etc/exim4/domains/$sender_address_domain/smtp_relay.conf}{/etc/exim4/smtp_relay.conf}}|SMTP_RELAY_FILE = ${if exists{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains}}/smtp_relay.conf}{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains}}/smtp_relay.conf}{/etc/exim4/smtp_relay.conf}}|g' /etc/exim4/exim4.conf.template - fi -fi diff --git a/install/upgrade/versions/1.4.13.sh b/install/upgrade/versions/1.4.13.sh deleted file mode 100644 index febe9df..0000000 --- a/install/upgrade/versions/1.4.13.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.13 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -servername=$(hostname -f) -# Check if hostname is valid according to RFC1178 -if [[ $(echo "$servername" | grep -o "\." | wc -l) -lt 2 ]] || [[ $servername =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - echo "[ * ] Hostname does not follow RFC1178 standard Please check email send regarding the update!" - add_upgrade_message "We've noticed that you're using a invalid hostname. Please have a look at the RFC1178 standard (https://datatracker.ietf.org/doc/html/rfc1178) and use a valid one (ex. hostname.domain.tld). You can change the hostname using v-change-sys-hostname and also add a ssl certificate using v-add-letsencypt-host (proper dns A record mandatory). You'll find more informations in our documentation: https://hestiacp.com/docs/server-administration/ssl-certificates.html#how-to-setup-let-s-encrypt-for-the-control-panel" - $HESTIA/bin/v-add-user-notification admin "Invalid Hostname detected" "Warning: We've noticed that you're using a invalid hostname. Please have a look at the RFC1178 standard and use a valid one (ex. hostname.domain.tld). You can change the hostname using v-change-sys-hostname and also add a ssl certificate using v-add-letsencypt-host (proper dns A record mandatory). You'll find more informations in our documentation." -fi - -# Empty $HESTIA/ssl/mail/ due to bug in #2066 -if [ -e "$HESTIA/ssl/mail/" ]; then - rm -fr $HESTIA/ssl/mail/* -fi - -# Reset PMA SSO -if [ "$PHPMYADMIN_KEY" != "" ]; then - echo "[ * ] Updating hestia-sso for phpMyAdmin..." - $BIN/v-delete-sys-pma-sso - $BIN/v-add-sys-pma-sso -fi - -# Loading firewall rules Systemd unit needs update. #2100 -if [ "$FIREWALL_SYSTEM" = "iptables" ]; then - echo "[ * ] Updating loading firewall configuration..." - $BIN/v-delete-sys-firewall - $BIN/v-add-sys-firewall -fi - -# Remove old files/folders from previous versions of Hestia Control Panel -if [ -d "$HESTIA/web/edit/file/" ]; then - rm -fr $HESTIA/web/edit/file/ -fi -if [ -d "$HESTIA/web/edit/server/theme/" ]; then - rm -fr $HESTIA/web/edit/server/theme/ -fi diff --git a/install/upgrade/versions/1.4.14.sh b/install/upgrade/versions/1.4.14.sh deleted file mode 100644 index 1908fab..0000000 --- a/install/upgrade/versions/1.4.14.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.14 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -if [ -f "/etc/network/interfaces" ] && [ -f "/etc/netplan/60-hestia.yaml" ]; then - add_upgrade_message "Warning: Please check your network configuration!\n\nDuring this update network compatibility issues were detected. Both /etc/network/interfaces and /etc/netplan/60-hestia.yaml exist which can lead to issues after a system reboot. Please review your network configuration." - $HESTIA/bin/v-add-user-notification admin "WARNING: Invalid network configuration detected\n\nDuring this update network compatibility issues were detected. Both /etc/network/interfaces and /etc/netplan/60-hestia.yaml exist which can lead to issues after a system reboot. Please review your network configuration." -fi diff --git a/install/upgrade/versions/1.4.15.sh b/install/upgrade/versions/1.4.15.sh deleted file mode 100644 index 4dce9e4..0000000 --- a/install/upgrade/versions/1.4.15.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.15 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -if [ -n "$DB_PMA_ALIAS" ]; then - $HESTIA/bin/v-change-sys-db-alias 'pma' "$DB_PMA_ALIAS" -fi - -exim_version=$(exim4 --version | head -1 | awk '{print $3}' | cut -f -2 -d .) -if [ "$exim_version" = "4.94" ]; then - echo "[ ! ] Updating Exim configuration..." - if [ -f "/etc/exim4/exim4.conf.template" ]; then - sed -i 's|file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}.msg|file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}.msg|g' /etc/exim4/exim4.conf.template - sed -i 's| from = "${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"| from = "${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"|g' /etc/exim4/exim4.conf.template - fi -fi diff --git a/install/upgrade/versions/1.4.16.sh b/install/upgrade/versions/1.4.16.sh deleted file mode 100644 index ec739dc..0000000 --- a/install/upgrade/versions/1.4.16.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.16 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -if [ -n "$DB_PMA_ALIAS" ]; then - $HESTIA/bin/v-change-sys-db-alias 'pma' "$DB_PMA_ALIAS" -fi diff --git a/install/upgrade/versions/1.4.17.sh b/install/upgrade/versions/1.4.17.sh deleted file mode 100644 index 5fe7d03..0000000 --- a/install/upgrade/versions/1.4.17.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.17 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass trough information to the end user incase of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### to the upgrade email. Please add it using: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -if [ -n "$DB_PMA_ALIAS" ]; then - $HESTIA/bin/v-change-sys-db-alias 'pma' "$DB_PMA_ALIAS" -fi diff --git a/install/upgrade/versions/1.4.2.sh b/install/upgrade/versions/1.4.2.sh deleted file mode 100644 index 8799005..0000000 --- a/install/upgrade/versions/1.4.2.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.2 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Optimize loading firewall rules -if [ "$FIREWALL_SYSTEM" = "iptables" ]; then - echo "[ * ] Fix the issue of loading firewall rules..." - # Add rule to ensure the rule will be added when we update the firewall / /etc/iptables.rules - iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT - rm -f /usr/lib/networkd-dispatcher/routable.d/50-ifup-hooks /etc/network/if-pre-up.d/iptables - $BIN/v-update-firewall -fi - -# Fix potential issue of updating to Nginx 1.21.0 -if [ "$WEB_SYSTEM" = "nginx" ] || [ "$PROXY_SYSTEM" = "nginx" ]; then - default_conf="/etc/nginx/conf.d/default.conf" - nginx_conf="/etc/nginx/nginx.conf" - - [ -f "${default_conf}" ] && mv -f ${default_conf} ${default_conf}.dpkg-dist - [ -f "${default_conf}.dpkg-new" ] && mv -f ${default_conf}.dpkg-new ${default_conf}.dpkg-dist - [ -f "${nginx_conf}.dpkg-new" ] && mv -f ${nginx_conf}.dpkg-new ${nginx_conf}.dpkg-dist - [ -f "${nginx_conf}.dpkg-old" ] && mv -f ${nginx_conf} ${nginx_conf}.dpkg-dist \ - && rm -f ${nginx_conf}.dpkg-old \ - && cp -f $HESTIA/install/deb/nginx/nginx.conf /etc/nginx/ -fi diff --git a/install/upgrade/versions/1.4.3.sh b/install/upgrade/versions/1.4.3.sh deleted file mode 100644 index 37c01f4..0000000 --- a/install/upgrade/versions/1.4.3.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.3 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -# Improve generate and loading firewall rules -if [ "$FIREWALL_SYSTEM" = "iptables" ]; then - echo "[ * ] Fix the issue of generate firewall rules..." - $BIN/v-update-firewall -fi - -# Reset PMA SSO -if [ "$PHPMYADMIN_KEY" != "" ]; then - echo "[ * ] Refressh hestia-sso for PMA..." - $BIN/v-delete-sys-pma-sso - $BIN/v-add-sys-pma-sso -fi diff --git a/install/upgrade/versions/1.4.4.sh b/install/upgrade/versions/1.4.4.sh deleted file mode 100644 index 9329a91..0000000 --- a/install/upgrade/versions/1.4.4.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.4 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -if [ -d "/etc/nginx/conf.d/" ]; then - #Add nginx user_agent separation to desktop/mobile - cp -f $HESTIA_INSTALL_DIR/nginx/agents.conf /etc/nginx/conf.d/ -fi - -if [ -d "/etc/phpmyadmin/" ]; then - echo "[ * ] Secure PHPmyAdmin" - # limit access to /etc/phpmyadmin/ and /usr/share/phpmyadmin/tmp and so on - chown -R root:www-data /etc/phpmyadmin/ - chmod -R 640 /etc/phpmyadmin/* - if [ -d "/etc/phpmyadmin/conf.d/" ]; then - chmod 750 /etc/phpmyadmin/conf.d/ - fi - if [ -d "/var/lib/phpmyadmin/tmp" ]; then - chown root:www-data /usr/share/phpmyadmin/tmp - chmod 770 /usr/share/phpmyadmin/tmp - fi - if [ -d "/var/lib/phpmyadmin/tmp" ]; then - chmod 770 /var/lib/phpmyadmin/tmp - chown root:www-data /usr/share/phpmyadmin/tmp - fi -fi - -# Reset PMA SSO to fix bug with Nginx + Apache2 -if [ "$PHPMYADMIN_KEY" != "" ]; then - echo "[ * ] Refressh hestia-sso for PMA..." - $BIN/v-delete-sys-pma-sso quiet - $BIN/v-add-sys-pma-sso quiet -fi diff --git a/install/upgrade/versions/1.4.5.sh b/install/upgrade/versions/1.4.5.sh deleted file mode 100644 index e20494d..0000000 --- a/install/upgrade/versions/1.4.5.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.5 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### diff --git a/install/upgrade/versions/1.4.6.sh b/install/upgrade/versions/1.4.6.sh deleted file mode 100644 index 85ce599..0000000 --- a/install/upgrade/versions/1.4.6.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.6 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -if [ -n "$DB_PMA_ALIAS" ]; then - $HESTIA/bin/v-change-sys-db-alias 'pma' "$DB_PMA_ALIAS" - rm -rf /usr/share/phpmyadmin/tmp/* -fi diff --git a/install/upgrade/versions/1.4.7.sh b/install/upgrade/versions/1.4.7.sh deleted file mode 100644 index 61a124b..0000000 --- a/install/upgrade/versions/1.4.7.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.7 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -if [ -n "$DB_PGA_ALIAS" ]; then - $HESTIA/bin/v-change-sys-db-alias 'pga' "$DB_PGA_ALIAS" -fi diff --git a/install/upgrade/versions/1.4.8.sh b/install/upgrade/versions/1.4.8.sh deleted file mode 100644 index ddc89c0..0000000 --- a/install/upgrade/versions/1.4.8.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.4.8 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### - -echo "[ * ] Configuring PHPMailer..." -$HESTIA/bin/v-add-sys-phpmailer quiet - -matches=$(grep -o 'ENFORCE_SUBDOMAIN_OWNERSHIP' $HESTIA/conf/hestia.conf | wc -l) -if [ "$matches" -gt 1 ]; then - echo "[ * ] Removing double matches ENFORCE_SUBDOMAIN_OWNERSHIP key" - source $HESTIA/conf/hestia.conf - sed -i "/ENFORCE_SUBDOMAIN_OWNERSHIP='$ENFORCE_SUBDOMAIN_OWNERSHIP'/d" $HESTIA/conf/hestia.conf - $HESTIA/bin/v-change-sys-config-value "ENFORCE_SUBDOMAIN_OWNERSHIP" "$ENFORCE_SUBDOMAIN_OWNERSHIP" -fi - -if [ "$IMAP_SYSTEM" = "dovecot" ]; then - version=$(dovecot --version | cut -f -2 -d .) - if [ "$version" = "2.3" ]; then - echo "[ * ] Update dovecot config to sync with 2.3 settings" - sed -i 's|ssl_dh_parameters_length = 4096|#ssl_dh_parameters_length = 4096|g' /etc/dovecot/conf.d/10-ssl.conf - sed -i 's|#ssl_dh = : ptr=\$interface_address}{\${listextract{1}{\$value}}}{\$primary_hostname}}/' /etc/exim4/exim4.conf.template - - sed -i 's/^ helo_data = \${if exists {\/etc\/exim4\/mailhelo\.conf}{\${lookup{\$sending_ip_address}lsearch{\/etc\/exim4\/mailhelo\.conf}{\$value}{\$primary_hostname}}}{\$primary_hostname}}$/ helo_data = \${lookup dnsdb{>: ptr=\$sending_ip_address}{\${listextract{1}{\$value}}}{\$primary_hostname}}/' /etc/exim4/exim4.conf.template - - # When 1.5.0 beta was installed - sed -i 's/^smtp_active_hostname = \${lookup dnsdb{ptr=\$interface_address}{\$value}{\$primary_hostname}}$/smtp_active_hostname = \${lookup dnsdb{>: ptr=\$interface_address}{\${listextract{1}{\$value}}}{\$primary_hostname}}/' /etc/exim4/exim4.conf.template - - sed -i 's/^ helo_data = \${lookup dnsdb{ptr=\$sending_ip_address}{\$value}{\$primary_hostname}}$/ helo_data = \${lookup dnsdb{>: ptr=\$sending_ip_address}{\${listextract{1}{\$value}}}{\$primary_hostname}}/' /etc/exim4/exim4.conf.template - fi - - # Clean up legacy mailhelo file - rm -f /etc/${MAIL_SYSTEM}/mailhelo.conf - - # Clean up legacy ip variable - for ip in $($BIN/v-list-sys-ips plain | cut -f1); do - sed '/^HELO/d' $HESTIA/data/ips/$ip > /dev/null - done -fi - -if [ -L "/var/log/hestia" ]; then - echo "[ ! ] Updating log file location: /usr/local/hestia/log/* to /var/log/hestia/..." - rm /var/log/hestia - mkdir -p /var/log/hestia - cp /usr/local/hestia/log/* /var/log/hestia/ - rm -rf /usr/local/hestia/log - ln -s /var/log/hestia /usr/local/hestia/log - touch /var/log/hestia/auth.log /var/log/hestia/error.log /var/log/hestia/system.log /var/log/hestia/nginx-error.log /var/log/hestia/nginx-access.log -fi - -if [ -d "/var/log/roundcube" ]; then - chown www-data:root /var/log/roundcube - chmod 751 /var/log/roundcube -fi - -if [ -d "/etc/roundcube" ]; then - chmod 644 /etc/roundcube/defaults.inc.php - chmod 644 /etc/roundcube/mimetypes.php -fi diff --git a/install/upgrade/versions/1.5.1.sh b/install/upgrade/versions/1.5.1.sh deleted file mode 100644 index 7f6c59c..0000000 --- a/install/upgrade/versions/1.5.1.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.1 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'true' - -RHOST='apt.hestiacp.com' -codename="$(lsb_release -s -c)" -if [ -z "$codename" ]; then - codename="$(cat /etc/os-release | grep VERSION= | cut -f 2 -d \( | cut -f 1 -d \))" -fi -architecture="$(arch)" -case $architecture in - x86_64) - ARCH="amd64" - ;; - aarch64) - ARCH="arm64" - ;; - *) ;; -esac - -chmod +x $HESTIA/install/deb/ - -echo "[ * ] Updating hestia apt configuration..." -sed -i "s|deb https://$RHOST/ $codename main|deb [arch=$ARCH] https://$RHOST/ $codename main|g" /etc/apt/sources.list.d/hestia.list - -if [ -n "$IMAP_SYSTEM" ]; then - echo "[ * ] Updating dovecot configuration..." - sed -i "s/mail_plugins = \$mail_plugins sieve/mail_plugins = \$mail_plugins quota sieve/g" /etc/dovecot/conf.d/15-lda.conf -fi - -if [ -n "$MAIL_SYSTEM" ]; then - echo "[ ! ] Updating Exim configuration..." - if [ -f "/etc/exim4/exim4.conf.template" ]; then - sed -i 's/^smtp_active_hostname = \${lookup dnsdb{>: ptr=\$interface_address}{\${listextract{1}{\$value}}}{\$primary_hostname}}$/smtp_active_hostname = \${lookup dnsdb{>: defer_never,ptr=\$interface_address}{\${listextract{1}{\$value}}}{\$primary_hostname}}/' /etc/exim4/exim4.conf.template - sed -i 's/^ helo_data = \${lookup dnsdb{>: ptr=\$sending_ip_address}{\${listextract{1}{\$value}}}{\$primary_hostname}}$/ helo_data = \${lookup dnsdb{>: defer_never,ptr=\$sending_ip_address}{\${listextract{1}{\$value}}}{\$primary_hostname}}/' /etc/exim4/exim4.conf.template - fi -fi diff --git a/install/upgrade/versions/1.5.10.sh b/install/upgrade/versions/1.5.10.sh deleted file mode 100644 index 259ad61..0000000 --- a/install/upgrade/versions/1.5.10.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.10 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -# shellcheck source=/usr/local/hestia/func/db.sh -source $HESTIA/func/db.sh - -if [ -n "$(echo $DB_SYSTEM | grep -w mysql)" ]; then - mysql_connect 'localhost' - version=$(mysql --defaults-file=/usr/local/hestia/conf/.mysql.localhost -e 'SELECT VERSION()') - mysql_version=$(echo $version | grep -o -E '[0-9]*.[0-9].[0-9]+' | head -n1) - mysql_version2=$(echo $mysql_version | grep -o -E '[0-9]*.[0-9]' | head -n1) - - if [ "$mysql_version2" = "10.6" ]; then - test=$(mysql -e "select * from mysql.global_priv;" | grep root | grep unix_socket) - if [ -z "$test" ]; then - echo "[ ! ] Updating MariaDB permissions to fix startup issue " - mysql --defaults-file=/usr/local/hestia/conf/.mysql.localhost -e "UPDATE mysql.global_priv SET priv=json_set(priv, '$.password_last_changed', UNIX_TIMESTAMP(), '$.plugin', 'mysql_native_password', '$.authentication_string', 'invalid', '$.auth_or', json_array(json_object(), json_object('plugin', 'unix_socket'))) WHERE User='root';" - fi - fi -fi diff --git a/install/upgrade/versions/1.5.11.sh b/install/upgrade/versions/1.5.11.sh deleted file mode 100644 index 2a2bd7e..0000000 --- a/install/upgrade/versions/1.5.11.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.11 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -PORT=$(cat $HESTIA/nginx/conf/nginx.conf | grep "listen" | sed 's/[^0-9]*//g') - -if [ "$PORT" != "8083" ]; then - # Update F2B chains config - if [ -f "$HESTIA/data/firewall/chains.conf" ]; then - # Update value in chains.conf - sed -i "s/PORT='8083'/PORT='$PORT'/g" $HESTIA/data/firewall/chains.conf - fi - - # Restart services - if [ -n "$FIREWALL_SYSTEM" ] && [ "$FIREWALL_SYSTEM" != no ]; then - $HESTIA/bin/v-stop-firewall - $HESTIA/bin/v-update-firewall - - fi -fi - -# Fix Roundcube logdir permission -if [ -d "/var/log/roundcube" ]; then - chown www-data:www-data /var/log/roundcube -fi - -# Fix bug in nginx.conf for proxy cache -if [ -d "/etc/nginx/nginx.conf" ]; then - echo "[ ! ] Fixed an issue with proxy cache and redirects" - sed -i 's/proxy_cache_key "$host$request_uri $cookie_user";/proxy_cache_key "$scheme$request_method$host$request_uri";/g' /etc/nginx/nginx.conf -fi diff --git a/install/upgrade/versions/1.5.2.sh b/install/upgrade/versions/1.5.2.sh deleted file mode 100644 index 1040e56..0000000 --- a/install/upgrade/versions/1.5.2.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.2 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.5.3.sh b/install/upgrade/versions/1.5.3.sh deleted file mode 100644 index fec36a4..0000000 --- a/install/upgrade/versions/1.5.3.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.4 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.5.4.sh b/install/upgrade/versions/1.5.4.sh deleted file mode 100644 index fec36a4..0000000 --- a/install/upgrade/versions/1.5.4.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.4 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.5.5.sh b/install/upgrade/versions/1.5.5.sh deleted file mode 100644 index 66f9c37..0000000 --- a/install/upgrade/versions/1.5.5.sh +++ /dev/null @@ -1,103 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.5 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -# Update php-fpm.conf -for version in $($BIN/v-list-sys-php plain); do - cp -f $HESTIA_INSTALL_DIR/php-fpm/php-fpm.conf /etc/php/$version/fpm/ - sed -i "s/fpm_v/$version/g" /etc/php/$version/fpm/php-fpm.conf -done - -echo "[ * ] Updating apt keyring configuration..." - -mkdir -p /root/.gnupg && chmod 700 /root/.gnupg - -if [ ! -f "/usr/share/keyrings/nginx-keyring.gpg" ]; then - # Get Architecture - architecture="$(arch)" - case $architecture in - x86_64) - ARCH="amd64" - ;; - aarch64) - ARCH="arm64" - ;; - *) - echo " [ ! ] Unsuported architectrue" - ;; - esac - - #Get OS details - os=$(grep "^ID=" /etc/os-release | cut -f 2 -d '=') - codename="$(lsb_release -s -c)" - release="$(lsb_release -s -r)" - mariadb_v=$(mysql -V | awk 'NR==1{print $5}' | head -c 4) - RHOST='apt.hestiacp.com' - - apt="/etc/apt/sources.list.d" - - if [ -f "$apt/nginx.list" ]; then - rm $apt/nginx.list - echo " [ * ] NGINX" - echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://nginx.org/packages/mainline/$os/ $codename nginx" > $apt/nginx.list - curl -s https://nginx.org/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-keyring.gpg > /dev/null 2>&1 - fi - if [ "$os" = "debian" ]; then - if [ -f "$apt/php.list" ]; then - rm $apt/php.list - echo " [ * ] PHP" - echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/sury-keyring.gpg] https://packages.sury.org/php/ $codename main" > $apt/php.list - curl -s https://packages.sury.org/php/apt.gpg | gpg --dearmor | tee /usr/share/keyrings/sury-keyring.gpg > /dev/null 2>&1 - fi - if [ -f "$apt/apache2.list" ]; then - rm $apt/apache2.list - echo " [ * ] Apache2" - echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/apache2-keyring.gpg] https://packages.sury.org/apache2/ $codename main" > $apt/apache2.list - curl -s https://packages.sury.org/apache2/apt.gpg | gpg --dearmor | tee /usr/share/keyrings/apache2-keyring.gpg > /dev/null 2>&1 - fi - fi - if [ -f "$apt/mariadb.list" ]; then - rm $apt/mariadb.list - echo " [ * ] MariaDB" - echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/mariadb-keyring.gpg] https://mirror.mva-n.net/mariadb/repo/$mariadb_v/$os $codename main" > $apt/mariadb.list - curl -s https://mariadb.org/mariadb_release_signing_key.asc | gpg --dearmor | tee /usr/share/keyrings/mariadb-keyring.gpg > /dev/null 2>&1 - fi - if [ -f "$apt/hestia.list" ]; then - rm $apt/hestia.list - echo " [ * ] Hestia" - echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/hestia-keyring.gpg] https://$RHOST/ $codename main" > $apt/hestia.list - gpg --no-default-keyring --keyring /usr/share/keyrings/hestia-keyring.gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys A189E93654F0B0E5 > /dev/null 2>&1 - apt-key del A189E93654F0B0E5 > /dev/null 2>&1 - fi - if [ -f "$apt/postgresql.list" ]; then - rm $apt/postgresql.list - echo "[ * ] PostgreSQL" - echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/postgresql-keyring.gpg] https://apt.postgresql.org/pub/repos/apt/ $codename-pgdg main" > $apt/postgresql.list - curl -s https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | tee /usr/share/keyrings/postgresql-keyring.gpg > /dev/null 2>&1 - fi - -fi - -if [ ! -f "$HESTIA/data/packages/system.pkg" ]; then - echo "[ * ] Install default system package." - cp -f $HESTIA/install/deb/packages/system.pkg $HESTIA/data/packages/system.pkg -fi diff --git a/install/upgrade/versions/1.5.6.sh b/install/upgrade/versions/1.5.6.sh deleted file mode 100644 index 02427f4..0000000 --- a/install/upgrade/versions/1.5.6.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.6 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -echo "[ * ] Refresh Hostname SSL..." -hostname=$(hostname) -user=$($HESTIA/bin/v-search-domain-owner "$hostname") -$HESTIA/bin/v-update-host-certificate "$user" "$hostname" diff --git a/install/upgrade/versions/1.5.7.sh b/install/upgrade/versions/1.5.7.sh deleted file mode 100644 index 02b47a5..0000000 --- a/install/upgrade/versions/1.5.7.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.7 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.5.8.sh b/install/upgrade/versions/1.5.8.sh deleted file mode 100644 index 454ef50..0000000 --- a/install/upgrade/versions/1.5.8.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.8 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -echo "[ * ] Create .gnupg directory..." -mkdir -p /root/.gnupg/ && chmod 700 /root/.gnupg/ - -echo "[ * ] Ensure jail is enabled for sftp or ftp users..." -shells="rssh|nologin" -for user in $(grep "$HOMEDIR" /etc/passwd | egrep "$shells" | cut -f 1 -d:); do - if [ -d "$HESTIA/data/users/$user" ]; then - $BIN/v-add-user-sftp-jail "$user" "no" > /dev/null 2>&1 - fi -done diff --git a/install/upgrade/versions/1.5.9.sh b/install/upgrade/versions/1.5.9.sh deleted file mode 100644 index e992b84..0000000 --- a/install/upgrade/versions/1.5.9.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.5.9 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.6.0.sh b/install/upgrade/versions/1.6.0.sh deleted file mode 100644 index f82a4bf..0000000 --- a/install/upgrade/versions/1.6.0.sh +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.0 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'yes' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'yes' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'yes' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -# Delete compsoser to force update to composer v2 -rm -fr /home/admin/.composer - -if [ "$MAIL_SYSTEM" = "exim4" ]; then - echo "[ * ] Update exim4 config to support rate limits" - # Upgrade config exim for custom limits - sed -i '115,250 s/ratelimit = 200 \/ 1h \/ $authenticated_id/ set acl_c_msg_limit = \${if exists{\/etc\/exim4\/domains\/\${lookup{\$sender_address_domain}dsearch{\/etc\/exim4\/domains\/}}\/limits} {\${extract{1}{:}{\${lookup{\$sender_address_local_part@\$sender_address_domain}lsearch{\/etc\/exim4\/domains\/\${lookup{\$sender_address_domain}dsearch{\/etc\/exim4\/domains\/}}\/limits}}}}} {\${readfile{\/etc\/exim4\/limit.conf}}} }\n ratelimit = \$acl_c_msg_limit \/ 1h \/ strict\/ \$authenticated_id/g' /etc/exim4/exim4.conf.template - sed -i '115,250 s/warn ratelimit = 100 \/ 1h \/ strict \/ $authenticated_id/warn ratelimit = ${eval:$acl_c_msg_limit \/ 2} \/ 1h \/ strict \/ $authenticated_id/g' /etc/exim4/exim4.conf.template - # Add missing limit.conf file - cp $HESTIA_INSTALL_DIR/exim/limit.conf /etc/exim4/limit.conf - cp $HESTIA_INSTALL_DIR/exim/system.filter /etc/exim4/system.filter - - acl=$(cat /etc/exim4/exim4.conf.template | grep "set acl_m3") - if [ -z "$acl" ]; then - echo "[ * ] Add support for optional rejecting spam" - sed -i 's/ warn set acl_m1 = no/ warn set acl_m1 = no \n set acl_m3 = no/g' /etc/exim4/exim4.conf.template - sed -i 's| set acl_m1 = yes| set acl_m1 = yes \n warn condition = \${if exists {/etc/exim4/domains/\$domain/reject_spam}{yes}{no}} \n set acl_m3 = yes|g' /etc/exim4/exim4.conf.template - sed -i 's| message = SpamAssassin detected spam (from \$sender_address to \$recipients).| message = SpamAssassin detected spam (from $sender_address to $recipients).\n\n # Deny spam at high score if spam score > SPAM_REJECT_SCORE and delete_spam is enabled\n deny message = This message scored \$spam_score spam points\n spam = debian-spamd:true \n condition = \${if eq{\$acl_m3}{yes}{yes}{no}} \n condition = ${if >{$spam_score_int}{SPAM_REJECT_SCORE}{1}{0}} |g' /etc/exim4/exim4.conf.template - fi - - if ! grep -q "send_via_unauthenticated_smtp_relay" /etc/exim4/exim4.conf.template; then - echo '[ * ] Enabling SMTP relay support...' - # Add smtp relay router - insert='send_via_unauthenticated_smtp_relay:\n driver = manualroute\n address_data = SMTP_RELAY_HOST:SMTP_RELAY_PORT\n domains = !+local_domains\n require_files = SMTP_RELAY_FILE\n condition = ${if eq{SMTP_RELAY_USER}{}}\n transport = remote_smtp\n route_list = * ${extract{1}{:}{$address_data}}::${extract{2}{:}{$address_data}}\n no_more\n no_verify\n' - - line=$(expr $(sed -n '/begin routers/=' /etc/exim4/exim4.conf.template) + 2) - sed -i "${line}i $insert" /etc/exim4/exim4.conf.template - fi -fi - -if [ -f "/etc/dovecot/conf.d/10-ssl.conf" ]; then - sed -i 's|ssl_min_protocol = TLSv1.1|ssl_min_protocol = TLSv1.2|' /etc/dovecot/conf.d/10-ssl.conf - if ! grep -q "!TLSv1.1" /etc/dovecot/conf.d/10-ssl.conf; then - sed -i 's|ssl_protocols = !SSLv3 !TLSv1|ssl_protocols = !SSLv3 !TLSv1 !TLSv1.1|' /etc/dovecot/conf.d/10-ssl.conf - fi -fi - -if [ -f "/etc/default/spamassassin" ]; then - echo "[ * ] Enable Samassassin Cronjob" - sed -i "s/#CRON=1/CRON=1/" /etc/default/spamassassin -fi - -# Adding LE autorenew cronjob if there are none -if [ -z "$(grep v-update-lets $HESTIA/data/users/admin/cron.conf)" ]; then - min=$(generate_password '012345' '2') - hour=$(generate_password '1234567' '1') - command="sudo $BIN/v-update-letsencrypt-ssl" - $BIN/v-add-cron-job 'admin' "$min" "$hour" '*' '*' '*' "$command" -fi - -# Add apis if they don't exist -# Changes have been made make sure to overwrite them to prevent issues in the future -cp -rf $HESTIA_INSTALL_DIR/api $HESTIA/data/ - -# Update Cloudflare address -if [ -f /etc/nginx/nginx.conf ] && [ "$(grep 'set_real_ip_from 2405:8100::/32' /etc/nginx/nginx.conf)" = "" ]; then - echo "[ * ] Updating nginx configuration with changes to Cloudflare IP addresses" - sed -i "/#set_real_ip_from 2405:b500::\/32;/d" /etc/nginx/nginx.conf - sed -i "/#set_real_ip_from 2606:4700::\/32;/d" /etc/nginx/nginx.conf - sed -i "/#set_real_ip_from 2803:f800::\/32;/d" /etc/nginx/nginx.conf - sed -i "/#set_real_ip_from 2c0f:f248::\/32;/d" /etc/nginx/nginx.conf - sed -i "/#set_real_ip_from 2a06:98c0::\/29;/d" /etc/nginx/nginx.conf - sed -i "s/#set_real_ip_from 2400:cb00::\/32;/# set_real_ip_from 2400:cb00::\/32;\n # set_real_ip_from 2606:4700::\/32;\n # set_real_ip_from 2803:f800::\/32;\n # set_real_ip_from 2405:b500::\/32;\n # set_real_ip_from 2405:8100::\/32;\n # set_real_ip_from 2a06:98c0::\/29;\n # set_real_ip_from 2c0f:f248::\/32;/g" /etc/nginx/nginx.conf -fi - -if [ -n "$PHPMYADMIN_KEY" ]; then - echo "[ * ] Refresh PMA SSO key due to update phpmyadmin" - $BIN/v-delete-sys-pma-sso quiet - $BIN/v-add-sys-pma-sso quiet -fi - -#Fixed an issue with Exim4 and Ubutnu22.04 in beta version -release=$(lsb_release -sr) -if [ "$release" = "22.04" ]; then - if [ -d "/etc/exim4/" ]; then - rm -fr /etc/exim4/exim.conf.template - cp -f $HESTIA_INSTALL_DIR/exim/exim4.conf.4.94.template /etc/exim4/exim4.conf.template - if [ "$ANTIVIRUS_SYSTEM" = 'clamav-daemon' ]; then - sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template - fi - if [ "$ANTISPAM_SYSTEM" = 'spamassassin' ]; then - sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template - fi - - fi -fi - -# Mute output v-add-sys-sftp-jail out put then enabling sftp on boot -if [ -f "/etc/cron.d/hestia-sftp" ]; then - rm /etc/cron.d/hestia-sftp - echo "@reboot root sleep 60 && /usr/local/hestia/bin/v-add-sys-sftp-jail > /dev/null" > /etc/cron.d/hestia-sftp -fi - -ips=$(ls /usr/local/hestia/data/ips/ | wc -l) -release=$(lsb_release -s -i) -if [ $release = 'Ubuntu' ]; then - if [ $ips -gt 1 ]; then - add_upgrade_message "Warning: Please check your network configuration!\n\n A bug has been discovered that might affect your setup and can lead to issues after a system reboot. Please review your network configuration. See https://github.com/hestiacp/hestiacp/pull/2612#issuecomment-1135571835 for more info regarding this issue!" - $HESTIA/bin/v-add-user-notification admin "Warning: Please check your network configuration!\n\n A bug has been discovered that might affect your setup and can lead to issues after a system reboot. Please review your network configuration. More info" - fi -fi - -if [ -d /etc/phpmyadmin/conf.d ]; then - for file in /etc/phpmyadmin/conf.d/*; do - if [ -z "$(grep -i 'information_schema' $file)" ]; then - echo "[ * ] Update phpMyAdmin server configuration" - echo "\$cfg['Servers'][\$i]['hide_db'] = 'information_schema';" >> $file - fi - done -fi diff --git a/install/upgrade/versions/1.6.1.sh b/install/upgrade/versions/1.6.1.sh deleted file mode 100644 index 2794401..0000000 --- a/install/upgrade/versions/1.6.1.sh +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.1 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -# Fix exim rate limit send issue -if [ "$MAIL_SYSTEM" = "exim4" ]; then - acl=$(cat /etc/exim4/exim4.conf.template | grep '${extract{1}{:}{${lookup{$sender_address_local_part@$sender_address_domain}') - if [ ! -z "$acl" ]; then - echo "[ * ] Fixed an issue with rate limits and alias mail addresses" - sed -i 's/${extract{1}{:}{${lookup{$sender_address_local_part@$sender_address_domain}/${extract{1}{:}{${lookup{$authenticated_id}/' /etc/exim4/exim4.conf.template - fi - spamscore=$(cat /etc/exim4/exim4.conf.template | grep 'SPAM_REJECT_SCORE =') - if [ -z "$spamscore" ]; then - echo "[ * ] Fixed an issue reject spam not working properly." - sed -i '/SPAM_SCORE = .*/a SPAM_REJECT_SCORE = 100' /etc/exim4/exim4.conf.template - sed -i '/ set acl_m1 = yes/a warn condition = ${if exists {/etc/exim4/domains/$domain/reject_spam}{yes}{no}}\n set acl_m3 = yes' /etc/exim4/exim4.conf.template - fi - -fi - -# With setup from installer -if [ -f "/etc/apt/sources.list.d/hestia-beta.list" ]; then - echo "[ ! ] Change to stable release!" - rm /etc/apt/sources.list.d/hestia-beta.list - sed -i 's/#//g' /etc/apt/sources.list.d/hestia.list -fi -check=$(cat /etc/apt/sources.list.d/hestia.list | grep "beta.hestiacp.com") -if [ ! -z "$check" ]; then - echo "[ ! ] Change to stable release!" - sed -i '/beta.hestiacp.com/d' /etc/apt/sources.list.d/hestia.list - sed -i 's/#//g' /etc/apt/sources.list.d/hestia.list -fi diff --git a/install/upgrade/versions/1.6.10.sh b/install/upgrade/versions/1.6.10.sh deleted file mode 100644 index c5822e0..0000000 --- a/install/upgrade/versions/1.6.10.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.9 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -# Delete all tmp files create by hestia that are left in place -rm -fr /tmp/vst* diff --git a/install/upgrade/versions/1.6.12.sh b/install/upgrade/versions/1.6.12.sh deleted file mode 100644 index 9179736..0000000 --- a/install/upgrade/versions/1.6.12.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.12 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -if [ -f "/etc/fail2ban/jail.local" ]; then - sed -i "s|/var/log/mysql.log|/var/log/mysql/error.log|g" /etc/fail2ban/jail.local -fi - -# Fixed firewall loading failed after reboot, applying update to hestia-iptables Systemd unit. -if [ "$FIREWALL_SYSTEM" = "iptables" ]; then - echo "[ * ] Update loading firewall rules service..." - $BIN/v-delete-sys-firewall - $BIN/v-add-sys-firewall -fi diff --git a/install/upgrade/versions/1.6.13.sh b/install/upgrade/versions/1.6.13.sh deleted file mode 100644 index 34ec6e6..0000000 --- a/install/upgrade/versions/1.6.13.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.13 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.6.14.sh b/install/upgrade/versions/1.6.14.sh deleted file mode 100644 index a8477d7..0000000 --- a/install/upgrade/versions/1.6.14.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.14 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -# Clean up firewall rules restore file. -if [ "$FIREWALL_SYSTEM" = "iptables" ]; then - add_upgrade_message "About iptables rules [non-urgent]\n\nJust in case, if you added custom iptables rules in an unsupported way, they may have been lost.\n\nSee this issue to learn more:\nhttps://github.com/hestiacp/hestiacp/issues/3128" - echo "[ * ] Clean up firewall rules restore file..." - $BIN/v-update-firewall -fi diff --git a/install/upgrade/versions/1.6.2.sh b/install/upgrade/versions/1.6.2.sh deleted file mode 100644 index 0c2687b..0000000 --- a/install/upgrade/versions/1.6.2.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.2 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -if [ "$MAIL_SYSTEM" == "exim4" ]; then - alc=$(cat /etc/exim4/exim4.conf.template | grep '${lookup{${domain:$authenticated_id}}dsearch{/etc/exim4/domains/}}/limits') - if [ -z "$alc" ]; then - sed -i 's| set acl_c_msg_limit|#string1\n#replaceme|' /etc/exim4/exim4.conf.template - sed -i '/#replaceme/d' /etc/exim4/exim4.conf.template - sed -i 's|#string1|set acl_c_msg_limit = \${if exists{/etc/exim4/domains/\${lookup{\${domain:\$authenticated_id}}dsearch{/etc/exim4/domains/}}/limits}{\${lookup {\$authenticated_id} lsearch{/etc/exim4/domains/\${lookup{${domain:\$authenticated_id}}dsearch{/etc/exim4/domains/}}/limits}{\$value}{\${readfile{/etc/exim4/limit.conf}}}}}{\${readfile{/etc/exim4/limit.conf}}} }|g' /etc/exim4/exim4.conf.template - fi - - system_filter=$(cat /etc/exim4/exim4.conf.template | grep 'system_filter') - if [ -z "$system_filter" ]; then - sed -i '/SMTP_RELAY_PASS = \${lookup{pass}lsearch{SMTP_RELAY_FILE}}/a #shouldberemoved\n# Custom Filter\nsystem_filter = \/etc\/exim4\/system.filter\nsystem_filter_user = Debian-exim' /etc/exim4/exim4.conf.template - # Keep the spacing between the reley_pass and Custom Filter we need to insert a dummy text and remove it later on - sed -i 's/#shouldberemoved//g' /etc/exim4/exim4.conf.template - fi -fi diff --git a/install/upgrade/versions/1.6.3.sh b/install/upgrade/versions/1.6.3.sh deleted file mode 100644 index abdada1..0000000 --- a/install/upgrade/versions/1.6.3.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.3 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'yes' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'yes' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -if [ "$MAIL_SYSTEM" == "exim4" ]; then - host=$(cat /etc/exim4/exim4.conf.template | grep hosts_try_fastopen) - if [ -z "$host" ]; then - echo "[ * ] Fix an issue with sending large attachments to Google / Gmail" - sed -i '/dkim_strict = .*/a hosts_try_fastopen = !*.l.google.com' /etc/exim4/exim4.conf.template - fi -fi diff --git a/install/upgrade/versions/1.6.4.sh b/install/upgrade/versions/1.6.4.sh deleted file mode 100644 index 8abd085..0000000 --- a/install/upgrade/versions/1.6.4.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.4 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.6.5.sh b/install/upgrade/versions/1.6.5.sh deleted file mode 100644 index cec1ea8..0000000 --- a/install/upgrade/versions/1.6.5.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.6 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.6.6.sh b/install/upgrade/versions/1.6.6.sh deleted file mode 100644 index f89e985..0000000 --- a/install/upgrade/versions/1.6.6.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.6 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -if [ -f "/etc/roundcube/config.inc.php" ]; then - if [ -n "$(grep 'ssl://localhost' /etc/roundcube/config.inc.php)" ]; then - # Echo prepare for 1.6.0 update - sed -i "s|ssl://localhost|localhost|g" /etc/roundcube/config.inc.php - sed -i "s|993|143|g" /etc/roundcube/config.inc.php - fi -fi diff --git a/install/upgrade/versions/1.6.7.sh b/install/upgrade/versions/1.6.7.sh deleted file mode 100644 index 83e6e28..0000000 --- a/install/upgrade/versions/1.6.7.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.6.7 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'yes' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -if [ -f "/etc/roundcube/config.inc.php" ]; then - sed -i "s/\$config\['auto_create_user'] = false;/\$config\['auto_create_user'] = true;/g" /etc/roundcube/config.inc.php - sed -i "s/\$config\['prefer_html'] = false;/\$config\['prefer_html'] = true;/g" /etc/roundcube/config.inc.php - - #For older installs - sed -i "s/\$config\['default_host']/\$config\['imap_host']/g" /etc/roundcube/config.inc.php -fi diff --git a/install/upgrade/versions/1.6.8.sh b/install/upgrade/versions/1.6.8.sh deleted file mode 100644 index 04463f4..0000000 --- a/install/upgrade/versions/1.6.8.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version unreleased - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -if [ -f /etc/nginx/nginx.conf ]; then - sed -i "s/fastcgi_buffers 4 256k;/fastcgi_buffers 8 256k;/g" /etc/nginx/nginx.conf -fi - -# Sync up config files #2819 -if [ -f "/etc/roundcube/config.inc.php" ]; then - sed -i "s/?>//" /etc/roundcube/config.inc.php - sed -i "s/?>//" /etc/roundcube/mimetypes.php -fi - -for version in $($HESTIA/bin/v-list-sys-php plain); do - # Increase max upload and max post size - sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 100M/g" /etc/php/$version/fpm/php.ini - sed -i "s/post_max_size = 8M/post_max_size = 100M/g" /etc/php/$version/fpm/php.ini - sed -i "s/max_execution_time = 30$/max_execution_time = 60/g" /etc/php/$version/fpm/php.ini -done - -if [ -d /etc/roundcube ]; then - if [ ! -f /etc/logrotate.d/roundcube ]; then - echo "[ * ] Create config roundcube logrotate file" - cp -f $HESTIA_INSTALL_DIR/logrotate/roundcube /etc/logrotate.d/ - fi -fi diff --git a/install/upgrade/versions/1.6.9.sh b/install/upgrade/versions/1.6.9.sh deleted file mode 100644 index 21835f3..0000000 --- a/install/upgrade/versions/1.6.9.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version unreleased - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'no' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'no' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -# Update api key permissions -if [ -f "$HESTIA/data/api/sync-dns-cluster" ]; then - rm $HESTIA/data/api/sync-dns-cluster - cp $HESTIA/install/deb/api/sync-dns-cluster $HESTIA/data/api/sync-dns-cluster -fi diff --git a/install/upgrade/versions/1.7.0.sh b/install/upgrade/versions/1.7.0.sh deleted file mode 100644 index 6922d03..0000000 --- a/install/upgrade/versions/1.7.0.sh +++ /dev/null @@ -1,121 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.7.0 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -# load config because we need to know if proftpd is installed - -# Includes -# shellcheck source=/etc/hestiacp/hestia.conf -source /etc/hestiacp/hestia.conf -# shellcheck source=/usr/local/hestia/func/main.sh -source $HESTIA/func/main.sh -# shellcheck source=/usr/local/hestia/func/ip.sh -source $HESTIA/func/ip.sh -# load config file -source_conf "$HESTIA/conf/hestia.conf" - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -# Make sure to sync install quoteshell arg -if [ "$FILE_MANAGER" = "true" ]; then - echo "[ * ] Force update filemanager..." - $HESTIA/bin/v-delete-sys-filemanager quiet - $HESTIA/bin/v-add-sys-filemanager quiet -fi - -packages=$(ls --sort=time $HESTIA/data/packages | grep .pkg) -echo "[ * ] Update existing packages to support rate limit mail accounts..." -for package in $packages; do - if [ -z "$(grep -e 'RATE_LIMIT' $HESTIA/data/packages/$package)" ]; then - echo "RATE_LIMIT='200'" >> $HESTIA/data/packages/$package - fi -done - -if [ -z "$(grep -e 'condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}{false}{true}}' /etc/exim4/exim4.conf.template)" ]; then - for line in $(sed -n '/redirect_router = dnslookup/=' /etc/exim4/exim4.conf.template); do - testline=$((line - 1)) - newline=$((line + 1)) - if [ "$(awk NR==$testline /etc/exim4/exim4.conf.template)" = " file_transport = local_delivery" ]; then - # Add new line - sed -i "$newline i \ \ condition = \${lookup{$local_part@\$domain}lsearch{/etc/exim4/domains/\${lookup{\$domain}dsearch{/etc/exim4/domains/}}/aliases}{false}{true}}" /etc/exim4/exim4.conf.template - fi - done -fi - -# Allow Email@domain.com for login -if [ -f "/etc/dovecot/conf.d/10-auth.conf" ]; then - sed -i "s/auth_username_format = %u/auth_username_format = %Lu/g" /etc/dovecot/conf.d/10-auth.conf -fi - -# rename /var/run/xx to /run/ -for file in /etc/dovecot/dovecot.conf /etc/clamav/clamd.conf /etc/exim/exim.conf.template /etc/logrotate.d/apache2 /etc/logrotate.d/nginx /etc/mysql/my.cnf /etc/nginx/nginx.conf; do - if [ -f "$file" ]; then - echo "[ * ] Update $file legacy /var/run/ to /run/..." - sed -i 's|/var/run/|/run/|g' $file - fi -done -# Update any custom php templates -for file in $HESTIA/data/templates/web/php-fpm/*; do - echo "[ * ] Update $file legacy /var/run/ to /run/..." - sed -i 's|/var/run/|/run/|g' $file -done - -for file in /etc/php/*/fpm/pool.d/www.conf; do - echo "[ * ] Update $file legacy /var/run/ to /run/..." - sed -i 's|/var/run/|/run/|g' $file -done - -#update proftpd -if [ "$FTP_SYSTEM" = 'proftpd' ]; then - contains_conf_d=$(grep -c "Include /etc/proftpd/conf.d/\*.conf" "/etc/proftpd/proftpd.conf") - # the line below is for testing only: - # echo "contains proftpd? $contains_conf_d" - if [ $contains_conf_d = 0 ]; then - sed -i 's/Include \/etc\/proftpd\/tls.conf/&\nInclude \/etc\/proftpd\/conf.d\/*.conf/' /etc/proftpd/proftpd.conf - fi - $BIN/v-restart-ftp -fi - -if echo "$BACKUP_SYSTEM" | grep "google" > /dev/null; then - echo "[ ! ] Deprecation notice: Backup via Google Cloud has been removed setup backup again via Rclone to reinstate the backup and restore capebilities!" - add_upgrade_message "Deprecation notice: Backup via Google Cloud has been removed setup backup again via Rclone to reinstate the backup and restore capebilities!" -fi - -if [ -f /etc/logrotate.d/httpd-prerotate/awstats ]; then - echo "[ * ] Update Awstats prerotate to Hestia update method..." - # Replace awstatst function - cp -f $HESTIA_INSTALL_DIR/logrotate/httpd-prerotate/awstats /etc/logrotate.d/httpd-prerotate/ -fi - -if [ "$PHPMYADMIN_KEY" != "" ]; then - echo "[ * ] Refresh hestia-sso for PMA..." - $BIN/v-delete-sys-pma-sso quiet - $BIN/v-add-sys-pma-sso quiet -fi - -if [ -f /etc/nginx/nginx.conf ] && [ ! -f /etc/nginx/conf.d/cloudflare.inc ]; then - echo "[ * ] Enable support for updating Cloudflare Ips..." - sed -i '/set_real_ip_from/d' /etc/nginx/nginx.conf - sed -i '/real_ip_header/d' /etc/nginx/nginx.conf - sed -i 's|# Cloudflare https://www.cloudflare.com/ips|# Cloudflare https://www.cloudflare.com/ips\n include /etc/nginx/conf.d/cloudflare.inc;|g' /etc/nginx/nginx.conf - # At a later stage a function will run and will load all the new rules -fi diff --git a/install/upgrade/versions/1.7.1.sh b/install/upgrade/versions/1.7.1.sh deleted file mode 100644 index 71e2680..0000000 --- a/install/upgrade/versions/1.7.1.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.7.1 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -# Moved from 1.6.15.sh -if ! (grep -q 'v-change-user-password' $HESTIA/data/api/billing); then - sed -i "s|v-make-tmp-file'|v-make-tmp-file,v-change-user-password'|g" $HESTIA/data/api/billing -fi - -# Apply update for path change of built-in IPset blacklist.sh -if [ "$FIREWALL_SYSTEM" = "iptables" ]; then - rm -f $HESTIA/data/firewall/ipset/blacklist.sh - - if ($BIN/v-list-firewall-ipset plain | grep -q '/install/deb/firewall/ipset/blacklist.sh'); then - echo "[ * ] Update the path of IPset blacklist.sh..." - sed -i 's|/install/deb/firewall/ipset/blacklist.sh|/install/common/firewall/ipset/blacklist.sh|g' $HESTIA/data/firewall/ipset.conf - fi -fi - -if [ "$WEB_SYSTEM" = "apache2" ]; then - if ! (grep -q "$WEBMAIL_ALIAS.*.conf" /etc/apache2/apache2.conf); then - echo "[ * ] Update /etc/apache2/apache2.conf..." - sed -i "s/IncludeOptional conf.d\/domains\/\*.conf/IncludeOptional conf.d\/domains\/$WEBMAIL_ALIAS.*.conf\nIncludeOptional conf.d\/domains\/\*.conf/g" /etc/apache2/apache2.conf - fi -fi - -if [ "$WEB_SYSTEM" = "httpd" ]; then - if ! (grep -q "$WEBMAIL_ALIAS.*.conf" /etc/httpd/conf/httpd.conf); then - echo "[ * ] Update /etc/httpd/conf/httpd.conf..." - sed -i "s/IncludeOptional conf.d\/domains\/\*.conf/IncludeOptional conf.d\/domains\/$WEBMAIL_ALIAS.*.conf\nIncludeOptional conf.d\/domains\/\*.conf/g" /etc/httpd/conf/httpd.conf - fi -fi diff --git a/install/upgrade/versions/1.7.2.sh b/install/upgrade/versions/1.7.2.sh deleted file mode 100644 index f636a38..0000000 --- a/install/upgrade/versions/1.7.2.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.7.2 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.7.3.sh b/install/upgrade/versions/1.7.3.sh deleted file mode 100644 index ecca2f8..0000000 --- a/install/upgrade/versions/1.7.3.sh +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.7.3 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -if grep -q 'drop message = Helo name contains an IP address (HELO was $sender_helo_name) and not is valid' /etc/exim4/exim4.conf.template; then - echo "[ * ] Update exim4.conf.template ..." - patch /etc/exim4/exim4.conf.template $HESTIA/install/upgrade/patch/3462-exim-helo-autenticted-users.patch -fi diff --git a/install/upgrade/versions/1.7.4.sh b/install/upgrade/versions/1.7.4.sh deleted file mode 100644 index c90ef4e..0000000 --- a/install/upgrade/versions/1.7.4.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.7.4 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.7.5.sh b/install/upgrade/versions/1.7.5.sh deleted file mode 100644 index 40e7609..0000000 --- a/install/upgrade/versions/1.7.5.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.7.5 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.7.6.sh b/install/upgrade/versions/1.7.6.sh deleted file mode 100644 index 69866b0..0000000 --- a/install/upgrade/versions/1.7.6.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.7.6 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.7.7.sh b/install/upgrade/versions/1.7.7.sh deleted file mode 100644 index e8a8a52..0000000 --- a/install/upgrade/versions/1.7.7.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.7.7 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' diff --git a/install/upgrade/versions/1.8.0.sh b/install/upgrade/versions/1.8.0.sh deleted file mode 100644 index 7277123..0000000 --- a/install/upgrade/versions/1.8.0.sh +++ /dev/null @@ -1,298 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.8.0 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -os_release="$(lsb_release -s -i | tr "[:upper:]" "[:lower:]")-$(lsb_release -s -r)" - -if [ "$IMAP_SYSTEM" = "dovecot" ]; then - if ! grep -qw "^extra_groups = mail$" /etc/dovecot/conf.d/10-master.conf 2> /dev/null; then - sed -i "s/^service auth {/service auth {\n extra_groups = mail\n/g" /etc/dovecot/conf.d/10-master.conf - fi - - if [ -f /etc/dovecot/conf.d/90-sieve.conf ]; then - if ! grep -q "sieve_vacation_send_from_recipient" /etc/dovecot/conf.d/90-sieve.conf 2> /dev/null; then - sed -i "s/^plugin {/plugin {\n # This setting determines whether vacation messages are sent with the SMTP MAIL FROM envelope address set to the recipient address of the Sieve script owner.\n sieve_vacation_send_from_recipient = yes\n/g" /etc/dovecot/conf.d/90-sieve.conf - fi - fi -fi - -if [ -f /etc/fail2ban/jail.local ]; then - # Add phpmyadmin rule - if ! grep -qw "phpmyadmin-auth" /etc/fail2ban/jail.local 2> /dev/null; then - sed -i '/\[recidive\]/i [phpmyadmin-auth]\nenabled = true\nfilter = phpmyadmin-syslog\naction = hestia[name=WEB]\nlogpath = /var/log/auth.log\nmaxretry = 5\n' /etc/fail2ban/jail.local - fi -fi - -if [ "$MAIL_SYSTEM" = "exim4" ]; then - if [ "$os_release" != "debian-10" ]; then - # Exclude Debian 10... - echo "[ * ] Disable SMTPUTF8 for Exim for now" - if ! grep -qw "^smtputf8_advertise_hosts =" /etc/exim4/exim4.conf.template 2> /dev/null; then - sed -i "/^domainlist local_domains = dsearch;\/etc\/exim4\/domains/i smtputf8_advertise_hosts =" /etc/exim4/exim4.conf.template - fi - fi -fi - -# Apply the update for existing users to enable the "Enhanced and Optimized TLS" feature -echo '[ * ] Enable the "Enhanced and Optimized TLS" feature...' - -# Configuring global OpenSSL options -tls13_ciphers="TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384" - -if ! grep -qw "^[hestia_openssl_sect]$" /etc/ssl/openssl.cnf 2> /dev/null; then - if [ "$os_release" = "debian-10" ] || [ "$os_release" = "debian-11" ]; then - sed -i '/^system_default = system_default_sect$/a system_default = hestia_openssl_sect\n\n[hestia_openssl_sect]\nCiphersuites = '"$tls13_ciphers"'\nOptions = PrioritizeChaCha' /etc/ssl/openssl.cnf - elif [ "$os_release" = "debian-12" ]; then - if ! grep -qw "^ssl_conf = ssl_sect$" /etc/ssl/openssl.cnf 2> /dev/null; then - sed -i '/providers = provider_sect$/a ssl_conf = ssl_sect' /etc/ssl/openssl.cnf - fi - - if ! grep -qw "^[ssl_sect]$" /etc/ssl/openssl.cnf 2> /dev/null; then - sed -i '$a \\n[ssl_sect]\nsystem_default = hestia_openssl_sect\n\n[hestia_openssl_sect]\nCiphersuites = '"$tls13_ciphers"'\nOptions = PrioritizeChaCha' /etc/ssl/openssl.cnf - elif grep -qw "^system_default = system_default_sect$" /etc/ssl/openssl.cnf 2> /dev/null; then - sed -i '/^system_default = system_default_sect$/a system_default = hestia_openssl_sect\n\n[hestia_openssl_sect]\nCiphersuites = '"$tls13_ciphers"'\nOptions = PrioritizeChaCha' /etc/ssl/openssl.cnf - fi - elif [ "$os_release" = "ubuntu-20.04" ]; then - if ! grep -qw "^openssl_conf = default_conf$" /etc/ssl/openssl.cnf 2> /dev/null; then - sed -i '/^oid_section = new_oids$/a \\n# System default\nopenssl_conf = default_conf' /etc/ssl/openssl.cnf - fi - - if ! grep -qw "^[default_conf]$" /etc/ssl/openssl.cnf 2> /dev/null; then - sed -i '$a [default_conf]\nssl_conf = ssl_sect\n\n[ssl_sect]\nsystem_default = hestia_openssl_sect\n\n[hestia_openssl_sect]\nCiphersuites = '"$tls13_ciphers"'\nOptions = PrioritizeChaCha' /etc/ssl/openssl.cnf - elif grep -qw "^system_default = system_default_sect$" /etc/ssl/openssl.cnf 2> /dev/null; then - sed -i '/^system_default = system_default_sect$/a system_default = hestia_openssl_sect\n\n[hestia_openssl_sect]\nCiphersuites = '"$tls13_ciphers"'\nOptions = PrioritizeChaCha' /etc/ssl/openssl.cnf - fi - elif [ "$os_release" = "ubuntu-22.04" ]; then - sed -i '/^system_default = system_default_sect$/a system_default = hestia_openssl_sect\n\n[hestia_openssl_sect]\nCiphersuites = '"$tls13_ciphers"'\nOptions = PrioritizeChaCha' /etc/ssl/openssl.cnf - fi -fi - -# Update server configuration files -tls12_ciphers="ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256" - -if [ "$IMAP_SYSTEM" = "dovecot" ]; then - if grep -qw "^ssl_min_protocol = TLSv1.2$" /etc/dovecot/conf.d/10-ssl.conf 2> /dev/null; then - sed -i '/^# See #2012 for TLSv1.1 to 1.2 upgrade$/d;/^ssl_cipher_list = .\+$/d;s/^ssl_min_protocol = TLSv1.2/ssl_cipher_list = '"$tls12_ciphers"'\nssl_min_protocol = TLSv1.2/' /etc/dovecot/conf.d/10-ssl.conf - elif grep -qw "^ssl_protocols = \!SSLv3 \!TLSv1 \!TLSv1.1$" /etc/dovecot/conf.d/10-ssl.conf 2> /dev/null; then - sed -i '/^# See #2012 for TLSv1.1 to 1.2 upgrade$/d;/^ssl_cipher_list = .\+$/d;s/^ssl_protocols = !SSLv3 !TLSv1 !TLSv1.1/ssl_cipher_list = '"$tls12_ciphers"'\nssl_protocols = !SSLv3 !TLSv1 !TLSv1.1/' /etc/dovecot/conf.d/10-ssl.conf - fi -fi - -if [ "$MAIL_SYSTEM" = "exim4" ]; then - if grep -qw "^tls_on_connect_ports = 465$" /etc/exim4/exim4.conf.template 2> /dev/null; then - sed -i '/^tls_require_ciphers = .\+$/d;s/^tls_on_connect_ports = 465/tls_on_connect_ports = 465\ntls_require_ciphers = PERFORMANCE:-RSA:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3:%SERVER_PRECEDENCE/' /etc/exim4/exim4.conf.template - fi -fi - -if [ "$FTP_SYSTEM" = "proftpd" ]; then - if grep -qw "^TLSProtocol TLSv1.2$" /etc/proftpd/tls.conf 2> /dev/null; then - sed -i '/^TLSCipherSuite .\+$/d;/^TLSServerCipherPreference .\+$/d;s/^TLSProtocol TLSv1.2/TLSCipherSuite '"$tls12_ciphers"'\nTLSProtocol TLSv1.2 TLSv1.3\nTLSServerCipherPreference on/;s/^#TLSOptions AllowClientRenegotiations/#TLSOptions AllowClientRenegotiations/;s/^TLSOptions NoSessionReuseRequired AllowClientRenegotiations/TLSOptions NoSessionReuseRequired AllowClientRenegotiations/' /etc/proftpd/tls.conf - fi -fi - -if [ "$FTP_SYSTEM" = "vsftpd" ]; then - if grep -q "^ssl_ciphers=.\+$" /etc/vsftpd/vsftpd.conf 2> /dev/null; then - sed -i 's/^ssl_ciphers=.\+$/ssl_ciphers='"$tls12_ciphers"'/' /etc/vsftpd/vsftpd.conf - fi -fi - -if [ "$WEB_SYSTEM" = "nginx" ] || [ "$PROXY_SYSTEM" = "nginx" ]; then - # Little trick to bypass on my private fork :) - if ! grep -q "quic_bpf" /etc/nginx/nginx.conf && ! grep -q "spdy_headers_comp" /etc/nginx/nginx.conf; then - # Syncing "/etc/nginx/nginx.conf" with mainline, to fix the **** caused by formatter or forgetting to apply updates - echo "[ * ] Syncing NGINX configuration with mainline..." - - trap 'rm -fr "$dir_for_compare" /etc/nginx/nginx.conf-staging' EXIT - dir_for_compare="$(mktemp -d)" - nginx_conf_local="$dir_for_compare"/nginx.conf-local - nginx_conf_commit="$dir_for_compare"/nginx.conf-commit - - sed 's|https://www.cloudflare.com/||;/^[ \t]\+resolver .\+;$/d;/^[ \t]\+# Cache settings$/d;/^[ \t]\+# Proxy cache$/d' /etc/nginx/nginx.conf | sed ':l;N;$!bl;s/[ \n\t]*//g' > "$nginx_conf_local" - - # For installations before v1.6.8 (from commit 9b544be to commit b2ad154) - curl -fsLm5 --retry 2 https://raw.githubusercontent.com/hestiacp/hestiacp/b2ad1549a21655837056e4b7883970d51a4b324f/install/deb/nginx/nginx.conf \ - | sed 's/fastcgi_buffers 4 256k;/fastcgi_buffers 8 256k;/g;s|/var/run/|/run/|g;/set_real_ip_from/d;/real_ip_header/d;s|# Cloudflare https://www.cloudflare.com/ips|# Cloudflare https://www.cloudflare.com/ips\n include /etc/nginx/conf.d/cloudflare.inc;|g' \ - | sed 's|https://www.cloudflare.com/||;/^[ \t]\+resolver .\+;$/d;/^[ \t]\+# Cache settings$/d;/^[ \t]\+# Proxy cache$/d' | sed ':l;N;$!bl;s/[ \n\t]*//g' > "$nginx_conf_commit"-b2ad154 - - # For installations after v1.6.8 but before v1.7.0 (from commit b2ad154 to commit 015b20a) - curl -fsLm5 --retry 2 https://raw.githubusercontent.com/hestiacp/hestiacp/015b20ae1ffb82faaf58b41a5dc9ad1b078b785f/install/deb/nginx/nginx.conf \ - | sed 's|/var/run/|/run/|g;/set_real_ip_from/d;/real_ip_header/d;s|# Cloudflare https://www.cloudflare.com/ips|# Cloudflare https://www.cloudflare.com/ips\n include /etc/nginx/conf.d/cloudflare.inc;|g' \ - | sed 's|https://www.cloudflare.com/||;/^[ \t]\+resolver .\+;$/d;/^[ \t]\+# Cache settings$/d;/^[ \t]\+# Proxy cache$/d' | sed ':l;N;$!bl;s/[ \n\t]*//g' > "$nginx_conf_commit"-015b20a - - # For installations after v1.7.0 (commit 555f892) - curl -fsLm5 --retry 2 https://raw.githubusercontent.com/hestiacp/hestiacp/555f89243e54e02458586ae4f7999458cc9d33e9/install/deb/nginx/nginx.conf \ - | sed 's|https://www.cloudflare.com/||;/^[ \t]\+resolver .\+;$/d;/^[ \t]\+# Cache settings$/d;/^[ \t]\+# Proxy cache$/d' | sed ':l;N;$!bl;s/[ \n\t]*//g' > "$nginx_conf_commit"-555f892 - - for commit in b2ad154 015b20a 555f892; do - if cmp -s "$nginx_conf_local" "$nginx_conf_commit"-"$commit" 2> /dev/null; then - nginx_conf_compare="same" - cp -f "$HESTIA_INSTALL_DIR"/nginx/nginx.conf /etc/nginx - break - fi - done - - if [ "$nginx_conf_compare" != "same" ]; then - echo -e "[ ! ] Manual action required, please view:\n[ - ] $HESTIA_BACKUP/message.log" - add_upgrade_message "Manual Action Required [IMPORTANT]\n\nTo enable the \"Enhanced and Optimized TLS\" feature, we must update the NGINX configuration file (/etc/nginx/nginx.conf).\n\nBut for unknown reason or you edited it, may not be fully apply all the changes in this upgrade.\n\nPlease follow the default configuration file to sync it:\n$HESTIA_INSTALL_DIR/nginx/nginx.conf\n\nBacked up configuration file:\n$HESTIA_BACKUP/conf/nginx/nginx.conf\n\nLearn more:\nhttps://github.com/hestiacp/hestiacp/pull/3555\n\n" - "$BIN"/v-add-user-notification admin "IMPORTANT: Manual Action Required" '

To enable the "Enhanced and Optimized TLS" feature, we must update the NGINX configuration file at /etc/nginx/nginx.conf.

But for unknown reason or you edited it, may not be fully apply all the changes in this upgrade.

Please follow the default configuration file to sync it:
'"$HESTIA_INSTALL_DIR"'/nginx/nginx.conf

Backed up configuration file:
'"$HESTIA_BACKUP"'/conf/nginx/nginx.conf

Visit PR #3555 on GitHub to learn more.

' - - sed -i "s/""$(grep -m 1 "IMPORTANT: Manual Action Required" "$HESTIA"/data/users/admin/notifications.conf | awk '{print $1}')""/NID='1'/" "$HESTIA"/data/users/admin/notifications.conf - - cp -f /etc/nginx/nginx.conf /etc/nginx/nginx.conf-staging - - # Apply previously missed updates - sed -i 's/fastcgi_buffers 4 256k;/fastcgi_buffers 8 256k;/;s|https://www.cloudflare.com/||;s/# Cache settings/# Proxy cache/' /etc/nginx/nginx.conf-staging - - # Formatting - echo "" >> /etc/nginx/nginx.conf-staging - sed -i '/^[ \t]*$/d;s/^ worker_connections 1024;/\tworker_connections 1024;/;s/^ use epoll;/\tuse epoll;/;s/^ multi_accept on;/\tmulti_accept on;/;s/^ /\t\t/g;s/^ /\t/g;s/^# Worker config/\n# Worker config/;s/^http {/\nhttp {/;s/^\t# Cache bypass/\n\t# Cache bypass/;s/^\t# File cache (static assets)/\n\t# File cache (static assets)/;s/^user www-data;/user www-data;/;s/^worker_processes auto;/worker_processes auto;/;s/^worker_rlimit_nofile 65535;/worker_rlimit_nofile 65535;/;s|^error_log /var/log/nginx/error.log;|error_log /var/log/nginx/error.log;|;s|^pid /run/nginx.pid;|pid /run/nginx.pid;|;s|^include /etc/nginx/modules-enabled/\*.conf;|include /etc/nginx/modules-enabled/\*.conf;|;s/log_not_found off;/log_not_found off;/;s/access_log off;/access_log off;/;s|include /etc/nginx/mime.types;|include /etc/nginx/mime.types;|;s|default_type application/octet-stream;|default_type application/octet-stream;|;s/default 0;/default 0;/;s/~SESS 1;/~SESS 1;/;s|include /etc/nginx/conf.d/|include /etc/nginx/conf.d/|g' /etc/nginx/nginx.conf-staging - - # Prepare for update - sed -i '/proxy_bu/d;/proxy_temp/d;/log_format/d;/body_bytes_sent/d;/http_user_agent/d;/gzip/d;/application\/j/d;/application\/x/d;/ssl_/d;/resolver/d;/error_page/d;/\/var\/cache\/nginx/d;/max_size=/d;/_cache_key/d;/_ignore_headers/d;/_cache_use_stale/d;/_cache_valid/d;/_cache_methods/d;/add_header/d;/open_file_cache/d' /etc/nginx/nginx.conf-staging - - # Apply the update - sed -i 's/client_max_body_size 256m;/client_max_body_size 1024m;/;s/keepalive_requests 100000;/keepalive_requests 10000;/;s/fastcgi_buffers 8 256k;/fastcgi_buffers 512 4k;/;s/proxy_pass_header Set-Cookie;/proxy_pass_header Set-Cookie;\n\tproxy_buffers 256 4k;\n\tproxy_buffer_size 32k;\n\tproxy_busy_buffers_size 32k;\n\tproxy_temp_file_write_size 256k;/;s/# Log format/# Log format\n\tlog_format main '"'"'$remote_addr - $remote_user [$time_local] $request "$status" $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"'"'"';\n\tlog_format bytes '"'"'$body_bytes_sent'"'"';/;s|# Compression|# Compression\n\tgzip on;\n\tgzip_vary on;\n\tgzip_static on;\n\tgzip_comp_level 6;\n\tgzip_min_length 1024;\n\tgzip_buffers 128 4k;\n\tgzip_http_version 1.1;\n\tgzip_types text/css text/javascript text/js text/plain text/richtext text/shtml text/x-component text/x-java-source text/x-markdown text/x-script text/xml image/bmp image/svg+xml image/vnd.microsoft.icon image/x-icon font/otf font/ttf font/x-woff multipart/bag multipart/mixed application/eot application/font application/font-sfnt application/font-woff application/javascript application/javascript-binast application/json application/ld+json application/manifest+json application/opentype application/otf application/rss+xml application/ttf application/truetype application/vnd.api+json application/vnd.ms-fontobject application/wasm application/xhtml+xml application/xml application/xml+rss application/x-httpd-cgi application/x-javascript application/x-opentype application/x-otf application/x-perl application/x-protobuf application/x-ttf;\n\tgzip_proxied any;|;s/# Cloudflare ips/# Cloudflare IPs/;s|# SSL PCI compliance|# SSL PCI compliance\n\tssl_buffer_size 1369;\n\tssl_ciphers "'"$tls12_ciphers"'";\n\tssl_dhparam /etc/ssl/dhparam.pem;\n\tssl_early_data on;\n\tssl_ecdh_curve auto;\n\tssl_prefer_server_ciphers on;\n\tssl_protocols TLSv1.2 TLSv1.3;\n\tssl_session_cache shared:SSL:20m;\n\tssl_session_tickets on;\n\tssl_session_timeout 7d;\n\tresolver 1.0.0.1 8.8.4.4 1.1.1.1 8.8.8.8 valid=300s ipv6=off;\n\tresolver_timeout 5s;|;s|# Error pages|# Error pages\n\terror_page 403 /error/404.html;\n\terror_page 404 /error/404.html;\n\terror_page 410 /error/410.html;\n\terror_page 500 501 502 503 504 505 /error/50x.html;|;s|# Proxy cache|# Proxy cache\n\tproxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;\n\tproxy_cache_key "$scheme$request_method$host$request_uri";\n\tproxy_temp_path /var/cache/nginx/temp;\n\tproxy_ignore_headers Cache-Control Expires;\n\tproxy_cache_use_stale error timeout invalid_header updating http_502;\n\tproxy_cache_valid any 1d;|;s|# FastCGI cache|# FastCGI cache\n\tfastcgi_cache_path /var/cache/nginx/micro levels=1:2 keys_zone=microcache:10m inactive=30m max_size=1024m;\n\tfastcgi_cache_key "$scheme$request_method$host$request_uri";\n\tfastcgi_ignore_headers Cache-Control Expires Set-Cookie;\n\tfastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503;\n\tadd_header X-FastCGI-Cache $upstream_cache_status;|;s/# File cache (static assets)/# File cache (static assets)\n\topen_file_cache max=10000 inactive=30s;\n\topen_file_cache_valid 60s;\n\topen_file_cache_min_uses 2;\n\topen_file_cache_errors off;/' /etc/nginx/nginx.conf-staging - - # Apply the update for implement TLS 1.3 0-RTT anti-replay and upcoming HTTP/3 support - sed -i '/\/etc\/nginx\/conf\.d\/main\/\*\.conf;/d;/pid \/run\/nginx.pid;/a include /etc/nginx/conf.d/main/*.conf;' /etc/nginx/nginx.conf-staging - sed -i '/Early-Data/d;/proxy_set_header Host $host;/a \\tproxy_set_header Early-Data $rfc_early_data;' /etc/nginx/nginx.conf-staging - - # Verify new configuration file - if nginx -c /etc/nginx/nginx.conf-staging -t > /dev/null 2>&1; then - mv -f /etc/nginx/nginx.conf-staging /etc/nginx/nginx.conf - fi - fi - - # Implement TLS 1.3 0-RTT anti-replay - echo -e "[ * ] TLS 1.3 0-RTT anti-replay for NGINX, please view:\n[ - ] $HESTIA_BACKUP/message.log" - add_upgrade_message "About TLS 1.3 0-RTT anti-replay for NGINX\n\nIf you use custom templates, please update them (*.stpl) to apply this protection.\n\nFollow the usage or other default templates:\n/etc/nginx/conf.d/0rtt-anti-replay.conf\n\nLearn more:\nhttps://github.com/hestiacp/hestiacp/pull/3692" - "$BIN"/v-add-user-notification admin "About TLS 1.3 0-RTT anti-replay for NGINX" '

If you use custom templates, please update them (*.stpl) to apply this protection.

Follow the usage or other default templates:
/etc/nginx/conf.d/0rtt-anti-replay.conf

Visit PR #3692 on GitHub to learn more.

' - - if grep -qw "IMPORTANT: Manual Action Required" "$HESTIA"/data/users/admin/notifications.conf 2> /dev/null; then - sed -i "s/""$(grep -m 1 "About TLS 1.3 0-RTT anti-replay for NGINX" "$HESTIA"/data/users/admin/notifications.conf | awk '{print $1}')""/NID='2'/" "$HESTIA"/data/users/admin/notifications.conf - else - sed -i "s/""$(grep -m 1 "About TLS 1.3 0-RTT anti-replay for NGINX" "$HESTIA"/data/users/admin/notifications.conf | awk '{print $1}')""/NID='1'/" "$HESTIA"/data/users/admin/notifications.conf - fi - - cp -f "$HESTIA_INSTALL_DIR"/nginx/0rtt-anti-replay.conf /etc/nginx/conf.d - - # Update resolver for NGINX - for nameserver in $(grep -is '^nameserver' /etc/resolv.conf | cut -d' ' -f2 | tr '\r\n' ' ' | xargs); do - if [[ "$nameserver" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then - if [ -z "$resolver" ]; then - resolver="$nameserver" - else - resolver="$resolver $nameserver" - fi - fi - done - - if [ -n "$resolver" ]; then - sed -i "s/1.0.0.1 8.8.4.4 1.1.1.1 8.8.8.8/$resolver/g" /etc/nginx/nginx.conf - fi - - # Update some configuration files - cp -f "$HESTIA_INSTALL_DIR"/nginx/phpmyadmin.inc "$HESTIA_INSTALL_DIR"/nginx/phppgadmin.inc "$HESTIA_INSTALL_DIR"/nginx/status.conf /etc/nginx/conf.d - [ -n "$DB_PMA_ALIAS" ] && sed -i "s|%pma_alias%|$DB_PMA_ALIAS|g" /etc/nginx/conf.d/phpmyadmin.inc - [ -n "$DB_PGA_ALIAS" ] && sed -i "s|%pga_alias%|$DB_PGA_ALIAS|g" /etc/nginx/conf.d/phppgadmin.inc - - # Prepare for upcoming HTTP/3 support, also convenient for users to add directive to "main" context - mkdir -p /etc/nginx/conf.d/main - fi -fi - -unset commit nameserver nginx_conf_commit nginx_conf_compare nginx_conf_local os_release tls12_ciphers tls13_ciphers resolver -# Finish configuring the "Enhanced and Optimized TLS" feature - -# Update IPs configuration file -# shellcheck source=/usr/local/hestia/func/domain.sh -source $HESTIA/func/domain.sh - -if [ "$WEB_SYSTEM" = "nginx" ]; then - while IFS= read -r IP; do - ip_conf="/etc/nginx/conf.d/$IP.conf" - cp -f "$HESTIA_INSTALL_DIR"/nginx/unassigned.inc "$ip_conf" - sed -i "s/directIP/$IP/g" "$ip_conf" - process_http2_directive "$ip_conf" - done < <(ls "$HESTIA"/data/ips/ 2> /dev/null) -elif [ "$PROXY_SYSTEM" = "nginx" ]; then - while IFS= read -r IP; do - cat "$WEBTPL"/nginx/proxy_ip.tpl \ - | sed -e "s/%ip%/$IP/g" \ - -e "s/%web_port%/$WEB_PORT/g" \ - -e "s/%proxy_port%/$PROXY_PORT/g" \ - -e "s/%proxy_ssl_port%/$PROXY_SSL_PORT/g" \ - > "/etc/nginx/conf.d/$IP.conf" - process_http2_directive "/etc/nginx/conf.d/$IP.conf" - done < <(ls "$HESTIA"/data/ips/ 2> /dev/null) -fi - -if [ "$MAIL_SYSTEM" = "exim4" ]; then - exim_version=$(exim4 --version | head -1 | awk '{print $3}' | cut -f -2 -d .) - # if Exim version > 4.95 or greater! - if version_ge "$exim_version" "4.95"; then - if ! grep -q 'SRS_SECRET' /etc/exim4/exim4.conf.template; then - srs=$(generate_password) - echo $srs > /etc/exim4/srs.conf - chmod 640 /etc/exim4/srs.conf - chown root:Debian-exim /etc/exim4/srs.conf - cp /etc/exim4/exim4.conf.template /etc/exim4/exim4.conf.template.staging - patch /etc/exim4/exim4.conf.template.staging $HESTIA/install/upgrade/patch/3661-exim-srs-support.patch 2>&1 - exim -C /etc/exim4/exim4.conf.template.staging 2>&1 - if [ "$?" -ne 0 ]; then - add_upgrade_message "Unable to successfully aply the SRS update patch for Exim.\n If you use SMTP relay with the SRS feature use the exim config found in /usr/local/hestia/install/deb/exim/exim4.conf.4.95.template" - "$BIN"/v-add-user-notification admin "Unable to apply patch to Exim config" 'Unable to successfully apply the SRS update patch for Exim.
If you use SMTP relay with the SRS feature use the exim config found in /usr/local/hestia/install/deb/exim/exim4.conf.4.95.template' - if grep -qw "IMPORTANT: Manual Action Required" "$HESTIA"/data/users/admin/notifications.conf 2> /dev/null; then - sed -i "s/""$(grep -m 1 "Unable to apply patch to Exim config" "$HESTIA"/data/users/admin/notifications.conf | awk '{print $1}')""/NID='3'/" "$HESTIA"/data/users/admin/notifications.conf - else - sed -i "s/""$(grep -m 1 "Unable to apply patch to Exim config" "$HESTIA"/data/users/admin/notifications.conf | awk '{print $1}')""/NID='2'/" "$HESTIA"/data/users/admin/notifications.conf - fi - echo "[ ! ] Unable to apply SRS update patch for SMTP relay" - else - echo "[ * ] Update exim4.conf.template ..." - cp /etc/exim4/exim4.conf.template.staging /etc/exim4/exim4.conf.template - fi - rm /etc/exim4/exim4.conf.template.staging* - else - sed -i "s/SRS_SECRET = readfile{\/etc\/exim4\/srs.conf}/SRS_SECRET = \${readfile{\/etc\/exim4\/srs.conf}}/g" /etc/exim4/exim4.conf.template - chown root:Debian-exim /etc/exim4/srs.conf - fi - fi - - exim_version=$(exim4 --version | head -1 | awk '{print $3}' | cut -f -2 -d .) - # if Exim version > 4.95 or greater! - if version_ge "$exim_version" "4.95"; then - if ! grep -q 'condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}{false}{true}}' /etc/exim4/exim4.conf.template; then - for line in $(sed -n '/redirect_router = dnslookup/=' /etc/exim4/exim4.conf.template); do - testline=$((line - 1)) - newline=$((line + 1)) - if [ "$(awk NR==$testline /etc/exim4/exim4.conf.template)" = " file_transport = local_delivery" ]; then - # Add new line - sed -i "$newline i \ \ condition = \${lookup{\$local_part@\$domain}lsearch{/etc/exim4/domains/\${lookup{\$domain}dsearch{/etc/exim4/domains/}}/aliases}{false}{true}}" /etc/exim4/exim4.conf.template - fi - done - fi - fi - -fi diff --git a/install/upgrade/versions/1.8.1.sh b/install/upgrade/versions/1.8.1.sh deleted file mode 100644 index a0da773..0000000 --- a/install/upgrade/versions/1.8.1.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash - -# Hestia Control Panel upgrade script for target version 1.8.1 - -####################################################################################### -####### Place additional commands below. ####### -####################################################################################### -####### upgrade_config_set_value only accepts true or false. ####### -####### ####### -####### Pass through information to the end user in case of a issue or problem ####### -####### ####### -####### Use add_upgrade_message "My message here" to include a message ####### -####### in the upgrade notification email. Example: ####### -####### ####### -####### add_upgrade_message "My message here" ####### -####### ####### -####### You can use \n within the string to create new lines. ####### -####################################################################################### - -upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'true' -upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false' -upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false' - -if [ "$MAIL_SYSTEM" = "exim4" ]; then - exim_version=$(exim4 --version | head -1 | awk '{print $3}' | cut -f -2 -d .) - # if Exim version > 4.95 or greater! - if version_ge "$exim_version" "4.95"; then - sed -i "s/SRS_SECRET = readfile{\/etc\/exim4\/srs.conf}/SRS_SECRET = \${readfile{\/etc\/exim4\/srs.conf}}/g" /etc/exim4/exim4.conf.template - chown root:Debian-exim /etc/exim4/srs.conf - chown 644 /etc/exim4/srs.conf - fi -fi diff --git a/src/rpm/hestia/hestia.spec b/src/rpm/hestia/hestia.spec index e18fa7f..72cc2f7 100644 --- a/src/rpm/hestia/hestia.spec +++ b/src/rpm/hestia/hestia.spec @@ -84,6 +84,7 @@ if [ -e "/usr/local/hestia/data/users/admin" ]; then ############################################################### # Load upgrade functions and refresh variables/configuration + source /usr/local/hestia/func/main.sh source /usr/local/hestia/func/upgrade.sh upgrade_refresh_config @@ -146,7 +147,7 @@ if [ -e "/usr/local/hestia/data/users/admin" ]; then update_whitelabel_logo | tee -a $LOG # Set new version number in hestia.conf - upgrade_set_version + upgrade_set_version $new_version # Perform account and domain rebuild to ensure configuration files are correct upgrade_rebuild_users