diff --git a/docs/_data/options.js b/docs/_data/options.js index 2561599..57ecd54 100644 --- a/docs/_data/options.js +++ b/docs/_data/options.js @@ -146,12 +146,33 @@ export const options = [ depends: 'exim', }, { - name: ' --iptables', - id: 'iptables', - param: '--iptables', + name: ' --firewall', + id: 'firewall', + param: '--firewall', desc: 'Управлять фаерволом.', selected: true, }, + { + name: ' --nopublicip', + id: 'nopublicip', + param: '--nopublicip', + desc: 'Использовать локальный IP сервера', + selected: false, + }, + { + name: ' --uselocalphp', + id: 'uselocalphp', + param: '--uselocalphp', + desc: 'Использовать PHP из текущего репозитория HestiaCP', + selected: false, + }, + { + name: ' --usemirrorclamav', + id: 'usemirrorclamav', + param: '--usemirrorclamav', + desc: 'Использовать clamav с базами скачанными с зеркала в России', + selected: false, + }, { name: ' --fail2ban', id: 'fail2ban', diff --git a/docs/docs/introduction/getting-started.md b/docs/docs/introduction/getting-started.md index fd8698e..d7bf0e1 100644 --- a/docs/docs/introduction/getting-started.md +++ b/docs/docs/introduction/getting-started.md @@ -93,15 +93,16 @@ bash hst-install.sh -h -Z, --sieve Install Sieve [yes|no] default: no -c, --clamav Install ClamAV [yes|no] default: no -t, --spamassassin Install SpamAssassin [yes|no] default: yes - -i, --iptables Install Iptables [yes|no] default: yes + -i, --firewall Install firewalld [yes|no] default: yes -b, --fail2ban Install Fail2ban [yes|no] default: yes -q, --quota Filesystem Quota [yes|no] default: no -d, --api Activate API [yes|no] default: yes -r, --port Change Backend Port default: 8083 -l, --lang Default language default: en -y, --interactive Interactive install [yes|no] default: yes - -I, --nopublicip Use local ip [yes|no] default: yes - -u, --uselocalphp Use PHP from local repo [yes|no] default: yes + -I, --nopublicip Use local ip [yes|no] default: no + -u, --uselocalphp Use PHP from local repo [yes|no] default: no + -C, --usemirrorclamav Use mirrored clamav [yes|no] default: no -s, --hostname Set hostname -e, --email Set admin email -p, --password Set admin password diff --git a/install/hst-install-rhel.sh b/install/hst-install-rhel.sh index f73069e..44d611d 100755 --- a/install/hst-install-rhel.sh +++ b/install/hst-install-rhel.sh @@ -38,7 +38,7 @@ HESTIA_COMMON_DIR="$HESTIA/install/common" VERBOSE='no' # Define software versions -HESTIA_INSTALL_VER='1.9.4.rpm~alpha' +HESTIA_INSTALL_VER='1.9.5.rpm~alpha' # Dependencies mariadb_v="10.11" @@ -83,7 +83,7 @@ help() { -Z, --sieve Install Sieve [yes|no] default: no -c, --clamav Install ClamAV [yes|no] default: no -t, --spamassassin Install SpamAssassin [yes|no] default: yes - -i, --iptables Install Iptables [yes|no] default: yes + -i, --firewall Install Iptables [yes|no] default: yes -b, --fail2ban Install Fail2ban [yes|no] default: yes -q, --quota Filesystem Quota [yes|no] default: no -d, --api Activate API [yes|no] default: yes @@ -91,7 +91,8 @@ help() { -l, --lang Default language default: en -y, --interactive Interactive install [yes|no] default: yes -I, --nopublicip Use local ip [yes|no] default: yes - -u, --uselocalphp Use PHP from local repo [yes|no] default: yes + -u, --uselocalphp Use PHP from local repo [yes|no] default: no + -C, --usemirrorclamav Use mirrored clamav [yes|no] default: no -s, --hostname Set hostname -e, --email Set admin email -p, --password Set admin password @@ -276,8 +277,9 @@ for arg; do --dovecot) args="${args}-z " ;; --sieve) args="${args}-Z " ;; --clamav) args="${args}-c " ;; + --usemirrorclamav) args="${args}-C " ;; --spamassassin) args="${args}-t " ;; - --iptables) args="${args}-i " ;; + --firewall) args="${args}-i " ;; --fail2ban) args="${args}-b " ;; --multiphp) args="${args}-o " ;; --quota) args="${args}-q " ;; @@ -302,7 +304,7 @@ done eval set -- "$args" # Parsing arguments -while getopts "u:I:a:w:v:j:k:m:M:g:d:x:z:Z:c:t:i:b:r:o:q:l:y:s:e:p:R:fh" Option; do +while getopts "u:I:a:w:v:j:k:m:M:g:d:x:z:Z:c:C:t:i:b:r:o:q:l:y:s:e:p:R:fh" Option; do case $Option in a) apache=$OPTARG ;; # Apache w) phpfpm=$OPTARG ;; # PHP-FPM @@ -317,6 +319,10 @@ while getopts "u:I:a:w:v:j:k:m:M:g:d:x:z:Z:c:t:i:b:r:o:q:l:y:s:e:p:R:fh" Option; z) dovecot=$OPTARG ;; # Dovecot Z) sieve=$OPTARG ;; # Sieve c) clamd=$OPTARG ;; # ClamAV + C) + clamd=$OPTARG + clamdm="yes" + ;; # ClamAV Mirrored t) spamd=$OPTARG ;; # SpamAssassin i) iptables=$OPTARG ;; # Iptables b) fail2ban=$OPTARG ;; # Fail2ban @@ -366,10 +372,10 @@ set_default_value 'fail2ban' 'yes' set_default_value 'quota' 'no' set_default_value 'interactive' 'yes' set_default_value 'api' 'yes' -set_default_value 'nopublicip' 'yes' +set_default_value 'nopublicip' 'no' set_default_port '8083' set_default_lang 'en' -set_default_value 'uselocalphp' 'yes' +set_default_value 'uselocalphp' 'no' # Checking software conflicts if [ "$proftpd" = 'yes' ]; then @@ -971,12 +977,13 @@ fi #----------------------------------------------------------# if [ "$iptables" = 'yes' ]; then - if [ -f /etc/redhat-release ]; then - dnf install iptables-nft -y - systemctl stop firewalld - systemctl disable firewalld - systemctl enable nftables --now - fi + dnf install iptables-nft -y + systemctl stop firewalld + systemctl disable firewalld + systemctl enable nftables --now +else + systemctl stop firewalld + systemctl disable firewalld fi # Installing rpm packages @@ -1806,7 +1813,11 @@ if [ "$clamd" = 'yes' ]; then gpasswd -a clamav exim > /dev/null 2>&1 cp -f $HESTIA_INSTALL_DIR/clamav/clamd.conf /etc/clamd.d/daemon.conf cp -f $HESTIA_INSTALL_DIR/clamav/clamd.tmpfiles /etc/tmpfiles.d/clamav.conf - cp -f $HESTIA_INSTALL_DIR/clamav/freshclam.conf /etc/freshclam.conf + if [ -n "$clamdm" ]; then + cp -f $HESTIA_INSTALL_DIR/clamav/freshclam.conf /etc/freshclam.conf + else + cp -f $HESTIA_INSTALL_DIR/clamav/freshclam_orig.conf /etc/freshclam.conf + fi touch /var/log/freshclam.log chown clamav:clamav /var/log/freshclam.log rm -f /var/lib/clamav/freshclam.dat diff --git a/install/hst-install.sh b/install/hst-install.sh index afbea2d..af9b41d 100755 --- a/install/hst-install.sh +++ b/install/hst-install.sh @@ -74,7 +74,7 @@ check_wget_curl() { wget -q https://dev.brepo.ru/bayrepo/hestiacp/raw/branch/master/install/hst-install-rhel.sh -O hst-install-rhel.sh if [ "$?" -eq '0' ]; then bash hst-install-rhel.sh $* - exit + exit $? else echo "Error: hst-install-rhel.sh download failed." exit 1 @@ -97,7 +97,7 @@ check_wget_curl() { curl -s -O https://dev.brepo.ru/bayrepo/hestiacp/raw/branch/master/install/hst-install-rhel.sh if [ "$?" -eq '0' ]; then bash hst-install-rhel.sh $* - exit + exit $? else echo "Error: hst-install-rhel.sh download failed." exit 1 diff --git a/install/rpm/clamav/freshclam_orig.conf b/install/rpm/clamav/freshclam_orig.conf new file mode 100644 index 0000000..8faf165 --- /dev/null +++ b/install/rpm/clamav/freshclam_orig.conf @@ -0,0 +1,13 @@ +UpdateLogFile /var/log/freshclam.log +ScriptedUpdates no +LogFileMaxSize 80M +LogTime yes +#LogVerbose yes +LogRotate yes +#PidFile /var/run/freshclam.pid + +# By default when started freshclam drops privileges and switches to the +# "clamav" user. This directive allows you to change the database owner. +# Default: clamav (may depend on installation options) +DatabaseOwner clamav +DatabaseDirectory /var/lib/clamavnew