diff --git a/Dockerfile b/Dockerfile index 0d71da0..ce7ab51 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM niiknow/docker-hostingbase:1.3.1 +FROM niiknow/docker-hostingbase:1.4.1 LABEL maintainer="noogen " ENV DEBIAN_FRONTEND=noninteractive \ VESTA=/usr/local/vesta \ @@ -13,6 +13,7 @@ ENV DEBIAN_FRONTEND=noninteractive \ RUN cd /tmp \ && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 91FA4AD5 \ && add-apt-repository ppa:deadsnakes/ppa \ + && add-apt-repository ppa:maxmind/ppa -y \ && echo "nginx mysql bind clamav ssl-cert dovecot dovenull Debian-exim postgres debian-spamd epmd couchdb memcache mongodb redis" | xargs -n1 groupadd -K GID_MIN=100 -K GID_MAX=999 ${g} \ && echo "nginx nginx mysql mysql bind bind clamav clamav dovecot dovecot dovenull dovenull Debian-exim Debian-exim postgres postgres debian-spamd debian-spamd epmd epmd couchdb couchdb memcache memcache mongodb mongodb redis redis" | xargs -n2 useradd -d /nonexistent -s /bin/false -K UID_MIN=100 -K UID_MAX=999 -g ${g} \ && usermod -d /var/lib/mysql mysql \ @@ -44,13 +45,14 @@ RUN cd /tmp \ && echo "deb-src http://nginx.org/packages/ubuntu/ xenial nginx" | tee -a /etc/apt/sources.list \ && apt-get update && apt-get -y --no-install-recommends upgrade \ && curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash - \ - && apt-get install -y --no-install-recommends libpcre3-dev libssl-dev dpkg-dev libgd-dev iproute uuid-dev \ + && apt-get install -y --no-install-recommends libpcre3-dev libssl-dev dpkg-dev libmaxminddb0 libmaxminddb-dev mmdb-bin libgd-dev iproute uuid-dev \ && mkdir -p ${NGINX_BUILD_DIR} \ && cd ${NGINX_BUILD_DIR} \ + && git clone https://github.com/leev/ngx_http_geoip2_module ngx_http_geoip2_module \ && apt-get source nginx=${NGINX_VERSION} -y \ && mv ${NGINX_BUILD_DIR}/nginx-${NGINX_VERSION}/src/http/modules/ngx_http_image_filter_module.c ${NGINX_BUILD_DIR}/nginx-${NGINX_VERSION}/src/http/modules/ngx_http_image_filter_module.bak \ && curl -SL $IMAGE_FILTER_URL --output ${NGINX_BUILD_DIR}/nginx-${NGINX_VERSION}/src/http/modules/ngx_http_image_filter_module.c \ - && sed -i "s/--with-http_ssl_module/--with-http_ssl_module --with-http_image_filter_module --add-module=\/usr\/src\/nginx\/ngx_devel_kit --add-module=\/usr\/src\/nginx\/set-misc-nginx-module --add-module=\/usr\/src\/nginx\/ngx_pagespeed-latest-stable/g" ${NGINX_BUILD_DIR}/nginx-${NGINX_VERSION}/debian/rules \ + && sed -i "s/--with-http_ssl_module/--with-http_ssl_module --with-http_image_filter_module --add-module=\/usr\/src\/nginx\/ngx_http_geoip2_module --add-module=\/usr\/src\/nginx\/ngx_devel_kit --add-module=\/usr\/src\/nginx\/set-misc-nginx-module --add-module=\/usr\/src\/nginx\/ngx_pagespeed-latest-stable/g" ${NGINX_BUILD_DIR}/nginx-${NGINX_VERSION}/debian/rules \ && curl -SL https://github.com/apache/incubator-pagespeed-ngx/archive/v${NGINX_PAGESPEED_VERSION}-stable.zip -o latest-stable.zip \ && unzip latest-stable.zip \ && mv incubator-pagespeed-ngx-${NGINX_PAGESPEED_VERSION}-stable ngx_pagespeed-latest-stable \ @@ -325,14 +327,8 @@ RUN cd /tmp \ && sed -i "s/FcgidConnectTimeout 20/FcgidMaxRequestLen 629145600\n FcgidConnectTimeout 20/" /etc/apache2/mods-available/fcgid.conf \ # fix docker nginx ips - && sed -i -e "s/\%ip\%\:\%proxy\_port\%/\%proxy\_port\%/g" /usr/local/vesta/data/templates/web/nginx/*.tpl \ - && sed -i -e "s/\%ip\%\:\%proxy\_ssl\_port\%/\%proxy\_ssl\_port\%/g" /usr/local/vesta/data/templates/web/nginx/*.stpl \ - && sed -i -e "s/\%ip\%\:\%web\_port\%/\%web\_port\%/g" /usr/local/vesta/data/templates/web/nginx/*.tpl \ - && sed -i -e "s/\%ip\%\:\%web\_ssl\_port\%/\%web\_ssl\_port\%/g" /usr/local/vesta/data/templates/web/nginx/*.stpl \ - && sed -i -e "s/\%ip\%\:\%proxy\_port\%/\%proxy\_port\%/g" /usr/local/vesta/data/templates/web/nginx/php-fpm/*.tpl \ - && sed -i -e "s/\%ip\%\:\%proxy\_ssl\_port\%/\%proxy\_ssl\_port\%/g" /usr/local/vesta/data/templates/web/nginx/php-fpm/*.stpl \ && sed -i -e "s/ include \%home\%\/\%user\%\/conf\/web\/nginx\.\%domain\%/ include \%home\%\/\%user\%\/web\/\%domain\%\/private\/*.conf;\n include \%home\%\/\%user\%\/conf\/web\/nginx\.\%domain\%/g" /usr/local/vesta/data/templates/web/nginx/*.tpl \ - && sed -i -e "s/ include \%home\%\/\%user\%\/conf\/web\/nginx\.\%domain\%/ include \%home\%\/\%user\%\/web\/\%domain\%\/private\/*.conf;\n include \%home\%\/\%user\%\/conf\/web\/nginx\.\%domain\%/g" /usr/local/vesta/data/templates/web/nginx/*.stpl \ + && sed -i -e "s/ include \%home\%\/\%user\%\/conf\/web\/snginx\.\%domain\%/ include \%home\%\/\%user\%\/web\/\%domain\%\/private\/*.conf;\n include \%home\%\/\%user\%\/conf\/web\/snginx\.\%domain\%/g" /usr/local/vesta/data/templates/web/nginx/*.stpl \ && bash /usr/local/vesta/upd/switch_rpath.sh \ # add multiple php fcgi and custom templates diff --git a/rootfs/sysprepz/admin/bin/vesta-update-geoip.sh b/rootfs/sysprepz/admin/bin/vesta-update-geoip.sh new file mode 100755 index 0000000..9fce17e --- /dev/null +++ b/rootfs/sysprepz/admin/bin/vesta-update-geoip.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +# get environment variables +source /etc/container_environment.sh + +# update geoip database +# separate script so you can run it in cron if needed +cd /tmp +mkdir -p /etc/nginx/geoip2/ +wget http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz +tar xaf GeoLite2-Country.tar.gz --strip 1 +mv -f GeoLite2-Country.mmdb /etc/nginx/geoip2/ + +wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz +tar xaf GeoLite2-City.tar.gz --strip 1 +mv -f GeoLite2-City.mmdb /etc/nginx/geoip2/ diff --git a/rootfs/sysprepz/apache2-templates/php71fpm.sh b/rootfs/sysprepz/apache2-templates/php71fpm.sh index 2e8441e..8a0df8b 100755 --- a/rootfs/sysprepz/apache2-templates/php71fpm.sh +++ b/rootfs/sysprepz/apache2-templates/php71fpm.sh @@ -24,9 +24,9 @@ pm.max_requests = 4000 pm.process_idle_timeout = 10s pm.status_path = /status -php_admin_value[upload_tmp_dir] = /home/$user/tmp -php_admin_value[session.save_path] = /home/$user/tmp -php_admin_value[open_basedir] = $docroot:/home/$user/tmp +php_admin_value[upload_tmp_dir] = /home/$user/web/$domain/tmp +php_admin_value[session.save_path] = /home/$user/web/$domain/tmp +php_admin_value[open_basedir] = $docroot:/home/$user/web/$domain/tmp env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin @@ -34,10 +34,10 @@ env[TMP] = /home/$user/tmp env[TMPDIR] = /home/$user/tmp env[TEMP] = /home/$user/tmp " -fpm_conf_file="$home_dir/$user/web/$domain/cgi-bin/php-fpm.conf" +fpm_conf_file="/home/$user/web/$domain/cgi-bin/php-fpm.conf" # remove old conf -rm -f $home_dir/$user/web/$domain/cgi-bin/php*-fpm.conf +rm -f /home/$user/web/$domain/cgi-bin/php*-fpm.conf # restart any *running* php fpm found with ps -uaxw # otherwise, simply use: @@ -53,14 +53,16 @@ do fi done +# make sure to delete old sock file before restart rm -f /var/run/vesta-php-fpm-$domain.sock || true echo "$fpm_conf" > $fpm_conf_file chown $user:$user $fpm_conf_file chmod -f 751 $fpm_conf_file -rm -rf $home_dir/$user/web/$domain/tmp/cache -mkdir -p $home_dir/$user/web/$domain/tmp/cache -chown -R www-data:www-data $home_dir/$user/web/$domain/tmp/cache +mkdir -p /home/$user/web/$domain/tmp/cache +rm -rf /home/$user/web/$domain/tmp/cache +mkdir -p /home/$user/web/$domain/tmp/cache +chown -R www-data:www-data /home/$user/web/$domain/tmp/cache # delete old and link new conf rm -f /etc/php/*/fpm/pool.d/$domain.conf diff --git a/rootfs/sysprepz/apache2-templates/php72fpm.sh b/rootfs/sysprepz/apache2-templates/php72fpm.sh index 3e9e7ac..6939ea8 100755 --- a/rootfs/sysprepz/apache2-templates/php72fpm.sh +++ b/rootfs/sysprepz/apache2-templates/php72fpm.sh @@ -24,9 +24,9 @@ pm.max_requests = 4000 pm.process_idle_timeout = 10s pm.status_path = /status -php_admin_value[upload_tmp_dir] = /home/$user/tmp -php_admin_value[session.save_path] = /home/$user/tmp -php_admin_value[open_basedir] = $docroot:/home/$user/tmp +php_admin_value[upload_tmp_dir] = /home/$user/web/$domain/tmp +php_admin_value[session.save_path] = /home/$user/web/$domain/tmp +php_admin_value[open_basedir] = $docroot:/home/$user/web/$domain/tmp env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin @@ -34,10 +34,10 @@ env[TMP] = /home/$user/tmp env[TMPDIR] = /home/$user/tmp env[TEMP] = /home/$user/tmp " -fpm_conf_file="$home_dir/$user/web/$domain/cgi-bin/php-fpm.conf" +fpm_conf_file="/home/$user/web/$domain/cgi-bin/php-fpm.conf" # remove old conf -rm -f $home_dir/$user/web/$domain/cgi-bin/php*-fpm.conf +rm -f /home/$user/web/$domain/cgi-bin/php*-fpm.conf # restart any *running* php fpm found with ps -uaxw # otherwise, simply use: @@ -53,14 +53,16 @@ do fi done +# make sure to delete old sock file before restart rm -f /var/run/vesta-php-fpm-$domain.sock || true echo "$fpm_conf" > $fpm_conf_file chown $user:$user $fpm_conf_file chmod -f 751 $fpm_conf_file -rm -rf $home_dir/$user/web/$domain/tmp/cache -mkdir -p $home_dir/$user/web/$domain/tmp/cache -chown -R www-data:www-data $home_dir/$user/web/$domain/tmp/cache +mkdir -p /home/$user/web/$domain/tmp/cache +rm -rf /home/$user/web/$domain/tmp/cache +mkdir -p /home/$user/web/$domain/tmp/cache +chown -R www-data:www-data /home/$user/web/$domain/tmp/cache # delete old and link new conf rm -f /etc/php/*/fpm/pool.d/$domain.conf diff --git a/rootfs/sysprepz/apache2-templates/php73fpm.sh b/rootfs/sysprepz/apache2-templates/php73fpm.sh index 25b2910..5db8552 100755 --- a/rootfs/sysprepz/apache2-templates/php73fpm.sh +++ b/rootfs/sysprepz/apache2-templates/php73fpm.sh @@ -24,9 +24,9 @@ pm.max_requests = 4000 pm.process_idle_timeout = 10s pm.status_path = /status -php_admin_value[upload_tmp_dir] = /home/$user/tmp -php_admin_value[session.save_path] = /home/$user/tmp -php_admin_value[open_basedir] = $docroot:/home/$user/tmp +php_admin_value[upload_tmp_dir] = /home/$user/web/$domain/tmp +php_admin_value[session.save_path] = /home/$user/web/$domain/tmp +php_admin_value[open_basedir] = $docroot:/home/$user/web/$domain/tmp env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin @@ -34,10 +34,10 @@ env[TMP] = /home/$user/tmp env[TMPDIR] = /home/$user/tmp env[TEMP] = /home/$user/tmp " -fpm_conf_file="$home_dir/$user/web/$domain/cgi-bin/php-fpm.conf" +fpm_conf_file="/home/$user/web/$domain/cgi-bin/php-fpm.conf" # remove old conf -rm -f $home_dir/$user/web/$domain/cgi-bin/php*-fpm.conf +rm -f /home/$user/web/$domain/cgi-bin/php*-fpm.conf # restart any *running* php fpm found with ps -uaxw # otherwise, simply use: @@ -53,14 +53,16 @@ do fi done +# make sure to delete old sock file before restart rm -f /var/run/vesta-php-fpm-$domain.sock || true echo "$fpm_conf" > $fpm_conf_file chown $user:$user $fpm_conf_file chmod -f 751 $fpm_conf_file -rm -rf $home_dir/$user/web/$domain/tmp/cache -mkdir -p $home_dir/$user/web/$domain/tmp/cache -chown -R www-data:www-data $home_dir/$user/web/$domain/tmp/cache +mkdir -p /home/$user/web/$domain/tmp/cache +rm -rf /home/$user/web/$domain/tmp/cache +mkdir -p /home/$user/web/$domain/tmp/cache +chown -R www-data:www-data /home/$user/web/$domain/tmp/cache # delete old and link new conf rm -f /etc/php/*/fpm/pool.d/$domain.conf diff --git a/rootfs/sysprepz/apache2-templates/phpfcgid71.sh b/rootfs/sysprepz/apache2-templates/phpfcgid71.sh index 53c269f..8215a5f 100755 --- a/rootfs/sysprepz/apache2-templates/phpfcgid71.sh +++ b/rootfs/sysprepz/apache2-templates/phpfcgid71.sh @@ -13,7 +13,7 @@ export PHP_FCGI_MAX_REQUESTS=1000 export PHP_FCGI_CHILDREN=4 exec /usr/bin/php-cgi7.1 " -wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi7.1" +wrapper_file="/home/$user/web/$domain/cgi-bin/fcgi7.1" echo "$wrapper_script" > $wrapper_file chown $user:$user $wrapper_file diff --git a/rootfs/sysprepz/apache2-templates/phpfcgid71.stpl b/rootfs/sysprepz/apache2-templates/phpfcgid71.stpl index f766e95..5d9b0c0 100644 --- a/rootfs/sysprepz/apache2-templates/phpfcgid71.stpl +++ b/rootfs/sysprepz/apache2-templates/phpfcgid71.stpl @@ -16,9 +16,9 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot%:%home%/%user%/web/%domain%/tmp + php_admin_value upload_tmp_dir %home%/%user%/web/%domain%/tmp + php_admin_value session.save_path %home%/%user%/web/%domain%/tmp SetHandler fcgid-script diff --git a/rootfs/sysprepz/apache2-templates/phpfcgid71.tpl b/rootfs/sysprepz/apache2-templates/phpfcgid71.tpl index 3c3b042..11af573 100644 --- a/rootfs/sysprepz/apache2-templates/phpfcgid71.tpl +++ b/rootfs/sysprepz/apache2-templates/phpfcgid71.tpl @@ -15,9 +15,9 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot%:%home%/%user%/web/%domain%/tmp + php_admin_value upload_tmp_dir %home%/%user%/web/%domain%/tmp + php_admin_value session.save_path %home%/%user%/web/%domain%/tmp SetHandler fcgid-script diff --git a/rootfs/sysprepz/apache2-templates/phpfcgid72.sh b/rootfs/sysprepz/apache2-templates/phpfcgid72.sh index 3ec6c70..239b5db 100755 --- a/rootfs/sysprepz/apache2-templates/phpfcgid72.sh +++ b/rootfs/sysprepz/apache2-templates/phpfcgid72.sh @@ -13,7 +13,7 @@ export PHP_FCGI_MAX_REQUESTS=1000 export PHP_FCGI_CHILDREN=4 exec /usr/bin/php-cgi7.2 " -wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi7.2" +wrapper_file="/home/$user/web/$domain/cgi-bin/fcgi7.2" echo "$wrapper_script" > $wrapper_file chown $user:$user $wrapper_file diff --git a/rootfs/sysprepz/apache2-templates/phpfcgid72.stpl b/rootfs/sysprepz/apache2-templates/phpfcgid72.stpl index 06f0356..45b81ff 100644 --- a/rootfs/sysprepz/apache2-templates/phpfcgid72.stpl +++ b/rootfs/sysprepz/apache2-templates/phpfcgid72.stpl @@ -16,9 +16,9 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot%:%home%/%user%/web/%domain%/tmp + php_admin_value upload_tmp_dir %home%/%user%/web/%domain%/tmp + php_admin_value session.save_path %home%/%user%/web/%domain%/tmp SetHandler fcgid-script diff --git a/rootfs/sysprepz/apache2-templates/phpfcgid72.tpl b/rootfs/sysprepz/apache2-templates/phpfcgid72.tpl index 3410055..eaf4a4c 100644 --- a/rootfs/sysprepz/apache2-templates/phpfcgid72.tpl +++ b/rootfs/sysprepz/apache2-templates/phpfcgid72.tpl @@ -15,9 +15,9 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot%:%home%/%user%/web/%domain%/tmp + php_admin_value upload_tmp_dir %home%/%user%/web/%domain%/tmp + php_admin_value session.save_path %home%/%user%/web/%domain%/tmp SetHandler fcgid-script diff --git a/rootfs/sysprepz/apache2-templates/phpfcgid73.sh b/rootfs/sysprepz/apache2-templates/phpfcgid73.sh index cece45c..5817d7e 100755 --- a/rootfs/sysprepz/apache2-templates/phpfcgid73.sh +++ b/rootfs/sysprepz/apache2-templates/phpfcgid73.sh @@ -13,7 +13,7 @@ export PHP_FCGI_MAX_REQUESTS=1000 export PHP_FCGI_CHILDREN=4 exec /usr/bin/php-cgi7.3 " -wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi7.3" +wrapper_file="/home/$user/web/$domain/cgi-bin/fcgi7.3" echo "$wrapper_script" > $wrapper_file chown $user:$user $wrapper_file diff --git a/rootfs/sysprepz/apache2-templates/phpfcgid73.stpl b/rootfs/sysprepz/apache2-templates/phpfcgid73.stpl index 477b337..75d5c2d 100644 --- a/rootfs/sysprepz/apache2-templates/phpfcgid73.stpl +++ b/rootfs/sysprepz/apache2-templates/phpfcgid73.stpl @@ -16,9 +16,9 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot%:%home%/%user%/web/%domain%/tmp + php_admin_value upload_tmp_dir %home%/%user%/web/%domain%/tmp + php_admin_value session.save_path %home%/%user%/web/%domain%/tmp SetHandler fcgid-script diff --git a/rootfs/sysprepz/apache2-templates/phpfcgid73.tpl b/rootfs/sysprepz/apache2-templates/phpfcgid73.tpl index e43d9d0..051261c 100644 --- a/rootfs/sysprepz/apache2-templates/phpfcgid73.tpl +++ b/rootfs/sysprepz/apache2-templates/phpfcgid73.tpl @@ -15,9 +15,9 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot%:%home%/%user%/web/%domain%/tmp + php_admin_value upload_tmp_dir %home%/%user%/web/%domain%/tmp + php_admin_value session.save_path %home%/%user%/web/%domain%/tmp SetHandler fcgid-script