Posts by flames

flames · Nov 15th 2016

бывает

дело в том, что диск лучше...
1. монтировать прямо туда, где он требуется. если весь диск исключительно для /var/www/virtual, то монтируем прямо туда. например mount /dev/sdb1 /var/www/virtual
2. если диск содержит директории для разных целей, то монтируем диск куда либо, например в /mnt/disk, после чего директории находящиеся на диске монтировать с помощью bind --mount в нужные директории. например mount /dev/sdb1 /mnt/disk
mount --bind /mnt/disk/mail/virtual /var/mail/virtual и mount --bind /mnt/disk/www/virtual /var/www/virtual

можно использовать /etc/fstab, для правильного синтаксиса погуглить.

если диск не в нативном формате linux, или в устарелом формате, т.е. не ext3fs или ext4fs, то проблемы могут возникнуть даже при правильном монтировании.
unlink поддерживается всеми нативными файловыми системами linux, но например extended attributes, которые пользуются для защиты директорий в i-MSCP требуют современную файловую систему. так-же не все сетевые диски/shares поддерживают нужные функции.

flames · Nov 14th 2016

Is it your server, or are you a customer with a shared hosting account?

If you are a customer, please contact Your reseller.

flames · Nov 13th 2016

привет,
а как именно монтировал папку?
какая файловая система на диске?

flames · Oct 25th 2016

Quote from Nuxwin

Give me one for debian (test it first) Then, I can code that plugin.

check!

Quote from Nuxwin

I've one netgrear and one Linksys routers and both don't provide such option

are that WRT firmware based router? i will check the default vendor firmware settings and report. i have an asus rt ac66u and a netgear r7000, both have custom dyndns stuff

flames · Oct 25th 2016

not all, just the steps how to get a letsencrypt certificates.
istead of the symlinks you can use the listener (but the listener is just a case study to prove the scenario).
UncleSam's way is to prefer! I posted the listener as answer to UncleSam, so he can try and improve. Else I would have made a separate Thread.

in my personal case UncleSam's way was not update safe, because the symlinks were overridden with new self-signed certs. then i created the listener, to get through i-MSCP updates. I need to add, the overriding might be an issue of my custom i-MSCP configuration.

flames · Oct 25th 2016

Quote from Nuxwin

I cannot develop such plugin by closing my eyes. I'm located in France and as stated above, our boxes don't allow such setup. Of course, I can mimic the FRITZ!Box behavior by developing my own client but that would take much time.

yes, agreed. about the special french situation i was not aware.

just for completeness sake, there are a lot of open source and freeware clients, that allow custom dyndns update urls and variables, for every operating systems. so there is no need for your own one.
in point of view of hardware routers, indeed, only few (Fritz!Box, Sophos, Fortigate, and almost all WRT based routers, like ASUS, Linksys, Netgear) support custom settings.

@mrpink, yea, this one looks good. thanks for the info! but when do they start to limit their service also? i guess, as soon, as it gains popularity and the cost of the freebies service exceeds the budget. like happened to dyn.ee, eisfair.org dyndns service, dyndns.org, noip.com (former noip.hopto.org)

thread can be closed?

flames · Oct 23rd 2016

@Nuxwin, no, this plugin is a DynDNS service. So any customer on an i-MSCP server can have dynamic hosts as subdomain on his own domain.
Since services like dyndns.org and noip.com limited their free accounts, this plugin got very interesting.

flames · Oct 2nd 2016

I try to do a short translate...

the question is, how to proceed at apt-get upgrade or apt-get dist-upgrade, if a new configuration file for a package is available like such dialog:

Display Spoiler

With i-MSCP I do always choose the new configuration file version, and overwrite the original one.
With i-MSCP this is safe, because i-MSCP setup will anyway recreate all needed configs.
Other advantage is, in cases, where a package has indeed big changes in the config file structure/syntax or configuration parameters/values, it might happen, that after installation of this package and leaving the old configuration file, the package might not work or have issues.

In cases with other software (not i-MSCP) You should know or learn how that special software works and proceed the appropriate way. So there is probably no perfect answer except of "create a backup, try, learn"

flames · Sep 26th 2016

You could try this listener and improve

Perl: 90_letsencrypt_services.pl

# i-MSCP Listener::Letsencrypt::Services listener file
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
#
## This listener changes all services to use a custom SSL certificate file (can be
## combined with Letsencrypt plugin, so the certificate file is automatically updated)
#
package Listener::Letsencrypt::Services;
use strict;
use warnings;
use iMSCP::Debug;
use iMSCP::EventManager;
use Servers::mta;
#
## Configuration variables
#
my $certfileServices = '/var/www/imscp/gui/data/certs/'.$main::imscpConfig{'SERVER_HOSTNAME'}.'.pem';
my $certfilePanel = '/var/www/imscp/gui/data/certs/'.$main::imscpConfig{'BASE_SERVER_VHOST'}.'.pem';
#
## Please, don't edit anything below this line unless you known what you're doing
#
my $em = iMSCP::EventManager->getInstance();
if (-f $certfilePanel) {
# Nginx
if ($main::imscpConfig{'FRONTEND_SERVER'} eq 'nginx') {
$em->register(
'afterFrontEndBuildHttpdVhosts',
sub {
my $file = iMSCP::File->new( filename => '/etc/nginx/sites-available/00_master_ssl.conf' );
my $fileContent = $file->get();
unless (defined $fileContent) {
error( sprintf( 'Could not read %s file', '/etc/nginx/sites-available/00_master_ssl.conf' ) );
return 1;
}
$fileContent =~ s/^(\s+ssl_certificate\s+).*/$1$certfilePanel;/m;
$fileContent =~ s/^(\s+ssl_certificate_key\s+).*/$1$certfilePanel;/m;
my $rs = $file->set( $fileContent );
$rs ||= $file->save();
}
);
}
}
if (-f $certfileServices) {
# Postfix
if ($main::imscpConfig{'MTA_SERVER'} eq 'postfix') {
$em->register(
'afterMtaPostinstall', # afterMtaPostinstall because afterMtaBuildConf fired too early
sub {
my $file = iMSCP::File->new( filename => '/etc/postfix/main.cf' );
my $fileContent = $file->get();
unless (defined $fileContent) {
error( sprintf( 'Could not read %s file', '/etc/postfix/main.cf' ) );
return 1;
}
$fileContent =~ s/^(smtpd_tls_cert_file\s+=\s+).*/$1$certfileServices/m;
$fileContent =~ s/^(smtpd_tls_key_file\s+=\s+).*/$1$certfileServices/m;
my $rs = $file->set( $fileContent );
$rs ||= $file->save();
}
);
}
# Dovecot
if ($main::imscpConfig{'PO_SERVER'} eq 'dovecot') {
$em->register(
'afterPoBuildConf',
sub {
my $file = iMSCP::File->new( filename => '/etc/dovecot/dovecot.conf' );
my $fileContent = $file->get();
unless (defined $fileContent) {
error( sprintf( 'Could not read %s file', '/etc/dovecot/dovecot.conf' ) );
return 1;
}
$fileContent =~ s/^(ssl_cert\s+=\s+<).*/$1$certfileServices/m;
$fileContent =~ s/^(ssl_key\s+=\s+<).*/$1$certfileServices/m;
my $rs = $file->set( $fileContent );
$rs ||= $file->save();
}
);
}
# Courier
if ($main::imscpConfig{'PO_SERVER'} eq 'courier') {
$em->register(
'afterPoBuildConf',
sub {
my $file = iMSCP::File->new( filename => '/etc/courier/imapd-ssl' );
my $fileContent = $file->get();
unless (defined $fileContent) {
error( sprintf( 'Could not read %s file', '/etc/courier/imapd-ssl' ) );
return 1;
}
$fileContent =~ s/^(TLS_CERTFILE=).*/$1$certfileServices/m;
my $rs = $file->set( $fileContent );
$rs ||= $file->save();
$file = iMSCP::File->new( filename => '/etc/courier/pop3d-ssl' );
$fileContent = $file->get();
unless (defined $fileContent) {
error( sprintf( 'Could not read %s file', '/etc/courier/pop3d-ssl' ) );
return 1;
}
$fileContent =~ s/^(TLS_CERTFILE=).*/$1$certfileServices/m;
$rs = $file->set( $fileContent );
$rs ||= $file->save();
}
);
}
# Vsftpd
if ($main::imscpConfig{'FTPD_SERVER'} eq 'vsftpd') {
$em->register(
'afterFtpdBuildConf',
sub {
my $file = iMSCP::File->new( filename => '/etc/vsftpd.conf' );
my $fileContent = $file->get();
unless (defined $fileContent) {
error( sprintf( 'Could not read %s file', '/etc/vsftpd.conf' ) );
return 1;
}
$fileContent =~ s/^(rsa_cert_file=).*/$1$certfileServices/m;
$fileContent =~ s/^(rsa_private_key_file=).*/$1$certfileServices/m;
my $rs = $file->set( $fileContent );
$rs ||= $file->save();
}
);
}
# Proftpd
if ($main::imscpConfig{'FTPD_SERVER'} eq 'proftpd') {
$em->register(
'afterFtpdPostInstall', # afterFtpdPostInstall because afterFtpdBuildConf fired too early
sub {
my $file = iMSCP::File->new( filename => '/etc/proftpd/proftpd.conf' );
my $fileContent = $file->get();
unless (defined $fileContent) {
error( sprintf( 'Could not read %s file', '/etc/proftpd/proftpd.conf' ) );
return 1;
}
$fileContent =~ s/^(\s+TLSRSACertificateFile\s+).*/$1$certfileServices/m;
$fileContent =~ s/^(\s+TLSRSACertificateKeyFile\s+).*/$1$certfileServices/m;
my $rs = $file->set( $fileContent );
$rs ||= $file->save();
}
);
}
}
1;
__END__

Display More

flames · Sep 24th 2016

yes. the behaviour is right, spamassassin sets the spam score on incoming smtp, not on internal traffic (local delivery, outgoing smtp traffic). so the spam score of your catchall delivery is set on incoming smtp traffic to the original recipient, while on forwarding it is not changed anymore.
indeed, you can set spamassassin to do also local and outgoing traffic filtering, but this is outside of the current plugin spectrum.

Posts by flames

Не удаляются поддомены, домены Device or resource busy

deleting an email account

Не удаляются поддомены, домены Device or resource busy

OwnDDNS

HowTo (Obsolete) use LetsEncrypt for the i-MSCP control panel and services

OwnDDNS

OwnDDNS

I-MSCP, Plugins und OS-Updates, die Änderungen an Konfigurationsdateien anbieten

HowTo (Obsolete) use LetsEncrypt for the i-MSCP control panel and services

spam scrore for forwarding address