Development

Navigation

← Previous Changeset
Next Changeset →

Changeset 1047

Timestamp:

03/12/08 11:16:28 (6 months ago)

Author:

rats

Message:

Updated Configs: to latest program versions

Files:

trunk/CHANGELOG (modified) (1 diff)
trunk/configs/apache/00_master.conf (modified) (1 diff)
trunk/configs/apache/01_awstats.conf (modified) (1 diff)
trunk/configs/apache/fastcgi.conf (modified) (1 diff)
trunk/configs/apache/fastcgi2.conf (modified) (1 diff)
trunk/configs/postfix/main.cf (modified) (3 diffs)
trunk/configs/postfix/master.cf (modified) (6 diffs)
trunk/configs/proftpd/proftpd.conf (modified) (3 diffs)
trunk/configs/proftpd/proftpd1.3.conf (modified) (3 diffs)
trunk/docs/FreeBSD/INSTALL (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/CHANGELOG

r1046	r1047
1	1	ispCP ω 1.0.0 Changelog
2	2	~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	3
	4	2008-03-12 Benedikt Heintel
	5	- CONFIGS:
	6	* Updated: to latest program versions
3	7
4	8	2008-03-12 Jochen Manz

trunk/configs/apache/00_master.conf

r1025	r1047
1
	1	#
	2	# ispCP ω (OMEGA) a Virtual Hosting Control System
	3	#
	4	# @copyright 2001-2006 by moleSoftware GmbH
	5	# @copyright 2006-2008 by ispCP \| http://isp-control.net
	6	# @version SVN: $ID$
	7	# @link http://isp-control.net
	8	# @author ispCP Team
	9	#
	10	# @license
	11	# This program is free software; you can redistribute it and/or modify it under
	12	# the terms of the MPL General Public License as published by the Free Software
	13	# Foundation; either version 1.1 of the License, or (at your option) any later
	14	# version.
	15	# You should have received a copy of the MPL Mozilla Public License along with
	16	# this program; if not, write to the Open Source Initiative (OSI)
	17	# http://opensource.org \| osi@opensource.org
	18	#
	19	################################################################################
2	20	#
3	21	# Master Begin

trunk/configs/apache/01_awstats.conf

r869	r1047
1
	1	#
	2	# ispCP ω (OMEGA) a Virtual Hosting Control System
	3	#
	4	# @copyright 2006-2008 by ispCP \| http://isp-control.net
	5	# @version SVN: $ID$
	6	# @link http://isp-control.net
	7	# @author ispCP Team
	8	#
	9	# @license
	10	# This program is free software; you can redistribute it and/or modify it under
	11	# the terms of the MPL General Public License as published by the Free Software
	12	# Foundation; either version 1.1 of the License, or (at your option) any later
	13	# version.
	14	# You should have received a copy of the MPL Mozilla Public License along with
	15	# this program; if not, write to the Open Source Initiative (OSI)
	16	# http://opensource.org \| osi@opensource.org
	17	#
	18	################################################################################
2	19	#
3	20	# AWStats Begin

trunk/configs/apache/fastcgi.conf

r981	r1047
1		~~# ISPCP ω (OMEGA) a Virtual Hosting Control System~~
2		~~# Copyright (c) 2006-2007 by ispCP \| http://isp-control.net~~
3	1	#
	2	# ispCP ω (OMEGA) a Virtual Hosting Control System
4	3	#
5		# License:
6		# This program is free software; you can redistribute it and/or
7		# modify it under the terms of the GPL General Public License
8		# as published by the Free Software Foundation; either version 2.0
9		# of the License, or (at your option) any later version.
	4	# @copyright 2006-2008 by ispCP \| http://isp-control.net
	5	# @version SVN: $ID$
	6	# @link http://isp-control.net
	7	# @author ispCP Team
10	8	#
11		# This program is distributed in the hope that it will be useful,
12		# but WITHOUT ANY WARRANTY; without even the implied warranty of
13		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14		# GPL General Public License for more details.
	9	# @license
	10	# This program is free software; you can redistribute it and/or modify it under
	11	# the terms of the MPL General Public License as published by the Free Software
	12	# Foundation; either version 1.1 of the License, or (at your option) any later
	13	# version.
	14	# You should have received a copy of the MPL Mozilla Public License along with
	15	# this program; if not, write to the Open Source Initiative (OSI)
	16	# http://opensource.org \| osi@opensource.org
15	17	#
16		# You may have received a copy of the GPL General Public License
17		# along with this program.
18		#
19		# An on-line copy of the GPL General Public License can be found
20		# http://www.fsf.org/licensing/licenses/gpl.txt
21		#
22		########################################################################
23		#
24		# @TODO :
25		# - Finish config Fastcgi
	18	################################################################################
26	19
27	20	<IfModule mod_fastcgi.c>

trunk/configs/apache/fastcgi2.conf

r984	r1047
1		~~# ISPCP ω (OMEGA) a Virtual Hosting Control System~~
2		~~# Copyright (c) 2006-2007 by ispCP \| http://isp-control.net~~
3	1	#
	2	# ispCP ω (OMEGA) a Virtual Hosting Control System
4	3	#
5		# License:
6		# This program is free software; you can redistribute it and/or
7		# modify it under the terms of the GPL General Public License
8		# as published by the Free Software Foundation; either version 2.0
9		# of the License, or (at your option) any later version.
	4	# @copyright 2006-2008 by ispCP \| http://isp-control.net
	5	# @version SVN: $ID$
	6	# @link http://isp-control.net
	7	# @author ispCP Team
10	8	#
11		# This program is distributed in the hope that it will be useful,
12		# but WITHOUT ANY WARRANTY; without even the implied warranty of
13		# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14		# GPL General Public License for more details.
	9	# @license
	10	# This program is free software; you can redistribute it and/or modify it under
	11	# the terms of the MPL General Public License as published by the Free Software
	12	# Foundation; either version 1.1 of the License, or (at your option) any later
	13	# version.
	14	# You should have received a copy of the MPL Mozilla Public License along with
	15	# this program; if not, write to the Open Source Initiative (OSI)
	16	# http://opensource.org \| osi@opensource.org
15	17	#
16		# You may have received a copy of the GPL General Public License
17		# along with this program.
18		#
19		# An on-line copy of the GPL General Public License can be found
20		# http://www.fsf.org/licensing/licenses/gpl.txt
21		#
22		########################################################################
23		#
24		# @TODO :
25		# - Finish config Fastcgi
	18	################################################################################
26	19
27	20	<IfModule mod_fastcgi.c>

trunk/configs/postfix/main.cf

r1012	r1047
	1	#
	2	# ispCP ω (OMEGA) a Virtual Hosting Control System
	3	#
	4	# @copyright 2001-2006 by moleSoftware GmbH
	5	# @copyright 2006-2008 by ispCP \| http://isp-control.net
	6	# @version SVN: $ID$
	7	# @link http://isp-control.net
	8	# @author ispCP Team
	9	#
	10	# @license
	11	# This program is free software; you can redistribute it and/or modify it under
	12	# the terms of the MPL General Public License as published by the Free Software
	13	# Foundation; either version 1.1 of the License, or (at your option) any later
	14	# version.
	15	# You should have received a copy of the MPL Mozilla Public License along with
	16	# this program; if not, write to the Open Source Initiative (OSI)
	17	# http://opensource.org \| osi@opensource.org
	18	#
	19	################################################################################
1	20
2		#
3		# Postfix MTA Manager Main Configuration File;
4		#
5		# Please do NOT edit this file manually;
6		#
	21	# Postfix directory settings; These are critical for normal Postfix MTA functionallity
	22	command_directory = /usr/sbin
	23	daemon_directory = /usr/lib/postfix
	24	program_directory = /usr/lib/postfix
7	25
8		#
9		# Postfix directory settings; These are critical for normal Postfix MTA functionallity;
10		#
	26	# Some common configuration parameters
	27	inet_interfaces = all
	28	mynetworks_style = host
11	29
12		command_directory = /usr/sbin
13		daemon_directory = /usr/lib/postfix
14		program_directory = /usr/lib/postfix
	30	myhostname = {MTA_HOSTNAME}
	31	mydomain = {MTA_LOCAL_DOMAIN}
	32	myorigin = $myhostname
15	33
16		#
17		# Some common configuration parameters;
18		#
	34	smtpd_banner = $myhostname ESMTP ispCP {MTA_VERSION} Managed
	35	setgid_group = postdrop
19	36
20		inet_interfaces = all
21		mynetworks_style = host
	37	# Receiving messages parameters
	38	mydestination = $myhostname, $mydomain
	39	append_dot_mydomain = no
	40	append_at_myorigin = yes
	41	local_transport = local
	42	virtual_transport = virtual
	43	transport_maps = hash:{MTA_TRANSPORT_HASH}
	44	alias_maps = hash:{MTA_LOCAL_ALIAS_HASH}
	45	alias_database = hash:{MTA_LOCAL_ALIAS_HASH}
22	46
23		myhostname = {MTA_HOSTNAME}
24		mydomain = {MTA_LOCAL_DOMAIN}
25		myorigin = $myhostname
26
27		smtpd_banner = $myhostname ESMTP ispCP {MTA_VERSION} Managed
28		setgid_group = postdrop
29
30		#
31		# Receiving messages parameters;
32		#
33
34		mydestination = $myhostname, $mydomain
35		append_dot_mydomain = no
36		append_at_myorigin = yes
37		local_transport = local
38		virtual_transport = virtual
39		transport_maps = hash:{MTA_TRANSPORT_HASH}
40		alias_maps = hash:{MTA_LOCAL_ALIAS_HASH}
41
42		#
43		# Delivering local messages parameters;
44		#
45
46		mail_spool_directory = {MTA_LOCAL_MAIL_DIR}
	47	# Delivering local messages parameters
	48	mail_spool_directory = {MTA_LOCAL_MAIL_DIR}
47	49
48	50	# Mailboxquota
49	51	# => 0 for unlimited
50	52	# => 104857600 for 100 MB
51		mailbox_size_limit = 0
52		mailbox_command = procmail -a "$EXTENSION"
	53	mailbox_size_limit = 0
	54	mailbox_command = procmail -a "$EXTENSION"
53	55
54		biff = no
55
56		alias_database = hash:{MTA_LOCAL_ALIAS_HASH}
	56	biff = no
	57	recipient_delimiter = +
57	58
58	59	local_destination_recipient_limit = 1
59		local_recipient_maps = unix:passwd.byname $alias_database
	60	local_recipient_maps = unix:passwd.byname $alias_database
60	61
61		#
62		# ISPCP Autoresponder parameters;
63		#
64
	62	# ispCP Autoresponder parameters
65	63	ispcp-arpl_destination_recipient_limit = 1
66	64
67		#
68		# Delivering virtual messages parameters;
69		#
	65	# Delivering virtual messages parameters
	66	virtual_mailbox_base = {MTA_VIRTUAL_MAIL_DIR}
	67	virtual_mailbox_limit = 0
70	68
71		virtual_mailbox_~~base = {MTA_VIRTUAL_MAIL_DIR~~}
72		virtual_mailbox_~~limit = 0~~
	69	virtual_mailbox_domains = hash:{MTA_VIRTUAL_DMN_HASH}
	70	virtual_mailbox_maps = hash:{MTA_VIRTUAL_MAILBOX_HASH}
73	71
74		virtual_mailbox_domains = hash:{MTA_VIRTUAL_DMN_HASH}
75		virtual_mailbox_maps = hash:{MTA_VIRTUAL_MAILBOX_HASH}
	72	virtual_alias_maps = hash:{MTA_VIRTUAL_ALIAS_HASH}
76	73
77		virtual_alias_maps = hash:{MTA_VIRTUAL_ALIAS_HASH}
	74	virtual_minimum_uid = {MTA_MAILBOX_MIN_UID}
	75	virtual_uid_maps = static:{MTA_MAILBOX_UID}
	76	virtual_gid_maps = static:{MTA_MAILBOX_GID}
78	77
79		virtual_minimum_uid = {MTA_MAILBOX_MIN_UID}
80		virtual_uid_maps = static:{MTA_MAILBOX_UID}
81		virtual_gid_maps = static:{MTA_MAILBOX_GID}
82
83		#
84		# SASL paramters;
85		#
86
	78	# SASL paramters
87	79	smtpd_sasl_auth_enable = yes
88	80	smtpd_sasl2_auth_enable = yes
…	…
91	83	broken_sasl_auth_clients = yes
92	84
93		smtpd_helo_required = yes
	85	smtpd_helo_required = yes
94	86
95	87	smtpd_helo_restrictions = permit_mynetworks,
…	…
116	108	reject_unauth_pipelining
117	109
	110	# TLS parameters; activate, if avaible/used
	111	#smtpd_use_tls = yes
	112	#smtpd_tls_loglevel = 2
	113	#smtpd_tls_cert_file = /etc/postfix/cert.pem
	114	#smtpd_tls_key_file = /etc/postfix/privkey.pem
	115	#smtpd_tls_auth_only = no
	116	#smtpd_tls_received_header = yes
118	117
119		#
120		# TLS parameters; activate, if avaible/used
121		#
	118	# AMaViS parameters; activate, if available/used
	119	#content_filter = amavis:[127.0.0.1]:10024
122	120
123		~~#smtpd_tls_loglevel = 2~~
124		~~#smtpd_tls_cert_file = /etc/postfix/cert.pem~~
125		~~#smtpd_tls_key_file = /etc/postfix/privkey.pem~~
126		~~#smtpd_use_tls = yes~~
127		~~#smtpd_tls_auth_only = no~~
128		~~#smtpd_tls_received_header = yes~~
129
130
131		#
132		~~# AMaViS parameters; activate, if available/used~~
133		#
134
135		~~#content_filter = amavis:[127.0.0.1]:10024~~
136
137		#
138	121	# Quota support; activate, if available/used
139		#
140
141	122	#virtual_create_maildirsize = yes
142	123	#virtual_mailbox_extended = yes

trunk/configs/postfix/master.cf

r897	r1047
18	18	# For AOL-Accounts
19	19	587 inet n - - - - smtpd
20		-o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
	20	-o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination
21	21	#628 inet n - - - - qmqpd
22	22	pickup fifo n - - 60 1 pickup
23	23	cleanup unix n - - - 0 cleanup
24		qmgr fifo n - - 300 1 qmgr
	24	qmgr fifo n - n 300 1 qmgr
25	25	#qmgr fifo n - - 300 1 oqmgr
26	26	tlsmgr unix - - - 1000? 1 tlsmgr
…	…
36	36	relay unix - - - - - smtp
37	37	-o fallback_relay=
38		# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
	38	# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
39	39	showq unix n - - - - showq
40	40	error unix - - - - - error
…	…
44	44	lmtp unix - - - - - lmtp
45	45	anvil unix - - - - 1 anvil
46		scache ~~unix - - - - 1~~ scache
	46	scache unix - - - - 1 scache
47	47	# ====================================================================
48		# ISPCP ω OMEGA configuration
	48	# ispCP ω (OMEGA) a Virtual Hosting Control System
	49	#
	50	# @copyright 2001-2006 by moleSoftware GmbH
	51	# @copyright 2006-2008 by ispCP \| http://isp-control.net
	52	# @version SVN: $ID$
	53	# @link http://isp-control.net
	54	# @author ispCP Team
49	55	# ====================================================================
50	56	# AMaViS => Antivir / Antispam
…	…
67	73	-o strict_rfc821_envelopes=yes
68	74
69		# ~~ISP~~CP autoresponder
	75	# ispCP autoresponder
70	76	ispcp-arpl unix - n n - - pipe
71	77	flags=O user=vmail argv=/var/www/ispcp/engine/messager/ispcp-arpl-msgr
…	…
90	96	#
91	97	maildrop unix - n n - - pipe
92		flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
93		#
94		# The Cyrus deliver program has changed incompatibly, multiple times.
95		#
96		old-cyrus unix - n n - - pipe
97		flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
98		# Cyrus 2.1.5 (Amos Gouaux)
99		# Also specify in main.cf: cyrus_destination_recipient_limit=1
100		cyrus unix - n n - - pipe
101		user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
	98	flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
102	99	#
103	100	# See the Postfix UUCP_README file for configuration details.
…	…
111	108	flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
112	109	bsmtp unix - n n - - pipe
113		flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
	110	flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
	111	scalemail-backend unix - n n - 2 pipe
	112	flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
	113	mailman unix - n n - - pipe
	114	flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
	115	${nexthop} ${user}

trunk/configs/proftpd/proftpd.conf

r646	r1047
1	1	#
2		# ispCP OMEGA ProFTPd config file
3		#
4		#
5		#
6		# Includes required DSO modules. This is mandatory in proftpd 1.3
7		#
	2	# ispCP ω (OMEGA) a Virtual Hosting Control System
	3	#
	4	# @copyright 2001-2006 by moleSoftware GmbH
	5	# @copyright 2006-2008 by ispCP \| http://isp-control.net
	6	# @version SVN: $ID$
	7	# @link http://isp-control.net
	8	# @author ispCP Team
	9	#
	10	# @license
	11	# This program is free software; you can redistribute it and/or modify it under
	12	# the terms of the MPL General Public License as published by the Free Software
	13	# Foundation; either version 1.1 of the License, or (at your option) any later
	14	# version.
	15	# You should have received a copy of the MPL Mozilla Public License along with
	16	# this program; if not, write to the Open Source Initiative (OSI)
	17	# http://opensource.org \| osi@opensource.org
	18	#
	19	################################################################################
	20	# Includes DSO modules (this is mandatory in proftpd 1.3)
8	21	#Include /etc/proftpd/modules.conf
9	22
10		ServerName "{HOST_NAME}"
11		ServerType standalone
12		DeferWelcome off
13
14		ShowSymlinks on
15		MultilineRFC2228 on
16		DefaultServer on
17		ShowSymlinks on
18		AllowOverwrite on
19		UseReverseDNS off
20		IdentLookups off
21		AllowStoreRestart on
22		AllowForeignAddress on
23
24		LogFormat traff "%b %u"
25
26		TimeoutNoTransfer 600
27		TimeoutStalled 600
28		TimeoutIdle 1200
29
30		DisplayLogin welcome.msg
31		DisplayFirstChdir message
32
33		#LsDefaultOptions "-l"
34
35		DenyFilter \./
36
37		DefaultRoot ~
	23	# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
	24	UseIPv6 off
	25
	26	ServerName "{HOST_NAME}"
	27	ServerType standalone
	28	DeferWelcome off
	29
	30	MultilineRFC2228 on
	31	DefaultServer on
	32	ShowSymlinks on
	33
	34	AllowOverwrite on
	35	UseReverseDNS off
	36	IdentLookups off
	37	AllowStoreRestart on
	38	AllowForeignAddress on
	39
	40	LogFormat traff "%b %u"
	41
	42	TimeoutLogin 120
	43	TimeoutNoTransfer 600
	44	TimeoutStalled 600
	45	TimeoutIdle 1200
	46
	47	DisplayLogin welcome.msg
	48	DisplayFirstChdir message
	49
	50	ListOptions "-l"
	51	#LsDefaultOptions "-l"
	52
	53	DenyFilter \./
	54
	55	DefaultRoot ~
38	56
39	57	# Uncomment this if you are using NIS or LDAP to retrieve passwords:
40		#~~PersistentPasswd~~ off
	58	# PersistentPasswd off
41	59
42	60	# Port 21 is the standard FTP port.
43
44		Port 21
	61	Port 21
	62
	63	# In some cases you have to specify passive ports range to by-pass
	64	# firewall limitations. Ephemeral ports can be used for that, but
	65	# feel free to use a more narrow range.
	66	#PassivePorts 49152 65534
45	67
46	68	# To prevent DoS attacks, set the maximum number of child processes
…	…
50	72	# that allows you to limit maximum number of processes per service
51	73	# (such as xinetd)
52
53		MaxInstances 30
	74	MaxInstances 30
54	75
55	76	# Set the user and group that the server normally runs at.
56
57		User nobody
58		Group nogroup
	77	User nobody
	78	Group nogroup
59	79
60	80	# Normally, we want files to be overwriteable.
…	…
63	83	# Umask 022 is a good standard umask to prevent new files and dirs
64	84	# (second parm) from being group and world writable.
65		Umask 022 022
66
67		AllowOverwrite on
68		HideNoAccess on
69
	85	Umask 022 022
	86	# Normally, we want files to be overwriteable.
	87	AllowOverwrite on
	88	HideNoAccess on
70	89	</Directory>
71	90
72	91	<Limit ALL>
73		IgnoreHidden on
	92	IgnoreHidden on
74	93	</Limit>
75	94
	95	# Be warned: use of this directive impacts CPU average load!
	96	#
	97	# Uncomment this if you like to see progress and transfer rate with ftpwho
	98	# in downloads. That is not needed for uploads rates.
	99	# UseSendFile off
	100
76	101	<Global>
77		RootLogin off
78		TransferLog /var/log/proftpd/xferlog
79		ExtendedLog /var/log/proftpd/ftp_traff.log read,write traff
80		PathDenyFilter "\.quota$"
	102	RootLogin off
	103	TransferLog /var/log/proftpd/xferlog
	104	ExtendedLog /var/log/proftpd/ftp_traff.log read,write traff
	105	PathDenyFilter "\.quota$"
81	106	</Global>
82	107
	108	#
	109	# SSL via TLS
	110	#
	111	<IfModule mod_tls.c>
	112	TLSEngine off # on for use of TLS
	113	TLSLog /var/log/proftpd/ftp_ssl.log # where to log to
	114	TLSProtocol SSLv23 # SSLv23 or TLSv1
	115	TLSOptions NoCertRequest # either to request the certificate or not
	116	TLSRSACertificateFile /etc/proftpd/ssl.crt # SSL certfile
	117	TLSRSACertificateKeyFile /etc/proftpd/ssl.key # SSL keyfile
	118	TLSVerifyClient off # client verification
	119	</IfModule>
	120
	121	#
	122	# ISPCP Quota management;
	123	#
	124	<IfModule mod_quota.c>
	125	QuotaEngine on
	126	QuotaShowQuotas on
	127	QuotaDisplayUnits Mb
	128
	129	SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
	130	SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
	131	SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies
	132	SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies
	133
	134	QuotaLock /var/run/proftpd/tally.lock
	135	QuotaLimitTable sql:/get-quota-limit
	136	QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
	137	</IfModule>
	138
	139	<IfModule mod_ratio.c>
	140	Ratios on
	141	</IfModule>
	142
	143	# Delay engine reduces impact of the so-called Timing Attack described in
	144	# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
	145	# It is on by default.
83	146	<IfModule mod_delay.c>
84		DelayEngine off
85		</IfModule>
86
87		#
88		# ISPCP Managment;
89		#
90		#SQLBackend mysql # enable for proFTPd >= 1.3
91		SQLAuthTypes Crypt
92		SQLAuthenticate on
93		SQLConnectInfo {DATABASE_NAME}@{DATABASE_HOST} {DATABASE_USER} {DATABASE_PASS}
94		SQLUserInfo ftp_users userid passwd uid gid homedir shell
95		SQLGroupInfo ftp_group groupname gid members
96		SQLMinID 2000
97
98		#
99		# ISPCP Quota management;
100		#
101
102		QuotaEngine on
103		QuotaShowQuotas on
104		QuotaDisplayUnits Mb
105
106		SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
107		SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
108		SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies
109		SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies
110
111		QuotaLock /var/run/proftpd/tally.lock
112		QuotaLimitTable sql:/get-quota-limit
113		QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
114
115		#
116		# SSL via TLS
117		#
118		#<IfModule mod_tls.c>
119		# TLSEngine off # on for use of TLS
120		# TLSLog /var/log/proftpd/ftp_ssl.log # where to log to
121		# TLSProtocol SSLv23 # SSLv23 or TLSv1
122		# TLSOptions NoCertRequest # either to request the certificate or not
123		# TLSRSACertificateFile /etc/proftpd/ssl.crt # SSL certfile
124		# TLSRSACertificateKeyFile /etc/proftpd/ssl.key # SSL keyfile
125		# TLSVerifyClient off # client verification
126		#</IfModule>
	147	DelayEngine on
	148	</IfModule>
	149
	150	<IfModule mod_ctrls.c>
	151	ControlsEngine on
	152	ControlsMaxClients 2
	153	ControlsLog /var/log/proftpd/controls.log
	154	ControlsInterval 5
	155	ControlsSocket /var/run/proftpd/proftpd.sock
	156	</IfModule>
	157
	158	<IfModule mod_ctrls_admin.c>
	159	AdminControlsEngine on
	160	</IfModule>
	161
	162	# ispCP SQL Managment
	163	# Activate for proftpd >= 1.3
	164	#SQLBackend mysql
	165	SQLAuthTypes Crypt
	166	SQLAuthenticate on
	167	SQLConnectInfo {DATABASE_NAME}@{DATABASE_HOST} {DATABASE_USER} {DATABASE_PASS}
	168	SQLUserInfo ftp_users userid passwd uid gid homedir shell
	169	SQLGroupInfo ftp_group groupname gid members
	170	SQLMinID 2000
	171
	172	# A basic anonymous configuration, no upload directories.
	173
	174	# <Anonymous ~ftp>
	175	# User ftp
	176	# Group nogroup
	177	# # We want clients to be able to login with "anonymous" as well as "ftp"
	178	# UserAlias anonymous ftp
	179	# # Cosmetic changes, all files belongs to ftp user
	180	# DirFakeUser on ftp
	181	# DirFakeGroup on ftp
	182	#
	183	# RequireValidShell off
	184	#
	185	# # Limit the maximum number of anonymous logins
	186	# MaxClients 10
	187	#
	188	# # We want 'welcome.msg' displayed at login, and '.message' displayed
	189	# # in each newly chdired directory.
	190	# DisplayLogin welcome.msg
	191	# DisplayFirstChdir .message
	192	#
	193	# # Limit WRITE everywhere in the anonymous chroot
	194	# <Directory *>
	195	# <Limit WRITE>
	196	# DenyAll
	197	# </Limit>
	198	# </Directory>
	199	#
	200	# # Uncomment this if you're brave.
	201	# # <Directory incoming>
	202	# # # Umask 022 is a good standard umask to prevent new files and dirs
	203	# # # (second parm) from being group and world writable.
	204	# # Umask 022 022
	205	# # <Limit READ WRITE>
	206	# # DenyAll
	207	# # </Limit>
	208	# # <Limit STOR>
	209	# # AllowAll
	210	# # </Limit>
	211	# # </Directory>
	212	#
	213	# </Anonymous>

trunk/configs/proftpd/proftpd1.3.conf

r1014	r1047
1	1	#
2		# ispCP OMEGA ProFTPd config file
3		#
4		#
5		#
6		# Includes required DSO modules. This is mandatory in proftpd 1.3
7		#
	2	# ispCP ω (OMEGA) a Virtual Hosting Control System
	3	#
	4	# @copyright 2001-2006 by moleSoftware GmbH
	5	# @copyright 2006-2008 by ispCP \| http://isp-control.net
	6	# @version SVN: $ID$
	7	# @link http://isp-control.net
	8	# @author ispCP Team
	9	#
	10	# @license
	11	# This program is free software; you can redistribute it and/or modify it under
	12	# the terms of the MPL General Public License as published by the Free Software
	13	# Foundation; either version 1.1 of the License, or (at your option) any later
	14	# version.
	15	# You should have received a copy of the MPL Mozilla Public License along with
	16	# this program; if not, write to the Open Source Initiative (OSI)
	17	# http://opensource.org \| osi@opensource.org
	18	#
	19	################################################################################
	20	# Includes DSO modules (this is mandatory in proftpd 1.3)
8	21	Include /etc/proftpd/modules.conf
9	22
10		ServerName "{HOST_NAME}"
11		ServerType standalone
12		DeferWelcome off
13
14		ShowSymlinks on
15		MultilineRFC2228 on
16		DefaultServer on
17		ShowSymlinks on
18		AllowOverwrite on
19		UseReverseDNS off
20		IdentLookups off
21		AllowStoreRestart on
22		AllowForeignAddress on
23
24		LogFormat traff "%b %u"
25
26		TimeoutNoTransfer 600
27		TimeoutStalled 600
28		TimeoutIdle 1200
29
30		DisplayLogin welcome.msg
31		# Deactivate 'DisplayFirstChdir' and activate 'DisplayChdir' if you
32		# get any warnigns about it.
33		DisplayFirstChdir message
34		#DisplayChdir message
35
36		#LsDefaultOptions "-l"
37
38		DenyFilter \./
39
40		DefaultRoot ~
	23	# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
	24	UseIPv6 off
	25
	26	ServerName "{HOST_NAME}"
	27	ServerType standalone
	28	DeferWelcome off
	29
	30	MultilineRFC2228 on
	31	DefaultServer on
	32	ShowSymlinks on
	33
	34	AllowOverwrite on
	35	UseReverseDNS off
	36	IdentLookups off
	37	AllowStoreRestart on
	38	AllowForeignAddress on
	39
	40	LogFormat traff "%b %u"
	41
	42	TimeoutLogin 120
	43	TimeoutNoTransfer 600
	44	TimeoutStalled 600
	45	TimeoutIdle 1200
	46
	47	DisplayLogin welcome.msg
	48	DisplayFirstChdir message
	49
	50	ListOptions "-l"
	51	#LsDefaultOptions "-l"
	52
	53	DenyFilter \./
	54
	55	DefaultRoot ~
41	56
42	57	# Uncomment this if you are using NIS or LDAP to retrieve passwords:
43		#~~PersistentPasswd~~ off
	58	# PersistentPasswd off
44	59
45	60	# Port 21 is the standard FTP port.
46
47		Port 21
	61	Port 21
	62
	63	# In some cases you have to specify passive ports range to by-pass
	64	# firewall limitations. Ephemeral ports can be used for that, but
	65	# feel free to use a more narrow range.
	66	#PassivePorts 49152 65534
48	67
49	68	# To prevent DoS attacks, set the maximum number of child processes
…	…
53	72	# that allows you to limit maximum number of processes per service
54	73	# (such as xinetd)
55
56		MaxInstances 30
	74	MaxInstances 30
57	75
58	76	# Set the user and group that the server normally runs at.
59
60		User nobody
61		Group nogroup
	77	User nobody
	78	Group nogroup
62	79
63	80	# Normally, we want files to be overwriteable.
…	…
66	83	# Umask 022 is a good standard umask to prevent new files and dirs
67	84	# (second parm) from being group and world writable.
68		Umask 022 022
69
70		AllowOverwrite on
71		HideNoAccess on
72
	85	Umask 022 022
	86	# Normally, we want files to be overwriteable.
	87	AllowOverwrite on
	88	HideNoAccess on
73	89	</Directory>
74	90
75	91	<Limit ALL>
76		IgnoreHidden on
	92	IgnoreHidden on
77	93	</Limit>
78	94
	95	# Be warned: use of this directive impacts CPU average load!
	96	#
	97	# Uncomment this if you like to see progress and transfer rate with ftpwho
	98	# in downloads. That is not needed for uploads rates.
	99	# UseSendFile off
	100
79	101	<Global>
80		RootLogin off
81		TransferLog /var/log/proftpd/xferlog
82		ExtendedLog /var/log/proftpd/ftp_traff.log read,write traff
83		PathDenyFilter "\.quota$"
	102	RootLogin off
	103	TransferLog /var/log/proftpd/xferlog
	104	ExtendedLog /var/log/proftpd/ftp_traff.log read,write traff
	105	PathDenyFilter "\.quota$"
84	106	</Global>
85	107
	108	#
	109	# SSL via TLS
	110	#
	111	<IfModule mod_tls.c>
	112	TLSEngine off # on for use of TLS
	113	TLSLog /var/log/proftpd/ftp_ssl.log # where to log to
	114	TLSProtocol SSLv23 # SSLv23 or TLSv1
	115	TLSOptions NoCertRequest # either to request the certificate or not
	116	TLSRSACertificateFile /etc/proftpd/ssl.crt # SSL certfile
	117	TLSRSACertificateKeyFile /etc/proftpd/ssl.key # SSL keyfile
	118	TLSVerifyClient off # client verification
	119	</IfModule>
	120
	121	#
	122	# ISPCP Quota management;
	123	#
	124	<IfModule mod_quota.c>
	125	QuotaEngine on
	126	QuotaShowQuotas on
	127	QuotaDisplayUnits Mb
	128
	129	SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM quotalimits WHERE name = '%{0}' AND quota_type = '%{1}'"
	130	SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
	131	SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" quotatallies
	132	SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" quotatallies
	133
	134	QuotaLock /var/run/proftpd/tally.lock
	135	QuotaLimitTable sql:/get-quota-limit
	136	QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
	137	</IfModule>
	138
	139	<IfModule mod_ratio.c>
	140	Ratios &n