webalizer install and configs
This commit is contained in:
parent
a7e8387f77
commit
461ce697b3
|
@ -79,6 +79,16 @@
|
||||||
</FilesMatch>
|
</FilesMatch>
|
||||||
SSLEngine on
|
SSLEngine on
|
||||||
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
|
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
|
||||||
|
Alias /stats /srv/www/$vhost/stats
|
||||||
|
AddExternalAuth pwauth /usr/sbin/pwauth
|
||||||
|
SetExternalAuthMethod pwauth pipe
|
||||||
|
<Location /stats>
|
||||||
|
AuthType Basic
|
||||||
|
AuthName "Usage Statistics for $vhost"
|
||||||
|
AuthBasicProvider external
|
||||||
|
AuthExternal pwauth
|
||||||
|
Require user $username
|
||||||
|
</Location>
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
</Macro>
|
</Macro>
|
||||||
|
|
||||||
|
|
26
etc/cron.daily/webalizer
Executable file
26
etc/cron.daily/webalizer
Executable file
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# purge dns cache records older than 7 days
|
||||||
|
if [[ -f /var/lib/webalizer_dns_cache.db ]]; then
|
||||||
|
/usr/bin/wcmgr -p7 /var/lib/webalizer_dns_cache.db
|
||||||
|
fi
|
||||||
|
|
||||||
|
# set virtualhosts array
|
||||||
|
virtualhosts=(`ls -1 /srv/www|grep -v ^html$`)
|
||||||
|
|
||||||
|
# only proceed if there are one or more virtualhosts
|
||||||
|
if [ ${#virtualhosts[@]} -gt 0 ]; then
|
||||||
|
for virtualhost in "${virtualhosts[@]}"
|
||||||
|
do
|
||||||
|
if [[ -f /var/spool/apache2/$virtualhost.log ]]; then
|
||||||
|
user=$(stat -c '%U' /srv/www/$virtualhost)
|
||||||
|
if [[ ! -d /srv/www/$virtualhost/stats ]]; then
|
||||||
|
install --owner=$user --group=$user --mode=755 --directory /srv/www/$virtualhost/stats
|
||||||
|
fi
|
||||||
|
/usr/bin/webazolver -Q -N 20 -D /var/lib/webalizer_dns_cache.db -o /srv/www/$virtualhost/stats /var/spool/apache2/$virtualhost.log
|
||||||
|
/usr/bin/logger Running Webalizer for $virtualhost as user $user
|
||||||
|
su --shell=/bin/bash -c "/usr/bin/webalizer -Q -D /var/lib/webalizer_dns_cache.db -N 0 -p -f -n $virtualhost -o /srv/www/$virtualhost/stats /var/spool/apache2/$virtualhost.log" $user
|
||||||
|
/usr/bin/rm /var/spool/apache2/$virtualhost.log
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
fi
|
23
etc/logrotate.d/apache2
Normal file
23
etc/logrotate.d/apache2
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
/var/log/apache2/*.log {
|
||||||
|
daily
|
||||||
|
missingok
|
||||||
|
rotate 8
|
||||||
|
compress
|
||||||
|
delaycompress
|
||||||
|
ifempty
|
||||||
|
create 640 root adm
|
||||||
|
sharedscripts
|
||||||
|
postrotate
|
||||||
|
if invoke-rc.d apache2 status > /dev/null 2>&1; then \
|
||||||
|
invoke-rc.d apache2 reload > /dev/null 2>&1; \
|
||||||
|
fi;
|
||||||
|
if [ -f /var/log/apache2/access.log.1 ]; then
|
||||||
|
/usr/local/sbin/split-apache-logfile.pl < /var/log/apache2/access.log.1
|
||||||
|
fi
|
||||||
|
endscript
|
||||||
|
prerotate
|
||||||
|
if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
|
||||||
|
run-parts /etc/logrotate.d/httpd-prerotate; \
|
||||||
|
fi; \
|
||||||
|
endscript
|
||||||
|
}
|
69
install.sh
69
install.sh
|
@ -127,11 +127,36 @@ else
|
||||||
install --owner=vhost --group=vhost --mode=755 --directory /srv/www/html
|
install --owner=vhost --group=vhost --mode=755 --directory /srv/www/html
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Webalizer
|
||||||
|
apt -y install webalizer
|
||||||
|
cp etc/logrotate.d/apache2 /etc/logrotate.d/apache2
|
||||||
|
chmod 644 /etc/logrotate.d/apache2
|
||||||
|
cp etc/cron.daily/webalizer /etc/cron.daily/webalizer
|
||||||
|
chmod 755 /etc/cron.daily/webalizer
|
||||||
|
rmdir /srv/www/webalizer
|
||||||
|
|
||||||
# install status.php
|
# install status.php
|
||||||
cp html/status.php /srv/www/html
|
cp html/status.php /srv/www/html
|
||||||
chmod 644 /srv/www/html/status.php
|
chmod 644 /srv/www/html/status.php
|
||||||
chown vhost:vhost /srv/www/html/status.php
|
chown vhost:vhost /srv/www/html/status.php
|
||||||
|
|
||||||
|
# phpMyAdmin
|
||||||
|
apt -y install php-bz2 php-tcpdf
|
||||||
|
cd /usr/local/src
|
||||||
|
wget https://files.phpmyadmin.net/phpMyAdmin/5.1.1/phpMyAdmin-5.1.1-all-languages.tar.gz
|
||||||
|
tar zxf phpMyAdmin-5.1.1-all-languages.tar.gz
|
||||||
|
rm -r phpMyAdmin-5.1.1-all-languages/setup/
|
||||||
|
if [ -d "phpMyAdmin-5.1.1-all-languages/test/" ]; then
|
||||||
|
rm -r phpMyAdmin-5.1.1-all-languages/test/
|
||||||
|
fi
|
||||||
|
mv phpMyAdmin-5.1.1-all-languages /srv/www/html/phpMyAdmin
|
||||||
|
cp html/phpMyAdmin/config.inc.php /srv/www/html/phpMyAdmin/config.inc.php
|
||||||
|
blowfish_secret=`pwgen 32 -1`
|
||||||
|
sed -i "s|changeme|$blowfish_secret|g" /srv/www/html/phpMyAdmin/config.inc.php
|
||||||
|
find /srv/www/html/phpMyAdmin -type d -exec chmod 755 {} +
|
||||||
|
find /srv/www/html/phpMyAdmin -type f -exec chmod 644 {} +
|
||||||
|
chown -R vhost:vhost /srv/www/html/phpMyAdmin
|
||||||
|
|
||||||
# jailkit
|
# jailkit
|
||||||
apt -y install jailkit
|
apt -y install jailkit
|
||||||
# bugfix, fixed upstream, shouldn't be needed if jailkit package gets updated
|
# bugfix, fixed upstream, shouldn't be needed if jailkit package gets updated
|
||||||
|
@ -156,6 +181,16 @@ echo "[ruby]" >> /etc/jailkit/jk_init.ini
|
||||||
echo "comment = the ruby interpreter and libraries" >> /etc/jailkit/jk_init.ini
|
echo "comment = the ruby interpreter and libraries" >> /etc/jailkit/jk_init.ini
|
||||||
echo "paths = /usr/bin/erb. /usr/bin/gem, /usr/bin/irb, /usr/bin/rdoc, /usr/bin/ri, /usr/bin/ruby, /usr/share/doc/ruby, /usr/share/man/man1/ruby.1.gz, /usr/lib/ruby/, /usr/lib/x86_64-linux-gnu/ruby/" >> /etc/jailkit/jk_init.ini
|
echo "paths = /usr/bin/erb. /usr/bin/gem, /usr/bin/irb, /usr/bin/rdoc, /usr/bin/ri, /usr/bin/ruby, /usr/share/doc/ruby, /usr/share/man/man1/ruby.1.gz, /usr/lib/ruby/, /usr/lib/x86_64-linux-gnu/ruby/" >> /etc/jailkit/jk_init.ini
|
||||||
|
|
||||||
|
# varnish
|
||||||
|
apt -y install varnish
|
||||||
|
# systemctl disable varnish
|
||||||
|
# service varnish stop
|
||||||
|
cp -a etc/varnish/* /etc/varnish/
|
||||||
|
find /etc/varnish/ -type d -exec chmod 755 {} +
|
||||||
|
find /etc/varnish/ -type f -exec chmod 644 {} +
|
||||||
|
chown -R root:root /etc/varnish/
|
||||||
|
## /usr/bin/varnishncsa
|
||||||
|
|
||||||
mkdir /usr/jails
|
mkdir /usr/jails
|
||||||
if ! [ -d "/usr/local/libexec" ]; then
|
if ! [ -d "/usr/local/libexec" ]; then
|
||||||
install --owner=root --group=root --mode=755 --directory /usr/local/libexec
|
install --owner=root --group=root --mode=755 --directory /usr/local/libexec
|
||||||
|
@ -169,20 +204,6 @@ if ! [ -f "/etc/fstab.jails" ]; then
|
||||||
echo "# /etc/fstab.jails: jail bind mounts information." > /etc/fstab.jails
|
echo "# /etc/fstab.jails: jail bind mounts information." > /etc/fstab.jails
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# varnish
|
|
||||||
apt -y install varnish
|
|
||||||
# systemctl disable varnish
|
|
||||||
# service varnish stop
|
|
||||||
cp -a etc/varnish/* /etc/varnish/
|
|
||||||
find /etc/varnish/ -type d -exec chmod 755 {} +
|
|
||||||
find /etc/varnish/ -type f -exec chmod 644 {} +
|
|
||||||
chown -R root:root /etc/varnish/
|
|
||||||
## /usr/bin/varnishncsa
|
|
||||||
|
|
||||||
# install vhost scripts
|
|
||||||
chmod 755 bin/*
|
|
||||||
cp bin/* /usr/local/bin/
|
|
||||||
|
|
||||||
# mini_sendmail so users can send out of jails
|
# mini_sendmail so users can send out of jails
|
||||||
cd /usr/local/src
|
cd /usr/local/src
|
||||||
wget http://www.acme.com/software/mini_sendmail/mini_sendmail-1.3.9.tar.gz
|
wget http://www.acme.com/software/mini_sendmail/mini_sendmail-1.3.9.tar.gz
|
||||||
|
@ -193,19 +214,7 @@ cp mini_sendmail /usr/local/sbin
|
||||||
gzip mini_sendmail.8
|
gzip mini_sendmail.8
|
||||||
cp mini_sendmail.8.gz /usr/local/share/man/man8
|
cp mini_sendmail.8.gz /usr/local/share/man/man8
|
||||||
|
|
||||||
# phpMyAdmin
|
# install vhost scripts
|
||||||
apt -y install php-bz2 php-tcpdf
|
chmod 755 bin/*
|
||||||
cd /usr/local/src
|
cp bin/* /usr/local/bin/
|
||||||
wget https://files.phpmyadmin.net/phpMyAdmin/5.1.1/phpMyAdmin-5.1.1-all-languages.tar.gz
|
|
||||||
tar zxf phpMyAdmin-5.1.1-all-languages.tar.gz
|
|
||||||
rm -r phpMyAdmin-5.1.1-all-languages/setup/
|
|
||||||
if [ -d "phpMyAdmin-5.1.1-all-languages/test/" ]; then
|
|
||||||
rm -r phpMyAdmin-5.1.1-all-languages/test/
|
|
||||||
fi
|
|
||||||
mv phpMyAdmin-5.1.1-all-languages /srv/www/html/phpMyAdmin
|
|
||||||
cp html/phpMyAdmin/config.inc.php /srv/www/html/phpMyAdmin/config.inc.php
|
|
||||||
blowfish_secret=`pwgen 32 -1`
|
|
||||||
sed -i "s|changeme|$blowfish_secret|g" /srv/www/html/phpMyAdmin/config.inc.php
|
|
||||||
find /srv/www/html/phpMyAdmin -type d -exec chmod 755 {} +
|
|
||||||
find /srv/www/html/phpMyAdmin -type f -exec chmod 644 {} +
|
|
||||||
chown -R vhost:vhost /srv/www/html/phpMyAdmin
|
|
||||||
|
|
103
sbin/split-apache-logfile.pl
Executable file
103
sbin/split-apache-logfile.pl
Executable file
|
@ -0,0 +1,103 @@
|
||||||
|
#!/usr/bin/perl
|
||||||
|
#
|
||||||
|
# Licensed to the Apache Software Foundation (ASF) under one or more
|
||||||
|
# contributor license agreements. See the NOTICE file distributed with
|
||||||
|
# this work for additional information regarding copyright ownership.
|
||||||
|
# The ASF licenses this file to You under the Apache License, Version 2.0
|
||||||
|
# (the "License"); you may not use this file except in compliance with
|
||||||
|
# the License. You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
#
|
||||||
|
# Modified 2022 by Matthew Saunders Brown <matthewsaundersbrown@gmail.com>
|
||||||
|
# to work with vhost-stack https://git.stack-source.com/msb/vhost-stack
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# This script will take a combined Web server access
|
||||||
|
# log file and break its contents into separate files.
|
||||||
|
# It assumes that the first field of each line is the
|
||||||
|
# virtual host identity (put there by "%v"), and that
|
||||||
|
# the logfiles should be named that+".log" in the current
|
||||||
|
# directory.
|
||||||
|
#
|
||||||
|
# The combined log file is read from stdin. Records read
|
||||||
|
# will be appended to any existing log files.
|
||||||
|
#
|
||||||
|
# use strict;
|
||||||
|
use warnings;
|
||||||
|
|
||||||
|
my %log_file = ();
|
||||||
|
|
||||||
|
# read all files from /srv/www
|
||||||
|
opendir(DIR, "/srv/www") or die "couldn't open /srv/www/ to get list of virtualhosts: $!\n";
|
||||||
|
my @dir = readdir DIR;
|
||||||
|
closedir DIR;
|
||||||
|
|
||||||
|
# create virtualhosts array from /srv/www listing
|
||||||
|
my %virtualhosts = ();
|
||||||
|
foreach $virtualhost (@dir) {
|
||||||
|
if ($virtualhost ne "." && $virtualhost ne ".." && $virtualhost ne "html") {
|
||||||
|
if (-d "/srv/www/$virtualhost") {
|
||||||
|
$virtualhosts{ $virtualhost } = $virtualhost;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# set spool dir for temporary apache files
|
||||||
|
$spool_dir="/var/spool/apache2";
|
||||||
|
|
||||||
|
# remove any previous files from spool dir
|
||||||
|
system("/usr/bin/find $spool_dir -type f -name '*.log' -exec rm {} +");
|
||||||
|
|
||||||
|
while (my $log_line = <STDIN>) {
|
||||||
|
#
|
||||||
|
# Get the first token from the log record; it's the
|
||||||
|
# identity of the virtual host to which the record
|
||||||
|
# applies.
|
||||||
|
#
|
||||||
|
my ($vhost) = split (/\s/, $log_line);
|
||||||
|
#
|
||||||
|
# Normalize the virtual host name to all lowercase.
|
||||||
|
# If it's blank, the request was handled by the default
|
||||||
|
# server, so supply a default name. This shouldn't
|
||||||
|
# happen, but caution rocks.
|
||||||
|
#
|
||||||
|
$vhost = lc ($vhost) || "access";
|
||||||
|
#
|
||||||
|
# Strip of leading www.
|
||||||
|
#
|
||||||
|
$vhost =~ s/^www\.//;
|
||||||
|
#
|
||||||
|
# Strip of the trailing port number
|
||||||
|
#
|
||||||
|
$vhost =~ s/\:.*//;
|
||||||
|
#
|
||||||
|
# if the vhost contains a "/" or "\", it is illegal so just use
|
||||||
|
# the default log to avoid any security issues due if it is interprted
|
||||||
|
# as a directory separator.
|
||||||
|
if ($vhost =~ m#[/\\]#) { $vhost = "access" }
|
||||||
|
#
|
||||||
|
# If the log file for this virtual host isn't opened
|
||||||
|
# yet, do it now.
|
||||||
|
#
|
||||||
|
if (exists($virtualhosts{$vhost})) {
|
||||||
|
if (! $log_file{$vhost}) {
|
||||||
|
open $log_file{$vhost}, ">>$spool_dir/${vhost}.log"
|
||||||
|
or die ("Can't open $spool_dir/${vhost}.log");
|
||||||
|
}
|
||||||
|
#
|
||||||
|
# Strip off the first token (which may be null in the
|
||||||
|
# case of the default server), and write the edited
|
||||||
|
# record to the current log file.
|
||||||
|
#
|
||||||
|
$log_line =~ s/^\S*\s+//;
|
||||||
|
print {$log_file{$vhost}} $log_line;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
exit 0;
|
Loading…
Reference in New Issue
Block a user