msb/vhost-stack
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update for ubuntu 22.04

Browse Source
This commit is contained in:
Matthew Saunders Brown 2022-08-29 15:32:56 -07:00
parent 1b0219e0f7
commit fdad410e58
5 changed files with 50 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
etc/apache2/conf-available/phpMyAdmin.conf
View File

@ -14,6 +14,6 @@ SetExternalAuthMethod pwauth pipe
# this is to force the default fpm, so we don't end up trying to use a virtualhosts jailed fpm which won't work # this is to force the default fpm, so we don't end up trying to use a virtualhosts jailed fpm which won't work
<Directory "/srv/www/html/phpMyAdmin"> <Directory "/srv/www/html/phpMyAdmin">
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</Directory> </Directory>

22
etc/apache2/mods-available/macro.conf
View File

@ -38,7 +38,7 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.* RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT] RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</VirtualHost> </VirtualHost>
</Macro> </Macro>
@ -51,7 +51,7 @@
</IfDefine> </IfDefine>
DocumentRoot /srv/www/$vhost/html/$subdomain DocumentRoot /srv/www/$vhost/html/$subdomain
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</VirtualHost> </VirtualHost>
</Macro> </Macro>
@ -77,7 +77,7 @@
</Location> </Location>
</IfDefine> </IfDefine>
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</VirtualHost> </VirtualHost>
<VirtualHost *:443> <VirtualHost *:443>
@ -92,7 +92,7 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.* RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT] RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
SSLEngine on SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem SSLCertificateFile /etc/ssl/letsencrypt/$vhost.pem
@ -128,7 +128,7 @@
</Location> </Location>
</IfDefine> </IfDefine>
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</VirtualHost> </VirtualHost>
<VirtualHost *:443> <VirtualHost *:443>
@ -138,7 +138,7 @@
</IfDefine> </IfDefine>
DocumentRoot /srv/www/$vhost/html/$subdomain DocumentRoot /srv/www/$vhost/html/$subdomain
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
SSLEngine on SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$subdomain.$vhost.pem SSLCertificateFile /etc/ssl/letsencrypt/$subdomain.$vhost.pem
@ -159,7 +159,7 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.* RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT] RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</VirtualHost> </VirtualHost>
<VirtualHost *:443> <VirtualHost *:443>
@ -186,7 +186,7 @@
</IfDefine> </IfDefine>
DocumentRoot /srv/www/$vhost/html/$subdomain DocumentRoot /srv/www/$vhost/html/$subdomain
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</VirtualHost> </VirtualHost>
<VirtualHost *:443> <VirtualHost *:443>
@ -278,7 +278,7 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.* RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT] RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</VirtualHost> </VirtualHost>
</Macro> </Macro>
@ -303,7 +303,7 @@
</Location> </Location>
</IfDefine> </IfDefine>
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
</VirtualHost> </VirtualHost>
<VirtualHost *:443> <VirtualHost *:443>
@ -318,7 +318,7 @@
RewriteCond %{REQUEST_URI} ^/cgi-bin/.* RewriteCond %{REQUEST_URI} ^/cgi-bin/.*
RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT] RewriteRule ^/cgi-bin/(.*) /cgi-wrap/cgiwrap/$username/$1 [PT]
<FilesMatch ".+\.ph(ar|p|tml)$"> <FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler "proxy:unix:/run/php/php7.4-fpm-$username.sock|fcgi://localhost" SetHandler "proxy:unix:/run/php/php8.1-fpm-$username.sock|fcgi://localhost"
</FilesMatch> </FilesMatch>
SSLEngine on SSLEngine on
SSLCertificateFile /etc/ssl/letsencrypt/$alias.pem SSLCertificateFile /etc/ssl/letsencrypt/$alias.pem

85
etc/apache2/mods-available/ssl.conf
View File

@ -1,85 +0,0 @@
<IfModule mod_ssl.c>
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the SSL library.
# The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
#
SSLRandomSeed startup builtin
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/urandom 512
##
## SSL Global Context
##
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
##
#
# Some MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog exec:/usr/share/apache2/ask-for-passphrase
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
# (The mechanism dbm has known memory leaks and should not be used).
#SSLSessionCache dbm:${APACHE_RUN_DIR}/ssl_scache
SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
# (Disabled by default, the global Mutex directive consolidates by default
# this)
#Mutex file:${APACHE_LOCK_DIR}/ssl_mutex ssl-cache
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate. See the
# ciphers(1) man page from the openssl package for list of all available
# options.
# Enable only secure ciphers:
SSLCipherSuite HIGH:!aNULL
# SSL server cipher order preference:
# Use server priorities for cipher algorithm choice.
# Clients may prefer lower grade encryption. You should enable this
# option if you want to enforce stronger encryption, and can afford
# the CPU cost, and did not override SSLCipherSuite in a way that puts
# insecure ciphers first.
# Default: Off
#SSLHonorCipherOrder on
# The protocols to enable.
# Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2
# SSL v2 is no longer supported
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
# Allow insecure renegotiation with clients which do not yet support the
# secure renegotiation protocol. Default: Off
#SSLInsecureRenegotiation on
# Whether to forbid non-SNI clients to access name based virtual hosts.
# Default: Off
#SSLStrictSNIVHostCheck On
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

9
etc/varnish/default.vcl
View File

@ -5,15 +5,14 @@
# builtin VCL. The builtin VCL is called when there is no explicit # builtin VCL. The builtin VCL is called when there is no explicit
# return statement. # return statement.
# #
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/ # See the VCL chapters in the Users Guide for a comprehensive documentation
# and https://www.varnish-cache.org/trac/wiki/VCLExamples for more examples. # at https://www.varnish-cache.org/docs/.
# #
# validate config with: # validate config with:
# varnishd -C -f /etc/varnish/default.vcl # varnishd -C -f /etc/varnish/default.vcl
# https://varnish-cache.org/docs/6.2/
# #
# Marker to tell the VCL compiler that this VCL has been adapted to the # Marker to tell the VCL compiler that this VCL has been written with the
# new 4.0 format. # 4.0 or 4.1 syntax.
vcl 4.0; vcl 4.0;
import std; import std;

66
install.sh
View File

@ -6,8 +6,8 @@ if [ "${EUID}" -ne 0 ]; then
fi fi
# check for Ubuntu 20.04 # check for Ubuntu 20.04
if ! grep -q "Ubuntu 20.04" /etc/issue; then if ! grep -q "Ubuntu 22.04" /etc/issue; then
echo "This installer is only tested on Ubuntu 20.04. If you are on a" echo "This installer is only tested on Ubuntu 22.04. If you are on a"
echo "different version of Ubuntu or a Debian/Debian based distro" echo "different version of Ubuntu or a Debian/Debian based distro"
echo "and want to try running this installer open this script and" echo "and want to try running this installer open this script and"
echo "comment out the exit command below this line and re-run." echo "comment out the exit command below this line and re-run."
@ -32,6 +32,9 @@ fi
apt-get update apt-get update
# modify policy-rc.d so that packages automatically start/restart/stop after install/upgrade/uninstall
sed -i "s|exit 101|exit 0|g" /usr/sbin/policy-rc.d
# install pwgen, used to create random passwords # install pwgen, used to create random passwords
apt -y install pwgen apt -y install pwgen
@ -40,29 +43,30 @@ if [ ! -d "/etc/mysql/" ]; then
MARIADBPWORD=`pwgen 12 1` MARIADBPWORD=`pwgen 12 1`
apt -y install mariadb-client mariadb-server apt -y install mariadb-client mariadb-server
# record the initial root password # set unix_socket auth for root
echo "#[client]" > /root/.my.cnf mysql -e "GRANT ALL ON *.* TO 'root'@'localhost' IDENTIFIED VIA unix_socket WITH GRANT OPTION"
echo "#password=$MARIADBPWORD" >> /root/.my.cnf # create nagios user for monitoring server status only
echo '!include /etc/mysql/debian.cnf' >> /root/.my.cnf
chmod 600 /root/.my.cnf
mysql -e "SET PASSWORD FOR 'root'@'localhost' = PASSWORD('$MARIADBPWORD');"
sed -i "s|password = |password = $MARIADBPWORD|g" /etc/mysql/debian.cnf
mysql -e "CREATE USER 'nagios'@'localhost' IDENTIFIED WITH mysql_native_password AS '';" mysql -e "CREATE USER 'nagios'@'localhost' IDENTIFIED WITH mysql_native_password AS '';"
mysqladmin flush-privileges mysqladmin flush-privileges
fi fi
# Apache w/ PHP # Apache w/ PHP
apt -y install apache2 libapache2-mod-authnz-pam libwww-perl php-fpm php-cli php-ssh2 php-curl php-dev php-enchant php-mysql php-pear php-gd php-http php-imap php-intl php-mysql php-yaml php-propro php-pspell php-raphf php-ssh2 php-sqlite3 php-tidy php-xml php-xmlrpc php-zip php-mbstring php-imagick php-redis redis pwauth libapache2-mod-authnz-external apt -y install apache2 libapache2-mod-authnz-pam libwww-perl php-fpm php-cli php-ssh2 php-curl php-dev php-enchant php-mysql php-pear php-gd php-http php-imap php-intl php-mysql php-yaml php-pspell php-raphf php-ssh2 php-sqlite3 php-tidy php-xml php-xmlrpc php-zip php-mbstring php-imagick php-redis redis pwauth libapache2-mod-authnz-external
## http2 handled automatically now. double check. also look in to vhost log format
## http2 handled automatically now.
## http2 doesn't support logio, so look in to vhost log format
# force https for phpMyAdmin ?? # force https for phpMyAdmin ??
cp etc/apache2/conf-available/* /etc/apache2/conf-available/ cp etc/apache2/conf-available/* /etc/apache2/conf-available/
chmod 644 /etc/apache2/conf-available/*.conf chmod 644 /etc/apache2/conf-available/*.conf
chown root:root /etc/apache2/conf-available/*.conf chown root:root /etc/apache2/conf-available/*.conf
a2enconf php7.4-fpm phpMyAdmin a2enconf php8.1-fpm phpMyAdmin
cp etc/apache2/mods-available/* /etc/apache2/mods-available/ cp etc/apache2/mods-available/* /etc/apache2/mods-available/
chmod 644 /etc/apache2/mods-available/*.conf chmod 644 /etc/apache2/mods-available/*.conf
chown root:root /etc/apache2/mods-available/*.conf chown root:root /etc/apache2/mods-available/*.conf
# enable TLSv1.2 only
sed -i "s|SSLProtocol all -SSLv3|SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1|g" /etc/apache2/mods-available/ssl.conf
# set vhost subodmain to domain name of server, users may want to consider changing this to a custom domain. # set vhost subodmain to domain name of server, users may want to consider changing this to a custom domain.
vhostdomain=`hostname -d` vhostdomain=`hostname -d`
sed -i "s|.example.com|.$vhostdomain|g" /etc/apache2/mods-available/macro.conf sed -i "s|.example.com|.$vhostdomain|g" /etc/apache2/mods-available/macro.conf
@ -89,22 +93,22 @@ echo ' Require all granted' >> /etc/apache2/conf-available/security.conf
echo '</Directory>' >> /etc/apache2/conf-available/security.conf echo '</Directory>' >> /etc/apache2/conf-available/security.conf
# configure php # configure php
sed -i "s|post_max_size = 8M|post_max_size = 256M|g" /etc/php/7.4/fpm/php.ini sed -i "s|post_max_size = 8M|post_max_size = 256M|g" /etc/php/8.1/fpm/php.ini
sed -i "s|upload_max_filesize = 2M|upload_max_filesize = 256M|g" /etc/php/7.4/fpm/php.ini sed -i "s|upload_max_filesize = 2M|upload_max_filesize = 256M|g" /etc/php/8.1/fpm/php.ini
sed -i "s|;date.timezone =|date.timezone = 'America/Los_Angeles'|g" /etc/php/7.4/fpm/php.ini sed -i "s|;date.timezone =|date.timezone = 'America/Los_Angeles'|g" /etc/php/8.1/fpm/php.ini
sed -i "s|;date.timezone =|date.timezone = 'America/Los_Angeles'|g" /etc/php/7.4/cli/php.ini sed -i "s|;date.timezone =|date.timezone = 'America/Los_Angeles'|g" /etc/php/8.1/cli/php.ini
# Change Debian/Ubuntu session settings back to php defaults for compatability with user jails & php chroots # Change Debian/Ubuntu session settings back to php defaults for compatability with user jails & php chroots
sed -i "s|;session.save_path = \"/var/lib/php/sessions\"|session.save_path = \"/tmp\"|g" /etc/php/7.4/fpm/php.ini sed -i "s|;session.save_path = \"/var/lib/php/sessions\"|session.save_path = \"/tmp\"|g" /etc/php/8.1/fpm/php.ini
sed -i "s|;session.save_path = \"/var/lib/php/sessions\"|session.save_path = \"/tmp\"|g" /etc/php/7.4/cli/php.ini sed -i "s|;session.save_path = \"/var/lib/php/sessions\"|session.save_path = \"/tmp\"|g" /etc/php/8.1/cli/php.ini
sed -i "s|session.gc_probability = 0|session.gc_probability = 1|g" /etc/php/7.4/fpm/php.ini sed -i "s|session.gc_probability = 0|session.gc_probability = 1|g" /etc/php/8.1/fpm/php.ini
sed -i "s|session.gc_probability = 0|session.gc_probability = 1|g" /etc/php/7.4/cli/php.ini sed -i "s|session.gc_probability = 0|session.gc_probability = 1|g" /etc/php/8.1/cli/php.ini
# Configure PHP-FPM to use "ondemand" # Configure PHP-FPM to use "ondemand"
sed -i "s|pm = dynamic|pm = ondemand|g" /etc/php/7.4/fpm/pool.d/www.conf sed -i "s|pm = dynamic|pm = ondemand|g" /etc/php/8.1/fpm/pool.d/www.conf
systemctl reload apache2 systemctl reload apache2
## configure overrides ## configure overrides
# sed -i "s|^user = www-data|user = $USERNAME|g" /etc/php/7.2/fpm/pool.d/www.conf # sed -i "s|^user = www-data|user = $USERNAME|g" /etc/php/7.2/fpm/pool.d/www.conf
# sed -i "s|^group = www-data|group = $USERNAME|g" /etc/php/7.2/fpm/pool.d/www.conf # sed -i "s|^group = www-data|group = $USERNAME|g" /etc/php/7.2/fpm/pool.d/www.conf
systemctl reload php7.4-fpm systemctl reload php8.1-fpm
if [ -d /srv/www ]; then if [ -d /srv/www ]; then
if [ -d /var/www ]; then if [ -d /var/www ]; then
@ -146,13 +150,14 @@ chown vhost:vhost /srv/www/html/status.php
# phpMyAdmin # phpMyAdmin
apt -y install php-bz2 php-tcpdf apt -y install php-bz2 php-tcpdf
cd /usr/local/src cd /usr/local/src
wget https://files.phpmyadmin.net/phpMyAdmin/5.1.1/phpMyAdmin-5.1.1-all-languages.tar.gz wget https://files.phpmyadmin.net/phpMyAdmin/5.2.0/phpMyAdmin-5.2.0-all-languages.tar.gz
tar zxf phpMyAdmin-5.1.1-all-languages.tar.gz tar zxf phpMyAdmin-5.2.0-all-languages.tar.gz
rm -r phpMyAdmin-5.1.1-all-languages/setup/ rm -r phpMyAdmin-5.2.0-all-languages/setup/
if [ -d "phpMyAdmin-5.1.1-all-languages/test/" ]; then if [ -d "phpMyAdmin-5.2.0-all-languages/test/" ]; then
rm -r phpMyAdmin-5.1.1-all-languages/test/ rm -r phpMyAdmin-5.2.0-all-languages/test/
fi fi
mv phpMyAdmin-5.1.1-all-languages /srv/www/html/phpMyAdmin mv phpMyAdmin-5.2.0-all-languages /srv/www/html/phpMyAdmin
cd -
cp html/phpMyAdmin/config.inc.php /srv/www/html/phpMyAdmin/config.inc.php cp html/phpMyAdmin/config.inc.php /srv/www/html/phpMyAdmin/config.inc.php
blowfish_secret=`pwgen 32 -1` blowfish_secret=`pwgen 32 -1`
sed -i "s|changeme|$blowfish_secret|g" /srv/www/html/phpMyAdmin/config.inc.php sed -i "s|changeme|$blowfish_secret|g" /srv/www/html/phpMyAdmin/config.inc.php
@ -162,8 +167,6 @@ chown -R vhost:vhost /srv/www/html/phpMyAdmin
# jailkit # jailkit
apt -y install jailkit apt -y install jailkit
# bugfix, fixed upstream, shouldn't be needed if jailkit package gets updated
sed -i "s/if (not config.has_key('hardlink')):/if ('hardlink' not in config):/g" /usr/sbin/jk_update
sed -i 's|paths = ssh|paths = /usr/bin/ssh*|' /etc/jailkit/jk_init.ini sed -i 's|paths = ssh|paths = /usr/bin/ssh*|' /etc/jailkit/jk_init.ini
sed -i "s|paths = perl, /usr/lib/perl, /usr/lib/perl5, /usr/share/perl, /usr/share/perl5|paths = /usr/bin/perl, /usr/lib/x86_64-linux-gnu/perl, /usr/lib/x86_64-linux-gnu/perl-base, /usr/share/perl, /usr/share/perl5|g" /etc/jailkit/jk_init.ini sed -i "s|paths = perl, /usr/lib/perl, /usr/lib/perl5, /usr/share/perl, /usr/share/perl5|paths = /usr/bin/perl, /usr/lib/x86_64-linux-gnu/perl, /usr/lib/x86_64-linux-gnu/perl-base, /usr/share/perl, /usr/share/perl5|g" /etc/jailkit/jk_init.ini
echo "" >> /etc/jailkit/jk_init.ini echo "" >> /etc/jailkit/jk_init.ini
@ -186,8 +189,6 @@ echo "paths = /usr/bin/erb. /usr/bin/gem, /usr/bin/irb, /usr/bin/rdoc, /usr/bin/
# varnish # varnish
apt -y install varnish apt -y install varnish
# systemctl disable varnish
# service varnish stop
cp -a etc/varnish/* /etc/varnish/ cp -a etc/varnish/* /etc/varnish/
find /etc/varnish/ -type d -exec chmod 755 {} + find /etc/varnish/ -type d -exec chmod 755 {} +
find /etc/varnish/ -type f -exec chmod 644 {} + find /etc/varnish/ -type f -exec chmod 644 {} +
@ -216,6 +217,7 @@ make
cp mini_sendmail /usr/local/sbin cp mini_sendmail /usr/local/sbin
gzip mini_sendmail.8 gzip mini_sendmail.8
cp mini_sendmail.8.gz /usr/local/share/man/man8 cp mini_sendmail.8.gz /usr/local/share/man/man8
cd ../vhost-stack/
# install vhost scripts # install vhost scripts
chmod 755 bin/* chmod 755 bin/*