From 43407d9a3491dc4227c6854c5dac7627d11e49d0 Mon Sep 17 00:00:00 2001 From: qtwrk Date: Mon, 9 Mar 2020 18:35:11 +0100 Subject: [PATCH 1/4] CN mirror for composer --- cyberpanel.sh | 110 +---------------------------------------- install/composer_cn.sh | 8 +++ 2 files changed, 9 insertions(+), 109 deletions(-) create mode 100755 install/composer_cn.sh diff --git a/cyberpanel.sh b/cyberpanel.sh index c66327def..8dca82439 100644 --- a/cyberpanel.sh +++ b/cyberpanel.sh @@ -256,6 +256,7 @@ if [[ $SERVER_COUNTRY == "CN" ]] ; then sed -i 's|'$DOWNLOAD_SERVER'|cyberpanel.sh|g' install.py sed -i 's|https://www.litespeedtech.com/packages/5.0/lsws-5.4.2-ent-x86_64-linux.tar.gz|https://'$DOWNLOAD_SERVER'/litespeed/lsws-'$LSWS_STABLE_VER'-ent-x86_64-linux.tar.gz|g' installCyberPanel.py sed -i 's|wget -O - https://get.acme.sh \| sh|git clone https://gitee.com/qtwrk/acme.sh.git ; cd acme.sh ; ./acme.sh --install ; cd - ; rm -rf acme.sh|g' install.py + sed -i 's|composer.sh|composer_cn.sh|g' install.py # global change for CN , regardless provider and system if [[ $SERVER_OS == "CentOS" ]] ; then @@ -278,42 +279,6 @@ index-url = https://pypi.tuna.tsinghua.edu.cn/simple trusted-host=pypi.tuna.tsinghua.edu.cn EOF echo -e "\nSet to Aliyun pip repo..." - cat << EOF > composer.sh -#!/usr/bin/env bash -php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" -php composer-setup.php -php -r "unlink('composer-setup.php');" -mv composer.phar /usr/bin/composer - -if [ ! -d /root/.config ]; then -mkdir /root/.config -fi - -if [ ! -d /root/.config/composer ]; then -mkdir /root/.config/composer -fi - -echo '{ - "bitbucket-oauth": {}, - "github-oauth": {}, - "gitlab-oauth": {}, - "gitlab-token": {}, - "http-basic": {} -} -' > /root/.config/composer/auth.json - -echo '{ - "config": {}, - "repositories": { - "packagist": { - "type": "composer", - "url": "https://mirrors.aliyun.com/composer/" - } - } -} -' > /root/.config/composer/config.json -composer clear-cache -EOF fi @@ -349,79 +314,6 @@ deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted unive EOF DEBIAN_FRONTEND=noninteractive apt update -y pip config set global.index-url https://mirrors.aliyun.com/pypi/simple/ - cat << EOF > composer.sh -#!/usr/bin/env bash -php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" -php composer-setup.php -php -r "unlink('composer-setup.php');" -mv composer.phar /usr/bin/composer - -if [ ! -d /root/.config ]; then -mkdir /root/.config -fi - -if [ ! -d /root/.config/composer ]; then -mkdir /root/.config/composer -fi - -echo '{ - "bitbucket-oauth": {}, - "github-oauth": {}, - "gitlab-oauth": {}, - "gitlab-token": {}, - "http-basic": {} -} -' > /root/.config/composer/auth.json - -echo '{ - "config": {}, - "repositories": { - "packagist": { - "type": "composer", - "url": "https://mirrors.cloud.tencent.com/composer/" - } - } -} -' > /root/.config/composer/config.json -composer clear-cache -EOF - else - cat << EOF > composer.sh -#!/usr/bin/env bash -php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" -php composer-setup.php -php -r "unlink('composer-setup.php');" -mv composer.phar /usr/bin/composer - -if [ ! -d /root/.config ]; then -mkdir /root/.config -fi - -if [ ! -d /root/.config/composer ]; then -mkdir /root/.config/composer -fi - -echo '{ - "bitbucket-oauth": {}, - "github-oauth": {}, - "gitlab-oauth": {}, - "gitlab-token": {}, - "http-basic": {} -} -' > /root/.config/composer/auth.json - -echo '{ - "config": {}, - "repositories": { - "packagist": { - "type": "composer", - "url": "https://packagist.phpcomposer.com" - } - } -} -' > /root/.config/composer/config.json -composer clear-cache -EOF fi fi fi diff --git a/install/composer_cn.sh b/install/composer_cn.sh new file mode 100755 index 000000000..0955bd6a1 --- /dev/null +++ b/install/composer_cn.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash +wget -O composer-setup.php https://cyberpanel.sh/?composer +sed -i "s|'://getcomposer.org'|'://mirrors.aliyun.com/composer'|g" composer-setup.php +php composer-setup.php +php -r "unlink('composer-setup.php');" +mv composer.phar /usr/bin/composer +composer config -g repo.packagist composer https://mirrors.aliyun.com/composer/ +composer clear-cache From c641fe612f1833cd3e452c8dc634afd4c80ef638 Mon Sep 17 00:00:00 2001 From: qtwrk Date: Mon, 9 Mar 2020 20:15:21 +0100 Subject: [PATCH 2/4] mirror for CN --- cyberpanel.sh | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/cyberpanel.sh b/cyberpanel.sh index 8dca82439..6bae318d7 100644 --- a/cyberpanel.sh +++ b/cyberpanel.sh @@ -249,7 +249,7 @@ if [[ $SERVER_COUNTRY == "CN" ]] ; then sed -i 's|https://www.rainloop.net/repository/webmail/rainloop-community-latest.zip|https://'$DOWNLOAD_SERVER'/misc/rainloop-community-latest.zip|g' install.py sed -i 's|rpm -ivh http://rpms.litespeedtech.com/centos/litespeed-repo-1.1-1.el7.noarch.rpm|curl -o /etc/yum.repos.d/litespeed.repo https://'$DOWNLOAD_SERVER'/litespeed/litespeed.repo|g' install.py sed -i 's|https://copr.fedorainfracloud.org/coprs/copart/restic/repo/epel-7/copart-restic-epel-7.repo|https://'$DOWNLOAD_SERVER'/restic/restic.repo|g' install.py - sed -i 's|yum -y install https://cyberpanel.sh/gf-release-latest.gf.el7.noarch.rpm|wget -O /etc/yum.repos.d/gf.repo https://'$DOWNLOAD_SERVER'/gf-plus/gf.repo|g' install.py + sed -i 's|yum -y install http://cyberpanel.sh/gf-release-latest.gf.el7.noarch.rpm|wget -O /etc/yum.repos.d/gf.repo https://'$DOWNLOAD_SERVER'/gf-plus/gf.repo|g' install.py sed -i 's|dovecot-2.3-latest|dovecot-2.3-latest-mirror|g' install.py sed -i 's|git clone https://github.com/usmannasir/cyberpanel|wget https://cyberpanel.sh/cyberpanel-git.tar.gz \&\& tar xzvf cyberpanel-git.tar.gz|g' install.py sed -i 's|http://repo.dovecot.org/ce-2.3-latest/centos/$releasever/RPMS/$basearch|https://'$DOWNLOAD_SERVER'/dovecot/|g' install.py @@ -257,6 +257,7 @@ if [[ $SERVER_COUNTRY == "CN" ]] ; then sed -i 's|https://www.litespeedtech.com/packages/5.0/lsws-5.4.2-ent-x86_64-linux.tar.gz|https://'$DOWNLOAD_SERVER'/litespeed/lsws-'$LSWS_STABLE_VER'-ent-x86_64-linux.tar.gz|g' installCyberPanel.py sed -i 's|wget -O - https://get.acme.sh \| sh|git clone https://gitee.com/qtwrk/acme.sh.git ; cd acme.sh ; ./acme.sh --install ; cd - ; rm -rf acme.sh|g' install.py sed -i 's|composer.sh|composer_cn.sh|g' install.py + sed -i 's|yum -y install http://repo.iotti.biz/CentOS/7/noarch/lux-release-7-1.noarch.rpm|wget -O /etc/yum.repos.d/lux.repo https://'$DOWNLOAD_SERVER'/lux/lux.repo|g' install.py # global change for CN , regardless provider and system if [[ $SERVER_OS == "CentOS" ]] ; then @@ -416,6 +417,8 @@ if [[ $SERVER_OS == "CentOS" ]] ; then timeout 10 rpm --import https://$DOWNLOAD_SERVER/powerdns/FD380FBB-pub.asc timeout 10 rpm --import http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7 timeout 10 rpm --import https://$DOWNLOAD_SERVER/gf-plus/RPM-GPG-KEY-gf.el7 + timeout 10 rpm --import https://$DOWNLOAD_SERVER/lux/RPM-GPG-KEY-LUX + timeout 10 rpm --import https://$DOWNLOAD_SERVER/ius/RPM-GPG-KEY-IUS-7 timeout 10 rpm --import https://repo.dovecot.org/DOVECOT-REPO-GPG timeout 10 rpm --import https://copr-be.cloud.fedoraproject.org/results/copart/restic/pubkey.gpg yum clean all @@ -440,8 +443,12 @@ if [[ $DEV == "ON" ]] ; then if [[ $CENTOS_8 == "False" ]] ; then yum -y install yum-utils yum -y groupinstall development - yum -y install https://centos7.iuscommunity.org/ius-release.rpm - yum -y install python36u python36u-pip python36u-devel + if [[ $SERVER_COUNTRY == "CN" ]] ; then + wget -O /etc/yum.repos.d/ius.repo https://$DOWNLOAD_SERVER/ius/ius.repo + else + yum -y install https://centos7.iuscommunity.org/ius-release.rpm + fi + yum -y install python36u python36u-pip python36u-devel check_return fi if [[ $CENTOS_8 == "True" ]] ; then From 96e683bffcbc5bca7784711381c6580344f4ebfe Mon Sep 17 00:00:00 2001 From: qtwrk Date: Tue, 10 Mar 2020 04:09:22 +0100 Subject: [PATCH 3/4] make self-signed cert more compatible with MacOS --- cyberpanel.sh | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/cyberpanel.sh b/cyberpanel.sh index 6bae318d7..d4ce5caf9 100644 --- a/cyberpanel.sh +++ b/cyberpanel.sh @@ -1102,6 +1102,41 @@ cd cyberpanel/install curl https://cyberpanel.sh/?version } +regenerate_cert() { +cat << EOF > /root/cyberpanel/cert_conf +[req] +prompt=no +distinguished_name=cyberpanel +[cyberpanel] +commonName = www.example.com +countryName = CP +localityName = CyberPanel +organizationName = CyberPanel +organizationalUnitName = CyberPanel +stateOrProvinceName = CP +emailAddress = mail@example.com +name = CyberPanel +surname = CyberPanel +givenName = CyberPanel +initials = CP +dnQualifier = CyberPanel +[server_exts] +extendedKeyUsage = 1.3.6.1.5.5.7.3.1 +EOF +openssl req -x509 -config /root/cyberpanel/cert_conf -extensions 'server_exts' -nodes -days 820 -newkey rsa:3072 -keyout /usr/local/lscp/conf/key.pem -out /usr/local/lscp/conf/cert.pem + +if [[ $VERSION == "OLS" ]] ; then + key_path="/usr/local/lsws/admin/conf/webadmin.key" + cert_path="/usr/local/lsws/admin/conf/webadmin.crt" +else + key_path="/usr/local/lsws/admin/conf/cert/admin.key" + cert_path="/usr/local/lsws/admin/conf/cert/admin.crt" +fi + +openssl req -x509 -config /root/cyberpanel/cert_conf -extensions 'server_exts' -nodes -days 820 -newkey rsa:3072 -keyout $key_path -out $cert_path +rm -f /root/cyberpanel/cert_conf +} + after_install() { if [ ! -d "/var/lib/php" ]; then mkdir /var/lib/php @@ -1201,6 +1236,9 @@ MYSQLPASSWD=$(cat /etc/cyberpanel/mysqlPassword) echo "$ADMIN_PASS" > /etc/cyberpanel/adminPass /usr/local/CyberPanel/bin/python /usr/local/CyberCP/plogical/adminPass.py --password $ADMIN_PASS mkdir -p /etc/opendkim + +regenerate_cert + systemctl restart lscpd systemctl restart lsws echo "/usr/local/CyberPanel/bin/python /usr/local/CyberCP/plogical/adminPass.py --password \$@" > /usr/bin/adminPass From 9663faeef7232722bccd16fdc74c82d0b002ead3 Mon Sep 17 00:00:00 2001 From: qtwrk Date: Tue, 10 Mar 2020 17:23:30 +0100 Subject: [PATCH 4/4] fix some issue on self-signed cert --- cyberpanel.sh | 4 ++-- cyberpanel_upgrade.sh | 55 +++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 55 insertions(+), 4 deletions(-) diff --git a/cyberpanel.sh b/cyberpanel.sh index d4ce5caf9..d657d3e39 100644 --- a/cyberpanel.sh +++ b/cyberpanel.sh @@ -1123,7 +1123,7 @@ dnQualifier = CyberPanel [server_exts] extendedKeyUsage = 1.3.6.1.5.5.7.3.1 EOF -openssl req -x509 -config /root/cyberpanel/cert_conf -extensions 'server_exts' -nodes -days 820 -newkey rsa:3072 -keyout /usr/local/lscp/conf/key.pem -out /usr/local/lscp/conf/cert.pem +openssl req -x509 -config /root/cyberpanel/cert_conf -extensions 'server_exts' -nodes -days 820 -newkey rsa:2048 -keyout /usr/local/lscp/conf/key.pem -out /usr/local/lscp/conf/cert.pem if [[ $VERSION == "OLS" ]] ; then key_path="/usr/local/lsws/admin/conf/webadmin.key" @@ -1133,7 +1133,7 @@ else cert_path="/usr/local/lsws/admin/conf/cert/admin.crt" fi -openssl req -x509 -config /root/cyberpanel/cert_conf -extensions 'server_exts' -nodes -days 820 -newkey rsa:3072 -keyout $key_path -out $cert_path +openssl req -x509 -config /root/cyberpanel/cert_conf -extensions 'server_exts' -nodes -days 820 -newkey rsa:2048 -keyout $key_path -out $cert_path rm -f /root/cyberpanel/cert_conf } diff --git a/cyberpanel_upgrade.sh b/cyberpanel_upgrade.sh index db0c76bdf..41004b66a 100644 --- a/cyberpanel_upgrade.sh +++ b/cyberpanel_upgrade.sh @@ -26,6 +26,44 @@ if [[ $SERVER_COUNTRY == "CN" ]] ; then GIT_CONTENT_URL="gitee.com/qtwrk/cyberpanel/raw" fi +regenerate_cert() { +cat << EOF > /usr/local/CyberCP/cert_conf +[req] +prompt=no +distinguished_name=cyberpanel +[cyberpanel] +commonName = www.example.com +countryName = CP +localityName = CyberPanel +organizationName = CyberPanel +organizationalUnitName = CyberPanel +stateOrProvinceName = CP +emailAddress = mail@example.com +name = CyberPanel +surname = CyberPanel +givenName = CyberPanel +initials = CP +dnQualifier = CyberPanel +[server_exts] +extendedKeyUsage = 1.3.6.1.5.5.7.3.1 +EOF +if [[ $1 == "8090" ]] ; then +openssl req -x509 -config /usr/local/CyberCP/cert_conf -extensions 'server_exts' -nodes -days 820 -newkey rsa:2048 -keyout /usr/local/lscp/conf/key.pem -out /usr/local/lscp/conf/cert.pem +fi + +if [[ $1 == "7080" ]] ; then + if [[ -f /usr/local/lsws/admin/conf/webadmin.key ]] ; then + key_path="/usr/local/lsws/admin/conf/webadmin.key" + cert_path="/usr/local/lsws/admin/conf/webadmin.crt" + else + key_path="/usr/local/lsws/admin/conf/cert/admin.key" + cert_path="/usr/local/lsws/admin/conf/cert/admin.crt" + fi +openssl req -x509 -config /usr/local/CyberCP/cert_conf -extensions 'server_exts' -nodes -days 820 -newkey rsa:2048 -keyout $key_path -out $cert_path +fi +rm -f /usr/local/CyberCP/cert_conf + +} input_branch() { echo -e "\nPress Enter key to continue with latest version or Enter specific version such as: \e[31m1.9.4\e[39m , \e[31m1.9.5\e[39m ...etc" @@ -233,6 +271,19 @@ fi install_utility +output=$(timeout 3 openssl s_client -connect 127.0.0.1:8090 2>/dev/null) +echo $output | grep -q "mail@example.com" +if [[ $? == "0" ]] ; then +# it is using default installer generated cert +regenerate_cert 8090 +fi +output=$(timeout 3 openssl s_client -connect 127.0.0.1:7080 2>/dev/null) +echo $output | grep -q "mail@example.com" +if [[ $? == "0" ]] ; then +regenerate_cert 7080 +fi + + if [[ $SERVER_OS == "CentOS7" ]] ; then sed -i 's|error_reporting = E_ALL \& ~E_DEPRECATED \& ~E_STRICT|error_reporting = E_ALL \& ~E_DEPRECATED \& ~E_STRICT|g' /usr/local/lsws/{lsphp72,lsphp73}/etc/php.ini @@ -245,14 +296,14 @@ yum list installed lsphp74-devel fi if [[ $SERVER_OS == "Ubuntu" ]] ; then - dpkg -l lsphp74-dev + dpkg -l lsphp74-dev > /dev/null 2>&1 if [[ $? != "0" ]] ; then apt install -y lsphp74-dev fi fi if [[ ! -f /usr/local/lsws/lsphp74/lib64/php/modules/zip.so ]] && [[ $SERVER_OS == "CentOS7" ]] ; then - yum list installed libzip-devel + yum list installed libzip-devel > /dev/null 2>&1 if [[ $? == "0" ]] ; then yum remove -y libzip-devel fi