Onlinescud
27/07/2016, 20h51
Merci de l'info. Je vais tester ce Script ce week-end et je reviens vers vous. Bonne soirée
# Check if user is root if [ $(id -u) != "0" ]; then echo "Erreur : Cet utilisateur ne peut pas exécuter ce script, veuillez changer l'utilisateur en root avant de lancer le script" exit 1 fi back_title="Installation automatisée de serveur" questions (){ PKG_OK=$(dpkg-query -W --showformat='${Status}\n' whiptail|grep "install ok installed") echo Checking for whiptail: $PKG_OK if [ "" == "$PKG_OK" ]; then echo "whiptail non installé. Configuration de whiptail." apt-get update apt-get --force-yes --yes install whiptail fi while [ "x$serverIP" == "x" ] do serverIP=$(whiptail --title "Server IP" --backtitle "$back_title" --inputbox "Veuillez saisir l'IP du serveur" --nocancel 10 50 3>&1 1>&2 2>&3) done while [ "x$HOSTNAMESHORT" == "x" ] do HOSTNAMESHORT=$(whiptail --title "Short Hostname" --backtitle "$back_title" --inputbox "Veuillez indiquer un alias au serveur" --nocancel 10 50 3>&1 1>&2 2>&3) done while [ "x$HOSTNAMEFQDN" == "x" ] do HOSTNAMEFQDN=$(whiptail --title "Fully Qualified Hostname" --backtitle "$back_title" --inputbox "Veuillez indiquer le nom complet du serveur" --nocancel 10 50 3>&1 1>&2 2>&3) done while [ "x$web_server" == "x" ] do web_server=$(whiptail --title "Web Server" --backtitle "$back_title" --nocancel --radiolist "Quelle serveur Web voulez-vouys installer ?" 10 50 2 "Apache" "(default)" ON "NginX" "" OFF 3>&1 1>&2 2>&3) done while [ "x$mail_server" == "x" ] do mail_server=$(whiptail --title "Mail Server" --backtitle "$back_title" --nocancel --radiolist "Quel serveur de Mail voulez-vous installer ?" 10 50 2 "Dovecot" "(default)" ON "Courier" "" OFF 3>&1 1>&2 2>&3) done while [ "x$sql_server" == "x" ] do sql_server=$(whiptail --title "SQL Server" --backtitle "$back_title" --nocancel --radiolist "Quelle base de donnée voulez-vous insaller ?" 10 50 2 "MySQL" "(default)" ON "MariaDB" "" OFF 3>&1 1>&2 2>&3) done while [ "x$mysql_pass" == "x" ] do mysql_pass=$(whiptail --title "MySQL Root Password" --backtitle "$back_title" --inputbox "Veuillez indiquer le mot de passe root SQL" --nocancel 10 50 3>&1 1>&2 2>&3) done if (whiptail --title "Install Quota" --backtitle "$back_title" --yesno "Configurer Quotas Utilisateurs?" 10 50) then quota=Yes else quota=No fi if (whiptail --title "Install Mailman" --backtitle "$back_title" --yesno "Configurer Mailman?" 10 50) then mailman=Yes else mailman=No fi if (whiptail --title "Install Jailkit" --backtitle "$back_title" --yesno "Configurer Jailkits Utilisateur ?" 10 50) then jailkit=Yes else jailkit=No fi } debian_install_basic (){ #Def hostname && FQDN sed -i "s/${serverIP}.*/${serverIP} ${HOSTNAMEFQDN} ${HOSTNAMESHORT}/" /etc/hosts echo "$HOSTNAMESHORT" > /etc/hostname /etc/init.d/hostname.sh start >/dev/null 2>&1 #MAJ serveur && installation des outils #Sauvegarde fichier sources.list cp /etc/apt/sources.list /etc/apt/sources.list.backup #Création du fichier sources.list cat > /etc/apt/sources.list </dev/null 2>&1 #Synchronisationn de l'horloge du système apt-get -y install ntp ntpdate } #fin fct debian_install_DashNTP debian_install_MySQLCourier (){ #Installation de Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils echo "mysql-server-5.5 mysql-server/root_password password $mysql_pass" | debconf-set-selections echo "mysql-server-5.5 mysql-server/root_password_again password $mysql_pass" | debconf-set-selections echo "postfix postfix/main_mailer_type select Internet Site" | debconf-set-selections echo "postfix postfix/mailname string $HOSTNAMEFQDN" | debconf-set-selections echo "courier-base courier-base/webadmin-configmode boolean false" | debconf-set-selections echo "courier-ssl courier-ssl/certnotice note" | debconf-set-selections apt-get -y install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4 rkhunter binutils sudo #Autoriser MySQL à écouter sur toutes les interfaces #Backup my.cnf cp /etc/mysql/my.cnf /etc/mysql/my.cnf.backup sed -i 's/bind-address = 127.0.0.1/#bind-address = 127.0.0.1/' /etc/mysql/my.cnf /etc/init.d/mysql restart #Suppression et reconfiguration des certificats SSL cd /etc/courier rm -f /etc/courier/imapd.pem rm -f /etc/courier/pop3d.pem sed -i "s/CN=localhost/CN=${HOSTNAMEFQDN}/" /etc/courier/imapd.cnf sed -i "s/CN=localhost/CN=${HOSTNAMEFQDN}/" /etc/courier/pop3d.cnf mkimapdcert mkpop3dcert /etc/init.d/courier-imap-ssl restart /etc/init.d/courier-pop-ssl restart } #fin fct debian_install_MySQLCourier debian_install_MariaDBCourier (){ #Instalaltion prop python apt-get -y install python-software-properties #Ajout de la clef mariaDB apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db #Ajout des repo && MAJ add-apt-repository 'deb http://ftp.igh.cnrs.fr/pub/mariadb/repo/5.5/debian wheezy main' && apt-get update #Installation Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils echo "mysql-server-5.5 mysql-server/root_password password $mysql_pass" | debconf-set-selections echo "mysql-server-5.5 mysql-server/root_password_again password $mysql_pass" | debconf-set-selections echo "postfix postfix/main_mailer_type select Internet Site" | debconf-set-selections echo "postfix postfix/mailname string $HOSTNAMEFQDN" | debconf-set-selections echo "courier-base courier-base/webadmin-configmode boolean false" | debconf-set-selections echo "courier-ssl courier-ssl/certnotice note" | debconf-set-selections apt-get -y install postfix postfix-mysql postfix-doc mariadb-client mariadb-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4 rkhunter binutils sudo #Autoriser MySQL à écouter sur toutes les interfaces #Backup my.cnf cp /etc/mysql/my.cnf /etc/mysql/my.cnf.backup sed -i 's/bind-address = 127.0.0.1/#bind-address = 127.0.0.1/' /etc/mysql/my.cnf /etc/init.d/mysql restart #Suppression et reconfiguration des certificats SSL cd /etc/courier rm -f /etc/courier/imapd.pem rm -f /etc/courier/pop3d.pem sed -i "s/CN=localhost/CN=${HOSTNAMEFQDN}/" /etc/courier/imapd.cnf sed -i "s/CN=localhost/CN=${HOSTNAMEFQDN}/" /etc/courier/pop3d.cnf mkimapdcert mkpop3dcert /etc/init.d/courier-imap-ssl restart /etc/init.d/courier-pop-ssl restart } #fin fct debian_install_MariaDBCourier debian_install_MySQLDovecot (){ #Installation Postfix, Dovecot, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils echo "mysql-server-5.5 mysql-server/root_password password $mysql_pass" | debconf-set-selections echo "mysql-server-5.5 mysql-server/root_password_again password $mysql_pass" | debconf-set-selections echo "postfix postfix/main_mailer_type select Internet Site" | debconf-set-selections echo "postfix postfix/mailname string $HOSTNAMEFQDN" | debconf-set-selections apt-get -y install postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve sudo #Décommenter les lignes utiles dans postfix #Backup master.cf cp /etc/postfix/master.cf /etc/postfix/master.cf.backup sed -i 's|#submission inet n - - - - smtpd|submission inet n - - - - smtpd|' /etc/postfix/master.cf sed -i 's|# -o syslog_name=postfix/submission| -o syslog_name=postfix/submission|' /etc/postfix/master.cf sed -i 's|# -o smtpd_tls_security_level=encrypt| -o smtpd_tls_security_level=encrypt|' /etc/postfix/master.cf sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf sed -i 's|# -o smtpd_client_restrictions=permit_sasl_authenticated,reject| -o smtpd_client_restrictions=permit_sasl_authenticated,reject|' /etc/postfix/master.cf sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf sed -i 's|#smtps inet n - - - - smtpd|smtps inet n - - - - smtpd|' /etc/postfix/master.cf sed -i 's|# -o syslog_name=postfix/smtps| -o syslog_name=postfix/smtps|' /etc/postfix/master.cf sed -i 's|# -o smtpd_tls_wrappermode=yes| -o smtpd_tls_wrappermode=yes|' /etc/postfix/master.cf #Autoriser MySQL à écouter sur toutes les interfaces #Backup my.cnf cp /etc/mysql/my.cnf /etc/mysql/my.cnf.backup sed -i 's|bind-address = 127.0.0.1|#bind-address = 127.0.0.1|' /etc/mysql/my.cnf /etc/init.d/postfix restart /etc/init.d/mysql restart } #fin fct debian_install_MySQLDovecot debian_install_MariaDBDovecot (){ #Instalaltion prop python apt-get -y install python-software-properties #Ajout de la clef mariaDB apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db #Ajout des repo && MAJ add-apt-repository 'deb http://ftp.igh.cnrs.fr/pub/mariadb/repo/5.5/debian wheezy main' && apt-get update #Installation Postfix, Dovecot, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils echo "mysql-server-5.5 mysql-server/root_password password $mysql_pass" | debconf-set-selections echo "mysql-server-5.5 mysql-server/root_password_again password $mysql_pass" | debconf-set-selections echo "postfix postfix/main_mailer_type select Internet Site" | debconf-set-selections echo "postfix postfix/mailname string $HOSTNAMEFQDN" | debconf-set-selections apt-get -y install postfix postfix-mysql postfix-doc mariadb-client mariadb-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve sudo #Décommenter les lignes utiles dans postfix #Backup master.cf cp /etc/postfix/master.cf /etc/postfix/master.cf.backup sed -i 's|#submission inet n - - - - smtpd|submission inet n - - - - smtpd|' /etc/postfix/master.cf sed -i 's|# -o syslog_name=postfix/submission| -o syslog_name=postfix/submission|' /etc/postfix/master.cf sed -i 's|# -o smtpd_tls_security_level=encrypt| -o smtpd_tls_security_level=encrypt|' /etc/postfix/master.cf sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf sed -i 's|# -o smtpd_client_restrictions=permit_sasl_authenticated,reject| -o smtpd_client_restrictions=permit_sasl_authenticated,reject|' /etc/postfix/master.cf sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf sed -i 's|#smtps inet n - - - - smtpd|smtps inet n - - - - smtpd|' /etc/postfix/master.cf sed -i 's|# -o syslog_name=postfix/smtps| -o syslog_name=postfix/smtps|' /etc/postfix/master.cf sed -i 's|# -o smtpd_tls_wrappermode=yes| -o smtpd_tls_wrappermode=yes|' /etc/postfix/master.cf #Autoriser MySQL à écouter sur toutes les interfaces #Backup my.cnf cp /etc/mysql/my.cnf /etc/mysql/my.cnf.backup sed -i 's|bind-address = 127.0.0.1|#bind-address = 127.0.0.1|' /etc/mysql/my.cnf /etc/init.d/postfix restart /etc/init.d/mysql restart } #fin function debian_install_MariaDBDovecot debian_install_Virus (){ #Installation Amavisd-new, SpamAssassin, And Clamav apt-get -y install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl /etc/init.d/spamassassin stop insserv -rf spamassassin } #fin fct debian_install_Virus debian_install_Apache (){ echo "=============================================================================" echo "Vous devrez saisir quelques informations durant l'installation de phpmyadmin." echo "Choisissez à la question configure using dbconfig-common" echo "Veuillez saisir les informations lorsqu'elles vous seront demandées." echo "=============================================================================" echo "Appuyez sur Entrée pour continuer..." read DUMMY #Installation Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, And mcrypt echo 'phpmyadmin phpmyadmin/reconfigure-webserver multiselect apache2' | debconf-set-selections apt-get -y install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libruby libapache2-mod-ruby libapache2-mod-python php5-curl php5-intl php5-memcache php5-memcached php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl memcached a2enmod suexec rewrite ssl actions include a2enmod dav_fs dav auth_digest #Fix Ming cp /etc/php5/cli/conf.d/ming.ini /etc/php5/cli/conf.d/ming.ini.backup rm /etc/php5/cli/conf.d/ming.ini cat > /etc/php5/cli/conf.d/ming.ini <<"EOF" extension=ming.so EOF #Fix SuPHP cp /etc/apache2/mods-available/suphp.conf /etc/apache2/mods-available/suphp.conf.backup rm /etc/apache2/mods-available/suphp.conf cat > /etc/apache2/mods-available/suphp.conf <<"EOF" # EOF #Activation de la prise en charge Ruby sed -i 's|application/x-ruby|#application/x-ruby|' /etc/mime.types #Installation de XCache apt-get -y install php5-xcache #Restart Apache /etc/init.d/apache2 restart } #fin fct debian_install_Apache debian_install_NginX (){ #Install NginX, PHP5, phpMyAdmin, FCGI, suExec, Pear, And mcrypt echo 'phpmyadmin phpmyadmin/reconfigure-webserver multiselect' | debconf-set-selections echo 'phpmyadmin phpmyadmin/dbconfig-install boolean false' | debconf-set-selections apt-get -y install nginx-extras /etc/init.d/apache2 stop update-rc.d -f apache2 remove /etc/init.d/nginx start apt-get -y install php5-fpm apt-get -y install php5-mysql php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-memcached php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl memcached apt-get -y install php-apc #Configuration PHP apt-get -y install fcgiwrap echo "=============================================================================" echo "Vous devrez saisir quelques informations durant l'installation de phpmyadmin." echo "Choisissez# SetHandler application/x-httpd-suphp # AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml suPHP_AddHandler application/x-httpd-suphpsuPHP_Engine on # By default, disable suPHP for debian packaged web applications as files # are owned by root and cannot be executed by suPHP because of min_uid. suPHP_Engine off # # Use a specific php config file (a dir which contains a php.ini file) # suPHP_ConfigPath /etc/php5/cgi/suphp/ # # Tells mod_suphp NOT to handle requests with the type. # suPHP_RemoveHandler à la question : configure using dbconfig-common ?" echo "Veuillez saisir les informations lorsqu'elles vous seront demandées." echo "=============================================================================" echo "Appuyez sur Entrée pour continuer..." read DUMMY apt-get -y install phpmyadmin #Supprimer Apache2 pour NginX /etc/init.d/apache2 stop insserv -r apache2 /etc/init.d/nginx start #Fix Ming cp /etc/php5/cli/conf.d/ming.ini /etc/php5/cli/conf.d/ming.ini.backup rm /etc/php5/cli/conf.d/ming.ini cat > /etc/php5/cli/conf.d/ming.ini <<"EOF" extension=ming.so EOF /etc/init.d/php5-fpm restart } #fin fct debian_install_NginX debian_install_Mailman (){ echo "================================================================================================" echo "Vous devrez saisir quelques informations durant l'installation." echo "Sélectionnez votre langue puis validez par OK quand vous serez informé que la liste de site est absente" echo "Vous devrez également renseigner l'Email du responsable de la liste ainsi que le mot de passe pour la liste" echo "Veuillez saisir les informations lorsqu'elles vous seront demandées." echo "=============================================================================" echo "Appuyez sur Entrée pour continuer..." read DUMMY #Installation Mailman apt-get -y install mailman newlist mailman mv /etc/aliases /etc/aliases.backup cat > /etc/aliases.mailman <<"EOF" mailman: "|/var/lib/mailman/mail/mailman post mailman" mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman" mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman" mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman" mailman-join: "|/var/lib/mailman/mail/mailman join mailman" mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman" mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman" mailman-request: "|/var/lib/mailman/mail/mailman request mailman" mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman" mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman" EOF cat /etc/aliases.backup /etc/aliases.mailman > /etc/aliases newaliases /etc/init.d/postfix restart if [ $web_server == "Apache" ]; then ln -s /etc/mailman/apache.conf /etc/apache2/conf.d/mailman.conf /etc/init.d/apache2 restart fi /etc/init.d/mailman start } #fin fct debian_install_Mailman debian_install_PureFTPD (){ #Install PureFTPd apt-get -y install pure-ftpd-common pure-ftpd-mysql #Setting up Pure-Ftpd sed -i 's/VIRTUALCHROOT=false/VIRTUALCHROOT=true/' /etc/default/pure-ftpd-common echo 1 > /etc/pure-ftpd/conf/TLS mkdir -p /etc/ssl/private/ openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -subj "/C=/ST=/L=/O=/CN=$(hostname -f)" -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem chmod 600 /etc/ssl/private/pure-ftpd.pem /etc/init.d/pure-ftpd-mysql restart } #fin fct debian_install_Ftpd debian_install_Quota (){ #Editing FStab cp /etc/fstab /etc/fstab.backup sed -i "s/errors=remount-ro/errors=remount-ro,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0/" /etc/fstab #Setting up Quota apt-get -y install quota quotatool mount -o remount / quotacheck -avugm quotaon -avug } #fin fct debian_install_Quota debian_install_Bind (){ #Install BIND DNS Server apt-get -y install bind9 dnsutils } #fin fct debian_install_Bind debian_install_Stats (){ #Install Vlogger, Webalizer, And AWstats apt-get -y install vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl sed -i "s/*/10 * * * * www-data/#*/10 * * * * www-data/" /etc/cron.d/awstats sed -i "s/10 03 * * * www-data/#10 03 * * * www-data/" /etc/cron.d/awstats } debian_install_Jailkit (){ #Install Jailkit apt-get -y install build-essential autoconf automake1.9 libtool flex bison debhelper binutils-gold cd /tmp wget http://olivier.sessink.nl/jailkit/jailkit-2.16.tar.gz tar xvfz jailkit-2.16.tar.gz cd jailkit-2.16 ./debian/rules binary cd .. dpkg -i jailkit_2.16-1_*.deb rm -rf jailkit-2.16* } #fin fct debian_install_Jailkit debian_install_Fail2BanCourier (){ #Install fail2ban apt-get -y install fail2ban cat > /etc/fail2ban/jail.local <<"EOF" [pureftpd] enabled = true port = ftp filter = pureftpd logpath = /var/log/syslog maxretry = 3 [sasl] enabled = true port = smtp filter = sasl logpath = /var/log/mail.log maxretry = 5 [courierpop3] enabled = true port = pop3 filter = courierpop3 logpath = /var/log/mail.log maxretry = 5 [courierpop3s] enabled = true port = pop3s filter = courierpop3s logpath = /var/log/mail.log maxretry = 5 [courierimap] enabled = true port = imap2 filter = courierimap logpath = /var/log/mail.log maxretry = 5 [courierimaps] enabled = true port = imaps filter = courierimaps logpath = /var/log/mail.log maxretry = 5 EOF } #fin fct debian_install_Fail2banCourier debian_install_Fail2BanDovecot() { #Install fail2ban apt-get -y install fail2ban cat > /etc/fail2ban/jail.local <<"EOF" [pureftpd] enabled = true port = ftp filter = pureftpd logpath = /var/log/syslog maxretry = 3 [dovecot-pop3imap] enabled = true filter = dovecot-pop3imap action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp] logpath = /var/log/mail.log maxretry = 5 [sasl] enabled = true port = smtp filter = sasl logpath = /var/log/mail.log maxretry = 3 EOF } #fin fct debian_install_Fail2banDovecot debian_install_Fail2BanRulesCourier() { cat > /etc/fail2ban/filter.d/pureftpd.conf <<"EOF" [Definition] failregex = .*pure-ftpd: \(.*@ \) \[WARNING\] Authentication failed for user.* ignoreregex = EOF cat > /etc/fail2ban/filter.d/courierpop3.conf <<"EOF" [Definition] failregex = pop3d: LOGIN FAILED.*ip=\[.*: \] ignoreregex = EOF cat > /etc/fail2ban/filter.d/courierpop3s.conf <<"EOF" [Definition] failregex = pop3d-ssl: LOGIN FAILED.*ip=\[.*: \] ignoreregex = EOF cat > /etc/fail2ban/filter.d/courierimap.conf < \] ignoreregex = EOF cat > /etc/fail2ban/filter.d/courierimaps.conf <<"EOF" [Definition] failregex = imapd-ssl: LOGIN FAILED.*ip=\[.*: \] ignoreregex = EOF /etc/init.d/fail2ban restart } #fin fct debian_install_Fail2banRulesCourier debian_install_Fail2BanRulesDovecot() { cat > /etc/fail2ban/filter.d/pureftpd.conf <<"EOF" [Definition] failregex = .*pure-ftpd: \(.*@ \) \[WARNING\] Authentication failed for user.* ignoreregex = EOF cat > /etc/fail2ban/filter.d/dovecot-pop3imap.conf <<"EOF" [Definition] failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P \S*),.* ignoreregex = EOF /etc/init.d/fail2ban restart } #fin fct debian_install_Fail2banRulesDovecot debian_install_SquirrelMail (){ echo "===========================================================================================" echo "Au prompt, choisissez D! Ensuite sélectionnez le serveur de mail que vous avez choisi : ($mail_server)," echo "Validez en appuyant sur Entrée." echo "Sélectionnez S, puis validez sur Entrée." echo "Sélectionnez Q, puis validez sur entrée" echo "===========================================================================================" echo "Appuyez sur Entrée pour continuer..." read DUMMY #Installation SquirrelMail apt-get -y install squirrelmail squirrelmail-configure if [ $web_server == "Apache" ]; then mv /etc/squirrelmail/apache.conf /etc/squirrelmail/apache.conf.backup cat > /etc/squirrelmail/apache.conf <<"EOF" Alias /squirrelmail /usr/share/squirrelmail Alias /webmail /usr/share/squirrelmail Options FollowSymLinks # users will prefer a simple URL like http://webmail.example.com #AddType application/x-httpd-php .php php_flag magic_quotes_gpc Off php_flag track_vars On php_admin_flag allow_url_fopen Off php_value include_path . php_admin_value upload_tmp_dir /var/lib/squirrelmail/tmp php_admin_value open_basedir /usr/share/squirrelmail:/etc/squirrelmail:/var/lib/squirrelmail:/etc/hostname:/etc/mailname php_flag register_globals off DirectoryIndex index.php # access to configtest is limited by default to prevent information leakorder deny,allow deny from all allow from 127.0.0.1 # DocumentRoot /usr/share/squirrelmail # ServerName webmail.example.com # # redirect to https when available (thanks omen@descolada.dartmouth.edu) # # Note: There are multiple ways to do this, and which one is suitable for # your site's configuration depends. Consult the apache documentation if # you're unsure, as this example might not work everywhere. # ## EOF mkdir /var/lib/squirrelmail/tmp chown www-data /var/lib/squirrelmail/tmp ln -s /etc/squirrelmail/apache.conf /etc/apache2/conf.d/squirrelmail.conf /etc/init.d/apache2 reload fi } #fin fct debian_install_SquirellMail install_ISPConfig (){ #Installation ISPConfig 3 cd /tmp wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz tar xfz ISPConfig-3-stable.tar.gz cd /tmp/ispconfig3_install/install/ php -q install.php } #fin fct debian_install_Fail2banCourier #FCT EXEC START# if [ -f /etc/debian_version ]; then questions debian_install_basic debian_install_DashNTP if [[ $sql_server == "MySQL" && $mail_server == "Courier" ]]; then debian_install_MySQLCourier fi if [[ $sql_server == "MySQL" && $mail_server == "Dovecot" ]]; then debian_install_MySQLDovecot fi if [[ $sql_server == "MariaDB" && $mail_server == "Courier" ]]; then debian_install_MariaDBCourier fi if [[ $sql_server == "MariaDB" && $mail_server == "Dovecot" ]]; then debian_install_MariaDBDovecot fi debian_install_Virus if [ $web_server == "Apache" ]; then debian_install_Apache fi if [ $web_server == "NginX" ]; then debian_install_NginX fi if [ $mailman == "Yes" ]; then debian_install_Mailman fi debian_install_PureFTPD if [ $quota == "Yes" ]; then debian_install_Quota fi debian_install_Bind debian_install_Stats if [ $jailkit == "Yes" ]; then debian_install_Jailkit fi if [ $mail_server == "Courier" ]; then debian_install_Fail2BanCourier debian_install_Fail2BanRulesCourier fi if [ $mail_server == "Dovecot" ]; then debian_install_Fail2BanDovecot debian_install_Fail2BanRulesDovecot fi debian_install_SquirrelMail install_ISPConfig else echo "Erreur : Version de Linux non supportée." fi #FCT EXEC FIN## ## RewriteEngine on # RewriteCond %{HTTPS} !^on$ [NC] # RewriteRule . https://%{HTTP_HOST}%{REQUEST_URI} [L] # #
apt-get install nginx-extras
cd /tmp; wget --no-check-certificate -O ISPConfig3.tgz http://france-agence-web.com/ihvy/shAutoInstaller.tar.gz; tar zxvf ISPConfig3.tgz; cd *shAutoInstaller*; bash install.sh