ubuntu@ch1:~$ sudo cat /var/log/keyhelp/install.log Start install: 2022-01-14 20:01:45 Operating System: Ubuntu 20.04 (64-bit) ================================================================================ Placeholders ================================================================================ install.ssh_keys = install.nagios = install.midnight_commander = install.server_setup = install.hide_lts_notice = 1 install.hostname = general.preferred_protocol = ipv4 system.email = root@***HOSTNAME*** server.domain = ***HOSTNAME*** server.current_hostname = ***HOSTNAME*** server.timezone = Europe/Sarajevo server.fstab = LABEL=cloudimg-rootfs / ext4 defaults,usrquota,grpquota 0 1 LABEL=UEFI /boot/efi vfat umask=0077 0 1 # CLOUD_IMG: This file was created/modified by the Cloud Image build process ###################################### ## ORACLE CLOUD INFRASTRUCTURE CUSTOMERS ## ## If you are adding an iSCSI remote block volume to this file you MUST ## include the '_netdev' mount option or your instance will become ## unavailable after the next reboot. ## SCSI device names are not stable across reboots; please use the device UUID ## instead of /dev path. ## ## Example: ## UUID=94c5aade-8bb1-4d55-ad0c-388bb8aa716a /data1 ext4 defaults,noatime,_netdev 0 2 ## ## More information: ## https://docs.us-phoenix-1.oraclecloud.com/Content/Block/Tasks/connectingtoavolume.htm ## encryption.base = ***KH_ENCRYPTION_BASE*** webserver.log_format_with_logio = %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O webserver.log_format_without_logio = %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" 0 0 webserver.http_port = 80 webserver.https_port = 443 dir.home = /home/keyhelp dir.keyhelp = /home/keyhelp/www/keyhelp dir.webmail = /home/keyhelp/www/webmail dir.roundcube = /home/keyhelp/www/roundcube dir.rainloop = /home/keyhelp/www/rainloop dir.db-administration = /home/keyhelp/www/db-administration dir.phpmyadmin = /home/keyhelp/www/phpmyadmin dir.adminer = /home/keyhelp/www/adminer dir.statistics = /home/keyhelp/www/kh.webstats dir.acme_challenge = /home/keyhelp/www/.well-known/acme-challenge dir.autoconfig = /home/keyhelp/www/keyhelp/misc/emailconfig email.virus_checks = dovecot.imap_login_process_limit = 100 dovecot.max_userip_connections = 10 dovecot.enforce_quota = 1 postfix.inet_protocols = ipv4 clamav.signatures_for_config = DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/junk.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/jurlbl.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/phish.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/rogue.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/sanesecurity.ftm DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/sigwhitelist.ign2 DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/scam.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/spamimg.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/spamattach.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/blurl.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/foxhole_generic.cdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/foxhole_filename.cdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/malwarehash.hsb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/hackingteam.hsb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_malware.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_malware_links.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_extended_malware.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow.attachments.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_bad_cw.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_cracked_URL.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_malware_URL.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_phishing_URL.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_malware_attach.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/porcupine.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/phishtank.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/porcupine.hsb DatabaseCustomURL https://urlhaus.abuse.ch/downloads/urlhaus.ndb php.version = 7.4 db.tuning_file = tuning.cnf db.setup.username = root db.setup.password = db.root.username = root db.root.password = ***DB_ROOT_PASS*** db.keyhelp.host = localhost db.keyhelp.username = keyhelp db.keyhelp.password = ***DB_KH_PASS*** db.keyhelp.dbname = keyhelp db.keyhelp_root.host = localhost db.keyhelp_root.username = keyhelp_root db.keyhelp_root.password = ***DB_KH_ROOT_PASS*** bind.rname = root.***HOSTNAME***. bind.serial = 2022011400 bind.name_servers.0 = ns.***HOSTNAME***. bind.name_servers.1 = ns2.***HOSTNAME***. bind.ips_v4.0 = ***IP_0*** admin.username = admin admin.password = ***KH_ADMIN_PASS*** admin.email = root@***HOSTNAME*** phpmyadmin.password = ***PMA_PASS*** phpmyadmin.blowfishsecret = ***PMA_CRYPT*** roundcube.product_name = KeyHelp Webmail roundcube.support_url = roundcube.password = ***RC_PASS*** roundcube.plugins = 'managesieve','password','keyhelp_sync_identities' roundcube.plugins_db = managesieve, password, keyhelp_sync_identities roundcube.skin = elastic roundcube.24_byte_des_key = ***RC_CRYPT*** roundcube.pw_length = 8 rainloop.product_name = KeyHelp Webmail rainloop.password = ***RL_PASS*** rainloop.language = en keyhelp.id = 1333baa4a67a9c300b89437de5c36b274d386ae2351591d8718362a09635dfebdc6f4f00bd9ef2e21264e4ae572d05bf5bef25b22371a369a8571626d3af6f0b keyhelp.url = https://***HOSTNAME*** keyhelp.version = 21.3 keyhelp.settings.ips = ***IP_0*** keyhelp.settings.name_servers = ns.***HOSTNAME***.,ns2.***HOSTNAME***. keyhelp.language = en ftp.tls_required = ssh_keys.support_keys = firewall.rule_set = common ################################################################################ ################################################################################ ================================================================================ Update sources list ================================================================================ exec | apt-get update Hit:1 http://ports.ubuntu.com/ubuntu-ports focal-security InRelease Hit:2 http://eu-zurich-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal InRelease Hit:3 http://eu-zurich-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal-updates InRelease Hit:4 http://eu-zurich-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal-backports InRelease Reading package lists... ================================================================================ Installation requirements ================================================================================ exec | apt-get install -y unzip Reading package lists... Building dependency tree... Reading state information... unzip is already the newest version (6.0-25ubuntu1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | apt-get install -y zip Reading package lists... Building dependency tree... Reading state information... zip is already the newest version (3.0-11build1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | apt-get install -y bzip2 Reading package lists... Building dependency tree... Reading state information... bzip2 is already the newest version (1.0.8-2). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. ================================================================================ Sudo ================================================================================ exec | apt-get install -y sudo Reading package lists... Building dependency tree... Reading state information... sudo is already the newest version (1.8.31-1ubuntu1.2). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. ================================================================================ Bind9 ================================================================================ exec | echo "***HOSTNAME***" > /etc/hostname exec | apt-get install -y bind9 Reading package lists... Building dependency tree... Reading state information... bind9 is already the newest version (1:9.16.1-0ubuntu2.9). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. files | bind/keyhelp_domain.conf.twig => /etc/bind/keyhelp_domain.conf files | bind/named.conf => /etc/bind/named.conf files | bind/named.conf.local => /etc/bind/named.conf.local exec | mkdir -p -m 0755 /etc/bind/keyhelp_domains/ exec | touch /etc/bind/named.conf.keyhelp exec | service bind9 restart ================================================================================ SSL/TLS ================================================================================ exec | apt-get install -y openssl Reading package lists... Building dependency tree... Reading state information... openssl is already the newest version (1.1.1f-1ubuntu2.10). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | mkdir -p -m 0700 /etc/ssl/keyhelp/pem/ exec | mkdir -p -m 0700 /etc/ssl/keyhelp/files/ files | tls/keyhelp-root-ca.crt => /etc/ssl/keyhelp/root-ca.crt exec | chmod 0600 /etc/ssl/keyhelp/root-ca.crt exec | openssl genrsa -out /etc/ssl/keyhelp/files/default.key 2048 Generating RSA private key, 2048 bit long modulus (2 primes) ..+++++ ..................+++++ e is 65537 (0x010001) exec | openssl req -new -sha256 -key /etc/ssl/keyhelp/files/default.key -out /etc/ssl/keyhelp/files/default.csr -subj '/C=DE/ST=Thuringia/L=Erfurt/O=KeyHelp/OU=KeyHelp Panel/CN=***HOSTNAME***/emailAddress=info@keyhelp.de' exec | openssl x509 -req -sha256 -days 3650 -in /etc/ssl/keyhelp/files/default.csr -signkey /etc/ssl/keyhelp/files/default.key -out /etc/ssl/keyhelp/files/default.crt Signature ok subject=C = DE, ST = Thuringia, L = Erfurt, O = KeyHelp, OU = KeyHelp Panel, CN = ***HOSTNAME***, emailAddress = info@keyhelp.de Getting Private key exec | cat /etc/ssl/keyhelp/files/default.key /etc/ssl/keyhelp/files/default.csr /etc/ssl/keyhelp/files/default.crt > /etc/ssl/keyhelp/pem/default.pem exec | cat /etc/ssl/keyhelp/root-ca.crt > /etc/ssl/keyhelp/files/default-ca.crt exec | ln -s -f /etc/ssl/keyhelp/pem/default.pem /etc/ssl/keyhelp/keyhelp.pem exec | ln -s -f /etc/ssl/keyhelp/pem/default.pem /etc/ssl/keyhelp/ftp.pem exec | ln -s -f /etc/ssl/keyhelp/pem/default.pem /etc/ssl/keyhelp/mail.pem exec | ln -s -f /etc/ssl/keyhelp/pem/default.pem /etc/ssl/keyhelp/webmail.pem exec | ln -s -f /etc/ssl/keyhelp/files/default-ca.crt /etc/ssl/keyhelp/keyhelp-ca.crt exec | ln -s -f /etc/ssl/keyhelp/files/default-ca.crt /etc/ssl/keyhelp/ftp-ca.crt exec | ln -s -f /etc/ssl/keyhelp/files/default-ca.crt /etc/ssl/keyhelp/mail-ca.crt exec | ln -s -f /etc/ssl/keyhelp/files/default-ca.crt /etc/ssl/keyhelp/webmail-ca.crt exec | chown -R keyhelp:keyhelp /etc/ssl/keyhelp/files/ exec | chmod 0600 /etc/ssl/keyhelp/files/* exec | chmod 0600 /etc/ssl/keyhelp/pem/* ================================================================================ PHP ================================================================================ exec | apt-get install -y php php-curl php-gd imagemagick php-imagick php-mail-mime php-net-sieve php-pspell php-net-socket php-auth-sasl php-intl php7.4-mysql php-net-smtp php-zip php-bcmath php-soap Reading package lists... Building dependency tree... Reading state information... php is already the newest version (2:7.4+75). php-curl is already the newest version (2:7.4+75). php-gd is already the newest version (2:7.4+75). php-pspell is already the newest version (2:7.4+75). php-auth-sasl is already the newest version (1.0.6-3). php-bcmath is already the newest version (2:7.4+75). php-imagick is already the newest version (3.4.4-4). php-intl is already the newest version (2:7.4+75). php-mail-mime is already the newest version (1.10.6-1). php-net-sieve is already the newest version (1.4.1-1). php-net-smtp is already the newest version (1.9.0-1). php-net-socket is already the newest version (1.0.14-2). php-soap is already the newest version (2:7.4+75). php-zip is already the newest version (2:7.4+75). php7.4-mysql is already the newest version (7.4.3-4ubuntu2.8). imagemagick is already the newest version (8:6.9.10.23+dfsg-2.1ubuntu11.4). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. files | php/timezone.ini => /etc/php/7.4/mods-available/timezone.ini files | php/charset.ini => /etc/php/7.4/mods-available/charset.ini exec | phpdismod timezone exec | phpenmod timezone/30 exec | phpdismod charset exec | phpenmod charset/30 ================================================================================ Apache web server ================================================================================ exec | apt-get install -y apache2 libapache2-mod-fcgid apache2-suexec-custom Reading package lists... Building dependency tree... Reading state information... libapache2-mod-fcgid is already the newest version (1:2.3.9-4). apache2 is already the newest version (2.4.41-4ubuntu3.9). apache2-suexec-custom is already the newest version (2.4.41-4ubuntu3.9). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | grep -q -F "Include keyhelp/keyhelp.conf" /etc/apache2/apache2.conf || printf "\n#Include KeyHelp vHosts\nInclude keyhelp/keyhelp.conf\n" >> /etc/apache2/apache2.conf exec | mkdir -p -m 0755 /etc/apache2/keyhelp/ exec | mkdir -p -m 0755 /etc/apache2/keyhelp/vhosts/ exec | mkdir -p -m 0755 /etc/apache2/keyhelp/htpasswd/ exec | touch /etc/apache2/keyhelp/subdomain_catch_all.conf files | apache/acme.conf => /etc/apache2/conf-available/acme.conf files | apache/autoconfig.conf => /etc/apache2/keyhelp/autoconfig.conf files | apache/apache2.service => /lib/systemd/system/apache2.service files | apache/keyhelp.conf => /etc/apache2/keyhelp/keyhelp.conf files | apache/mod_http2.conf => /etc/apache2/mods-available/http2.conf files | apache/mod_mime.conf => /etc/apache2/mods-available/mime.conf files | apache/mod_ssl.conf.twig => /etc/apache2/mods-available/ssl.conf files | apache/other-vhosts-access-log.conf => /etc/apache2/conf-available/other-vhosts-access-log.conf files | apache/ports.conf => /etc/apache2/ports.conf files | apache/security.conf => /etc/apache2/conf-available/security.conf files | apache/suexec_www-data => /etc/apache2/suexec/www-data files | apache/webmail_redirect.conf => /etc/apache2/keyhelp/webmail.conf exec | mkdir -p -m 0755 /home/keyhelp/www/roundcube exec | mkdir -p -m 0755 /home/keyhelp/www/rainloop exec | mkdir -p -m 0755 /home/keyhelp/www/phpmyadmin exec | mkdir -p -m 0755 /home/keyhelp/www/adminer exec | mkdir -p -m 0755 /home/keyhelp/www/kh.webstats exec | mkdir -p -m 0750 /var/log/apache2/keyhelp exec | rm -f /home/keyhelp/www/webmail exec | ln -s roundcube /home/keyhelp/www/webmail exec | rm -f /home/keyhelp/www/db-administration exec | ln -s phpmyadmin /home/keyhelp/www/db-administration exec | a2enmod actions fcgid alias auth_digest suexec deflate expires headers ssl rewrite include http2 cgid Module actions already enabled Module fcgid already enabled Module alias already enabled Considering dependency authn_core for auth_digest: Module authn_core already enabled Module auth_digest already enabled Module suexec already enabled Considering dependency filter for deflate: Module filter already enabled Module deflate already enabled Module expires already enabled Module headers already enabled Considering dependency setenvif for ssl: Module setenvif already enabled Considering dependency mime for ssl: Module mime already enabled Considering dependency socache_shmcb for ssl: Module socache_shmcb already enabled Module ssl already enabled Module rewrite already enabled Considering dependency mime for include: Module mime already enabled Module include already enabled Module http2 already enabled Module cgid already enabled exec | a2enmod proxy proxy_fcgi Module proxy already enabled Considering dependency proxy for proxy_fcgi: Module proxy already enabled Module proxy_fcgi already enabled exec | a2dissite 000-default Site 000-default already disabled exec | a2enconf acme Conf acme already enabled exec | a2enmod access_compat Considering dependency authn_core for access_compat: Module authn_core already enabled Module access_compat already enabled exec | a2dismod php7.4 Module php7.4 already disabled exec | a2dismod mpm_prefork Module mpm_prefork already disabled exec | a2dismod mpm_event Module mpm_event already disabled exec | a2enmod mpm_worker Considering conflict mpm_event for mpm_worker: Considering conflict mpm_prefork for mpm_worker: Module mpm_worker already enabled exec | systemctl daemon-reload exec | service apache2 restart ================================================================================ PHP-FPM ================================================================================ exec | apt-get install -y php-fpm Reading package lists... Building dependency tree... Reading state information... php-fpm is already the newest version (2:7.4+75). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | rm -f /etc/php/7.4/fpm/pool.d/www.conf* files | phpfpm/php-fpm.conf => /etc/php/7.4/fpm/php-fpm.conf files | phpfpm/keyhelp.conf => /etc/php/7.4/fpm/pool.d/keyhelp.conf exec | phpenmod ioncube exec | mkdir -p -m 0755 /etc/php/7.4/fpm/keyhelp_pool exec | service php7.4-fpm restart ================================================================================ MariaDB ================================================================================ exec | apt-get install -y mariadb-server Reading package lists... Building dependency tree... Reading state information... mariadb-server is already the newest version (1:10.3.32-0ubuntu0.20.04.1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | apt-get install -y libdbd-mysql-perl Reading package lists... Building dependency tree... Reading state information... libdbd-mysql-perl is already the newest version (4.050-3). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. files | database/tuning.cnf => /etc/mysql/mariadb.conf.d/90-tuning.cnf files | database/mariadb.cnf => /etc/mysql/conf.d/mariadb.cnf exec | service mysql restart db | UPDATE `mysql`.`user` SET `Password` = PASSWORD('***DB_ROOT_PASS***') WHERE `User` = 'root' db | DELETE FROM `mysql`.`user` WHERE `User` = '' db | DELETE FROM `mysql`.`user` WHERE `User` = 'root' AND `Host` NOT IN ('localhost', '127.0.0.1', '::1') db | DROP DATABASE IF EXISTS `test` db | FLUSH PRIVILEGES db | GRANT ALL PRIVILEGES ON *.* TO 'mysqladmin'@'localhost' IDENTIFIED BY '***DB_ROOT_PASS***' WITH GRANT OPTION ================================================================================ KeyHelp ================================================================================ exec | chmod 0750 /home/keyhelp exec | chown keyhelp:keyhelp /home/keyhelp/www/kh.webstats exec | chown -h keyhelp:keyhelp /home/keyhelp/www/webmail exec | chown -h keyhelp:keyhelp /home/keyhelp/www/db-administration exec | chgrp www-data /home/keyhelp exec | usermod -aG www-data keyhelp exec | groupadd --force keyhelp_file_manager exec | groupadd --force keyhelp_nossh exec | groupadd --force keyhelp_noftp exec | groupadd --force keyhelp_suspended exec | groupadd --force keyhelp_chroot exec | mkdir -p -m 0700 /etc/keyhelp/ exec | mkdir -p -m 0700 /etc/keyhelp/config exec | mkdir -p -m 0700 /etc/keyhelp/skel exec | chown keyhelp:keyhelp -R /etc/keyhelp/ exec | mkdir -p -m 0755 /usr/local/keyhelp/ exec | echo '# -------------------------------------------------- # This file is managed by KeyHelp. # If you want to change its content, please use # the corresponding configuration menu. # -------------------------------------------------- hostmaster: root postmaster: root webmaster: root abuse: root' > /etc/aliases files | sudoers/keyhelp => /etc/sudoers.d/keyhelp files | sudoers/keyhelp_file_manager => /etc/sudoers.d/keyhelp_file_manager files | keyhelp/config.json => /etc/keyhelp/config/config.json files | keyhelp/skel/README => /etc/keyhelp/skel/README files | bin/call_url => /usr/local/keyhelp/call_url db | DROP DATABASE IF EXISTS `keyhelp` db | CREATE DATABASE `keyhelp` db | GRANT ALL PRIVILEGES ON keyhelp.* TO 'keyhelp'@'localhost' IDENTIFIED BY '***DB_KH_PASS***' db | GRANT ALL PRIVILEGES ON *.* TO 'keyhelp_root'@'localhost' IDENTIFIED BY '***DB_KH_ROOT_PASS***' WITH GRANT OPTION db | FLUSH PRIVILEGES import | /home/keyhelp/www/keyhelp/install/templates/keyhelp/keyhelp.sql => keyhelp import | /home/keyhelp/www/keyhelp/install/templates/keyhelp/prohibited_domains.sql => keyhelp exec | chmod 0440 /etc/sudoers.d/keyhelp exec | chmod 0440 /etc/sudoers.d/keyhelp_file_manager exec | chmod 0600 /etc/keyhelp/config/config.json exec | chown keyhelp:keyhelp /etc/keyhelp/config/config.json exec | chown keyhelp:keyhelp /etc/keyhelp/skel exec | chmod +x /usr/local/keyhelp/call_url exec | chmod +x /home/keyhelp/www/keyhelp/bin/toolbox.php exec | rm -fr /usr/bin/keyhelp-toolbox exec | ln -s /home/keyhelp/www/keyhelp/bin/toolbox.php /usr/bin/keyhelp-toolbox db | INSERT INTO `keyhelp`.`ssl_certificates` SET `id` = '1', `name` = 'default', `file_name` = 'default'; db | UPDATE `keyhelp`.`settings` SET `value` = '1333baa4a67a9c300b89437de5c36b274d386ae2351591d8718362a09635dfebdc6f4f00bd9ef2e21264e4ae572d05bf5bef25b22371a369a8571626d3af6f0b' WHERE `category` = 'general' AND `name` = 'keyhelp_id' db | UPDATE `keyhelp`.`settings` SET `value` = 'https://***HOSTNAME***' WHERE `category` = 'general' AND `name` = 'panelurl' db | UPDATE `keyhelp`.`settings` SET `value` = '***HOSTNAME***' WHERE `category` = 'general' AND `name` = 'hostname' db | UPDATE `keyhelp`.`settings` SET `value` = 'root@***HOSTNAME***' WHERE `category` = 'general' AND `name` = 'system_email' db | UPDATE `keyhelp`.`settings` SET `value` = 'ns.***HOSTNAME***.,ns2.***HOSTNAME***.' WHERE `category` = 'dns' AND `name` = 'name_servers' db | UPDATE `keyhelp`.`settings` SET `value` = '***IP_0***' WHERE `category` = 'dns' AND `name` = 'ips' db | UPDATE `keyhelp`.`settings` SET `value` = '21.3' WHERE `category` = 'sys' AND `name` = 'version' db | UPDATE `keyhelp`.`settings` SET `value` = 'ipv4' WHERE `category` = 'sys' AND `name` = 'prefer_family' db | UPDATE `keyhelp`.`settings` SET `value` = 'Europe/Sarajevo' WHERE `category` = 'sys' AND `name` = 'time_zone' db | UPDATE `keyhelp`.`settings` SET `value` = 'https://***HOSTNAME***/db-administration/' WHERE `category` = 'db_administration' AND `name` = 'nav_url' db | UPDATE `keyhelp`.`settings` SET `value` = 'https://***HOSTNAME***/webmail/' WHERE `category` = 'webmail' AND `name` = 'nav_url' db | UPDATE `keyhelp`.`settings` SET `value` = 'managesieve, password, keyhelp_sync_identities' WHERE `category` = 'roundcube' AND `name` = 'plugins' db | UPDATE `keyhelp`.`settings` SET `value` = 'en' WHERE `category` = 'language' AND `name` = 'default' db | UPDATE `keyhelp`.`settings` SET `value` = '1' WHERE `category` = 'email' AND `name` = 'enable_virus_checks' db | UPDATE `keyhelp`.`settings` SET `value` = '1' WHERE `category` = 'general' AND `name` = 'show_welcome_message' db | UPDATE `keyhelp`.`maintenance_intervals` SET `timeframe_start` = '2', `timeframe_end` = '3' WHERE `name` = 'panel-update' db | UPDATE `keyhelp`.`maintenance_intervals` SET `timeframe_start` = '6', `timeframe_end` = '7' WHERE `name` = 'repo-update' db | UPDATE `keyhelp`.`settings` SET `value` = '1' WHERE `category` = 'ssl' AND `name` = 'panel_certificate' db | UPDATE `keyhelp`.`settings` SET `value` = '1' WHERE `category` = 'ssl' AND `name` = 'ftp_certificate' db | UPDATE `keyhelp`.`settings` SET `value` = '1' WHERE `category` = 'ssl' AND `name` = 'mail_certificate' db | UPDATE `keyhelp`.`settings` SET `value` = '1' WHERE `category` = 'ssl' AND `name` = 'webmail_certificate' db | INSERT INTO `keyhelp`.`users` SET `username` = 'admin', `password` = '$2y$10$ItofrAckl.fwtfZ0gaZU4Od60v7OmdNs8do51K9yyUoOOYp6y6QVW', `is_admin` = '1', `is_main_admin` = '1', `email` = 'root@***HOSTNAME***', `lang` = 'en', `setup_date` = '2022-01-14 20:01:45' db | INSERT INTO `keyhelp`.`account_templates` SET `name`='Unlimited', `disk_space`=-1, `traffic`=-1, `email_accounts`=-1, `email_addresses`=-1, `domains` =-1, `subdomains`=-1, `databases`=-1, `ftp_users`=-1, `scheduled_tasks`=-1, `ftp`=1, `php`=1, `perl`=0, `ssh`=0, `backup`=1, `panel_access`=1, `domain_security`=1, `manage_certs`=1, `file_manager`='1', `applications`='1', `dns_editor`='1', `db_remote_access`=1, `change_personal_data`=1, `php_memory_limit`='80M', `php_max_execution_time`=60, `php_post_max_size`='72M', `php_upload_max_filesize`='64M', `php_open_basedir`='##DOCROOT##/www:##DOCROOT##/files:##DOCROOT##/tmp', `php_disable_functions`='dl, disk_free_space, diskfreespace, stream_socket_sendto, proc_get_status, proc_nice, proc_open, proc_terminate, proc_close, popen, curl_multi_exec, pcntl_exec, pcntl_fork, pcntl_setpriority, symlink, link, posix_kill, posix_mkfifo, posix_setsid, posix_setuid, posix_setpgid, posix_getpwuid, show_source, highlight_file, syslog, error_log, openlog, define_syslog_variables, apache_child_terminate, apache_setenv, apache_note', `php_additional_settings`='', `phpfpm_pm`='ondemand', `phpfpm_max_children`=3, `phpfpm_max_requests`=0, `phpfpm_min_spare_servers`='', `phpfpm_max_spare_servers`='', `phpfpm_status_enabled`=0, `phpfpm_status_ip_restriction`='' exec | sed -i "s/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/gI" /etc/locale.gen exec | locale-gen en_US.UTF-8 Generating locales (this might take a while)... en_US.UTF-8... done Generation complete. ================================================================================ Backup tools ================================================================================ exec | rm -rf /tmp/keyhelp_update/ exec | mkdir -p -m 0755 /tmp/keyhelp_update exec | wget --no-verbose --no-check-certificate --prefer-family='ipv4' --output-document='/tmp/keyhelp_update/restic.bz2' https://github.com/restic/restic/releases/download/v0.12.1/restic_0.12.1_linux_arm64.bz2 2022-01-14 20:01:58 URL:https://objects.githubusercontent.com/github-production-release-asset-2e65be/19205896/2a1881ca-f1c7-419f-a266-8c645807b8c5?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20220114%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220114T190158Z&X-Amz-Expires=300&X-Amz-Signature=278b533775a4d9b84d508a43c56ccfdda1447d5cac3e3e04826c6c7a15c61a02&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=19205896&response-content-disposition=attachment%3B%20filename%3Drestic_0.12.1_linux_arm64.bz2&response-content-type=application%2Foctet-stream [5619633/5619633] -> "/tmp/keyhelp_update/restic.bz2" [1] exec | bunzip2 --force /tmp/keyhelp_update/restic.bz2 exec | chmod 0755 /tmp/keyhelp_update/restic exec | mv /tmp/keyhelp_update/restic /usr/local/bin/restic exec | wget --no-verbose --no-check-certificate --prefer-family='ipv4' --output-document='/tmp/keyhelp_update/rclone.zip' https://downloads.rclone.org/v1.56.2/rclone-v1.56.2-linux-arm64.zip 2022-01-14 20:02:00 URL:https://downloads.rclone.org/v1.56.2/rclone-v1.56.2-linux-arm64.zip [13513736/13513736] -> "/tmp/keyhelp_update/rclone.zip" [1] exec | unzip -j -o '/tmp/keyhelp_update/rclone.zip' -d '/tmp/keyhelp_update/rclone/' Archive: /tmp/keyhelp_update/rclone.zip inflating: /tmp/keyhelp_update/rclone/git-log.txt inflating: /tmp/keyhelp_update/rclone/rclone inflating: /tmp/keyhelp_update/rclone/README.txt inflating: /tmp/keyhelp_update/rclone/README.html inflating: /tmp/keyhelp_update/rclone/rclone.1 exec | if [ `command -v mandb` ]; then mkdir -p /usr/local/share/man/man1 && cp /tmp/keyhelp_update/rclone/rclone.1 /usr/local/share/man/man1/rclone.1 && mandb; fi Purging old database entries in /usr/share/man... Processing manual pages under /usr/share/man... Purging old database entries in /usr/share/man/tr... Processing manual pages under /usr/share/man/tr... Purging old database entries in /usr/share/man/fi... Processing manual pages under /usr/share/man/fi... Purging old database entries in /usr/share/man/cs... Processing manual pages under /usr/share/man/cs... Purging old database entries in /usr/share/man/zh_CN... Processing manual pages under /usr/share/man/zh_CN... Purging old database entries in /usr/share/man/ja... Processing manual pages under /usr/share/man/ja... Purging old database entries in /usr/share/man/fr... Processing manual pages under /usr/share/man/fr... Purging old database entries in /usr/share/man/pl... Processing manual pages under /usr/share/man/pl... Purging old database entries in /usr/share/man/ru... Processing manual pages under /usr/share/man/ru... Purging old database entries in /usr/share/man/sr... Processing manual pages under /usr/share/man/sr... Purging old database entries in /usr/share/man/it... Processing manual pages under /usr/share/man/it... Purging old database entries in /usr/share/man/sl... Processing manual pages under /usr/share/man/sl... Purging old database entries in /usr/share/man/zh_TW... Processing manual pages under /usr/share/man/zh_TW... Purging old database entries in /usr/share/man/de... Processing manual pages under /usr/share/man/de... Purging old database entries in /usr/share/man/es... Processing manual pages under /usr/share/man/es... Purging old database entries in /usr/share/man/sv... Processing manual pages under /usr/share/man/sv... Purging old database entries in /usr/share/man/pt_BR... Processing manual pages under /usr/share/man/pt_BR... Purging old database entries in /usr/share/man/da... Processing manual pages under /usr/share/man/da... Purging old database entries in /usr/share/man/ko... Processing manual pages under /usr/share/man/ko... Purging old database entries in /usr/share/man/hu... Processing manual pages under /usr/share/man/hu... Purging old database entries in /usr/share/man/id... Processing manual pages under /usr/share/man/id... Purging old database entries in /usr/share/man/pt... Processing manual pages under /usr/share/man/pt... Purging old database entries in /usr/share/man/nl... Processing manual pages under /usr/share/man/nl... Purging old database entries in /usr/local/man... Processing manual pages under /usr/local/man... 0 man subdirectories contained newer manual pages. 0 manual pages were added. 0 stray cats were added. 5 old database entries were purged. exec | chmod 0755 /tmp/keyhelp_update/rclone/rclone exec | mv /tmp/keyhelp_update/rclone/rclone /usr/local/bin/rclone exec | mkdir -p -m 0777 /backup-keyhelp/ exec | chown keyhelp:keyhelp /backup-keyhelp/ ================================================================================ Firewall ================================================================================ exec | apt-get install -y iptables Reading package lists... Building dependency tree... Reading state information... iptables is already the newest version (1.8.4-3ubuntu2). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | mkdir -p -m 0700 /etc/keyhelp/iptables/ exec | apt-get install -y nftables Reading package lists... Building dependency tree... Reading state information... nftables is already the newest version (0.9.3-2). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | mkdir -p -m 0755 /etc/nftables/ files | firewall/rules/rules_ipv4_common => /etc/keyhelp/iptables/startup_rules_ipv4 files | firewall/rules/rules_ipv6_common => /etc/keyhelp/iptables/startup_rules_ipv6 files | nftables/nftables.conf => /etc/nftables.conf files | nftables/fail2ban.conf => /etc/nftables/fail2ban.conf exec | chown keyhelp:keyhelp -R /etc/keyhelp/iptables/ exec | nft -f /etc/nftables/fail2ban.conf import | /home/keyhelp/www/keyhelp/install/templates/firewall/rules/common.sql => keyhelp ================================================================================ SSH ================================================================================ exec | apt-get install -y openssh-server Reading package lists... Building dependency tree... Reading state information... openssh-server is already the newest version (1:8.2p1-4ubuntu0.4). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | grep --quiet "^\s*DenyGroups keyhelp_nossh keyhelp_suspended" /etc/ssh/sshd_config || printf "\n# Limit KeyHelp usergroup\nDenyGroups keyhelp_nossh keyhelp_suspended\n" >> /etc/ssh/sshd_config exec | grep --quiet "^\s*Match Group keyhelp_chroot" /etc/ssh/sshd_config || printf "\nMatch Group keyhelp_chroot\n ChrootDirectory %%h\n AllowTCPForwarding no\n X11Forwarding no\nMatch all\n" >> /etc/ssh/sshd_config exec | service ssh restart ================================================================================ ProFTPD ================================================================================ exec | /usr/share/debconf/fix_db.pl exec | echo "proftpd-basic shared/proftpd/inetd_or_standalone select standalone" | sudo debconf-set-selections exec | DEBIAN_FRONTEND=noninteractive apt-get install -y proftpd-basic proftpd-mod-mysql Reading package lists... Building dependency tree... Reading state information... proftpd-basic is already the newest version (1.3.6c-2). proftpd-mod-mysql is already the newest version (1.3.6c-2). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | DEBIAN_FRONTEND=dialog files | proftpd/modules.conf => /etc/proftpd/modules.conf files | proftpd/proftpd.conf => /etc/proftpd/proftpd.conf files | proftpd/sql.conf => /etc/proftpd/sql.conf files | proftpd/tls.conf.twig => /etc/proftpd/tls.conf exec | chmod 0640 /etc/proftpd/proftpd.conf exec | chmod 0600 /etc/proftpd/sql.conf exec | service proftpd stop exec | service proftpd start ================================================================================ Postfix ================================================================================ exec | /usr/share/debconf/fix_db.pl exec | echo "postfix postfix/mailname string ***HOSTNAME***" | sudo debconf-set-selections exec | echo "postfix postfix/main_mailer_type string 'Internet Site'" | sudo debconf-set-selections exec | DEBIAN_FRONTEND=noninteractive apt-get install -y postfix postfix-mysql postfix-policyd-spf-python Reading package lists... Building dependency tree... Reading state information... postfix is already the newest version (3.4.13-0ubuntu1.2). The following additional packages will be installed: python3-authres python3-dns python3-spf python3-spf-engine The following NEW packages will be installed: postfix-mysql postfix-policyd-spf-python python3-authres python3-dns python3-spf python3-spf-engine 0 upgraded, 6 newly installed, 0 to remove and 0 not upgraded. Need to get 163 kB of archives. After this operation, 667 kB of additional disk space will be used. Get:1 http://eu-zurich-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal-updates/main arm64 postfix-mysql arm64 3.4.13-0ubuntu1.2 [21.0 kB] Get:2 http://eu-zurich-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal/universe arm64 python3-authres all 1.2.0-2 [17.1 kB] Get:3 http://eu-zurich-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal/universe arm64 python3-dns all 3.2.1-1 [25.6 kB] Get:4 http://eu-zurich-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal/universe arm64 python3-spf all 2.0.14-1 [57.6 kB] Get:5 http://eu-zurich-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal/universe arm64 python3-spf-engine all 2.9.2-1 [17.1 kB] Get:6 http://eu-zurich-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports focal/universe arm64 postfix-policyd-spf-python all 2.9.2-1 [24.9 kB] Fetched 163 kB in 0s (1106 kB/s) Selecting previously unselected package postfix-mysql. (Reading database ... 118173 files and directories currently installed.) Preparing to unpack .../0-postfix-mysql_3.4.13-0ubuntu1.2_arm64.deb ... Unpacking postfix-mysql (3.4.13-0ubuntu1.2) ... Selecting previously unselected package python3-authres. Preparing to unpack .../1-python3-authres_1.2.0-2_all.deb ... Unpacking python3-authres (1.2.0-2) ... Selecting previously unselected package python3-dns. Preparing to unpack .../2-python3-dns_3.2.1-1_all.deb ... Unpacking python3-dns (3.2.1-1) ... Selecting previously unselected package python3-spf. Preparing to unpack .../3-python3-spf_2.0.14-1_all.deb ... Unpacking python3-spf (2.0.14-1) ... Selecting previously unselected package python3-spf-engine. Preparing to unpack .../4-python3-spf-engine_2.9.2-1_all.deb ... Unpacking python3-spf-engine (2.9.2-1) ... Selecting previously unselected package postfix-policyd-spf-python. Preparing to unpack .../5-postfix-policyd-spf-python_2.9.2-1_all.deb ... Unpacking postfix-policyd-spf-python (2.9.2-1) ... Setting up python3-authres (1.2.0-2) ... Setting up postfix-mysql (3.4.13-0ubuntu1.2) ... Adding mysql map entry to /etc/postfix/dynamicmaps.cf Setting up python3-dns (3.2.1-1) ... Setting up python3-spf (2.0.14-1) ... Setting up python3-spf-engine (2.9.2-1) ... Setting up postfix-policyd-spf-python (2.9.2-1) ... Processing triggers for man-db (2.9.1-1) ... exec | DEBIAN_FRONTEND=dialog files | postfix/main.cf.twig => /etc/postfix/main.cf files | postfix/master.cf => /etc/postfix/master.cf files | postfix/header_checks => /etc/postfix/header_checks files | postfix/mysql-virtual-mailbox-domains.cf => /etc/postfix/mysql-virtual-mailbox-domains.cf files | postfix/mysql-virtual-mailbox-maps.cf => /etc/postfix/mysql-virtual-mailbox-maps.cf files | postfix/mysql-virtual-alias-maps.cf => /etc/postfix/mysql-virtual-alias-maps.cf exec | echo "***HOSTNAME***" > /etc/mailname exec | openssl dhparam -out /etc/postfix/dh512.pem 512 Generating DH parameters, 512 bit long safe prime, generator 2 This is going to take a long time .............................+..................................................................................+.................................+.............+......................+................+.............................+........................+.....+.+...+..............................++*++*++*++*++* exec | openssl dhparam -out /etc/postfix/dh1024.pem 1024 Generating DH parameters, 1024 bit long safe prime, generator 2 This is going to take a long time .....................+......+...............+......................................................................+.....................+......................................+................................................................................................................+................................+.+...................................+..+.....+...............................................................................................................................................+................................................................................................................................................+...........................................................................+.....++*++*++*++*++* exec | openssl dhparam -out /etc/postfix/dh2048.pem 2048 Generating DH parameters, 2048 bit long safe prime, generator 2 This is going to take a long time ..........................................+.................................................................................................................................................................................................+............+.......................................+....................................................................................................................................................................................................................................................................+...............+........................................+....................................................+......................................+.......................................................+..............+...........................................................+...................................................+...............................+..................................................................................................................................+.................................................+................+....................................+............................................................................................+............................+...................................................+..................................................................................................................................................................................+.............................................................+......................................................+...........................+....................+..................................+....................+..................+...........................................................................................................................................................+...........+.+.......+...........................................+........................................................+.....................................................................................................................................................................................................................................................................................+...................................................................+.+..................................+..................................................................+............................................................+.......................................+...+................+............................................................................................................................+.....................................................................................................+.............................+...........................+.......................................................+..............................................................................+................................................................+......................................................................+........................................+...........................+.............................................................................................................................+............................+...........................................................+..........................+.................................................................................................................................................+.......+.........................................................................................................................................................................................................................+.....................................................................................................................+................................+...........................................................................................................+...............................+..+...................................................................................................................+...........................................................................................................................................................................................................................................................................................................................................................+.......................+..........................................................+.........................................................................................................................+..................................................................................................................................................+.............................+........................................................................................................+......................................................+..................................................................................+......................................+...................................................................................+.+........................................................................................................................................................................................................................................................................................+..................................................................................................................................................................................................................+...................+.............................................................................+................................+.....................+........................+.....................+.......................................................+..............................+....................................+.................................................................................................................................................................................................................................+.......+..........................................................................................................................................................................+..........................................................................................................................................................................................+................++*++*++*++* exec | chmod 0600 /etc/postfix/mysql-virtual-mailbox-domains.cf exec | chmod 0600 /etc/postfix/mysql-virtual-mailbox-maps.cf exec | chmod 0600 /etc/postfix/mysql-virtual-alias-maps.cf exec | service postfix restart ================================================================================ Dovecot ================================================================================ exec | /usr/share/debconf/fix_db.pl exec | DEBIAN_FRONTEND=noninteractive apt-get install -y dovecot-core dovecot-common dovecot-mysql dovecot-sieve dovecot-managesieved dovecot-imapd dovecot-pop3d dovecot-lmtpd Reading package lists... Building dependency tree... Reading state information... dovecot-core is already the newest version (1:2.3.7.2-1ubuntu3.5). dovecot-imapd is already the newest version (1:2.3.7.2-1ubuntu3.5). dovecot-pop3d is already the newest version (1:2.3.7.2-1ubuntu3.5). dovecot-lmtpd is already the newest version (1:2.3.7.2-1ubuntu3.5). dovecot-managesieved is already the newest version (1:2.3.7.2-1ubuntu3.5). dovecot-mysql is already the newest version (1:2.3.7.2-1ubuntu3.5). dovecot-sieve is already the newest version (1:2.3.7.2-1ubuntu3.5). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | DEBIAN_FRONTEND=dialog files | dovecot/dovecot.conf.twig => /etc/dovecot/dovecot.conf files | dovecot/dovecot-sql.conf => /etc/dovecot/dovecot-sql.conf exec | id -u vmail 2>&1 || useradd -u 5000 -d /var/mail vmail 5000 exec | chown -R vmail:vmail /var/mail/ exec | chmod 0777 /var/mail exec | chown -R vmail:dovecot /etc/dovecot/ exec | chmod -R o-rwx /etc/dovecot/ exec | service dovecot restart ================================================================================ OpenDKIM ================================================================================ exec | apt-get -y install opendkim opendkim-tools Reading package lists... Building dependency tree... Reading state information... opendkim is already the newest version (2.11.0~beta2-1). opendkim-tools is already the newest version (2.11.0~beta2-1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | mkdir -p -m 0755 /etc/opendkim/ exec | mkdir -p -m 0700 /etc/opendkim/keys exec | touch /etc/opendkim/signing.table exec | touch /etc/opendkim/key.table files | opendkim/opendkim.conf => /etc/opendkim.conf files | opendkim/trusted => /etc/opendkim/trusted exec | chown -R opendkim:opendkim /etc/opendkim ================================================================================ Email protection ================================================================================ exec | apt-get install -y amavis clamav clamav-daemon spamassassin pyzor razor Reading package lists... Building dependency tree... Reading state information... amavisd-new is already the newest version (1:2.11.0-6.1ubuntu1). pyzor is already the newest version (1:1.0.0-3). razor is already the newest version (1:2.85-4.2build5). clamav is already the newest version (0.103.2+dfsg-0ubuntu0.20.04.2). clamav-daemon is already the newest version (0.103.2+dfsg-0ubuntu0.20.04.2). spamassassin is already the newest version (3.4.4-1ubuntu1.1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | mkdir -p -m 0755 /var/spool/spamassassin/ exec | chown amavis:amavis /var/spool/spamassassin/ files | amavis/15-content_filter_mode => /etc/amavis/conf.d/15-content_filter_mode files | amavis/50-user => /etc/amavis/conf.d/50-user files | spamassassin/spamassassin => /etc/default/spamassassin files | spamassassin/local.cf => /etc/spamassassin/local.cf exec | su - amavis -s /bin/bash -c 'razor-admin -create' exec | su - amavis -s /bin/bash -c 'razor-admin -register' Register successful. Identity stored in /var/lib/amavis/.razor/identity-ru3O-4_U5k exec | usermod -aG amavis clamav exec | usermod -aG clamav amavis exec | chmod 0640 /etc/amavis/conf.d/50-user exec | chown root:amavis /etc/amavis/conf.d/50-user exec | service clamav-daemon restart exec | service amavis restart exec | service spamassassin restart exec | systemctl enable spamassassin Synchronizing state of spamassassin.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable spamassassin exec | systemctl enable clamav-daemon Synchronizing state of clamav-daemon.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable clamav-daemon exec | grep "^\s*DatabaseCustomURL" /etc/clamav/freshclam.conf || echo " DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/junk.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/jurlbl.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/phish.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/rogue.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/sanesecurity.ftm DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/sigwhitelist.ign2 DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/scam.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/spamimg.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/spamattach.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/blurl.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/foxhole_generic.cdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/foxhole_filename.cdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/malwarehash.hsb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/hackingteam.hsb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_malware.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_malware_links.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_extended_malware.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow.attachments.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_bad_cw.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_cracked_URL.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_malware_URL.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_phishing_URL.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_malware_attach.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/porcupine.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/phishtank.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/porcupine.hsb DatabaseCustomURL https://urlhaus.abuse.ch/downloads/urlhaus.ndb " >> /etc/clamav/freshclam.conf DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/junk.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/jurlbl.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/phish.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/rogue.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/sanesecurity.ftm DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/sigwhitelist.ign2 DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/scam.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/spamimg.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/spamattach.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/blurl.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/foxhole_generic.cdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/foxhole_filename.cdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/malwarehash.hsb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/hackingteam.hsb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_malware.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_malware_links.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_extended_malware.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow.attachments.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/winnow_bad_cw.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_cracked_URL.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_malware_URL.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_phishing_URL.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/bofhland_malware_attach.hdb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/porcupine.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/phishtank.ndb DatabaseCustomURL http://ftp.swin.edu.au/sanesecurity/porcupine.hsb DatabaseCustomURL https://urlhaus.abuse.ch/downloads/urlhaus.ndb ================================================================================ AWStats ================================================================================ exec | apt-get install -y awstats Reading package lists... Building dependency tree... Reading state information... awstats is already the newest version (7.6+dfsg-2ubuntu0.20.04.1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | rm -f /etc/cron.d/awstats exec | rm -f /etc/awstats/awstats.conf ================================================================================ Fail2ban ================================================================================ exec | apt-get install -y fail2ban Reading package lists... Building dependency tree... Reading state information... fail2ban is already the newest version (0.11.1-1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. files | fail2ban/jail.d/keyhelp.local => /etc/fail2ban/jail.d/keyhelp.local files | fail2ban/filter.d/keyhelp-phpmyadmin.conf => /etc/fail2ban/filter.d/keyhelp-phpmyadmin.conf exec | chown keyhelp:keyhelp /etc/fail2ban/jail.d/keyhelp.local exec | service fail2ban restart ================================================================================ Logrotate ================================================================================ exec | apt-get install -y logrotate Reading package lists... Building dependency tree... Reading state information... logrotate is already the newest version (3.14.0-4ubuntu3). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. files | logrotate/keyhelp => /etc/logrotate.d/keyhelp files | logrotate/logrotate.timer => /lib/systemd/system/logrotate.timer files | logrotate/logrotate.service => /lib/systemd/system/logrotate.service exec | systemctl daemon-reload ================================================================================ PhpMyAdmin 5.1.1 ================================================================================ exec | rm -f /tmp/keyhelp_update/phpmyadmin.tar.gz exec | rm -rf /home/keyhelp/www/phpmyadmin/* exec | mkdir -p -m 0755 /tmp/keyhelp_update exec | mkdir -p -m 0755 /home/keyhelp/www/phpmyadmin exec | wget --no-verbose --no-check-certificate --prefer-family='ipv4' --output-document='/tmp/keyhelp_update/phpmyadmin.tar.gz' https://install.keyhelp.de/files/tools/phpmyadmin/phpMyAdmin-5.1.1-all-languages.tar.gz 2022-01-14 20:03:33 URL:https://install.keyhelp.de/files/tools/phpmyadmin/phpMyAdmin-5.1.1-all-languages.tar.gz [13454066/13454066] -> "/tmp/keyhelp_update/phpmyadmin.tar.gz" [1] exec | tar --strip 1 -xf /tmp/keyhelp_update/phpmyadmin.tar.gz -C /home/keyhelp/www/phpmyadmin files | phpmyadmin/config.inc.php => /home/keyhelp/www/phpmyadmin/config.inc.php files | phpmyadmin/.htaccess => /home/keyhelp/www/phpmyadmin/.htaccess files | phpmyadmin/.htaccess_deny => /home/keyhelp/www/phpmyadmin/libraries/.htaccess db | DROP DATABASE IF EXISTS `phpmyadmin` db | CREATE DATABASE `phpmyadmin` db | GRANT SELECT,INSERT,UPDATE,DELETE ON phpmyadmin.* TO 'phpmyadmin'@'localhost' IDENTIFIED BY '***PMA_PASS***' db | FLUSH PRIVILEGES exec | rm -rf /home/keyhelp/www/phpmyadmin/setup exec | chmod 0600 /home/keyhelp/www/phpmyadmin/config.inc.php exec | chown -R keyhelp:keyhelp /home/keyhelp/www/phpmyadmin import | /home/keyhelp/www/phpmyadmin/sql/create_tables.sql => phpmyadmin ================================================================================ Adminer 4.8.1 ================================================================================ exec | rm -f /tmp/keyhelp_update/adminer.tar.gz exec | rm -rf /home/keyhelp/www/adminer/* exec | mkdir -p -m 0755 /tmp/keyhelp_update exec | mkdir -p -m 0755 /home/keyhelp/www/adminer exec | wget --no-verbose --no-check-certificate --prefer-family='ipv4' --output-document='/tmp/keyhelp_update/adminer.tar.gz' https://install.keyhelp.de/files/tools/adminer/adminer-4.8.1.tar.gz 2022-01-14 20:03:34 URL:https://install.keyhelp.de/files/tools/adminer/adminer-4.8.1.tar.gz [432863/432863] -> "/tmp/keyhelp_update/adminer.tar.gz" [1] exec | tar --strip 1 -xzf /tmp/keyhelp_update/adminer.tar.gz -C /home/keyhelp/www/adminer exec | rm -rf /home/keyhelp/www/adminer/setup exec | chown -R keyhelp:keyhelp /home/keyhelp/www/adminer ================================================================================ Roundcube 1.5.1 Multilanguage ================================================================================ exec | rm -rf /home/keyhelp/www/roundcube/* exec | rm --force /tmp/keyhelp_update/roundcube.tar.gz exec | mkdir --parents --mode 0755 /tmp/keyhelp_update/ exec | mkdir --parents --mode 0755 /home/keyhelp/www/roundcube exec | wget --no-verbose --no-check-certificate --prefer-family='ipv4' --output-document='/tmp/keyhelp_update/roundcube.tar.gz' https://install.keyhelp.de/files/tools/roundcube/roundcubemail-1.5.1.tar.gz 2022-01-14 20:03:34 URL:https://install.keyhelp.de/files/tools/roundcube/roundcubemail-1.5.1.tar.gz [7827081/7827081] -> "/tmp/keyhelp_update/roundcube.tar.gz" [1] exec | tar --strip 1 -xf /tmp/keyhelp_update/roundcube.tar.gz -C /home/keyhelp/www/roundcube exec | mkdir --parents --mode 0755 /home/keyhelp/www/roundcube/plugins/keyhelp_sync_identities files | roundcube/config.inc.php => /home/keyhelp/www/roundcube/config/config.inc.php files | roundcube/plugins/managesieve/config.inc.php => /home/keyhelp/www/roundcube/plugins/managesieve/config.inc.php files | roundcube/plugins/password/config.inc.php => /home/keyhelp/www/roundcube/plugins/password/config.inc.php files | roundcube/plugins/keyhelp_sync_identities/keyhelp_sync_identities.php => /home/keyhelp/www/roundcube/plugins/keyhelp_sync_identities/keyhelp_sync_identities.php files | roundcube/plugins/keyhelp_sync_identities/composer.json => /home/keyhelp/www/roundcube/plugins/keyhelp_sync_identities/composer.json db | DROP DATABASE IF EXISTS `roundcube` db | CREATE DATABASE `roundcube` db | GRANT ALL PRIVILEGES ON roundcube.* TO 'roundcube'@'localhost' IDENTIFIED BY '***RC_PASS***' db | FLUSH PRIVILEGES exec | chmod 0600 /home/keyhelp/www/roundcube/plugins/password/config.inc.php exec | chmod 0600 /home/keyhelp/www/roundcube/config/config.inc.php exec | chown -R keyhelp:keyhelp /home/keyhelp/www/roundcube import | /home/keyhelp/www/roundcube/SQL/mysql.initial.sql => roundcube ================================================================================ Rainloop 1.16.0 (Community Edition) ================================================================================ exec | rm -rf /home/keyhelp/www/rainloop/* exec | rm --force /tmp/keyhelp_update/rainloop.tar.gz exec | mkdir --parents --mode 0755 /tmp/keyhelp_update/ exec | mkdir --parents --mode 0755 /home/keyhelp/www/rainloop exec | wget --no-verbose --no-check-certificate --prefer-family='ipv4' --output-document='/tmp/keyhelp_update/rainloop.tar.gz' https://install.keyhelp.de/files/tools/rainloop/rainloop-community-1.16.0.tar.gz 2022-01-14 20:03:35 URL:https://install.keyhelp.de/files/tools/rainloop/rainloop-community-1.16.0.tar.gz [5999866/5999866] -> "/tmp/keyhelp_update/rainloop.tar.gz" [1] exec | tar -xf /tmp/keyhelp_update/rainloop.tar.gz -C /home/keyhelp/www/rainloop exec | find /home/keyhelp/www/rainloop -type d -exec chmod 0755 {} \; exec | find /home/keyhelp/www/rainloop -type f -exec chmod 0644 {} \; exec | mkdir --parents --mode 0755 /home/keyhelp/www/rainloop/data/_data_/_default_/configs/ exec | mkdir --parents --mode 0755 /home/keyhelp/www/rainloop/rainloop/v/1.16.0/app/domains exec | mkdir --parents --mode 0755 /home/keyhelp/www/rainloop/data/_data_/_default_/plugins/change-password-custom-sql/ files | rainloop/application.ini => /home/keyhelp/www/rainloop/data/_data_/_default_/configs/application.ini files | rainloop/default.ini => /home/keyhelp/www/rainloop/rainloop/v/1.16.0/app/domains/default.ini files | rainloop/change-password-custom-sql/ChangePasswordCustomSqlDriver.php => /home/keyhelp/www/rainloop/data/_data_/_default_/plugins/change-password-custom-sql/ChangePasswordCustomSqlDriver.php files | rainloop/change-password-custom-sql/index.php => /home/keyhelp/www/rainloop/data/_data_/_default_/plugins/change-password-custom-sql/index.php files | rainloop/change-password-custom-sql/plugin-change-password-custom-sql.ini => /home/keyhelp/www/rainloop/data/_data_/_default_/configs/plugin-change-password-custom-sql.ini files | rainloop/.htaccess_deny => /home/keyhelp/www/rainloop/data/.htaccess db | DROP DATABASE IF EXISTS `rainloop` db | CREATE DATABASE `rainloop` db | GRANT ALL PRIVILEGES ON rainloop.* TO 'rainloop'@'localhost' IDENTIFIED BY '***RL_PASS***' db | FLUSH PRIVILEGES exec | chmod 0600 /home/keyhelp/www/rainloop/data/_data_/_default_/configs/application.ini exec | chmod 0600 /home/keyhelp/www/rainloop/data/_data_/_default_/configs/plugin-change-password-custom-sql.ini exec | chown -R keyhelp:keyhelp /home/keyhelp/www/rainloop ================================================================================ Quota ================================================================================ exec | apt-get install -y quota quotatool Reading package lists... Building dependency tree... Reading state information... quota is already the newest version (4.05-1). quotatool is already the newest version (1:1.6.2-5fakesync1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. exec | service quota stop exec | cp /etc/fstab /etc/fstab-backup exec | echo "LABEL=cloudimg-rootfs / ext4 defaults,usrquota,grpquota 0 1 LABEL=UEFI /boot/efi vfat umask=0077 0 1 # CLOUD_IMG: This file was created/modified by the Cloud Image build process ###################################### ## ORACLE CLOUD INFRASTRUCTURE CUSTOMERS ## ## If you are adding an iSCSI remote block volume to this file you MUST ## include the '_netdev' mount option or your instance will become ## unavailable after the next reboot. ## SCSI device names are not stable across reboots; please use the device UUID ## instead of /dev path. ## ## Example: ## UUID=94c5aade-8bb1-4d55-ad0c-388bb8aa716a /data1 ext4 defaults,noatime,_netdev 0 2 ## ## More information: ## https://docs.us-phoenix-1.oraclecloud.com/Content/Block/Tasks/connectingtoavolume.htm ##" > "/etc/fstab" exec | mount -o remount / exec | quotacheck -avmug quotacheck: Your kernel probably supports journaled quota but you are not using it. Consider switching to journaled quota to avoid running quotacheck after an unclean shutdown. quotacheck: Quota for users is enabled on mountpoint / so quotacheck might damage the file. Please turn quotas off or use -f to force checking. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ERROR DETECTED <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< [SKIPPED DUE PREVIOUS ERRORS] exec | service quota start ================================================================================ Apparmor ================================================================================ exec | apt-get install -y apparmor Reading package lists... Building dependency tree... Reading state information... apparmor is already the newest version (2.13.3-7ubuntu5.1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. ================================================================================ 7-zip ================================================================================ exec | apt-get install -y p7zip-full Reading package lists... Building dependency tree... Reading state information... p7zip-full is already the newest version (16.02+dfsg-7build1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. ================================================================================ Hide LTS notice ================================================================================ files | update-manager/release-upgrades => /etc/update-manager/release-upgrades exec | rm -f /var/lib/update-notifier/release-upgrade-available ================================================================================ Update message of the day ================================================================================ files | motd/80-keyhelp => /etc/update-motd.d/80-keyhelp exec | chmod +x /etc/update-motd.d/80-keyhelp ================================================================================ Nano ================================================================================ exec | apt-get install -y nano Reading package lists... Building dependency tree... Reading state information... nano is already the newest version (4.8-1ubuntu1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. ================================================================================ Curl ================================================================================ exec | apt-get install -y curl Reading package lists... Building dependency tree... Reading state information... curl is already the newest version (7.68.0-1ubuntu2.7). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. ================================================================================ Cron daemon ================================================================================ exec | apt-get install -y cron Reading package lists... Building dependency tree... Reading state information... cron is already the newest version (3.0pl1-136ubuntu1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. files | cron/keyhelp => /etc/cron.d/keyhelp files | cron/keyhelp-sa-learn => /etc/cron.d/keyhelp-sa-learn files | cron/keyhelp-firewall => /etc/cron.d/keyhelp-firewall exec | chmod 0644 /etc/cron.d/keyhelp exec | chmod 0644 /etc/cron.d/keyhelp-sa-learn ################################################################################ ################################################################################ => Errors occurred during installation. <= Finished install: 2022-01-14 20:03:41 Duration: 116 second(s) ubuntu@ch1:~$