UniqueSoft/openpanel
2
0
Fork 0
mirror of https://github.com/stefanpejcic/openpanel synced 2025-06-26 18:28:26 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

cleanup

Browse Source
This commit is contained in:
Stefan Pejcic
2024-11-05 17:49:07 +01:00
parent c89c1f1e7b
commit 7357b75017
165 changed files with 442 additions and 50838 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
docker/2083/Dockerfile
View File

@@ -1,59 +0,0 @@
# Use the official Python image as a base
FROM python:3.10-slim
# Set the working directory
WORKDIR /usr/local/panel
# Expose the port
EXPOSE 2083
# Install necessary packages
RUN apt-get update && apt-get install -y \
procps \
coreutils \
sudo \
wget \
curl \
default-mysql-client \
zip \
unzip \
geoip-bin \
&& rm -rf /var/lib/apt/lists/*
# Create the openpanel user and add to sudoers
RUN useradd -ms /bin/bash openpanel \
&& adduser openpanel sudo \
&& echo 'openpanel ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
# Copy the project files
COPY . .
COPY scripts/ /usr/local/admin/scripts/
# Make all bash scripts in this directory executable for root only
RUN chown root:root /usr/local/admin/scripts/*
RUN chmod +x -R /usr/local/admin/scripts/*
# Add opencli binary to the PATH
RUN cp /usr/local/admin/scripts/opencli /usr/local/bin/opencli
RUN chmod +x /usr/local/bin/opencli
# Generate a list of commands for opencli
RUN opencli commands
# Set autocomplete for all available opencli commands
RUN echo "# opencli aliases\n\
ALIASES_FILE=\"/usr/local/admin/scripts/aliases.txt\"\n\
generate_autocomplete() {\n\
awk '{print \$NF}' \"\$ALIASES_FILE\"\n\
}\n\
complete -W \"\$(generate_autocomplete)\" opencli" >> /root/.bashrc
# Install Python dependencies
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
# Set the CMD to run gunicorn and redirect stderr to stdout
CMD ["gunicorn", "-c", "/etc/openpanel/openpanel/service/service.config.py", "app:app", "--log-file", "-"]

32
docker/2083/requirements.txt
View File

@@ -1,32 +0,0 @@
flask
gevent
gunicorn
psutil==5.9.8
mysql-connector-python==8.3.0
urllib3==1.26.5
pyotp==2.9.0
pyclamd==0.4.0
bcrypt==3.2.0
docker
flask_caching==2.1.0
tldextract==5.1.1
schedule==1.2.1
flask_login==0.6.3
markupsafe==2.1.5
playwright==1.42.0
gevent==24.2.1
flask_mail==0.9.1
flask_babel
flask_sslify==0.1.5
flask_minify==0.42
flask_limiter==3.5.1
flask-talisman==1.1.0
apscheduler==3.10.4
setproctitle==1.3.3
distro
requests
pyyaml
psutil
flask_sqlalchemy
Flask-JWT-Extended==4.6.0
Flask-BasicAuth

73
docker/2087/Dockerfile
View File

@@ -1,73 +0,0 @@
# Use the official Python image as a base
FROM python:3.10-slim
# Set the working directory
WORKDIR /usr/local/admin
# need this fixed since WHMCS does not allow custom port to be defined..
EXPOSE 2087
RUN apt-get update && apt-get install -y \
procps \
coreutils \
sudo \
wget \
curl \
default-mysql-client \
sqlite3 \
zip \
unzip \
geoip-bin \
&& rm -rf /var/lib/apt/lists/*
RUN useradd -ms /bin/bash openadmin \
&& adduser openadmin sudo \
&& echo 'openadmin ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
# here will do wget or git clone - to avoid rebuilding image
COPY . .
# Download and untar opencli
RUN mkdir -p scripts && \
cd scripts && \
wget -O compressed.tar.gz https://storage.googleapis.com/openpanel/0.1.6/get.openpanel.co/downloads/0.1.6/opencli/compressed.tar.gz && \
tar -xzf compressed.tar.gz && \
rm compressed.tar.gz && \
cd ..
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
# Make all bash scripts in this directory executable for root only
RUN chown root:root /usr/local/admin/scripts/*
RUN chmod +x -R /usr/local/admin/scripts/*
# Add opencli binary to the PATH
RUN cp /usr/local/admin/scripts/opencli /usr/local/bin/opencli
RUN chmod +x /usr/local/bin/opencli
# Generate a list of commands for opencli
RUN opencli commands
# Set autocomplete for all available opencli commands
RUN echo "# opencli aliases\n\
ALIASES_FILE=\"/usr/local/admin/scripts/aliases.txt\"\n\
generate_autocomplete() {\n\
awk '{print \$NF}' \"\$ALIASES_FILE\"\n\
}\n\
complete -W \"\$(generate_autocomplete)\" opencli" >> /root/.bashrc
# Create admin user and output credentials to Docker logs
RUN admin_password=$(openssl rand -base64 12 | tr -d '=+/') && \
password_hash=$(python3 /usr/local/admin/core/users/hash $admin_password) && \
sqlite3 /ets/openpanel/openadmin/users.db "CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, username TEXT UNIQUE NOT NULL, password_hash TEXT NOT NULL, role TEXT NOT NULL DEFAULT 'user', is_active BOOLEAN DEFAULT 1 NOT NULL);" && \
sqlite3 /ets/openpanel/openadmin/users.db "INSERT INTO user (username, password_hash, role) VALUES ('admin', \"$password_hash\", 'admin');" && \
echo "Admin username: admin" && \
echo "Admin password: $admin_password"
# Gunicorn + redirect stderr to stdout
CMD ["gunicorn", "-c", "/etc/openpanel/openadmin/service/service.config.py", "app:app", "--log-file", "-"]

18
docker/2087/requirements.txt
View File

@@ -1,18 +0,0 @@
flask
gevent
gunicorn
paramiko==3.4.0
flask_sqlalchemy
Flask-JWT-Extended==4.6.0
setproctitle==1.3.3
Flask-BasicAuth
flask_babel
flask_login
psutil
mysql-connector-python==8.3.0
docker
apscheduler==3.10.4
flask_minify==0.42
distro
requests
flask_mail==0.9.1

912
docker/INSTALL.sh
View File

@@ -1,912 +0,0 @@
#!/bin/bash
################################################################################
# Script Name: INSTALL.sh
# Description: Install the latest version of OpenPanel
# Usage: bash <(curl -sSL https://raw.githubusercontent.com/stefanpejcic/OpenPanel/main/docker/INSTALL.sh)
# Author: Stefan Pejcic
# Created: 11.07.2023
# Last Modified: 13.06.2024
# Company: openpanel.co
# Copyright (c) OPENPANEL
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
################################################################################
# Colors for output
GREEN='\033[0;32m'
RED='\033[0;31m'
RESET='\033[0m'
# Defaults
CUSTOM_VERSION=false
INSTALL_TIMEOUT=1800 # 30 min
DEBUG=false
SKIP_APT_UPDATE=false
SKIP_IMAGES=false
REPAIR=false
LOCALES=true
NO_SSH=false
OVERLAY=false
IPSETS=true
SET_HOSTNAME_NOW=false
SETUP_SWAP_ANYWAY=false
SWAP_FILE="1"
SELFHOSTED_SCREENSHOTS=false
SEND_EMAIL_AFTER_INSTALL=false
SET_PREMIUM=false
# Paths
LOG_FILE="openpanel_install.log"
LOCK_FILE="/root/openpanel.lock"
OPENPANEL_DIR="/usr/local/panel/"
OPENPADMIN_DIR="/usr/local/admin/"
ETC_DIR="/etc/openpanel/"
OPENCLI_DIR="/usr/local/admin/scripts/"
OPENPANEL_ERR_DIR="/var/log/openpanel/"
TEMP_DIR="/tmp/"
# Redirect output to the log file
exec > >(tee -a "$LOG_FILE") 2>&1
#####################################################################
# #
# START helper functions #
# #
#####################################################################
# logo
print_header() {
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
echo -e " ____ _____ _ "
echo -e " / __ \ | __ \ | | "
echo -e " | | | | _ __ ___ _ __ | |__) | __ _ _ __ ___ | | "
echo -e " | | | || '_ \ / _ \| '_ \ | ___/ / _\" || '_ \ / _ \| | "
echo -e " | |__| || |_) || __/| | | | | | | (_| || | | || __/| | "
echo -e " \____/ | .__/ \___||_| |_| |_| \__,_||_| |_| \___||_| "
echo -e " | | "
echo -e " |_| version: $version "
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
}
install_started_message(){
echo -e ""
echo -e "\nStarting the installation of OpenPanel. This process will take approximately 5-10 minutes."
echo -e "During this time, we will:"
echo -e "- Install necessary services and tools."
echo -e "- Create an admin account for you."
echo -e "- Set up the firewall for enhanced security."
echo -e "- Install needed Docker images."
echo -e "- Set up basic hosting plans so you can start right away."
echo -e "\nThank you for your patience. We're setting everything up for your seamless OpenPanel experience!\n"
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
echo -e ""
}
# Display error and exit
radovan() {
echo -e "${RED}Error: $2${RESET}" >&2
exit $1
}
# print the command and its output if debug, else run and echo to /dev/null
debug_log() {
if [ "$DEBUG" = true ]; then
echo "Running: $@"
"$@"
else
"$@" > /dev/null 2>&1
fi
}
# Get server ipv4 from ip.openpanel.co
current_ip=$(curl -s https://ip.openpanel.co || wget -qO- https://ip.openpanel.co)
# If site is not available, get the ipv4 from the hostname -I
if [ -z "$current_ip" ]; then
# current_ip=$(hostname -I | awk '{print $1}')
# ip addr command is more reliable then hostname - to avoid getting private ip
current_ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
fi
if [ "$CUSTOM_VERSION" = false ]; then
# Fetch the latest version
version=$(curl -s https://get.openpanel.co/version)
if [[ $version =~ [0-9]+\.[0-9]+\.[0-9]+ ]]; then
version=$version
else
version="0.2.1"
fi
fi
# print fullwidth line
print_space_and_line() {
echo " "
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
echo " "
}
# Progress bar script
PROGRESS_BAR_URL="https://raw.githubusercontent.com/pollev/bash_progress_bar/master/progress_bar.sh"
PROGRESS_BAR_FILE="progress_bar.sh"
wget "$PROGRESS_BAR_URL" -O "$PROGRESS_BAR_FILE" > /dev/null 2>&1
if [ ! -f "$PROGRESS_BAR_FILE" ]; then
echo "Failed to download progress_bar.sh"
exit 1
fi
# Source the progress bar script
source "$PROGRESS_BAR_FILE"
# Dsiplay progress bar
FUNCTIONS=(
detect_os_and_package_manager
update_package_manager
install_packages
download_skeleton_directory_from_github
setup_openpanel
setup_openadmin
configure_docker
setup_swap
set_premium_features
cleanup
set_custom_hostname
generate_and_set_ssl_for_panels
verify_license
set_system_cronjob
setup_csf
)
TOTAL_STEPS=${#FUNCTIONS[@]}
CURRENT_STEP=0
update_progress() {
CURRENT_STEP=$((CURRENT_STEP + 1))
PERCENTAGE=$(($CURRENT_STEP * 100 / $TOTAL_STEPS))
draw_progress_bar $PERCENTAGE
}
main() {
# Make sure that the progress bar is cleaned up when user presses ctrl+c
enable_trapping
# Create progress bar
setup_scroll_area
for func in "${FUNCTIONS[@]}"
do
# Execute each function
$func
update_progress
done
destroy_scroll_area
}
# END helper functions
#####################################################################
# #
# START main functions #
# #
#####################################################################
check_requirements() {
if [ -z "$SKIP_REQUIREMENTS" ]; then
# https://github.com/stefanpejcic/openpanel/issues/63
architecture=$(lscpu | grep Architecture | awk '{print $2}')
if [ "$architecture" == "aarch64" ]; then
echo -e "${RED}Error: ARM CPU is not supported!${RESET}" >&2
exit 1
fi
# check if the current user is not root
if [ "$(id -u)" != "0" ]; then
echo -e "${RED}Error: you must be root to execute this script.${RESET}" >&2
exit 1
# check if OS is MacOS
elif [ "$(uname)" = "Darwin" ]; then
echo -e "${RED}Error: MacOS is not currently supported.${RESET}" >&2
exit 1
# check if running inside a container
elif [[ -f /.dockerenv || $(grep -sq 'docker\|lxc' /proc/1/cgroup) ]]; then
echo -e "${RED}Error: running openpanel inside a container is not supported.${RESET}" >&2
exit 1
fi
# check if python version is supported
current_python_version=$(python3 --version 2>&1 | cut -d " " -f 2 | cut -d "." -f 1,2 | tr -d '.')
allowed_versions=("39" "310" "311" "312" "38")
if [[ ! " ${allowed_versions[@]} " =~ " ${current_python_version} " ]]; then
echo -e "${RED}Error: Unsupported Python version $current_python_version. No corresponding branch available.${RESET}" >&2
exit 1
fi
fi
}
parse_args() {
show_help() {
echo "Available options:"
echo " --key=<key_here> Set the license key for OpenPanel Enterprise edition."
echo " --hostname=<hostname> Set the hostname."
echo " --version=<version> Set a custom OpenPanel version to be installed."
echo " --email=<stefan@example.net> Set email address to receive email with admin credentials and future notifications."
echo " --skip-requirements Skip the requirements check."
echo " --skip-panel-check Skip checking if existing panels are installed."
echo " --skip-apt-update Skip the APT update."
echo " --overlay2 Enable overlay2 storage driver instead of device-mapper."
echo " --skip-firewall Skip UFW setup UFW - Only do this if you will set another Firewall manually!"
echo " --skip-images Skip installing openpanel/nginx and openpanel/apache docker images."
echo " --skip-blacklists Do not set up IP sets and blacklists."
echo " --skip-ssl Skip SSL setup."
echo " --with_modsec Enable ModSecurity for Nginx."
echo " --ips Whiteliste IP addresses of OpenPanel Support Team."
echo " --no-ssh Disable port 22 and whitelist the IP address of user installing the panel."
echo " --enable-ftp Install FTP (experimental)."
echo " --enable-mail Install Mail (experimental)."
echo " --post_install=<path> Specify the post install script path."
echo " --screenshots=<url> Set the screenshots API URL."
echo " --swap=<2> Set space in GB to be allocated for SWAP."
echo " --debug Display debug information during installation."
echo " --repair Retry and overwrite everything."
echo " -h, --help Show this help message and exit."
}
while [[ $# -gt 0 ]]; do
case $1 in
--key=*)
SET_PREMIUM=true
license_key="${1#*=}"
;;
--hostname=*)
SET_HOSTNAME_NOW=true
new_hostname="${1#*=}"
;;
--skip-requirements)
SKIP_REQUIREMENTS=true
;;
--skip-panel-check)
SKIP_PANEL_CHECK=true
;;
--skip-apt-update)
SKIP_APT_UPDATE=true
;;
--repair)
REPAIR=true
SKIP_PANEL_CHECK=true
SKIP_REQUIREMENTS=true
;;
--overlay2)
OVERLAY=true
;;
--skip-firewall)
SKIP_FIREWALL=true
;;
--skip-images)
SKIP_IMAGES=true
;;
--skip-blacklists)
IPSETS=false
;;
--skip-ssl)
SKIP_SSL=true
;;
--with_modsec)
MODSEC=true
;;
--debug)
DEBUG=true
;;
--ips)
SUPPORT_IPS=true
;;
--no-ssh)
NO_SSH=true
;;
--enable-ftp)
INSTALL_FTP=true
;;
--enable-mail)
INSTALL_MAIL=true
;;
--post_install=*)
post_install_path="${1#*=}"
;;
--version=*)
CUSTOM_VERSION=true
version="${1#*=}"
;;
--swap=*)
SETUP_SWAP_ANYWAY=true
SWAP="${1#*=}"
;;
--email=*)
SEND_EMAIL_AFTER_INSTALL=true
EMAIL="${1#*=}"
;;
-h|--help)
show_help
exit 0
;;
*)
echo "Unknown option: $1"
show_help
exit 1
;;
esac
shift
done
}
detect_installed_panels() {
if [ -z "$SKIP_PANEL_CHECK" ]; then
declare -A paths=(
["/usr/local/panel"]="You already have OpenPanel installed. ${RESET}\nInstead, did you want to update? Run ${GREEN}'opencli update --force' to update OpenPanel."
["/usr/local/cpanel/whostmgr"]="cPanel WHM is installed. OpenPanel only supports servers without any hosting control panel installed."
["/opt/psa/version"]="Plesk is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/psa/version"]="Plesk is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/CyberPanel"]="CyberPanel is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/directadmin"]="DirectAdmin is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/cwpsrv"]="CentOS Web Panel (CWP) is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/httpd"]="Apache WebServer is already installed. OpenPanel only supports servers without any webservers installed."
["/usr/local/apache2"]="Apache WebServer is already installed. OpenPanel only supports servers without any webservers installed."
["/usr/sbin/httpd"]="Apache WebServer is already installed. OpenPanel only supports servers without any webservers installed."
["/usr/lib/nginx"]="Nginx WebServer is already installed. OpenPanel only supports servers without any webservers installed."
)
for path in "${!paths[@]}"; do
if [ -d "$path" ] || [ -e "$path" ]; then
radovan 1 "${paths[$path]}"
fi
done
echo -e "${GREEN}No currently installed hosting control panels or webservers found. Proceeding with the installation process.${RESET}"
fi
}
check_lock_file_age() {
# Use flock to create a lock or exit if the lock is already held
exec 200>"$LOCK_FILE"
if flock -n 200; then
# Inside the lock
echo "OpenPanel installation started at: $(date)"
else
echo -e "${RED}Another instance is running. Exiting.${RESET}"
exit 1
fi
}
setup_csf() {
if [ -z "$SKIP_FIREWALL" ]; then
echo "Setting up the firewall.."
read_email_address() {
email=$(grep -E "^e-mail=" /etc/openpanel/openpanel/conf/openpanel.config | cut -d "=" -f2)
echo "$email"
}
install_csf() {
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
rm csf.tgz
cd csf
sh install.sh
}
edit_csf_conf() {
sed -i 's/TESTING = "1"/TESTING = "0"/' /etc/csf/csf.conf
sed -i 's/ETH_DEVICE_SKIP = ""/ETH_DEVICE_SKIP = "docker0"/' /etc/csf/csf.conf
sed -i 's/DOCKER = "0"/DOCKER = "1"/' /etc/csf/csf.conf
}
set_csf_email_address() {
email_address=$(read_email_address)
if [[ -n "$email_address" ]]; then
sed -i "s/LF_ALERT_TO = \"\"/LF_ALERT_TO = \"$email_address\"/" /etc/csf/csf.conf
fi
}
read_email_address
install_csf
edit_csf_conf
set_csf_email_address
csf -r
systemctl enable csf
}
set_premium_features(){
if [ "$SET_HOSTNAME_NOW" = true ]; then
echo "Setting OpenPanel enterprise version license key $license_key"
opencli config update key "$license_key"
fi
}
install_packages(){
debug_log sed -i 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf
packages=("docker.io" "default-mysql-client" "bind9" "jc" "certbot" "python3-certbot-nginx")
update-ca-certificates > /dev/null 2>&1
for package in "${packages[@]}"; do
echo -e "Installing ${GREEN}$package${RESET}"
debug_log apt-get -qq install "$package" -y
done
}
download_skeleton_directory_from_github(){
echo "Downloading configuration files to ${ETC_DIR}"
debug_log git clone https://github.com/stefanpejcic/openpanel-configuration /etc/openpanel > /dev/null 2>&1
}
set_custom_hostname(){
if [ "$SET_HOSTNAME_NOW" = true ]; then
# Check if the provided hostname is a valid FQDN
if [[ $new_hostname =~ ^[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
# Check if PTR record is set to the provided hostname
ptr=$(dig +short -x $current_ip)
if [ "$ptr" != "$new_hostname." ]; then
echo "Warning: PTR record is not set to $new_hostname"
fi
# Check if A record for provided hostname points to server IP
a_record_ip=$(dig +short $new_hostname)
if [ "$a_record_ip" != "$current_ip" ]; then
echo "WARNING: A record for $new_hostname does not point to server IP: $current_ip"
echo "After pointing the domain run this command to set domain for panel: opencli config update force_domain $new_hostname"
else
opencli config update force_domain "$new_hostname"
fi
else
echo "Hostname provided: $new_hostname is not a valid FQDN, OpenPanel will use IP address $current_ip for access."
fi
# Set the provided hostname as the system hostname
hostnamectl set-hostname $new_hostname
fi
}
set_email_address_and_email_admin_logins(){
if [ "$SEND_EMAIL_AFTER_INSTALL" = true ]; then
# Check if the provided email is valid
if [[ $EMAIL =~ ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
echo "Setting email address $EMAIL for notifications"
opencli config update email "$EMAIL"
# Send an email alert
generate_random_token_one_time_only() {
local config_file="${OPENPANEL_DIR}conf/panel.config"
TOKEN_ONE_TIME="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 64)"
local new_value="mail_security_token=$TOKEN_ONE_TIME"
sed -i "s|^mail_security_token=.*$|$new_value|" "${OPENPANEL_DIR}conf/panel.config"
}
email_notification() {
local title="$1"
local message="$2"
generate_random_token_one_time_only
TRANSIENT=$(awk -F'=' '/^mail_security_token/ {print $2}' "${OPENPANEL_DIR}conf/panel.config")
SSL=$(awk -F'=' '/^ssl/ {print $2}' "${OPENPANEL_DIR}conf/panel.config")
# Determine protocol based on SSL configuration
if [ "$SSL" = "yes" ]; then
PROTOCOL="https"
else
PROTOCOL="http"
fi
# Send email using appropriate protocol
curl -k -X POST "$PROTOCOL://127.0.0.1:2087/send_email" -F "transient=$TRANSIENT" -F "recipient=$EMAIL" -F "subject=$title" -F "body=$message"
}
server_hostname=$(hostname)
email_notification "OpenPanel successfully installed" "OpenAdmin URL: http://$server_hostname:2087/ | username: admin | password: $admin_password"
else
echo "Address provided: $EMAIL is not a valid email address. Admin login credentials and future notifications will not be sent."
fi
fi
}
configure_docker() {
apt-get install docker.io docker -y
docker_daemon_json_path="/etc/docker/daemon.json"
debug_log mkdir -p $(dirname "$docker_daemon_json_path")
if [ "$OVERLAY" = true ]; then
debug_log "Setting 'overlay2' as the default storage driver for Docker.."
cp ${ETC_DIR}docker/overlay2/daemon.json > "$docker_daemon_json_path"
else
debug_log "Setting 'devicemapper' as the default storage driver for Docker.."
cp ${ETC_DIR}docker/devicemapper/daemon.json > "$docker_daemon_json_path"
fi
echo -e "${GREEN}Docker is configured.${RESET}"
debug_log systemctl daemon-reload
systemctl restart docker
}
docker_compose_up(){
# install docker and docker compose
DOCKER_CONFIG=${DOCKER_CONFIG:-$HOME/.docker}
mkdir -p $DOCKER_CONFIG/cli-plugins
curl -SL https://github.com/docker/compose/releases/download/v2.27.1/docker-compose-linux-x86_64 -o $DOCKER_CONFIG/cli-plugins/docker-compose
chmod +x $DOCKER_CONFIG/cli-plugins/docker-compose
chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
# CHECK WITH
#docker compose version
# download conf files first
git clone https://github.com/stefanpejcic/openpanel-configuration /etc/openpanel > /dev/null 2>&1
# generate random password for mysql
MYSQL_ROOT_PASSWORD=$(openssl rand -base64 -hex 9)
echo "MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD" >> .env
# save it to /etc/my.cnf
ln -s /etc/openpanel/mysql/db.cnf /etc/my.cnf
sed -i 's/password = .*/password = '"${MYSQL_ROOT_PASSWORD}"'/g' ${ETC_DIR}mysql/db.cnf
# start the stack
docker compose up -d
}
set_system_cronjob(){
echo "Setting cronjobs.."
mv ${ETC_DIR}cron /etc/cron.d/openpanel
chown root:root /etc/cron.d/openpanel
chmod 0600 /etc/cron.d/openpanel
}
cleanup() {
echo "Cleaning up.."
# https://www.faqforge.com/linux/fixed-ubuntu-apt-get-upgrade-auto-restart-services/
sed -i 's/$nrconf{restart} = '"'"'a'"'"';/#$nrconf{restart} = '"'"'i'"'"';/g' /etc/needrestart/needrestart.conf
}
generate_and_set_ssl_for_panels() {
if [ -z "$SKIP_SSL" ]; then
echo "Checking if SSL can be generated for the server hostname.."
debug_log opencli ssl-hostname
fi
}
run_custom_postinstall_script() {
if [ -n "$post_install_path" ]; then
# run the custom script
echo " "
echo "Running post install script.."
debug_log "https://dev.openpanel.co/customize.html#After-installation"
debug_log bash $post_install_path
fi
}
verify_license() {
# LEGACY, WILL BE REMOVED
debug_log "echo Current time: $(date +%T)"
server_hostname=$(hostname)
license_data='{"hostname": "'"$server_hostname"'", "public_ip": "'"$current_ip"'"}'
response=$(curl -s -X POST -H "Content-Type: application/json" -d "$license_data" https://api.openpanel.co/license-check)
debug_log "echo Checking OpenPanel license for IP address: $current_ip"
debug_log "echo Response: $response"
}
send_install_log(){
# Restore normal output to the terminal, so we dont save generated admin password in log file!
exec > /dev/tty
exec 2>&1
opencli report --public >> "$LOG_FILE"
curl -F "file=@/root/$LOG_FILE" http://support.openpanel.co/install_logs.php
# Redirect again stdout and stderr to the log file
exec > >(tee -a "$LOG_FILE")
exec 2>&1
}
rm_helpers(){
rm -rf $PROGRESS_BAR_FILE
}
setup_swap(){
# Function to create swap file
create_swap() {
fallocate -l ${SWAP_FILE}G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo "/swapfile none swap sw 0 0" >> /etc/fstab
}
# Check if swap space already exists
if [ -n "$(swapon -s)" ]; then
echo "ERROR: Skipping creating swap space as there already exists a swap partition."
return
fi
# Check if we should set up swap anyway
if [ "$SETUP_SWAP_ANYWAY" = true ]; then
create_swap
else
# Only create swap if RAM is less than 8GB
memory_kb=$(grep 'MemTotal' /proc/meminfo | awk '{print $2}')
memory_gb=$(awk "BEGIN {print $memory_kb/1024/1024}")
if [ $(awk "BEGIN {print ($memory_gb < 8)}") -eq 1 ]; then
create_swap
else
echo "Total available memory is ${memory_gb}GB, skipping creating swap file."
fi
fi
}
support_message() {
echo ""
echo "🎉 Welcome aboard and thank you for choosing OpenPanel! 🎉"
echo ""
echo "Your journey with OpenPanel has just begun, and we're here to help every step of the way."
echo ""
echo "To get started, check out our Getting Started guide:"
echo "👉 https://openpanel.co/docs/admin/intro/#post-install-steps"
echo ""
echo "Need assistance or looking to learn more? We've got you covered:"
echo ""
echo "📚 Admin Docs: Dive into our comprehensive documentation for all things OpenPanel:"
echo "👉 https://openpanel.co/docs/admin/intro/"
echo ""
echo "💬 Forums: Join our community forum to ask questions, share tips, and connect with fellow admins:"
echo "👉 https://community.openpanel.co/"
echo ""
echo "🎮 Discord: For real-time chat and support, hop into our Discord server:"
echo "👉 https://discord.openpanel.co/"
echo ""
echo "We're thrilled to have you with us. Let's make something amazing together! 🚀"
echo ""
}
success_message() {
echo -e "${GREEN}OpenPanel installation complete.${RESET}"
echo ""
# Restore normal output to the terminal, so we dont save generated admin password in log file!
exec > /dev/tty
exec 2>&1
# for 0.1.9
echo "$version" > $OPENPANEL_DIR/version
opencli admin
echo "Username: admin"
echo "Password: $admin_password"
echo " "
print_space_and_line
# added in 0.2.0
# email to user the new logins
set_email_address_and_email_admin_logins
# Redirect again stdout and stderr to the log file
exec > >(tee -a "$LOG_FILE")
exec 2>&1
}
# END main functions
#####################################################################
# #
# START main script execution #
# #
#####################################################################
print_header
parse_args "$@"
check_requirements
detect_installed_panels
check_lock_file_age
install_started_message
main
send_install_log
rm_helpers
print_space_and_line
support_message
print_space_and_line
success_message
run_custom_postinstall_script
# END main script execution
# added in 0.1.9
cp ${ETC_DIR}ssh/admin_welcome.sh /etc/profile.d/welcome.sh
chmod +x /etc/profile.d/welcome.sh

2
docker/README.md
View File

@@ -2,3 +2,5 @@ This directory holds Dockerfiles for images:
- https://dev.openpanel.co/images/browse.html#openpanel-apache
- https://dev.openpanel.co/images/browse.html#openpanel-nginx
- https://dev.openpanel.com/images/browse.html#openpanel-apache-mariadb
- https://dev.openpanel.com/images/browse.html#openpanel-nginx-mariadb

149
docker/alpine/apache/Dockerfile
View File

@@ -1,149 +0,0 @@
FROM alpine:latest
LABEL maintainer="stefan@pejcic.rs"
LABEL author="Stefan Pejcic"
ENV TZ=UTC
# Install required packages
RUN apk update && \
apk add --no-cache \
bash \
msmtp \
ttyd \
screen \
apache2 \
mariadb \
php82 \
php82-fpm \
php82-mysqli \
php82-curl \
php82-gd \
php82-mbstring \
php82-xml \
php82-soap \
php82-intl \
php82-zip \
php82-bcmath \
php82-calendar \
php82-exif \
php82-ftp \
php82-ldap \
php82-sockets \
php82-sysvmsg \
php82-sysvsem \
php82-sysvshm \
php82-tidy \
php82-uuid \
php82-opcache \
php82-redis \
curl \
cron \
pwgen \
zip \
unzip \
wget \
nano \
phpmyadmin \
openssh-server \
php82-mbstring \
openrc \
tzdata && \
rm -rf /var/cache/apk/*
# Create alias for service
RUN echo "alias service='rc-service'" >> /etc/profile
########## PHP Composer ##########
COPY --from=composer:latest /usr/bin/composer /usr/local/bin/composer
########## MySQL ##########
COPY mysql/mysqld.cnf /etc/mysql/my.cnf
RUN chown mysql:mysql -R /var/lib/mysql
# Configure MariaDB (MySQL) root user and start the service
RUN rc-update add mariadb default && \
/etc/init.d/mariadb setup && \
/etc/init.d/mariadb start && \
MYSQL_PASSWORD=$(awk -F "=" '/password/ {gsub(/[ \t]+/, "", $2); print $2; exit}' /etc/mysql/debian.cnf) && \
mysql -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY '$MYSQL_PASSWORD';"
########## EXPOSED PORTS ##########
EXPOSE 22 3306 7681 8080
########## APACHE ##########
RUN rc-update add apache2 default
COPY apache/apache2.conf /etc/apache2/
# Enable necessary Apache modules
RUN sed -i 's/#LoadModule rewrite_module/LoadModule rewrite_module/' /etc/apache2/httpd.conf && \
sed -i 's/#LoadModule proxy_module/LoadModule proxy_module/' /etc/apache2/httpd.conf && \
sed -i 's/#LoadModule proxy_http_module/LoadModule proxy_http_module/' /etc/apache2/httpd.conf && \
sed -i 's/#LoadModule remoteip_module/LoadModule remoteip_module/' /etc/apache2/httpd.conf && \
sed -i 's/#LoadModule headers_module/LoadModule headers_module/' /etc/apache2/httpd.conf
RUN mkdir -p /var/log/apache2/domlogs/
########## PHPMYADMIN ##########
COPY phpmyadmin/config.inc.php /etc/phpmyadmin/
COPY phpmyadmin/pma.php /usr/share/phpmyadmin/pma.php
RUN new_password=$(openssl rand -base64 12 | tr -d '/+' | head -c 16) && \
sed -i "s/\(\$dbpass='.*'\)/\$dbpass='$new_password';/" "/etc/phpmyadmin/config-db.php" && \
sed -i "s/\(\$_SESSION\['PMA_single_signon_user'] = '\).*\(';.*\)/\1phpmyadmin\2/" /usr/share/phpmyadmin/pma.php && \
sed -i "s/\(\$_SESSION\['PMA_single_signon_password'] = '\).*\(';.*\)/\1$new_password\2/" /usr/share/phpmyadmin/pma.php && \
sed -i "s/\(\$_SESSION\['PMA_single_signon_host'] = '\).*\(';.*\)/\1localhost\2/" /usr/share/phpmyadmin/pma.php && \
/etc/init.d/mariadb start && \
mysql -u root -e "CREATE DATABASE IF NOT EXISTS phpmyadmin;" && \
mysql -u root -e "CREATE USER 'phpmyadmin'@'localhost' IDENTIFIED BY '$new_password';" && \
mysql -u root -e "GRANT ALL PRIVILEGES ON phpmyadmin.* TO 'phpmyadmin'@'localhost';" && \
mysql -u root -e "GRANT ALL ON *.* TO 'phpmyadmin'@'localhost';" && \
mysql -u root -e "REVOKE CREATE USER ON *.* FROM 'phpmyadmin'@'localhost';" && \
mysql -u root -e "REVOKE CREATE ON *.* FROM 'phpmyadmin'@'localhost';" && \
mysql -u root -e "FLUSH PRIVILEGES;" && \
mysql -u root < /usr/share/doc/phpmyadmin/examples/create_tables.sql && \
/etc/init.d/mariadb stop
########## PHP-FPM ##########
RUN update-alternatives --set php /usr/bin/php8.2 && \
sed -i \
-e 's/^upload_max_filesize = .*/upload_max_filesize = 1024M/' \
-e 's/^max_input_time = .*/max_input_time = 600/' \
-e 's/^memory_limit = .*/memory_limit = -1/' \
-e 's/^post_max_size = .*/post_max_size = 1024M/' \
-e 's/^max_execution_time = .*/max_execution_time = 600/' \
-e 's/^opcache.enable= .*/opcache.enable=1/' \
-e 's|^;sendmail_path = .*|sendmail_path = "/usr/bin/msmtp -t"|' \
/etc/php82/php.ini && \
sed -i 's|;sendmail_path = *|sendmail_path = "/usr/bin/msmtp -t"|g' /etc/php82/php.ini
########## EMAIL ##########
COPY email/msmtprc /etc/msmtprc
########## SSH ##########
ENV NOTVISIBLE "in users profile"
RUN echo "export VISIBLE=now" >> /etc/profile
########## SSL #############
RUN mkdir -p /etc/apache2/ssl/ && \
cd /etc/apache2/ssl/ && \
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
-subj "/C=GB/ST=London/L=London/O=Global Security/OU=R&D Department/CN=openpanel.co" \
-keyout cert.key -out cert.crt
########## TERMINAL #############
# Fix for webterminal: bash: permission denied: /home/user/.bashrc
RUN chmod 755 /root
########## WP-CLI ##########
RUN curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar && \
chmod +x wp-cli.phar && \
mv wp-cli.phar /usr/local/bin/wp
########## Cleanup ##########
RUN rm -rf /var/cache/apk/* /tmp/* /var/tmp/*
########## Docker run entrypoint ##########
COPY entrypoint.sh /etc/entrypoint.sh
RUN chmod +x /etc/entrypoint.sh
CMD ["/bin/sh", "-c", "/etc/entrypoint.sh"]

155
docker/docker-compose.yml
View File

@@ -1,155 +0,0 @@
services:
# Database for OpenPanel users, plans, websites and domains
openpanel_mysql:
image: mysql/mysql-server
container_name: openpanel_mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
MYSQL_DATABASE: panel
MYSQL_USER: panel
MYSQL_PASSWORD: ${MYSQL_ROOT_PASSWORD}
ports:
- "3306:3306"
volumes:
- openadmin_mysql:/var/lib/mysql
- /etc/openpanel/:/etc/openpanel/
- /root/initialize.sql:/docker-entrypoint-initdb.d/initialize.sql
mem_limit: 1g
cpus: 1
oom_kill_disable: true
healthcheck:
test: ["CMD-SHELL", "mysql --user=panel --password=$MYSQL_ROOT_PASSWORD --execute \"SHOW DATABASES;\" || exit 1"]
interval: 10s
timeout: 10s
retries: 5
start_period: 10s
# OpenAdmin service running on port 2087
openadmin:
image: openpanel/openadmin
container_name: openadmin
depends_on:
- openpanel_mysql
#condition: service_healthy
cap_add:
- NET_ADMIN
- SYS_MODULE
healthcheck:
test: ["CMD-SHELL", "curl --fail http://localhost:2087/ || curl --fail https://localhost:2087/ || exit 1"]
interval: 30s
timeout: 10s
retries: 3
volumes:
- /lib/modules:/lib/modules:ro
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /:/hostfs:ro
- /home:/home
- /etc/ufw:/etc/ufw
- /usr/local/panel:/usr/local/panel
- /var/log:/var/log
- /etc/letsencrypt:/etc/letsencrypt
- /etc/my.cnf:/etc/my.cnf
- /etc/openpanel/:/etc/openpanel/
- /var/run/docker.sock:/var/run/docker.sock
- openadmin_mysql:/var/lib/mysql
- /usr/bin/docker:/usr/bin/docker
- /usr/local/admin/scripts:/usr/local/admin/scripts
network_mode: host
deploy:
resources:
limits:
memory: 1g
cpus: '1.0'
restart: always
privileged: true
# OpenPanel service running on port 2083
openpanel:
image: openpanel/openpanel
container_name: openpanel
depends_on:
- openpanel_mysql
cap_add:
- NET_ADMIN
- SYS_MODULE
healthcheck:
test: ["CMD-SHELL", "curl --fail http://localhost:2083/ || curl --fail https://localhost:2083/ || exit 1"]
interval: 30s
timeout: 10s
retries: 3
volumes:
- /lib/modules:/lib/modules:ro
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /:/hostfs:ro
- /home:/home
- /etc/ufw:/etc/ufw
- /usr/local/admin:/usr/local/admin
- /var/log:/var/log
- /etc/letsencrypt:/etc/letsencrypt
- /etc/my.cnf:/etc/my.cnf
- /etc/openpanel/:/etc/openpanel/
- /var/run/docker.sock:/var/run/docker.sock
- openadmin_mysql:/var/lib/mysql
- /usr/bin/docker:/usr/bin/docker
- /usr/local/admin/scripts:/usr/local/admin/scripts
network_mode: host
deploy:
resources:
limits:
memory: 1g
cpus: '2.0'
restart: always
privileged: true
# Nginx Reverse Proxy and WAF
nginx:
image: nginx
container_name: openpanel_nginx
cap_add:
- NET_ADMIN
- SYS_MODULE
ports:
- "80:80"
- "443:443"
healthcheck:
test: ["CMD-SHELL", "curl --fail http://localhost/b|| exit 1"]
interval: 30s
timeout: 10s
retries: 3
volumes:
- /etc/openpanel/nginx/nginx.conf:/etc/nginx/nginx.conf
- /etc/openpanel/nginx/vhosts/default.conf:/etc/nginx/sites-available/default
- /etc/openpanel/nginx/vhosts/default.conf:/etc/nginx/sites-enabled/default
- /etc/openpanel/nginx/vhosts/openpanel_proxy.conf:/etc/openpanel/nginx/vhosts/openpanel_proxy.conf
- /etc/nginx/sites-available/:/etc/nginx/sites-available/
- /etc/nginx/sites-enabled/:/etc/nginx/sites-enabled/
- /etc/openpanel/nginx/error_pages/snippets/:/etc/nginx/snippets/
- /etc/openpanel/nginx/error_pages/:/srv/http/default/
- /var/log/nginx/stats/:/var/log/nginx/stats/
- /var/log/nginx/domlogs/:/var/log/nginx/domlogs/
- /etc/letsencrypt:/etc/letsencrypt
- /etc/openpanel/openpanel/core/users/:/etc/openpanel/openpanel/core/users/
deploy:
resources:
limits:
memory: 1g
cpus: '1.0'
restart: always
privileged: true
oom_kill_disable: true
# User images
#openpanel_apache:
#image: openpanel/apache:latest
#entrypoint: /bin/true
#openpanel_nginx:
#image: openpanel/nginx:latest
#entrypoint: /bin/true
# make the data persistent
volumes:
openadmin_mysql: