Commit 1bcf6ccf authored by The Heavy's avatar The Heavy 🚂
Browse files

Setting further defaults

parent 8171dd49

README.md

+1 −0
Original line number Diff line number Diff line
@@ -27,6 +27,7 @@ After signing in you should run 'Re-check and refresh configuration' (should be 
- The initialisation script will also change ownership of a bunch of files and directories in /config to root:root, this might make a mess of existing data and I'm not really sure this is valid any more (feels like an old hack for permissions issues that may or may not still exist or could be handled better).

- Running 'passwd' in the container will fail because /etc/shadow is actually a symlink, Webmin can manipulate the file just fine (I'm probably breaking some fundamental *nix concept here).

- A number of features are installed directly in the container when really they should be separate containers that Virtualmin can link to (e.g. MySQL, ClamAV, SpamAssassin, and so on), and which probably have perfectly good images I could direct you to.

- The Webmin certificate is generated during image build, this means all containers share the same default certificate which is bad for security.



## Licence

root/etc/cont-init.d/50-virtualmin-config

+1 −1
Original line number Diff line number Diff line
@@ -69,7 +69,6 @@ chown -R opendkim:opendkim /etc/dkimkeys 
chown -R clamav:clamav /var/lib/clamav

chown -R mysql:root /var/run/mysqld

chmod -R go-w /etc/postfix

chmod go-w /etc



# find the container's IP address (no doubt there are some containers that break this as we assume eth0 is the network device)

MY_IP=$(ip addr show dev eth0 | grep -Eo 'inet (.*)/' | sed -e 's#inet ##' -e 's#/##')
@@ -91,6 +90,7 @@ MY_NAME=$(hostname) 
    sed -i --follow-symlinks -e "s#root: admin@if-this-domain-resolves-someone-is-going-to-be-mad-at-me\.eteoxaoghtrhwfza#root: admin@$MY_DOMAIN#" /etc/aliases && \

    sed -i --follow-symlinks -e "s#sched_email=admin@if-this-domain-resolves-someone-is-going-to-be-mad-at-me\.eteoxaoghtrhwfza#sched_email=admin@$MY_DOMAIN#" /etc/webmin/status/config && \

    sed -i --follow-symlinks -e "s#validate_email=admin@if-this-domain-resolves-someone-is-going-to-be-mad-at-me\.eteoxaoghtrhwfza#validate_email=admin@$MY_DOMAIN#" /etc/webmin/virtual-server/config && \

    sed -i --follow-symlinks -e "s#script_warn=if-this-domain-resolves-someone-is-going-to-be-mad-at-me\.eteoxaoghtrhwfza#script_warn=$MY_DOMAIN#" /etc/webmin/virtual-server/config && \

    sed -i --follow-symlinks -e "s#feedback_to=admin@if-this-domain-resolves-someone-is-going-to-be-mad-at-me\.eteoxaoghtrhwfza#feedback_to=admin@$MY_DOMAIN#" /etc/webmin/config && \

    sed -i --follow-symlinks -e "s#upemail=admin@if-this-domain-resolves-someone-is-going-to-be-mad-at-me\.eteoxaoghtrhwfza#upemail=admin@$MY_DOMAIN#" /etc/webmin/usermin/config && \

    sed -i --follow-symlinks -e "s#sched_email=admin@if-this-domain-resolves-someone-is-going-to-be-mad-at-me\.eteoxaoghtrhwfza#sched_email=admin@$MY_DOMAIN#" /etc/webmin/package-updates/config && \

root/etc/webmin/virtual-server/config

+8 −8
Original line number Diff line number Diff line
@@ -5,12 +5,9 @@ all_namevirtual=0 
allow_subdoms=0

allow_symlinks=0

allow_upper=0

always_ssl=0

apache_config=ServerName ${DOM}	ServerAlias www.${DOM}	ServerAlias mail.${DOM}	DocumentRoot ${HOME}/public_html	ErrorLog /var/log/virtualmin/${DOM}_error_log	CustomLog /var/log/virtualmin/${DOM}_access_log combined	ScriptAlias /cgi-bin/ ${HOME}/cgi-bin/	DirectoryIndex index.php index.php4 index.php5 index.htm index.html	<Directory ${HOME}/public_html>	Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch 	allow from all	AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch	</Directory>	<Directory ${HOME}/cgi-bin>	allow from all	AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch	</Directory>

apache_ssl_config=

append=1

auto_letsencrypt=1

auto_redirect=0

avail_at=1

avail_bind8=1

avail_change-user=1
@@ -46,7 +43,6 @@ backuplog_days=7 
backup_onebyone=1

backup_rotated=0

batch_create=1

bccs=0

bccto=none

bind_cloud=

bind_config=
@@ -70,7 +66,6 @@ capabilities=none 
cert_type=sha2

check_ports=1

clamscan_cmd=clamscan

collect_restart=0

compression=0

dbfnorename=0

dbgroup=
@@ -141,7 +136,6 @@ gacl_root=${HOME} 
gacl_ugroups=${GROUP}

gacl_umode=1

gacl_users=

generics=0

ham_trap_white=0

hide_alias=0

home_backup=virtualmin-backup
@@ -354,8 +348,11 @@ web_writelogs= 
# customised settings

alias_post_command=

alias_pre_command=

always_ssl=1

apache_star=2

append_style=6

auto_letsencrypt=0

auto_redirect=1

avail_dns=0

avail_file=0

avail_postgres=0
@@ -366,6 +363,7 @@ avail_webminlog=0 
backup_feature_dns=0

backup_feature_webalizer=0

backuplog_age=7

bccs=1

bind_dmarcp=reject

bind_dmarcrua=skip

bind_dmarcruf=skip
@@ -386,15 +384,17 @@ collect_ifaces= 
collect_interval=30

collect_noall=1

collect_notemp=1

collect_restart=1

combined_cert=2

combined_tmpl=

contact_email=

contact_email=admin@if-this-domain-resolves-someone-is-going-to-be-mad-at-me.eteoxaoghtrhwfza

delete_logs=1

denied_domains=

dns=0

dns_check=1

dns_records=@ www ftp localhost m

everything_tmpl=

generics=1

group_quotas=

groupsame=1

gzip_mysql=1
@@ -443,7 +443,7 @@ post_command= 
pre_command=

quotas=0

renew_letsencrypt=

script_warn=

script_warn=if-this-domain-resolves-someone-is-going-to-be-mad-at-me.eteoxaoghtrhwfza

spam=1

spam_client_global=1

spam_delivery=$HOME/Maildir/.Junk/