-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathconfig_example.cnf
113 lines (94 loc) · 8.1 KB
/
config_example.cnf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
# PLESK DEPLOYER - SETTINGS
PD_ADMIN_MAIL="[email protected]" # If Logs about the Deployment should be send to the Admin (0 = deactivated)
PD_ADMIN_MAIL_SEND_LOG="LOG_ALL" # Choose between "LOG_ALL", "LOG_DEPLOYMENT" or "LOG_ERROR" (0 = deactivated)
PD_DEBUG_MODE=0 # Debug Mode On or Off (do not use it in production!)
# PLESK DEPLOYER - CUSTOM DEPLOYMENTS
PD_PRE_DEPLOYMENT=0 # Executes a custom shell-script (absolute path to file) before the Deployment starts
PD_AFT_DEPLOYMENT=0 # Executes a custom shell-script (absolute path to file) after the Deployment ends
# LINUX
HOST_NAME=0 # Changes the HostName of this machine (includes a startup-script as well) (NOT IMPLEMENTED YET!)
# See also: https://blog.hosteurope.de/blog/hostnamen-aendern/
HOST_NAME_RESOLVE=0 # Resolve to the newly set HostName (NOT IMPLEMENTED YET!)
LINUX_PACKAGES="htop nano"
FTP_PASSIVE_PORTS="57000 59000" # You can define the Range of the FTP Passive Ports (e.g. 49152 50152 means 49152-50152)
SSH_PORT=46666
SSH_PUBKEYAUTHENTICATION=1 # Enable PubkeyAuthentication - Activate (1) / Deactivate (0)
SSH_PASSWORDAUTHENTICATION=1 # Enable PasswordAuthentication - Activate (1) / Deactivate (0)
# (deactivate PasswordAuthentication for better security, but only if you know how to configure public/private keys)
# (at least one of SSH_PUBKEYAUTHENTICATION, SSH_PASSWORDAUTHENTICATION has to be active)
SYS_TIME_ZONE="Europe/Berlin" # 0 = Deactivate Deployment of the Timezone (List of Timezones: https://www.php.net/manual/en/timezones.php)
# NGINX
NGINX_DEPLOYMENT=1 # 1 = Deploy and enable Nginx, 0 = Skip Nginx Deployment, -1 = Disable Nginx
NGINX_GZIP=1
NGINX_REQ_ADDR_99_FIX=1 # See also: https://goo.gl/Crm8yl
HTTP2_PREF=1 # 1 = Enable, 0 = Skip, -1 = Disable
# (Enabling / Disabling works only if nginx deployment is enabled or if nginx is already running)
# PHP
PHP_DEPLOYMENT=1 # PHP Deployment - Activate (1) / Deactivate (0)
PHP_VERSIONS=( "7.4" "7.3" "7.2" ) # All existing PHP Versions not included in the array will be uninstalled / un-deployed
# DATABASE (MySQL/MariaDB)
DB_DEPLOYMENT="1" # Deploy custom optimized DB Settings if needed - Activate (1) / Deactivate (0)
DB_CONF_FILE=/etc/my.cnf # Location to your DB Config File
DB_INNODB_BUFFER_POOL_SIZE="1024M" # Depending on your server resources use a lower value (1024M for Servers with enough Resources)
DB_INNODB_ADDITIONAL_MEM_POOL_SIZE="5000K"
DB_INNODB_LOG_BUFFER_SIZE="5000K"
DB_INNODB_THREAD_CONCURRENCY="2"
DB_QUERY_CACHE_SIZE="64M"
# PLESK - GENERAL SETTINGS
PLESK_PORT=8443 # Plesk Port (default: 8443) - (NOT IMPLEMENTED YET!)
PLESK_LOCALE="de-DE" # Or en-US, en-GB, de-DE, etc.
PLESK_AUTOUPDATES=1
PLESK_AUTOUPDATES_THIRD_PARTY=1
PLESK_THEME_DEPLOYMENT=0 # Plesk Theme Deployment (for custom themes) - Activate (1) / Deactivate (0)
# (be careful about custom themes, they can break Plesk Upgrades (major versions))
PLESK_THEME_DEFAULT=$FILES_PATH/plesk-theme # Default Branding Theme (GroundStack Theme)
PLESK_THEME_CUSTOM=$FILES_PATH/plesk-theme-custom # A directory or zip can be used as a custom plesk theme
# (copy the contents of the plesk-theme to plesk-theme-custom and
# adjust the files accordingly if you want your custom stylings / theme)
# For more informations about custom plesk themes:
# https://docs.plesk.com/en-US/onyx/administrator-guide/customizing-the-plesk-interface/using-custom-themes/modifying-the-files.70909/
# PLESK - COMPONENTS # Command list of all plesk components: "plesk installer list PLESK_18_0_21"
# PLESK - EXTENSIONS
PLESK_EXTENSIONS_DEPLOYMENT=0
# PLESK_EXTENSIONS[0]="https://ext.plesk.com/packages/b49f9b1b-e8cf-41e1-bd59-4509d92891f7-magicspam/download"
# PLESK_EXTENSIONS[1]="https://ext.plesk.com/packages/f6847e61-33a7-4104-8dc9-d26a0183a8dd-letsencrypt/download"
# A Plesk Extension parameter can be composed of a URL or a local ZIP File (absolute path)
# For more packages see: https://ext.plesk.com/packages
# PLESK - SECURITY
PLESK_MIN_PW_STRENGTH="strong" # very_weak|weak|medium|strong|very_strong
PLESK_FIREWALL=0 # NOT IMPLEMENTED YET
PLESK_MODSECURITY_FIREWALL=1 # 1 = Deploy | 0 = Skip | -1 = Deactivate
PLESK_MODSECURITY_FIREWALL_RULESET="crs" # crs|tortix (crs=OWASP, tortix=Atomicorp's ASL)
PLESK_MODSECURITY_FIREWALL_CONFIG_PRESET="fast" # fast|tradeoff|thorough
PLESK_MODSECURITY_FIREWALL_UPDATE_PERIOD="daily" # daily|weekly
PLESK_FAIL2BAN=1
PLESK_FAIL2BAN_BAN_PERIOD=1800
PLESK_FAIL2BAN_BAN_TIME_WINDOW=1800
PLESK_FAIL2BAN_BAN_MAX_ENTRIES=3
# PLESK - MAIL SPAM ASSASSIN
SPAM_ASSASSIN=1 # plesk bin spamassassin --update-server -status true
SPAM_ASSASSIN_SCORE=7 # plesk bin spamassassin --update-server -hits 7
SPAM_ASSASSIN_MAX_PROC=1 # plesk bin spamassassin --update-server -max-proc 1 // 1|2|3|4|5
# PLESK - MAIL SERVERWIDE SETTINGS
MAIL_DEPLOYMENT=1
MAIL_MAPS_STATUS=1 # plesk bin mailserver --set-maps-status true
MAIL_MAPS_ZONES="sbl.spamhaus.org,xbl.spamhaus.org" # plesk bin mailserver --add-maps-zone sbl.spamhaus.org,xbl.spamhaus.org
# Use -- at the beginning of the string to remove existing maps zones
MAIL_AUTH=both # plesk bin mailserver --set-relay auth -auth-type both // pop3 | smtp | both
MAIL_AUTH_LOCK_TIME=10 # plesk bin mailserver --set-relay auth -auth-type both -lock-time 10
MAIL_MAX_SIZE=10M # plesk bin mailserver --set-max-letter-size 10M
MAIL_MAX_CONNECTIONS=40 # plesk bin mailserver --set-max-connections 40
MAIL_MAX_CONNECTIONS_PER_IP=20 # plesk bin mailserver --set-max-connections-per-ip 20
MAIL_SIGN_OUTGOING_MAIL=0 # plesk bin mailserver --sign-outgoing-mail true
MAIL_VERIFY_INCOMING_MAIL=0 # plesk bin mailserver --verify-incoming-mail true
MAIL_OUTGOING_ANTISPAM=1 # plesk bin mailserver --enable-outgoing-antispam or plesk bin mailserver --disable-outgoing-antispam
MAIL_OUTGOING_ANTISPAM_MAILBOX_LIMIT=20 # plesk bin mailserver --set-outgoing-messages-mbox-limit 20
MAIL_OUTGOING_ANTISPAM_DOMAIN_LIMIT=100 # plesk bin mailserver --set-outgoing-messages-domain-limit 100
MAIL_OUTGOING_ANTISPAM_SUBSCRIPTION_LIMIT=200 # plesk bin mailserver --set-outgoing-messages-subscription-limit 200
# PLESK DEPLOYER - CONFIGS & SCRIPTS
CONFIGS_DEFAULT=1 # deploy configs/default
CONFIGS_CUSTOM=1 # deploy configs/custom
SCRIPTS_DEFAULT=1 # deploy scripts/default
SCRIPTS_CUSTOM=1 # deploy scripts/custom
SCRIPTS_EXPORT_PATH=~/scripts # If you change this value, then extend your PATH Variable in configs/custom/bash_profile.cnf accordingly
# (for example, if you have the directory ~/scripts already on your server, then change this path if needed)