After creating a custom config in these two files after the 3.2.3 update, the 3.2.4 update saw them there but did not use them. /usr/local/ispconfig/server/conf-custom/install/postfix_custom.conf.master /usr/local/ispconfig/server/conf-custom/install/dovecot_custom.conf.master Update Log (Cleaned): Operating System: CentOS 7.9 This application will update ISPConfig 3 on your server. Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]: Creating backup of "/usr/local/ispconfig" directory... Creating backup of "/etc" directory... Checking ISPConfig database .. OK Starting incremental database update. Loading SQL patch file: /tmp/update_runner.sh.HWrxE9W5oY/install/sql/incremental/upd_dev_collection.sql Reconfigure Permissions in master database? (yes,no) [no]: Service 'firewall_server' has been detected (currently disabled) do you want to enable and configure it? (yes,no) [no]: Reconfigure Services? (yes,no,selected) [yes]: The following custom templates were found: /usr/local/ispconfig/server/conf-custom/vhost.conf.master Do you want to rename these conf-custom templates now so the default templates are used? (yes,no) [no]: The following local config override templates were found, be sure to incorporate upstream changes if needed: /usr/local/ispconfig/server/conf-custom/install/dovecot_custom.conf.master /usr/local/ispconfig/server/conf-custom/install/postfix_custom.conf.master Configuring Postfix Configuring Dovecot Configuring Spamassassin Configuring Amavisd Configuring Getmail Configuring BIND Configuring Pureftpd Configuring Apache Configuring vlogger Configuring Apps vhost Configuring Jailkit Configuring Database Updating ISPConfig ISPConfig Port [808X]: Create new ISPConfig SSL certificate (yes,no) [no]: which: no acme.sh in (/usr/local/ispconfig/server/scripts) which: no acme.sh in (/root/.acme.sh) Reconfigure Crontab? (yes,no) [yes]: Updating Crontab Restarting services ... Update finished. My custom configs: Postfix custom config: greylisting = check_policy_service unixostgrey/socket smtpd_tls_cert_file = /var/system/ssl/cert.pem smtpd_tls_key_file = /var/system/ssl/privatekey.pem Dovecot custom config: ssl_cert = </var/system/ssl/chain.pem ssl_key = </var/system/ssl/privatekey.pem Am I missing something or is something broken?
No, the default values still appear in the main.cf and dovecot config files. After swapping them to my custom config settings and restarting the services all runs fine. There is no 99-ispconfig file in the folder specified. I did notice in main.cf that the 3 lines I had in my custom file where moved out of the flow and appeared at the bottom, but still had the default values. Like it tried to change, knew which lines to change and just did not. Dovecot conf was not that way however. As a side note, the other custom config service is Pure-FTP. The settings for TLS, ports and SSL also have to be reset. Is there a custom config spot for Pure-FTP as well?
I did try that before posting, as it was recommended in the Dovecot config file. The result was the same as a normal update.
Sounds good. Thanks Going forward in the next year or so I plan on transitioning from CentOS, 7 currently and I don't want to move to 8 which has no life, to either Debian or Ubuntu. Would you recommend one over the other in terms of performance and security?
Ok. I was leaning that way. I like that debian is entirely community vs having a company that controls the course of changes. Both LTS end in 2022 for core support and move into extended. I can see some tweaks I will add in any case, such as postgrey which does not appear to be in the perfect server tutorials for debian. And it will take some other learning to adjust some other settings, but that's not that big of a deal.
