Solved DA_SKIP_CSF is not honored during setup.sh/custombuild

[kristian]

It seems like DA_SKIP_CSF is not honored during an initial run of setup.sh. I run this using ansible, with the following task:

- name: "Run DirectAdmin setup | This will take a while"
  shell:
    cmd: "./setup.sh {{ directadmin__license_key }} >/var/log/ansible-da-custombuild/da_setup.sh.{{ ansible_date_time.iso8601 }}.log 2>&1"
    chdir: "{{ directadmin__setup_sh_path }}"
    creates: "{{ directadmin__config_path }}"
  environment:
    DA_EMAIL: "{{ directadmin__admin_email_address }}"
    DA_NS1: "{{ directadmin__primary_name_server }}"
    DA_NS2: "{{ directadmin__secondary_name_server }}"
    DA_SKIP_CSF: "true"
    DA_FOREGROUND_CUSTOMBUILD: "true"

setup.sh reports the environment variables as I expect:

[setup.sh] Using these parameters for the installation:
                License Key: <redacted>
                 DA_CHANNEL: current
                   DA_EMAIL: <redacted>
                DA_HOSTNAME: <redacted>
                     DA_NS1: <redacted>
                     DA_NS2: <redacted>
            DA_SKIP_FASTEST: no
                DA_SKIP_CSF: true
      DA_SKIP_MYSQL_INSTALL: no
         DA_SKIP_SECURE_PHP: no
        DA_SKIP_CUSTOMBUILD: no
 DA_INTERACTIVE_CUSTOMBUILD: no
  DA_FOREGROUND_CUSTOMBUILD: true

However, CSF is in fact being installed by what seems to be custombuild after the initial Directadmin install is finished:

[...]
DirectAdmin should be accessible now
If you cannot connect to the login URL, then it is likely that a firewall is blocking port 2222. Please see:
  https://docs.directadmin.com/directadmin/general-usage/troubleshooting-da-service.html#cannot-connect-to-da-on-port-2222
######################################################################## 100.0%
CustomBuild installation has started, you may check the progress using the following command: tail -f /usr/local/directadmin/custombuild/install.txt
Adding system user `webapps' (UID 111) ...
Adding new group `webapps' (GID 118) ...
Adding new user `webapps' (UID 111) with group `webapps' ...
Not creating home directory `/var/www/html'.
grep: /etc/virtual/domains: No such file or directory
Installing sysbk...
######################################################################## 100.0%
Synchronizing state of bind9.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable bind9
Removed /etc/systemd/system/multi-user.target.wants/bind9.service.
Added 'allow-transfer { none; };' to /etc/bind/named.conf.options
bind9.service is not a native service, redirecting to systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable bind9
Created symlink /etc/systemd/system/multi-user.target.wants/named.service -> /etc/systemd/system/named.service.
Installing CSF...
######################################################################## 100.0%
Adding tcp|out|u=0 to csf.allow and iptables ACCEPT...
iptables: No chain/target/match by that name.
ACCEPT  tcp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0   owner UID match 0
Adding udp|out|u=0 to csf.allow and iptables ACCEPT...
iptables: No chain/target/match by that name.
ACCEPT  udp opt -- in * out !lo  0.0.0.0/0  -> 0.0.0.0/0   owner UID match 0
CSF installation has finished.
[...]

 

[smtalk]

Do you have any pre-defined CB options.conf file there?

 

[kristian]

Yes, I place the options.conf file prior to running setup.sh, but it is written with csf=no. However when I look in options.conf now, it has csf=yes. It seems something is resetting this setting, somewhere. I can't find a trace of anything in the logs that would indicate this happening though. I will try to run setup.sh again (on a fresh install) and add DA_SKIP_SECURE_PHP as well (which I need, but forgotten about earlier), and see how that is treated.

 

[smtalk]

Found it in setup.sh, fixed. Thank you for the report!

 

[kristian]

Just to follow up, DA_SKIP_SECURE_PHP is honored as expected as well.