Fix DNS + settings: CNAME skip in fixDNS, DB password from file

- dnsManager.fixDNSRecordsCloudFlare: track existing_types_by_name; skip adding A/AAAA when hostname has CNAME (A/AAAA cannot coexist with CNAME). Clearer docstring. - dnsUtilities: comment tweak for proxy-capable record types. - settings.py: read DB password from /etc/cyberpanel/mysqlPassword when present so panel stays in sync with CLI/install scripts.
2026-02-28 01:10:44 +01:00 · 2026-02-17 02:20:12 +01:00
parent 28f9c6ceae
commit c2e474d724
3 changed files with 29 additions and 7 deletions
--- a/CyberCP/settings.py
+++ b/CyberCP/settings.py
@@ -151,22 +151,30 @@ WSGI_APPLICATION = 'CyberCP.wsgi.application'

 # Database
 # https://docs.djangoproject.com/en/1.11/ref/settings/#databases
-
+# Prefer password from /etc/cyberpanel/mysqlPassword so panel stays in sync with CLI/install scripts.
+_def_mysql_pass = '1XTy1XOV0BZPnM'
+try:
+    _mysql_pass_file = '/etc/cyberpanel/mysqlPassword'
+    if os.path.exists(_mysql_pass_file):
+        with open(_mysql_pass_file, 'r') as _f:
+            _def_mysql_pass = (_f.read() or '').strip() or _def_mysql_pass
+except Exception:
+    pass

 DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'cyberpanel',
        'USER': 'cyberpanel',
-        'PASSWORD': '1XTy1XOV0BZPnM',
+        'PASSWORD': _def_mysql_pass,
        'HOST': 'localhost',
-        'PORT':''
+        'PORT': ''
    },
    'rootdb': {
        'ENGINE': 'django.db.backends.mysql',
        'NAME': 'mysql',
        'USER': 'root',
-        'PASSWORD': '1XTy1XOV0BZPnM',
+        'PASSWORD': _def_mysql_pass,
        'HOST': 'localhost',
        'PORT': '',
    },
--- a/dns/dnsManager.py
+++ b/dns/dnsManager.py
@@ -1222,7 +1222,7 @@ class DNSManager:
            return HttpResponse(final_json)

    def fixDNSRecordsCloudFlare(self, userID=None, data=None):
-        """Ensure all panel domains/subdomains for the zone have A (and AAAA if available) in CloudFlare. No duplicates."""
+        """Ensure panel domains/subdomains have A/AAAA while checking all existing record types to avoid conflicts."""
        try:
            currentACL = ACLManager.loadedACL(userID)
            if ACLManager.currentContextPermission(currentACL, 'addDeleteRecords') == 0:
@@ -1248,6 +1248,7 @@ class DNSManager:
                return HttpResponse(final_json)
            zone_id = sorted(zones, key=lambda v: v['name'])[0]['id']
            existing = set()
+            existing_types_by_name = {}
            page = 1
            per_page = 100
            while True:
@@ -1261,7 +1262,10 @@ class DNSManager:
                for rec in dns_records:
                    n = (rec.get('name') or '').lower().rstrip('.')
                    t = (rec.get('type') or '').strip().upper()
-                    if n and t in ('A', 'AAAA', 'CNAME'):
+                    if not n or not t:
+                        continue
+                    existing_types_by_name.setdefault(n, set()).add(t)
+                    if t in ('A', 'AAAA', 'CNAME'):
                        existing.add((n, t))
                if len(dns_records) < per_page:
                    break
@@ -1281,10 +1285,19 @@ class DNSManager:
            skipped = 0
            for hostname in valid_hostnames:
                name_lower = hostname.lower().rstrip('.')
+                host_types = existing_types_by_name.get(name_lower, set())
+                has_cname = 'CNAME' in host_types
+
+                # A/AAAA cannot coexist with CNAME on same hostname.
+                if has_cname:
+                    skipped += 2 if server_ipv6 else 1
+                    continue
+
                if (name_lower, 'A') not in existing and server_ip:
                    try:
                        DNS.createDNSRecordCloudFlare(cf, zone_id, hostname, 'A', server_ip, 0, ttl)
                        existing.add((name_lower, 'A'))
+                        existing_types_by_name.setdefault(name_lower, set()).add('A')
                        added += 1
                    except BaseException as e:
                        final_json = json.dumps({'status': 0, 'fix_status': 0, 'error_message': str(e), 'added': added, 'skipped': skipped})
@@ -1295,6 +1308,7 @@ class DNSManager:
                    try:
                        DNS.createDNSRecordCloudFlare(cf, zone_id, hostname, 'AAAA', server_ipv6, 0, ttl)
                        existing.add((name_lower, 'AAAA'))
+                        existing_types_by_name.setdefault(name_lower, set()).add('AAAA')
                        added += 1
                    except BaseException as e:
                        pass
--- a/plogical/dnsUtilities.py
+++ b/plogical/dnsUtilities.py
@@ -731,7 +731,7 @@ class DNS:
            else:
                dns_record = {'name': name, 'type': type, 'content': value, 'priority': priority}
            
-            # Only add proxied parameter for A, AAAA and CNAME records
+            # Only add proxied parameter for proxy-capable record types.
            if type in ['A', 'AAAA', 'CNAME']:
                dns_record['proxied'] = proxied