emailMarketing was removed from INSTALLED_APPS but the plugin directory
still exists, causing Django to fail with:
'Model class emailMarketing.models.EmailMarketing doesn't declare an explicit
app_label and isn't in an application in INSTALLED_APPS'
This fixes the HTTP 500 error on /plugins/installed
Plugins should be installed via Plugin Store, not auto-registered in core.
Plugin registrations (INSTALLED_APPS and URL routes) are added dynamically
during plugin installation via pluginInstaller, not hardcoded in core.
Removed from INSTALLED_APPS:
- fail2ban
- discordAuth (already removed by user)
- googleTagManager
- discordWebhooks (already removed by user)
Removed from urls.py:
- All plugin URL routes (fail2ban, googleTagManager, discordAuth)
These plugins must be installed via Plugin Store, which will automatically
add them to INSTALLED_APPS and urls.py during installation.
Plugins should be installed via Plugin Store, not auto-registered in core.
Plugin registrations (INSTALLED_APPS and URL routes) are added dynamically
during plugin installation, not hardcoded in the core repository.
Reverted:
- Removed fail2ban, discordWebhooks, googleTagManager from INSTALLED_APPS
- Removed plugin URL routes from urls.py
- discordAuth was already removed by user
Kept:
- Automatic lscpd restart after plugin installation (pluginHolder/views.py)
- File ownership/permissions fixes
- Add pm2Manager to INSTALLED_APPS to enable template loading
- Fix duplicate fail2ban entry that was causing ImproperlyConfigured error
- Enables pm2Manager/settings.html template to be found by Django
- Enhanced plugin installer to properly extract and install plugins
- Added security middleware exception for plugin webhook endpoints
- Improved plugin listing with better error handling
- Added testPlugin as example plugin for CyberPanel plugin system
- Updated INSTALLED_APPS and URL routing for plugins
Author: master3395
- Removed session validation check from phpmyadminsignin.php
- Removed PhpMyAdminAccessMiddleware from settings.py
- These changes were preventing access to phpMyAdmin even for logged-in users
- Reverts problematic authentication flow that was blocking legitimate access
- Deleted the .env.template file and the env_generator.py script to streamline the installation process.
- Removed various test scripts related to installation and compatibility checks, as they are no longer necessary with the updated configuration approach.
- Updated settings.py to directly include secure credentials, eliminating the need for external environment files.
- Enhanced security by ensuring sensitive information is handled directly within the application code.
- Introduced a new model `UserNotificationPreferences` to store user-specific notification dismissal settings.
- Added context processor to include notification preferences in templates.
- Implemented API endpoints to dismiss backup and AI scanner notifications permanently.
- Updated front-end logic to handle notification dismissal via server-side checks and API calls.
- Enhanced documentation to include a new Custom CSS Guide for theme customization.
- Updated settings.py to include PhpMyAdminAccessMiddleware for enhanced access control.
- Modified phpmyadminsignin.php to check user session and redirect to the login page if not authenticated.
- Updated .gitignore to include additional sensitive files and directories.
- Added python-dotenv to requirements for loading environment variables.
- Modified settings.py to load environment variables for sensitive configurations, including SECRET_KEY, DEBUG, and database credentials.
- Implemented secure .env file generation during installation to avoid hardcoding sensitive information.
- Introduced fallback method for settings update if environment generation fails.
- Introduced a new `cosmetic_context` processor to provide custom CSS data to templates.
- Updated `settings.py` to include the new context processor.
- Modified multiple HTML templates to utilize the `cosmetic` variable for dynamic CSS styling.
- Enhanced user interface elements with improved styling and accessibility features, including ARIA labels for form controls.
- Remove CSF menu item from sidebar navigation
- Disable CSF-related URL endpoints in firewall module
- Update upgrade process to automatically remove CSF and restore firewalld
- Archive CSF template and configuration files
- Clean up CSF references in settings and upgrade scripts
CSF (ConfigServer Security & Firewall) is shutting down on August 31, 2025.
This commit removes CSF integration and ensures firewalld is restored as the
default firewall solution during upgrades.
Fixes#1473
