Commit Graph

5747 Commits

Author SHA1 Message Date
master3395
8d78e90ad6 install: detectPlatform treat bare VERSION_ID 9/10 as rhel9 for OLS binaries 2026-03-25 20:37:43 +01:00
master3395
a4421681bc Merge upstream v2.4.5 into v2.5.5-dev for full stack parity
Integrates webmail and emailDelivery apps, mail-server and install/upgrade
paths, cyberpanel_ols 2.7.0-style binaries, and v2.4.5 UI patterns while
preserving v2.5.5-dev behavior (SnappyMail/PUBLIC_ROOT, childPath in
launchChild, hardened downloads and SSH activity modal).
2026-03-25 20:36:51 +01:00
master3395
4b4625e032 Populate plugin store modify dates 2026-03-25 15:26:26 +01:00
master3395
7a9fcf28fb Fix plugin settings proxy view callables 2026-03-25 14:41:40 +01:00
master3395
a2fddadfd6 Fix plugin settings proxy callable names 2026-03-25 14:38:09 +01:00
master3395
0b79346ea1 Improve plugin store UX and fix plugin settings 404s
- Make /plugins/<plugin>/settings/ work for incomplete plugin installs by importing plugin views from source and relaxing overly strict proxy checks.
- Sync INSTALLED_APPS from plugin source when installed markers exist but installed copies are incomplete.
- Keep prior plugin store performance improvements (lazy upgrades fetching, fewer GitHub calls).
2026-03-25 14:31:57 +01:00
Master3395
22f97ac33d Merge pull request #1743 from master3395/v2.5.5-dev
Add websiteFunctions legacy Websites stub migration
2026-03-25 11:05:52 +01:00
master3395
3524b46ff0 Add websiteFunctions legacy Websites stub migration 2026-03-25 11:04:47 +01:00
Master3395
012a9c6248 Merge pull request #1742 from master3395/v2.5.5-dev
V2.5.5 dev
2026-03-25 10:58:05 +01:00
master3395
69bafdf09e Add managePlugins ACL + enforce pluginHolder actions
Ensures delegated admins with plugin management permission can access `/plugins/installed` UI and all plugin action endpoints consistently.
2026-03-25 10:12:48 +01:00
master3395
fea1ab6619 listUsers: suppress duplicate success toasts after refresh
populateCurrentRecords() always showed Users successfully fetched on every
successful fetch, so delete/edit/ACL/suspend showed two popups. Add optional
suppressSuccessNotify; use silent refresh after mutations and on initial load.
2026-03-25 01:47:31 +01:00
master3395
3054e6e50d fix(users): delete panel users when WebAuthn tables are missing
- robust_delete_administrator: use ORM delete when webauthn_credentials exists; else SQL DELETE after optional webauthn row cleanup and recursive child admins
- Fixes MySQL 1146 ProgrammingError on submitUserDeletion for installs without webauthn migrations
- JSON responses use application/json; errors include deleteStatus for listUsers UI
2026-03-25 01:43:58 +01:00
master3395
a741375aa4 fix(users): homeDirectoryManager logging + duplicate username check
- Replace invalid logging.CyberCPLogFileWriter calls (logging is already CyberCPLogFileWriter); fixes AttributeError masking real errors in createUserDirectory
- Same fix in homeDirectoryViews exception handlers
- Pre-check Administrator username before save; use django.db.utils.IntegrityError
- Fix userMigration error handler to call writeToFile correctly
- Validate non-empty username after strip
2026-03-25 01:23:02 +01:00
master3395
e78f391ce3 fix(users): resolve home_dir when selected home id missing (UnboundLocalError)
- After invalid/missing HomeDirectory id, resolve home_dir from best path like auto mode
- Handle MultipleObjectsReturned on path lookup; use get_or_create for UserHomeMapping
- Clear errors for ACL.DoesNotExist and IntegrityError (duplicate username)
- Ensure JSON error responses include createStatus and application/json
2026-03-25 01:14:55 +01:00
master3395
276b4fa375 fix(users): Create User ACL ng-model default and safer submitUserCreation
- Initialize selectedACL in create user template so JSON POST always includes ACL
- Explicit option values; pass default_acl_name from view for ng-init
- Coerce websitesLimit to int; validate selectedACL before ACL.objects.get
- ensure_csrf_cookie on createUser page load
- Optional /etc/cyberpanel/csrf_trusted_origins for HTTPS IP:port panels
- Allow changeUserACL on getUserHomeDirectories (parity with create user page)
- Sync public/static and static copies of userManagment.js with app static
2026-03-25 01:10:11 +01:00
master3395
fbbb3dcbed pluginInstaller: privileged read for core files (index.html uninstall)
Add _read_lines_from_protected_file: cp via executioner when EACCES/EPERM on read.
Use for settings.py, urls.py, baseTemplate index.html on install/uninstall paths.
2026-03-25 00:08:08 +01:00
master3395
1f06e8b090 pluginInstaller: privileged write for settings/urls, skip duplicate pluginHolder urls
- _write_lines_to_protected_file: temp file + ProcessUtilities cp when direct write fails
- upgradingSettingsFile: idempotent; fallback anchor pluginHolder; clearer warnings
- upgradingURLs: no-op when pluginHolder.urls present (avoids duplicate routes and root-only edits)
- add/removeInterfaceLink and removeFromSettings/URLs use protected writer
2026-03-24 23:21:09 +01:00
master3395
bb61871b28 pluginHolder: compat installPlugin() without zip_path (legacy pluginInstaller)
Detect inspect.signature for zip_path; fall back to chdir + pluginName.zip
for store install, upload install, and upgrade from GitHub.
2026-03-24 22:28:12 +01:00
Master3395
bd790c39a6 Merge pull request #1741 from master3395/v2.5.5-dev
V2.5.5 dev
2026-03-24 20:33:27 +01:00
master3395
b9b24dd687 FTP: path normalization, post-create directory edit, enable/disable
- Resolve FTP home paths without duplicating /home/domain; support absolute paths under site home
- Add changeFTPDirectory API and list UI; improve create form path help
- Add setFTPAccountStatus (Status 0/1) with Enable/Disable on list page
- Pure-FTPd MySQL: require Status='1' for authentication in install templates
- Plugin signals for change directory and account status
2026-03-24 20:22:56 +01:00
master3395
10d4da6c0f fix(ftp): hide create-account alerts until submit (ng-show + ng-cloak)
- Replace inverted ng-hide flags with alertFtp* + ng-show (default false).
- Remove broken cantLoadInitialDatas guard (successfullyCreatedFTP !== false
  was true on initial state).
- Per-request submissionCompleted prevents duplicate error handlers.
- ng-cloak on controller root + CSS avoids FOUC before first digest.
- Sync static/ and public/static/ ftp.js with app static copy.
2026-03-24 00:17:23 +01:00
master3395
606209060f fix(ftp): add idempotent custom_quota columns on users table
- CPScripts/ensure_ftp_users_quota_columns.py checks information_schema and
  ALTER TABLE users ADD COLUMN for custom_quota_enabled and custom_quota_size
  when missing (fixes MySQL 1054 on FTP account creation).
- deploy-ftp-users-custom-quota-columns.sh copies script to CyberCP and runs
  repair; restarts lscpd when active.
- upgrade_modules/10_post_tweak.sh runs the repair after upgrade sync.
2026-03-24 00:07:58 +01:00
usmannasir
383d4ea3f1 Fix Dovecot hard restart killing active IMAP/POP3 connections
Replace 'systemctl restart dovecot' with 'doveadm reload' in
virtualHostUtilities, mailUtilities, and renew modules. The nightly
backup scheduler, SSL operations, and weekly cert renewal were
forcefully terminating all client sessions. doveadm reload applies
config changes (including updated SSL certs) without dropping
existing connections. upgrade.py is intentionally left unchanged
as full restarts are appropriate during upgrades.
2026-03-20 16:01:30 +05:00
usmannasir
d8cfad2761 Merge branch 'v2.4.4' into v2.4.5 2026-03-15 06:29:40 +05:00
usmannasir
92dbc2be76 Update cyberpanel_ols module to v2.7.0 and remove hash verification
Downloads are served directly from cyberpanel.net so checksum
verification is unnecessary. Also updates module URLs from v2.4.4
to v2.7.0.
2026-03-15 06:28:17 +05:00
Master3395
edeebb55ce Merge pull request #1737 from master3395/v2.5.5-dev
Subdomain fixes: creation (FQDN normalize), SSL (child webroot), Clou…
2026-03-14 23:53:14 +01:00
master3395
56866172c6 Subdomain fixes: creation (FQDN normalize), SSL (child webroot), CloudFlare delete (parent zone), acme-challenge dir 2026-03-14 23:51:51 +01:00
Master3395
0587085a5b Merge pull request #1734 from master3395/v2.5.5-dev
Database create: allow special chars in password, return real errors,…
2026-03-13 23:39:18 +01:00
master3395
cc0a002fd6 Database create: allow special chars in password, return real errors, safe SQL
- secMiddleware: allow dbPassword to bypass strict char check (stronger passwords)
- mysqlUtilities.createDatabase: return (0, error_message) on failure so UI shows real error instead of '0'
- mysqlUtilities.createDatabase: backtick-quote db name (fix 'near -admin' with hyphens), escape password and user for SQL
- submitDBCreation: pass through error message from createDatabase
- backupUtilities, Backupsv2, restoreMeta: treat createDatabase != 1 as failure (tuple return)
- patches/allow-dbpassword-special-chars.patch for secMiddleware deploy
2026-03-13 23:36:29 +01:00
Master3395
17d1eb55e0 Merge pull request #1731 from master3395/v2.5.5-dev
V2.5.5 dev
2026-03-12 12:14:21 +01:00
master3395
120f449b60 pluginHolder: harden upgrade - verify meta sync, retry, fsync so version updates reliably 2026-03-07 22:04:52 +01:00
master3395
657b903e44 pluginHolder: single upgrade confirmation (keep WARNING), refresh list after upgrade
- Remove second 'Final confirmation' dialog; keep only the WARNING backup dialog
- After successful upgrade, refetch plugin store and refresh upgrades list so
  upgraded plugins no longer appear under Upgrades Available
2026-03-07 21:12:54 +01:00
Master3395
c6bb471a7f Merge pull request #1725 from master3395/v2.5.5-dev
V2.5.5 dev
2026-03-07 02:52:07 +01:00
master3395
6bfa9382ee docs: remove hardcoded IP from 2FA guide (use your-server placeholder) 2026-03-07 02:47:55 +01:00
master3395
dc79703463 2FA/WebAuthn, user management, deploy and fix scripts
- loginSystem: WebAuthn (webauthn backend, models, urls, views), login template and webauthn.js
- baseTemplate: index.html updates
- docs: 2FA_AUTHENTICATION_GUIDE.md
- userManagment: createUser/modifyUser templates, userManagment.js, views, tests; check_modify_users_page.py
- requirments.txt: add webauthn>=2.0.0
- deploy-templates.sh: deploy templates/static to live CyberCP
- fix-cyberpanel-500.sh: script for common HTTP 500 login fixes (MariaDB, configservercsf, cache, restart)
2026-03-07 02:46:15 +01:00
master3395
67d8a716dc Plugins: add Upgrades Available tab for easier plugin updates
- New tab between Table View and CyberPanel Plugin Store with badge count
- Dedicated view listing only installed plugins with a newer store version
- Table columns: Plugin Name, New Version, Your Version, Date, Action (Upgrade)
- Notice to read release info and backup before upgrading
- Badge and list populated from existing store API (update_available)
2026-03-07 02:44:54 +01:00
usmannasir
8578733d0d Fix broken PHP symlink after upgrade: use lexists to detect dangling symlinks
os.path.exists() returns False for broken symlinks (e.g. /usr/bin/php
pointing to removed php7.4), so the old link was never removed and
the new ln -s to lsphp83 failed silently. Use os.path.lexists() instead.
2026-03-07 04:53:52 +05:00
Master3395
b46e7d2e99 Merge pull request #1724 from master3395/v2.5.5-dev
V2.5.5 dev
2026-03-06 21:14:43 +01:00
master3395
9e8011990a Plugin settings 404 and uninstall permission fixes
- Add plugin_settings_proxy for /plugins/<name>/settings/ so settings pages
  work for all installed plugins (handles plugins installed after worker start)
- Add path('<str:plugin_name>/settings/', plugin_settings_proxy) in pluginHolder.urls
- removeFromSettings/removeFromURLs: use try/except for read/write, raise clear
  PermissionError message; ensure panel user can write (chgrp lscpd; chmod g+w)
- Deploy: make CyberCP/settings.py, urls.py, baseTemplate index.html group-
  writable by lscpd so uninstall can update them
2026-03-06 21:00:33 +01:00
master3395
aa783d150b Plugin install: exclude README.md from wrong-location check (main repo has it at root)
Fixes false 'Files extracted to wrong location' when /usr/local/CyberCP/README.md
exists. Ensure panel user can create plugin dirs (e.g. chgrp lscpd /usr/local/CyberCP,
chmod g+w, and add panel user to group lscpd).
2026-03-06 20:51:45 +01:00
master3395
26d3d289b4 Plugin store: fix install for all plugins (nested repo + extraction)
- Find plugin in GitHub archive by any path segment (Category/pluginName)
- extractPlugin: prefer top-level dir matching plugin name; handle repo-root
  single dir by using plugin subdir when present (avoids wrong location)
- Add pluginHolder and pluginInstaller to upgrade recovery essential dirs

Fixes: Files extracted to wrong location (e.g. pm2Manager, README.md in root)
2026-03-06 20:40:37 +01:00
master3395
d2ad06aa4e Plugin install: pass absolute zip path to avoid cwd races; extract always uses given path 2026-03-06 20:26:15 +01:00
master3395
24467035a9 Fix plugin installation: extract to plugin dir for any zip structure (install/upgrade/downgrade safe) 2026-03-06 20:17:48 +01:00
Master3395
fd1f5d30c5 Merge pull request #1723 from master3395/v2.5.5-dev
V2.5.5 dev
2026-03-06 20:08:43 +01:00
master3395
4a999ab6d2 Remove to-do folder, docs/WINDOWS_INSTALLATION_GUIDE.md, docs/release_v2.5.5-dev.md 2026-03-06 20:07:44 +01:00
master3395
df283b4db3 Issue SSL tile + centered SSL form close (X) for v2.5.5-dev; install/upgrade/downgrade safe 2026-03-06 20:03:19 +01:00
Master3395
00e139e90b Merge pull request #1722 from master3395/v2.5.5-dev
Docker containers 500 fix, firewall banned IPs, container logs readab…
2026-03-06 19:07:12 +01:00
master3395
53fc6a52e5 Docker containers 500 fix, firewall banned IPs, container logs readability, base Ban IP sync to DB
- dockerManager: add 0001_initial migration (CREATE TABLE IF NOT EXISTS), migrate-and-retry on DB errors, safe error response, fix logging.CyberCPLogFileWriter.writeToFile
- dockerManager/views: listContainersPage fallback HTML with error message if template fails
- dockerManager/viewContainer: improve container log readability (font-size 1rem, color #f1f5f9, line-height 1.6)
- baseTemplate: blockIPAddress also adds ban to firewall BannedIP model so Firewall > Banned IPs shows all
- firewall: getBannedIPs migrate-and-retry on OperationalError/ProgrammingError; install runs migrate firewall
- plogical/upgrade: syncBannedIPsJsonToDb() to sync JSON bans to firewall_bannedips; firewallMigrations() calls it; CyberPanelUpgrade runs firewallMigrations(); someDirectories creates /usr/local/CyberCP/data
- install: explicit migrate firewall after global migrate
2026-03-06 18:50:30 +01:00
usmannasir
6efdf28396 Fix SMTP relay on AlmaLinux/RHEL: install cyrus-sasl-plain package
Postfix SASL PLAIN auth fails with "No worthy mechs found" on
RHEL/AlmaLinux because cyrus-sasl-plain is not installed by default.
- Add cyrus-sasl-plain to postfix install in install.py
- Auto-install in configureRelayHost() for existing servers
- Add to upgrade.py setupSieve() for existing installations
2026-03-06 18:36:41 +05:00
usmannasir
441f11b850 Fix fresh install crash: replace plogical imports in installCyberPanel.py
installSieve() and setupWebmail() imported from plogical module which
doesn't exist during fresh install (CyberPanel code not yet deployed).
- Replace FirewallUtilities.addSieveFirewallRule() with direct firewall-cmd/ufw calls
- Replace generate_pass() with inline secrets.choice() password generation
2026-03-06 17:10:08 +05:00