ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2021-02-18T15:12:16Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6013SSL ISPConfig Installer / Updater Code May Be Repetitive2021-02-18T15:12:16ZHj Ahmad Rasyid Hj IsmailSSL ISPConfig Installer / Updater Code May Be RepetitiveI have been revisiting ISPConfig installer_base.lib.php as well as install.php and update.php files and I think the code with regards to SSL may be repetitive and most of them, if not all, may be avoided if the SSL request for the server...I have been revisiting ISPConfig installer_base.lib.php as well as install.php and update.php files and I think the code with regards to SSL may be repetitive and most of them, if not all, may be avoided if the SSL request for the server and its services can be made before configure_postfix (include creation of smtpd.cert and smtpd.key) and configure_dovecot (include creation of dhparam file dh.pem).
Reading on dovecot, I think it is not necessary to use ssl-parameters.dat and convert it as dhparam file (dh.pem) even if it is meant for v2.2 as using it was only a mere suggestion to ease creating creating the same but using openssl to issue it should also work as well and pure-ftpd is using one that can be symlinked.
Since symlinks can be made to all of them whether by using self-signed or LE SSL certs or others, if it is possible to rearrange the priority in those files especially install.php and update.php, we may avoid such a repetition and may be make the install / update process a little bit faster?
A thought to be discussed further before any decision could be made.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6012Update README.md2021-01-13T09:57:28ZThomUpdate README.mdUpdate the read me with up to date information on the project (any pointers?)Update the read me with up to date information on the project (any pointers?)3.2.3ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6008Remove "Form to ..." from forms of system module2021-03-09T19:37:43ZThomRemove "Form to ..." from forms of system module3.2.3ThomThomhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6006Add config file changes to UI2021-01-09T14:37:56ZTony GAdd config file changes to UIThis is another feature enhancement suggestion that might be easier than others. I'm hoping it can just be added to the pile of such suggestions for consideration.
The feature for adding Apache Directives can be used as a model for /etc...This is another feature enhancement suggestion that might be easier than others. I'm hoping it can just be added to the pile of such suggestions for consideration.
The feature for adding Apache Directives can be used as a model for /etc/postfix/main.cf and /etc/dovecot/dovecot.conf. In System Config>Mail provide a textarea for Additional Postfix Settings, and another for Additional Dovecot Settings. On Save the resulting config files will have a distinctive #! comment to separate these sections from existing settings. Example:
```
#! Set by ISPConfig Template: ...
smtp_helo_timeout = 15s
smtp_mail_timeout = 15s
smtp_tls_CApath=/etc/ssl/certs
smtp_tls_exclude_ciphers = RC4, aNULL
smtp_tls_protocols = !SSLv2,!SSLv3
smtp_tls_security_level = may
#! ISPConfig Overrides
smtp_mail_timeout = 30s
smtpd_tls_loglevel = 1
smtp_tls_security_level = dane
```
On Save, scan for `^#! ISPConfig Overrides$`, remove anything below it, and insert the new content.
For consistency that pattern can be used for Postfix and Dovecot, but for Dovecot it can be made more elegant: In the tpl config, add the single line `!include conf.d/93-ispconfig.conf` and then create that file. Just replace that file with the UI textarea. At some point if Postfix supports an `include` directive then the same mechanism can be used.
Rather than using postconf for update, for this mechanism just reload Postfix whenever the related textarea changes. An admin using multi-line settings and comments is more free to write the config as they please, for better or worse.
ISPConfig itself could use this same mechanism, where defaults set by install/update are in the config file under comment `#! Set by ISPConfig Template`, updates made through the UI or API are echoed under that with comment `#! Set in ISPConfig` and then under that the manual overrides can follow. This would allow the admin to easily see only fields that are defined with ISPConfig, rather than using postconf or doveconf statements which return all possible settings.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6005New feature to create a new tpl and tpl-custom folder?2021-01-20T18:16:14ZHj Ahmad Rasyid Hj IsmailNew feature to create a new tpl and tpl-custom folder?https://www.howtoforge.com/community/threads/new-feature-to-create-a-new-tpl-and-tpl-custom-folder.86053/
This is a mere suggestion which I think could be useful to all users.
What do you all think if ISPConfig 3.2 /tpl/ folder in inst...https://www.howtoforge.com/community/threads/new-feature-to-create-a-new-tpl-and-tpl-custom-folder.86053/
This is a mere suggestion which I think could be useful to all users.
What do you all think if ISPConfig 3.2 /tpl/ folder in installation package is also copied to the ISPConfig directory?
What I had early in my mind is /usr/local/ispconfig/server/conf/tpl/ or /usr/local/ispconfig/server/conf-tpl/. I don't know which one is preferred but I think it is best to copy latest tpl folder to ISPConfig folder for users' customization needs, if any.
I think this is quite easy to implement via ISPConfig installer so if there is any need to customize any of its files, one can copy and move it to /conf-custom/install/ folder, almost like the /conf/ folder itself.
Or may be introduce /usr/local/ispconfig/server/tpl/ and /usr/local/ispconfig/server/tpl-custom/ ?
Your comments, suggestions and feedback are most welcomed.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6003tpl debian_postfix.conf.master includes hard-coded /etc/postfix2021-01-08T14:31:18ZTony Gtpl debian_postfix.conf.master includes hard-coded /etc/postfixThe {config_dir} placeholder is used in the debian_postfix.conf.master file, replaced with /etc/postfix in main.cf. There are a couple instances of the literal text `/etc/postfix` in the settings. I have no idea if this would affect any ...The {config_dir} placeholder is used in the debian_postfix.conf.master file, replaced with /etc/postfix in main.cf. There are a couple instances of the literal text `/etc/postfix` in the settings. I have no idea if this would affect any sites. But the file was made configurable for a reason, so I'm noting that this would be an error for a site that relies on a non-default config_dir.
If approved, this can be assigned to me.Tony GTony Ghttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6002Sort fields in debian_postfix.conf.master2021-01-07T11:02:32ZTony GSort fields in debian_postfix.conf.masterThis is a suggestion/request to sort the fields in the postfix main.cf config template - and only those where sorting makes sense.
Example where sorting might not make sense:
- Someone might prefer that the smtp_*_restrictions are sort...This is a suggestion/request to sort the fields in the postfix main.cf config template - and only those where sorting makes sense.
Example where sorting might not make sense:
- Someone might prefer that the smtp_*_restrictions are sorted in order of their application, which is not alphabetical.
In the case of proxy_read_maps, which is an aggregate of other fields, it's still OK to sort this field starting with 'p' before it's included fields, like those starting with 's', because the order of the fields in the file does not matter.
Reasoning:
- It's much easier to find a setting when it's in sorted order.
- As a practical example, it's taken me a long time to work out the delta/diff between the most recent update (3.2.2) and my own settings. If settings are sorted it's much easier to diff tpl, conf-custom, and the main.cf files.
- Related - I have many fields in main.cf that are not in the default template. It's much easier to see if there are related changes in the template if both the tpl and the conf-custom versions are in the same order.
If approved, I'll post a MR with a suggested sorting. This will only include the default tpl fields.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5986Don't use md5 hashing for remote user passwords2021-01-04T13:56:12ZMarius BurkardDon't use md5 hashing for remote user passwordsChange remote user password encryption to `CRYPT`Change remote user password encryption to `CRYPT`3.2.2Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5985Don't use md5 on admin password2021-01-04T14:24:32ZMarius BurkardDon't use md5 on admin passwordThe installer still uses `md5` hashing on admin password. This should be changed to the new crypt algo. Also on first login with a md5 hashed password it should be rewritten to new algo.The installer still uses `md5` hashing on admin password. This should be changed to the new crypt algo. Also on first login with a md5 hashed password it should be rewritten to new algo.3.2.2Marius BurkardMarius Burkardhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5980Docker Integration2020-12-24T10:19:12ZJozef SrokaDocker IntegrationHi,
I would like to do experimental docker integration. Just a few basic features
* Container - run, stop, kill, status ..
* Image - pull, remove
* Network list
* Volumes list
something like as openvz
Would be interest from ispconfig ...Hi,
I would like to do experimental docker integration. Just a few basic features
* Container - run, stop, kill, status ..
* Image - pull, remove
* Network list
* Volumes list
something like as openvz
Would be interest from ispconfig community ?https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5965Do OS-Update - Red Hat family2020-12-18T21:16:37ZJozef SrokaDo OS-Update - Red Hat familyIt's can be good to add update os command fro "Red Hat family". I also created a merge request !1356It's can be good to add update os command fro "Red Hat family". I also created a merge request !13563.2.2https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5959Remove TLSv1 and TLSv1.1 from Postfix2020-12-09T11:07:50ZThomRemove TLSv1 and TLSv1.1 from PostfixTLSv1 and TLSv1.1 are deprecated and we should remove support for it, not now, as discussed in #5770, but it has to happen sometime.
I have run some tests on the biggest webmail providers, dutch mail providers, dutch ISPs, and french I...TLSv1 and TLSv1.1 are deprecated and we should remove support for it, not now, as discussed in #5770, but it has to happen sometime.
I have run some tests on the biggest webmail providers, dutch mail providers, dutch ISPs, and french ISPs, and I only found 2 providers (out of 64) who don't support TLSv1.2: Orange (french ISP) and Excite.com. Orange only supports SSLv3 and TLSv1, Excite only supports TLSv1 and TLSv1.1. None of the tested mailservers have TLSv1 and TLSv1.1 disabled yet.
Question is mostly when - are we waiting for a big provider to start the movement? Do we just wait a little more and do it at the end of 2021?https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5958jailkit update of /sys and /proc2021-01-08T14:27:35ZJesse Norelljailkit update of /sys and /procHaving /sys mounted inside the jail causes a lot of errors during jailkit cleanup:
https://www.howtoforge.com/community/threads/ispconfig3-2-1-var-log-ispconfig-cron-log-is-flooded-with-messages-14g.85824/
Also related, /proc is not in...Having /sys mounted inside the jail causes a lot of errors during jailkit cleanup:
https://www.howtoforge.com/community/threads/ispconfig3-2-1-var-log-ispconfig-cron-log-is-flooded-with-messages-14g.85824/
Also related, /proc is not included in jailkit directories. Possibly just remove /sys from those, or handle both /sys and /proc (and any others?) special (process for cleanup if regular directories, but ignore if they are mount points?).https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5956Remove log/ folder exclude from backup routine2020-12-10T10:26:44ZMichaelRemove log/ folder exclude from backup routineAs the title states, currently the backup routine excludes the log folder.
Imho the log folder should be included in the backup since, beside the vhost log files, there is in this folder also the webalizer and goaccess.conf located as ...As the title states, currently the backup routine excludes the log folder.
Imho the log folder should be included in the backup since, beside the vhost log files, there is in this folder also the webalizer and goaccess.conf located as well as the GoAccess database files saved.3.2.2Jesse NorellJesse Norellhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5955Add GoAccess real-time support to ISPConfig2020-12-24T14:09:01ZMichaelAdd GoAccess real-time support to ISPConfigBased on the discussion https://www.howtoforge.com/community/threads/real-time-support-for-goaccess.85807Based on the discussion https://www.howtoforge.com/community/threads/real-time-support-for-goaccess.85807https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5954Center quota % usage2020-12-28T13:53:15ZThomCenter quota % usage![image](/uploads/16a91fc94c42fc1c91bd28f5f307e840/image.png)
I propose to center the value because it looks weird when the usage is low.
cc @pdreissen![image](/uploads/16a91fc94c42fc1c91bd28f5f307e840/image.png)
I propose to center the value because it looks weird when the usage is low.
cc @pdreissen3.2.2Pascal DreissenPascal Dreissenhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5952Server php adding custom fpm_socket_dir2023-12-08T11:27:23ZJozef SrokaServer php adding custom fpm_socket_dirIt's can be good to add adding custom fpm_socket_dir for server php.
I also created a merge request !1343 . This merge request solve problem with php-fpm in CentOs and Fedora. During restarting php-fpm services is removed /run/php-fpm fo...It's can be good to add adding custom fpm_socket_dir for server php.
I also created a merge request !1343 . This merge request solve problem with php-fpm in CentOs and Fedora. During restarting php-fpm services is removed /run/php-fpm folder with others sockets.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5951Add journalctl support for logs2020-12-05T14:39:23ZJozef SrokaAdd journalctl support for logsIt's can be good to add journalctl support for log_messages (CentOS, Fedora). I also created a merge request !1342It's can be good to add journalctl support for log_messages (CentOS, Fedora). I also created a merge request !1342https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5950Add Fedora 32 and 33 detection2020-12-09T10:23:46ZJozef SrokaAdd Fedora 32 and 33 detectionIt's can be good to add Fedora 32 and 33 detection. I also created a merge request !1338It's can be good to add Fedora 32 and 33 detection. I also created a merge request !13383.2.2Jozef SrokaJozef Srokahttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5948add redirect to https for ispconfig interface by 000-ispconfig.vhost in apache22022-03-09T12:45:27Zcharlesadd redirect to https for ispconfig interface by 000-ispconfig.vhost in apache2Hello every body
It's can be good to add this :\
For Apache2 in install/tpl/apache_ispconfig.vhost.master\
`ErrorDocument 400 "<script>document.location.href='https://'+location.hostname+':'+location.port';</script><h1>Change http to htt...Hello every body
It's can be good to add this :\
For Apache2 in install/tpl/apache_ispconfig.vhost.master\
`ErrorDocument 400 "<script>document.location.href='https://'+location.hostname+':'+location.port';</script><h1>Change http to http<b>s</b> into the url</h1>"`
For ngnix in install/tpl/nginx_ispconfig.vhost.master it's already redirected (I think)\
`# redirect to https if accessed with http`\
`{ssl_comment}error_page 497 https://$host:{vhost_port}$request_uri;`
Have good day :)3.2.8ThomThom