ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2023-02-10T07:03:55Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6464Add (and use) template files for shell users: .profile, .bashrc, README, etc2023-02-10T07:03:55ZJensAdd (and use) template files for shell users: .profile, .bashrc, README, etcFor shell users, a global ".profile" template would be very useful, since Jailkit users cannot see the global /etc/profile. This can be used to welcome users, create aliases and custom shell functions (for example `setup_composer` or `se...For shell users, a global ".profile" template would be very useful, since Jailkit users cannot see the global /etc/profile. This can be used to welcome users, create aliases and custom shell functions (for example `setup_composer` or `setup_rbenv`) and point to existing documentation.
Having ISPconfig use a `/usr/local/ispconfig/server/conf-custom/shell/dot-profile` file (for example) template when creating a shell user would solve this.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6461Removing jailkit user does not clear jailkit files from web directory2023-02-09T19:13:26ZJensRemoving jailkit user does not clear jailkit files from web directory## Summary
See $Subject
## Steps to reproduce
1. Setup basic ISPconfig 3.2.9 on Ubunto 22.04 using ispc-autoinstaller
2. Create shell user with jailkit
3. Remove this shell user again, wait for ISPconfig cronjob
## Correct behaviour
Th...## Summary
See $Subject
## Steps to reproduce
1. Setup basic ISPconfig 3.2.9 on Ubunto 22.04 using ispc-autoinstaller
2. Create shell user with jailkit
3. Remove this shell user again, wait for ISPconfig cronjob
## Correct behaviour
The web directory should not have any jailkit specific files (hardlinks to /usr, /etc/, etc files) any more.
## Environment
Server OS + version: Ubuntu 22.04 server
ISPConfig version: 3.2.9
## Proposed fix
If jailkit does not provide this functionality (remove jailkit specific hardlinks), we can recreate this by finding all files owned by root with link_count > 1 and removing them, and then removing all non-default empty folders (i.e. exclude everything with +i attribute). Something like this:
```
find $WEBDIR -type f -links +1 | xargs rm
find $WEBDIR -type d | tac | xargs rmdir # rmdir fails on non-empty folders, and tac reverses order
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6457Support getmail imap idle option2023-01-27T08:42:10ZKoSSupport getmail imap idle optionIt would be great if the getmail imap idle function would be supported so that IMAP mailboxes do not need to be polled every 5 minutes but mails will arrive immediately.
As this would need to run a system service for every getmail rcco...It would be great if the getmail imap idle function would be supported so that IMAP mailboxes do not need to be polled every 5 minutes but mails will arrive immediately.
As this would need to run a system service for every getmail rcconfig that needs imap idle, it would be a bigger change in how ISPconfig handles the getmail configuration.
See https://pyropus.ca./software/getmail/configuration.html#running-commandline-options and https://work-work.work/blog/2018/12/15/getmail-systemd-imap-idle.htmlhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6454Show DKIM key in unsplit format2023-05-25T18:18:58ZTill BrehmShow DKIM key in unsplit formatThe DKIM key is currently shown in split format. While some providers require this, most providers as of today probably support the unsplit format. Therefore we should change the format to unsplit format, add an option to configure it ow...The DKIM key is currently shown in split format. While some providers require this, most providers as of today probably support the unsplit format. Therefore we should change the format to unsplit format, add an option to configure it ow show both formats. Showing both formats might confuse users, so just presenting the unsplit format might be the best option.3.2.11https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6451Selecting a dnssec algorithm should imply wanting to sign the zone2023-03-09T10:04:18ZHelmoSelecting a dnssec algorithm should imply wanting to sign the zoneJust a convenience thingy ... no need to click on two checkboxes.
Just like when you click on 'Let's Encrypt SSL' we also check the 'SSL' checkbox.
![image](/uploads/8facb30e404333fdf64f0ec4dfe5f7af/image.png)Just a convenience thingy ... no need to click on two checkboxes.
Just like when you click on 'Let's Encrypt SSL' we also check the 'SSL' checkbox.
![image](/uploads/8facb30e404333fdf64f0ec4dfe5f7af/image.png)3.2.10HelmoHelmohttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6450Show DNSSEC status in soa list2023-03-08T16:49:43ZHelmoShow DNSSEC status in soa listCan we add an icon in the soa list to show that a dns zone is DNSsec signed?
I propose https://fontawesome.com/v4/icon/key
![image](/uploads/039909a8696b94fa1a1179c421dbac63/image.png)Can we add an icon in the soa list to show that a dns zone is DNSsec signed?
I propose https://fontawesome.com/v4/icon/key
![image](/uploads/039909a8696b94fa1a1179c421dbac63/image.png)3.2.10HelmoHelmohttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6449Show mail_domain status in list on mail_user_edit2023-03-08T16:49:35ZHelmoShow mail_domain status in list on mail_user_editYou can create mailboxes on an inactive mail_domain, but it's nice to be reminded of that status.
![image](/uploads/1e1ea8bba2d81580b2d7fe7a0a37b6cb/image.png)
What about adding `(inactive)` in the list?
I also looked at using a font-...You can create mailboxes on an inactive mail_domain, but it's nice to be reminded of that status.
![image](/uploads/1e1ea8bba2d81580b2d7fe7a0a37b6cb/image.png)
What about adding `(inactive)` in the list?
I also looked at using a font-awsone icon but that gets striped out by the chosen JS lib.3.2.10HelmoHelmohttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6445Move mailbox cleanup cronjobs to be included in ISPConfig main cronjobs2023-05-26T07:29:12ZThomMove mailbox cleanup cronjobs to be included in ISPConfig main cronjobsWe don't want a third separate cronjob, so we need to clean it up and move it to the main cronjobs.We don't want a third separate cronjob, so we need to clean it up and move it to the main cronjobs.3.2.10HelmoHelmohttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6439DNSSEC CDS support for automatic key handling2023-04-13T08:04:44ZKoSDNSSEC CDS support for automatic key handlingInstead of having to manually copy the DNSSEC keys to the registrar from ISPconfig, only the "dnssec-policy default;" of BIND needs to be enabled for automatic key handling, see here:
see here https://forum.howtoforge.com/threads/dnssec-...Instead of having to manually copy the DNSSEC keys to the registrar from ISPconfig, only the "dnssec-policy default;" of BIND needs to be enabled for automatic key handling, see here:
see here https://forum.howtoforge.com/threads/dnssec-cds-records.89962/
Changes needed in ISPconfig:
- Add a mutual exclusive checkbox to "Sign zone (DNSSEC)" à la "Enable DNSSEC default policy"
- Fix the apparmor file permission issues
- Write the "dnssec-policy default;" in the config file
- Make sure this feature is only available for newer BIND version (>= 9.17)
Thanks!https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6435Updating a slave server should not ask for SQL root password2023-04-14T12:24:38ZHelmoUpdating a slave server should not ask for SQL root passwordWhen using the standard update script on a slave server it asks for `MySQL master server root password` when in most cases it will remain unused.
Only when you confirm the `Reconfigure Permissions in master database?` question do we do o...When using the standard update script on a slave server it asks for `MySQL master server root password` when in most cases it will remain unused.
Only when you confirm the `Reconfigure Permissions in master database?` question do we do operations that need more privileges then the normal `$conf['dbmaster_user']` account.
I propose to move the free_query inside the if block.3.2.10HelmoHelmohttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6429Statistics (FTP, traffic ect) displays NAN when no records in DB2023-01-29T20:49:52ZKrzysztof BaranowskiStatistics (FTP, traffic ect) displays NAN when no records in DBWhen account is new or don't have any stats there are NAN everywere.
Sites -> ftp stats, traffic stats, backup stats
Email -> mailbox stats, backup stats, traffic stats
![Screenshot_2022-12-16_at_11-37-04_ISPConfig](/uploads/03158c0ae...When account is new or don't have any stats there are NAN everywere.
Sites -> ftp stats, traffic stats, backup stats
Email -> mailbox stats, backup stats, traffic stats
![Screenshot_2022-12-16_at_11-37-04_ISPConfig](/uploads/03158c0aee0a0ff6d9d9411d5f4863d8/Screenshot_2022-12-16_at_11-37-04_ISPConfig.png)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6427Dovecot & postfix - add allow_nets setting2022-12-15T11:32:37ZKrzysztof BaranowskiDovecot & postfix - add allow_nets settingFuture request.
Dovecot has security setting called allow_nets that allow only login to mailbox from listed ip.
https://doc.dovecot.org/configuration_manual/authentication/allow_nets/
This setting control not only login to imap, pop3 ...Future request.
Dovecot has security setting called allow_nets that allow only login to mailbox from listed ip.
https://doc.dovecot.org/configuration_manual/authentication/allow_nets/
This setting control not only login to imap, pop3 byt also smtp.
Setting can be done for selected emails.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6426Create API or function to import DNSSEC keys2022-12-14T18:32:00ZTill BrehmCreate API or function to import DNSSEC keysCreate API or function to import DNSSEC keys using remote API and maybe also in the GUI.Create API or function to import DNSSEC keys using remote API and maybe also in the GUI.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6425Include ModSecurity and OWASP ModSecurity Core Rule Set (CRS)2022-12-14T18:30:24ZRaffael LuthigerInclude ModSecurity and OWASP ModSecurity Core Rule Set (CRS)Many websites / CMS systems get attacked on a daily basis. There is an open source project which is providing ModSecurity rules to mitigate many common attacks. It would be great if ModSecurity and the OWASP ModSecurity Core Rule Set (CR...Many websites / CMS systems get attacked on a daily basis. There is an open source project which is providing ModSecurity rules to mitigate many common attacks. It would be great if ModSecurity and the OWASP ModSecurity Core Rule Set (CRS) is included in ISPconfig in the sense that those rules can be enabled or disabled on a per website basis. ModSecurity is available for nginx and apache.
More information about the project:
https://owasp.org/www-project-modsecurity-core-rule-set/ or here
https://coreruleset.org/https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6415Change default URL of phpmyadmin and webmail to apps vhost2022-11-21T14:04:44ZTill BrehmChange default URL of phpmyadmin and webmail to apps vhostChange the URL for phpmyadmin and webmail from:
```
/phpmyadmin
/webmail
```
to
```
https://[SERVERNAME]:8081/phpmyadmin
https://[SERVERNAME]:8081/webmail
```
so they work via apps vhost on Nginx and Apache.Change the URL for phpmyadmin and webmail from:
```
/phpmyadmin
/webmail
```
to
```
https://[SERVERNAME]:8081/phpmyadmin
https://[SERVERNAME]:8081/webmail
```
so they work via apps vhost on Nginx and Apache.3.2.9https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6413Support Openlitespeed2022-11-22T20:08:23ZNicholas SciortinoSupport OpenlitespeedOpenLiteSpeed is the Open Source edition of LiteSpeed Web Server Enterprise.
Both servers are actively developed and maintained by the same team, and are held to the same high-quality coding standard.
OpenLiteSpeed contains all of the es...OpenLiteSpeed is the Open Source edition of LiteSpeed Web Server Enterprise.
Both servers are actively developed and maintained by the same team, and are held to the same high-quality coding standard.
OpenLiteSpeed contains all of the essential features found in LiteSpeed Enterprise, and represents our commitment to support the Open Source community.
https://openlitespeed.org/https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6410Add website php version as alias to the .bashrc file of the web user2023-12-08T11:47:42ZTill BrehmAdd website php version as alias to the .bashrc file of the web userSee: https://forum.howtoforge.com/threads/installed-ispconfig-3.89709/#post-440465See: https://forum.howtoforge.com/threads/installed-ispconfig-3.89709/#post-440465https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6402Feature Request: BorgBackup also for email2022-11-12T16:44:47ZJacco van KollFeature Request: BorgBackup also for emailFirst, I want to say **THANK YOU** for implementing BorgBackup for websites! It works fast, amazing, and saves tons of space! It's great!
Now my humble request: Can BorgBackup also be implemented for mailboxes? This would have a huge im...First, I want to say **THANK YOU** for implementing BorgBackup for websites! It works fast, amazing, and saves tons of space! It's great!
Now my humble request: Can BorgBackup also be implemented for mailboxes? This would have a huge impact on saving storage too!
Thank you in advance!https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6399add mail_relay_domain API functions2023-01-29T20:56:20ZPyte Cadd mail_relay_domain API functionsAdd functions for mail_relay_domain to the remote apiAdd functions for mail_relay_domain to the remote api3.2.10https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6395Add wildcard path option to IDS whitelist.2022-10-18T07:25:58ZTill BrehmAdd wildcard path option to IDS whitelist.Add wildcard path option to IDS whitelist.Add wildcard path option to IDS whitelist.3.2.9