ISPConfig 3 issueshttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues2022-11-04T12:04:19Zhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6403add mail_relay_recipient_by_source API function2022-11-04T12:04:19ZPyte Cadd mail_relay_recipient_by_source API functionImplement the function mail_relay_recipient_by_source to get a relay recipient record by the "source" field.Implement the function mail_relay_recipient_by_source to get a relay recipient record by the "source" field.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/6377Feature Request: Domain Blacklist for Sites and Email Domains, and maybe DNS?2022-08-14T11:08:44ZCollin MachineFeature Request: Domain Blacklist for Sites and Email Domains, and maybe DNS?NOTE: Please re-assign as feature request.
Would it be possible to have some sort of domain blacklist for sites/email so that users cannot try adding domains used by the system (not created in control panel already as it would cause con...NOTE: Please re-assign as feature request.
Would it be possible to have some sort of domain blacklist for sites/email so that users cannot try adding domains used by the system (not created in control panel already as it would cause conflict).
This should ideally prevent clients from adding a site with a domain being used for other system resources/endpoints not configured in control panel, as well as email domain owned/used by the mail server, but not configured in control panel.
Otherwise the workaround solution is to add them to the control panel and disable them which seems inefficient considering it then creates the unneeded directories and could cause conflict with configured services.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5838Custom SSL Certificate for Aliasdomains and Subdomains2020-10-23T17:56:36ZDiogo BragaCustom SSL Certificate for Aliasdomains and SubdomainsI have seen that this was discussed in a forum before (https://www.howtoforge.com/community/threads/aliasdomains-ssl-certificate.75198/), where the use of multi-domain certificates was suggested, but it would be very important to be able...I have seen that this was discussed in a forum before (https://www.howtoforge.com/community/threads/aliasdomains-ssl-certificate.75198/), where the use of multi-domain certificates was suggested, but it would be very important to be able to enter the certificate manually for subdomains and alias domains.
My suggestion: add an SSL tab on the form to create/edit subdomains and alias domains, with the same fields as the SSL tab of the main domain. In the same configuration file as the main site (nginx/apache), create a new additional vhost with the same properties as the main domain, changing only the certificate data and the domain name.
```
// /etc/nginx/sites-available/maindomain.com.vhost
server {
...
ssl_certificate /var/www/clients/client1/web1/ssl/maindomain.com.crt;
ssl_certificate_key /var/www/clients/client1/web1/ssl/maindomain.com.key;
...
server_name maindomain.com www.maindomain.com;
...
}
server {
...
ssl_certificate /var/www/clients/client1/web1/ssl/subdomain.maindomain.com.crt;
ssl_certificate_key /var/www/clients/client1/web1/ssl/subdomain.maindomain.com.key;
...
server_name subdomain.maindomain.com;
...
}
```https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5775Make reconfigure-services available for installed version2020-09-24T17:50:56ZJohannesMake reconfigure-services available for installed versionThis is a feature request to make "reconfigure-services" available for the installed application.
# Problem
Almost every week, the answer on how to reconfigure services has to be posted in the forum.
```
cd /tmp
wget https://www.ispconf...This is a feature request to make "reconfigure-services" available for the installed application.
# Problem
Almost every week, the answer on how to reconfigure services has to be posted in the forum.
```
cd /tmp
wget https://www.ispconfig.org/downloads/ISPConfig-3.1.15p3.tar.gz
tar xvfz ISPConfig-3.1.15p3.tar.gz
cd ispconfig3_install/install
php -q update.php
```
1. The link changes each version (or is there an ISPConfig-latest available)?
2. It requires downloading the whole package
3. It confuses users
Should be no problem to store the master files in /usr/local/ispconfig/server/conf/install or wherever and make the reconfigure-services command available.
This will also make it possible to diff the local installation against the master file and list user changes. Or to diff the currently installed master file with the next update to see which changes will be done.
That's probably related to #4751https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5749[Feature Request] Let's Encrypt [LE] For ISPCONFIG3 & E-Mail.2020-09-19T21:06:55ZNicholas[Feature Request] Let's Encrypt [LE] For ISPCONFIG3 & E-Mail.I would like to suggest a feature if not available in 3.2 already.
To generate a SSL Cert by LE for the main server and not use additional tutorials to generate SSL for main dashboard Portal.
For example, all user or clients might be gi...I would like to suggest a feature if not available in 3.2 already.
To generate a SSL Cert by LE for the main server and not use additional tutorials to generate SSL for main dashboard Portal.
For example, all user or clients might be given a dashboard/control panel link: https://server1.generic.tld
They can or could use their own https://userdoamin.tld:8080 but that'll have SSL Issue so using server1.generic.tld should be fine.
That would also follow with another very important SSL for E-Mail. Everyone on IOS/Android will default or apps will default in using userdomain.tld and will have a SSL/Cert error and not trusted. Most or all will not know to setup and advance settings to allow all incoming certs regardless of self signing.
Once again, we have to setup a SSL/Let's Encrypt manually for email using the generic server1.generic.tld. It will be hard to ask users/clients to not use their own domain and to use server1.generic.tld as a mail and smtp address.
Let alone mail.userdomain.tld and smtp.userdomain.tld and ports. I have reverted to just using userdomain.tld or spop/smtp.
This would be a huge improvement if possible that LE is now been out for few years and works great.
Thanks,https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/4114Network Configuration checkbox in ambiguous2020-09-08T16:05:46ZJohan EhnbergNetwork Configuration checkbox in ambiguousIn ISPConfig 3.1dev System->Server Config, there is a Network Configuration checkbox that presumably activates some of the form rows that follow it. It is unclear how many of these are affected, specifically whether the firewall is conce...In ISPConfig 3.1dev System->Server Config, there is a Network Configuration checkbox that presumably activates some of the form rows that follow it. It is unclear how many of these are affected, specifically whether the firewall is concerned or not. On most cloud platforms, firewalls are outside network configuration, but on traditional servers firewall setup is often a pre-up command for an interface so I can understand both.
A way to clarify this would be to use subheadings such as those under Web tab of the same view.
Furthermore, I would see an added value in being able to set this separately for pure networking and for firewalling. I.e. allow the admin to not configure networking for servers with more than eth0, but to use ISPConfig's firewall setup.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5345Add configuration option for dovecot variables related to SSL certificate2020-06-25T22:12:16ZJan KopeckyAdd configuration option for dovecot variables related to SSL certificateWhen custom SSL certificate is used in dovecot it is necessary to set them again after every ISPConfig upgrade. Especially "ssl_ca" variable which is not presented in ISPConfig dovecot master template. Please make SSL related variables (...When custom SSL certificate is used in dovecot it is necessary to set them again after every ISPConfig upgrade. Especially "ssl_ca" variable which is not presented in ISPConfig dovecot master template. Please make SSL related variables (ssl_cert, ssl_key, ssl_ca) configurable via ISPConfig GUI.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5619DNS-Wizard: Add "Allow zone transfers to these IPs (comma separated list)" to...2020-06-12T23:23:53ZTimoDNS-Wizard: Add "Allow zone transfers to these IPs (comma separated list)" to WizardHi,
I would like to see the field "Allow zone transfers to these IPs (comma separated list)" being added to the DNS-Wizard for adding zones. This would be handy if your NS1/NS2 are used as DNS-Slaves.Hi,
I would like to see the field "Allow zone transfers to these IPs (comma separated list)" being added to the DNS-Wizard for adding zones. This would be handy if your NS1/NS2 are used as DNS-Slaves.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1473Run ISPConfig on different instance2020-06-05T17:18:22ZJoe SaltsmanRun ISPConfig on different instanceI was thinking have something like how Webmin does where the control panel runs on a different instance of apache, or another server and run all the main websites on Apache. That way, you can take apache down, make configuration changes ...I was thinking have something like how Webmin does where the control panel runs on a different instance of apache, or another server and run all the main websites on Apache. That way, you can take apache down, make configuration changes and restart the service within ISPConfig.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5557Feature Req: support creation of DKIM 2048-bit keypairs2020-03-03T09:09:00ZRobFeature Req: support creation of DKIM 2048-bit keypairsispconfig 3.1.15p3 appears to create 1024 bit DKIM keys.
Current workaround is manual generation of a 2048 bit keypair and replace files, whilst this works appears to cause a mismatch between gui and filesystem, unsure if any "resync" m...ispconfig 3.1.15p3 appears to create 1024 bit DKIM keys.
Current workaround is manual generation of a 2048 bit keypair and replace files, whilst this works appears to cause a mismatch between gui and filesystem, unsure if any "resync" may wipe out in future.
Please consider allowing creation of 2048-bit keypairs through the gui. Clearly a corresponding dns record must be carefully constructed due to the resulting length but would consider that an admin actively choosing stronger keypair should have the knowledge to manipulate dns accordingly.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5534Feature request - Support for certbot-auto2020-02-12T19:37:14ZRodti MacLearyFeature request - Support for certbot-autoLet's Encrypt will be ending support for the ACMEv1 protocol in June 2020. ACMEv2 isn't supported by older clients, particularly certbot 0.10.2 which is the latest version available on Debian Jessie (via jessie-backports).
This was prev...Let's Encrypt will be ending support for the ACMEv1 protocol in June 2020. ACMEv2 isn't supported by older clients, particularly certbot 0.10.2 which is the latest version available on Debian Jessie (via jessie-backports).
This was previously raised in issue [#5230](https://git.ispconfig.org/ispconfig/ispconfig3/issues/5230).
[EFF's guidance for Debian Jessie](https://certbot.eff.org/lets-encrypt/debianjessie-apache.html) is to remove the outdated certbot package and install a newer version of certbot-auto directly from their site.
My understanding from the ISPConfig code is that only the certbot command is supported.
For those running Debian Jessie who can't easily upgrade, it would be desirable for ISPConfig to support both certbot and certbot-auto when installing/renewing certificates.
Server OS: Debian
Server OS version: Jessie 8.11
ISPConfig version: 3.1.15p2
Certbot: 0.10.2 (via backports)https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5282Multiple PHP Versions include in release2019-03-28T15:32:29ZViktorMultiple PHP Versions include in releaseIn connection with the new linux distributions support for several versions of php(add-apt-repository ppa:ondrej/php), I suggest adding the currently supported ispconfig to the standard installation
PHP 5.6 / 7.0 / 7.1 / 7.2 / 7.3
Update...In connection with the new linux distributions support for several versions of php(add-apt-repository ppa:ondrej/php), I suggest adding the currently supported ispconfig to the standard installation
PHP 5.6 / 7.0 / 7.1 / 7.2 / 7.3
Updates are made from repositories, the installation on different OS is almost the same.
I'm not talking about make in / opt
Only about fully supported several versions of php.
The remaining versions of php will be still unchanged.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5272Soap-API even API-User with admin permission can't request ALL DNS-Zones (tho...2019-03-19T14:28:22ZGabriel K.Soap-API even API-User with admin permission can't request ALL DNS-Zones (those without explicit customer-id)I've been trying to work with the Soap-API while developing a migration-script for IspConfig-DNS to Cloudflare. The Soap-API can't even for an API-User with admin permission request ALL DNS-Zones (those without explicit customer-id).
Is...I've been trying to work with the Soap-API while developing a migration-script for IspConfig-DNS to Cloudflare. The Soap-API can't even for an API-User with admin permission request ALL DNS-Zones (those without explicit customer-id).
Is there any other way to fetch them (except directly through database?).https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/5204[Request] Add Control Panel Option to secure ISP Config Login2018-12-19T12:26:23ZMartin Hotmann[Request] Add Control Panel Option to secure ISP Config LoginI think these days its normal to be able to secure the Login to the Panel with a SSL Certificate which is not Self sign. (something like Lets Encrypt)
I found this turorial here and its working so far: https://www.howtoforge.com/tutoria...I think these days its normal to be able to secure the Login to the Panel with a SSL Certificate which is not Self sign. (something like Lets Encrypt)
I found this turorial here and its working so far: https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/
But why is it not possible within the Control Panel (like in cPanel or Plesk) I think it is not to hard to implement.
You guys would make me happy if oyu implement this in the future :)
Thanks in advance!https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1720cron_dayli.php - server is for web backups and sql backups2018-12-15T18:15:30ZHofikcron_dayli.php - server is for web backups and sql backupsHere is small code for sql backup with cron_dayli.php called by cron_daily.sh. Maybe someone help you :)
<?php
/* SQL Dump HOFIK*/
require('lib/config.inc.php');
require('lib/app.inc.php');
set_time_limit(0);
$conf['serve...Here is small code for sql backup with cron_dayli.php called by cron_daily.sh. Maybe someone help you :)
<?php
/* SQL Dump HOFIK*/
require('lib/config.inc.php');
require('lib/app.inc.php');
set_time_limit(0);
$conf['server_id'] = intval($conf['server_id']);
// Load required base-classes
$app->uses('ini_parser,file,services,getconf');
$server_config = $app->getconf->get_server_config($conf['server_id'], 'server');
$backup_dir = $server_config['backup_dir'];
if($backup_dir != '') {
if(!is_dir($backup_dir)) {
mkdir(escapeshellcmd($backup_dir), 0750, true);
}
$sql = "SELECT * FROM web_domain WHERE type = 'vhost'";
$records = $app->db->queryAllRecords($sql);
if(is_array($records)) {
foreach($records as $rec) {
if($rec['backup_interval'] == 'daily' or ($rec['backup_interval'] == 'weekly' && date('w') == 0) or ($rec['backup_interval'] == 'monthly' && date('d') == '01')) {
$web_path = $rec['document_root'];
$web_user = $rec['system_user'];
$web_group = $rec['system_group'];
$web_id = $rec['domain_id'];
$web_backup_dir = $backup_dir.'/web'.$web_id;
if(!is_dir($web_backup_dir)) mkdir($web_backup_dir, 0755);
chmod($web_backup_dir, 0755);
chown($web_backup_dir, 'root');
chgrp($web_backup_dir, 'root');
$gid = $rec['sys_groupid'];
$sql2 = "SELECT * FROM web_database WHERE sys_groupid='".$gid."'";
$records2 = $app->db->queryAllRecords($sql2);
if(is_array($records2)) {
foreach($records2 as $rec2) {
$dbname = $rec2['database_name'];
$dbuser = $rec2['database_user'];
$dbpass = $rec2['database_password'];
$sid = $rec2['server_id'];
}
}
$sql3 = "SELECT * FROM server WHERE server_id='".$sid."'";
$rec3 = $app->db->queryOneRecord($sql3);
$dbhost = $rec3['server_name'];
$fullhostname = exec("hostname -f");
if ($fullhostname == $dbhost) { $dbhost = "localhost"; }
exec('mysqldump -h '. $dbhost .' -B '. $dbname. ' -u '. $dbuser .' -p'. $dbpass .' | gzip -9 >'. $web_backup_dir .'/sql.gzip');
// Rename or remove old backups
$backup_copies = intval($rec['backup_copies']);
if(is_file($web_backup_dir.'/sql.'.$backup_copies.'.gzip')) unlink($web_backup_dir.'/sql.'.$backup_copies.'.gzip');
for($n = $backup_copies - 1; $n >= 1; $n--) {
if(is_file($web_backup_dir.'/sql.'.$n.'.gzip')) {
rename($web_backup_dir.'/sql.'.$n.'.gzip',$web_backup_dir.'/sql.'.($n+1).'.gzip');
}
}
if(is_file($web_backup_dir.'/sql.gzip')) rename($web_backup_dir.'/sql.gzip',$web_backup_dir.'/sql.1.gzip');
// Create backupdir symlink
if(is_link($web_path.'/backup')) unlink($web_path.'/backup');
symlink($web_backup_dir,$web_path.'/backup');
chmod($web_path.'/backup', 0755);
}
if($rec['backup_interval'] == 'none') {
$web_id = $rec['domain_id'];
$web_user = $rec['system_user'];
$web_backup_dir = realpath($backup_dir.'/sql'.$web_id);
if(is_dir($web_backup_dir)) {
exec('sudo -u '.escapeshellarg($web_user).' rm -f '.escapeshellarg($web_backup_dir.'/*'));
}
}
}
}
}https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1740Add default_webserver setting for client2018-12-15T18:15:30ZKrzysztof TomczykAdd default_webserver setting for clientHi
There is a possibility to set default_webserver for client in DB (client.default_webserver) but in interface I don't see any place where I can set that optionHi
There is a possibility to set default_webserver for client in DB (client.default_webserver) but in interface I don't see any place where I can set that optionhttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1805Firewall: add support for device tun+2018-12-15T18:15:27ZMarkFirewall: add support for device tun+The firewall adds rules for devices eth+, ppp+, slip+, venet+ and bond+. I don't need most of these. But I do need tun+.
Is it possible that this becomes a setting instead of being hard-coded?The firewall adds rules for devices eth+, ppp+, slip+, venet+ and bond+. I don't need most of these. But I do need tun+.
Is it possible that this becomes a setting instead of being hard-coded?https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1818Forward Outgoing E-Mail2018-12-15T18:15:27ZNecdet TenekeciForward Outgoing E-MailThere is no option for forwarding outgoing emails for domain or mailbox although it's possible by editing postfix conf files. It's simple to add this feature and I think it's a big thing. I have so many custommers wants that.There is no option for forwarding outgoing emails for domain or mailbox although it's possible by editing postfix conf files. It's simple to add this feature and I think it's a big thing. I have so many custommers wants that.https://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1913Make backup MX server configurable in GUI2018-12-15T18:15:24ZRadimMake backup MX server configurable in GUIwhen you set you backup server in /etc/postfix/main.cf after ISPConfig update it's gone
Imagine - you set ISPC server for customer, make MX backup server in DNS. Then customers update ISPC, relay setting for backup MX is gone and all em...when you set you backup server in /etc/postfix/main.cf after ISPConfig update it's gone
Imagine - you set ISPC server for customer, make MX backup server in DNS. Then customers update ISPC, relay setting for backup MX is gone and all email sent via backup MX will never arrive.
default postfix config by ISPC is:
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
i use:
relay_domains = backup.mx.tld mysql:/etc/postfix/mysql-virtual_relaydomains.cf
but imo more elegant way will be put backup mx serer into SQL somewherehttps://git.ispconfig.org/ispconfig/ispconfig3/-/issues/1922website data mirroring or UID, GID sync in /etc/{group,passwd}2018-12-15T18:15:23Zhakongwebsite data mirroring or UID, GID sync in /etc/{group,passwd}It would be good to have website data mirroring from server1 to server2, whenever a user uploads www data. Using NFS is difficult since ISPConfig doesn't keep the same UID and GID in /etc/{passwd,group} between "mirrored" servers. Or sim...It would be good to have website data mirroring from server1 to server2, whenever a user uploads www data. Using NFS is difficult since ISPConfig doesn't keep the same UID and GID in /etc/{passwd,group} between "mirrored" servers. Or simply keeping /etc/{passwd,group} and other files completely in sync as far as UID's and GID's go.