sporkman

Did you want any other info or no?

Didn't get a chance to try that, I instead pulled an old db backup and grabbed the "domain_ssl_settings" table and inserted the old froxlor vhost entry from there. That seems to have fixed things. Perhaps that cert shouldn't have a "delete" option next to it if there's no (simple) path to recovery?

Trying to figure out what's going on with this one... Was running an older version that I guess had some issues with Let's Encrypt renewals, and back then to "fix" it the easiest option was to nuke existing certs and let the panel/ACME.sh recreate them. After nuking the cert for the panel itself, froxlor seems to no longer be able to create a config for the "Enable Let's Encrypt for the froxlor vhost" option. I've toggled it on and off, but that hasn't done anything. Here's a debug run of the cron job: [root@php8 /usr/local/www]# /usr/local/bin/php -q /usr/local/www/froxlor/bin/froxlor-cli froxlor:cron 'tasks' --debug --force Checking froxlor file permissions...OK Running "tasks" job (forced) (debug) [information] TasksCron: Searching for tasks to do [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Sun Sep 10 19:02:01 EDT 2023] Already uptodate! [Sun Sep 10 19:02:01 EDT 2023] Upgrade success! [Sun Sep 10 19:02:01 EDT 2023] Installing cron job 59 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null [Sun Sep 10 19:02:01 EDT 2023] Changed default CA to: https://acme-v02.api.letsencrypt.org/directory [error] Could not find file 'example1.com.cer' in '/root/.acme.sh/example1.com/' [error] Could not find file 'ca.cer' in '/root/.acme.sh/example1.com/' [error] Could not find file 'fullchain.cer' in '/root/.acme.sh/example1.com/' [error] Could not find file 'example1.com.csr' in '/root/.acme.sh/example1.com/' [error] Could not get Let's Encrypt certificate for sprickman.com: [information] Updated Let's Encrypt certificate for example2.com [information] Let's Encrypt certificates have been updated [information] apache::createIpPort: creating ip/port settings for 10.10.10.10:80 [debug] 216.220.96.55:80 :: inserted vhostcontainer [information] apache::createIpPort: creating ip/port settings for 10.10.10.10:443 [debug] 216.220.96.55:443 :: inserted vhostcontainer [information] apache::createVirtualHosts: creating vhost container for domain 4, customer example2 [information] apache::createVirtualHosts: creating vhost container for domain 5, customer example3 [information] apache::createVirtualHosts: creating vhost container for domain 2, customer example1 [information] apache::createVirtualHosts: creating vhost container for domain 6, customer example3 [information] apache::createVirtualHosts: creating vhost container for domain 1, customer example1 [information] apache::writeConfigs: rebuilding /usr/local/etc/apache24/froxlor-diropts/ [information] apache::writeConfigs: rebuilding /usr/local/etc/apache24/froxlor-htpasswd/ [information] apache::writeConfigs: rebuilding /usr/local/etc/apache24/froxlor-vhosts/ [information] Froxlor\Cron\Http\ApacheFcgi::reload: running service php-fpm restart [10-Sep-2023 19:02:01] NOTICE: configuration file /usr/local/etc/php-fpm.conf test is successful [10-Sep-2023 19:02:01] NOTICE: configuration file /usr/local/etc/php-fpm.conf test is successful [information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi Syntax OK Syntax OK [notice] Checking system's last guid [root@php8 /usr/local/www]# Removing and adding an SSL cert for a test user/domain works fine. No changes to the froxlor panel vhost after this though. I'm digging around in the db, but not yet seeing anything obvious there to recreate this.

Ah, yep. There's lots of things in there I don't want our customers touching. Weird place for logs...

I'm not seeing anything labelled "domains" in the customer dashboard other than the blocked-out domain you can see in the screenshot I attached. Nothing is clickable in that area, should it be? Does it not show up if I'm not logged-in directly as the customer (edit: just checked this by logging in directly).

I must be missing something - I already have the toggle set, but I don't see any options as the customer to view logs. In the admin side the toggle is set, and for good measure "allow editing domain" is set in case that's necessary to view logs. I don't see anything in that last screenshot relating to logs, nor is anything in that domains section clickable.

Simple question - for debugging and similar tasks, how does one give a customer access to their logs? I was looking for something in the ftp user creation screen, but didn't see anything there other than being able to give people access to a new directory under the webroot, but no option to drop them in the logs directory. Am I missing something?

I have customers with some insanely old stuff that still relies on a working cgi-bin setup where they can dump their (perl-based) scripts. Before I just add some things manually (in the "Domains", "Own vhost Settings"), should I be looking at another method? I'm using Apache 2.4 (mpm_worker_module) and php-fpm. I see a "perl/CGI" section in the settings, but it looks like that's only available for nginx or lighttpd, correct?

I have to do a big update jump, is there any sense in me documenting this for anyone other than myself? I'm reviewing my last changes and it was really mostly just bad hardcoded paths to things, which I assume is still the case. Any FreeBSD users here? If so any interest in sharing your diffs?

I'm running a pre-0.10 version in production for quite some time now. The "libnss-extrausers" thing is kind of dumb, I don't recall my workaround. It would be nice to see a working port again, or even better, patches upstream as needed. Since Froxlor is mostly just a config generator, there's no real reason for most of the linuxisms other than people not knowing any better. I mean, all the software Froxlor configures has been running on FreeBSD forever (and in the case of that obscure webserver, nginx, developed on FreeBSD by a bunch of Russian FreeBSD nerds). If the porting project is still active I can look through my install here to see what I've been up to. I've been putting off the version jump to 0.10.x because I didn't see anything I needed in there, but I should probably see about updating and what I have to merge back in to make it work. Also as for nobody using FreeBSD, well more people should. Around 20% of worldwide internet traffic is coming off FreeBSD servers. It's a great platform to develop for - one distro, one way of doing things, and a clear cut line between base OS and 3rd party applications.

Just an update for anyone else browsing this - had no issues updating to the latest. About to go in and attempt php-fpm (already have libnss-mysql setup, so that PITA is over with). Also surprisingly filesystem quotas work as well, just have to use '/usr/sbin/edquota' and your conditionals do the right thing in passing args to the command. And in FreeBSD the path is a bare path (ie: "/" or "/var"). I see there's a note here: lng/english.lng.php:$lng['serversettings']['system_cronconfig']['description'] = 'Path to the cron-service configuration-file. This file will be updated regularly and automatically by froxlor.<br />Note: Please <b>be sure</b> to use the same filename as for the main froxlor cronjob (default: /etc/cron.d/froxlor)!<br><br>If you are using <b>FreeBSD</b>, please specify <i>/etc/crontab</i> here!'; At least in FreeBSD 11.x, /etc/cron.d is totally valid and you can dump the froxlor cron file in there with no issues.

Awesome, thanks so much!

Hi all, I really like the general direction of Froxlor - it seems to mostly stay away from touching the underlying OS and whatever package manager your OS is using and just concentrates on being a config generator for the services that are running. This actually seems to make it pretty OS-agnostic. I installed the version from FreeBSD ports (0.9.38.7) and they (port maintainers) didn't really modify it - they just use the port to pull in postfix, apache/nginx, mysql, BIND, etc. and then leave you with a message that you should carefully review all the file paths. So far, the biggest bit of work I did was just relentlessly go through settings and change "/etc/XYZ" to "/usr/local/etc/XYX" and "/etc/init.d/XYZ" to "/usr/local/etc/rc.d/XYZ" or "/etc/rc.d/XYZ". And I have a working system. I also grabbed the Gentoo xml file and did a similar search/replace and that gets me like 80% of the way there - I have cut and pasteable configs with correct paths. I imagine I could also substitute out various apt-get commands with "pkg add". I know the developers aren't interested in officially supporting FreeBSD, but I'm going to update this version of Froxlor to the newest - I reviewed commits between 0.9.38.7 (what I have installed) and the latest and the only system/OS level thing I see of note there is adding "libnss-extrausers" which is a linux-only thing, but seems not to be required. Assuming the upgrade goes well, I'm probably going to go ahead with Froxlor on some FreeBSD VPS instances regardless. Questions: Are there any non-obvious OS-level compatibility issues I'm not seeing in my quick review of the code and the changes? What tools, if any are used to enable/disable apache modules and similar that are actually from the OS (things similar to "a2enmod")? Outside of the OS XML files, I think I only saw some paths being set in the .sql file that populates the db on install, not sure I care about that as that's easily changed in the web UI after install Are there any plans currently to move Froxlor in a direction that does make it start to take control of the OS itself (firewall rules, managing packages, etc.)? Any other background I should know of? Thanks!