Jump to content
Froxlor Forum
d00p

Release candidate 0.10.0 - It's Froxlor, but with API :)

Recommended Posts

Dear Froxlor Commuity,

finally - the first release candidate of our new API based version 0.10.0! A lot of work has gone into this, many internal changes (you might miss any frontend-changes, but be patient...) most importantly the API backend which not only is used by froxlor frontend itself but can also be uses from within your website/scripts/etc.

Froxlor now uses composer to include some of its requirements like phpMailer, Logger, IdnaConvert and TwoFactorAuth libraries.

Here are some of the new features besides API that found their way in:

  • - 2FA / TwoFactor Authentication for accounts
  • - MySQL8 compatibility
  • - new implementation of Let's Encrypt (acme.sh)
  • - customizable error/access log handling for webserver (format, level, pipe-to-script, etc.)
  • - lots and lots of bugfixes and small enhancements

You can see all changes on Github at https://github.com/Froxlor/Froxlor/compare/0.9.40.1...0.10.0-rc2

Download: 0.10.0-rc2

Note: There will be no Debian packages for release-candidates.

Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.freenode.net.

Thank you,
d00p

Share this post


Link to post
Share on other sites

That sounds and looks great. Good work!

I think in the longrun it would make sense to separate the Froxlor frontend from the backend. I guess it could make sense to install the froxlor backend without the frontend, but use your own frontend. Or someone may come of with a CLI tool that can talk to the froxlor API and you don't need any webfrontend at all. That would be really cool.

As I guess there are no other backends that support the same API, it does not really make sense to use the froxlor frontend without the backend. So I see the frontend as a component that requires the backend, but the backend as a component that could be used standalone.

Share this post


Link to post
Share on other sites

As a matter of fact, there is no dependency from the API to the front-end really...all the sanity checks etc. Are in the API, not the front-end

Share this post


Link to post
Share on other sites

As there is little to no feedback for this release candidate I cannot tell for sure as I need to test as much as possible myself

Share this post


Link to post
Share on other sites

I've update my prod buster system today to 10.0-rc2. I'll report any issues i'll find.

How can I report possibl bugs?

Edited by cscholz

Share this post


Link to post
Share on other sites

Yes, this stays all the same. Just update as usual

Share this post


Link to post
Share on other sites

Yeah. Just did it.

First view: looks good, good job! :)

One thing I like to mention:

In my Environment I use a lot of LE-Certs. On Upgrade the ALL get renewed. By default it's a 5 minute cron for each webserver-change and each LE-renewal run...
This means: after Upgrade all certs get deleted and thus web server configfiles recreated with HOSTS default certs. within this webserver-recreation all LE certs get recreated. If they are not fully recreated within 5 minutes the following job: webserver-renewal with the LE-cert paths may take another 5 minutes. For me: My sites were 15 minutes without invalid certs ;) (not that ugly as I have not that highly visited pages :P)

Maybe we can add a hint that it may mean up to a 10-15 minutes "possible outage" on upgrade!?

Share this post


Link to post
Share on other sites

This is due to the change of the acme implementation. I see what I can do there

Share this post


Link to post
Share on other sites

Are there any points I can test?

 

On 7/7/2019 at 3:20 PM, snoopotic said:

Maybe we can add a hint that it may mean up to a 10-15 minutes "possible outage" on upgrade!? 

After that, your pages went back?

Share this post


Link to post
Share on other sites
7 minutes ago, Tealk said:

Are there any points I can test?

Installation, update of 0.9.x to 0.10.0-rc or better current git, adding, editing and deleting of entities, paying around with external API call, etc.etc.etc. 

Share this post


Link to post
Share on other sites

So there were no problems with the update (Debian 9)
I could also create and edit subdomains as well as delete them.
2FA also works

I also installed it on a test server without any problems. (Debian 10)
On the server I'm still testing

Share this post


Link to post
Share on other sites

@Tealk yup, after that pages went back with new valid certs.

 

Well, maybe I found a bug but I will search for corresponding logs but maybe reporting the use case is quicker:

- Create E-Mail Address -> ok

- Create E-Mail Account -> fails with:

Fehlermeldung
Die E-Mail-Adresse "" enthält ungültige Zeichen oder ist nicht vollständig.

looks like a typo as the address is already "known" ... :)

shall I look further or is this possibly a case? :)

(I just upgraded my Debian 9 to 10 maybe it's a cross over thingy but I don't think so other things work)

 

EDIT: Oh Noes. Horses back: Entering an alternate E-Mail is mandatory xD

Share this post


Link to post
Share on other sites
34 minutes ago, snoopotic said:

EDIT: Oh Noes. Horses back: Entering an alternate E-Mail is mandatory xD

It is??

Just checked, it's not:

     * @param string $alternative_email
     *            optional email address to send account information to, default is the account that is being created
 

And I cannot reproduce this on my Testsystem. Can create account without any alternative address. Please provide detailed information and steps to reproduce

Share this post


Link to post
Share on other sites

I just upgraded my main system to buster and an error occurred with "bind".
In the "named.conf.local" the include of Froxlor was included twice.

//
// Do any local configuration here
//

// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";

include "/etc/bind/froxlor_bind.conf";
include "/etc/bind/froxlor_bind.conf";

 

Share this post


Link to post
Share on other sites

Did you run the configuration steps twice? Afaik it just adds the last line...

Share this post


Link to post
Share on other sites

No initial configuration of services is done automatically

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By peterpan
      Hi,
      I have a domain equipped with a certificate from LE. The cert is valid another 2 months. Now I added a domain as an alias of the existing domain, but the certificate isn't updated to have the new domain as its SAN.
      How do I trigger getting a new and updated certificate? Should I delete the existing one?
      Thanks for helping out.
       
      Peter
    • By tt33tt
      Hallo alle zusammen,
      ich würde gerne auf eine API von Limesurvey zurückgreifen. Dafür muss ich installieren: https://github.com/weberhofer/jsonrpcphp
      Kann ich in die composer.json einfach so hinzufügen? Ist das mit Froxlor kompatibel?
      Das readme zeigt mir diese beiden Möglichkeiten:
      To install
      composer require weberhofer/jsonrpcphp or add this to your composer.json, and composer update
      { "require": { "weberhofer/jsonrpcphp": "~2" } }
    • By princeofnaxos
      Wenn running "froxlor_master_cronjob.php -- tasks", it produces this error at the end:
      sh: 1: /etc/init.d/php-fpm: not found
      On Debian Stretch with PHP 7.2, this should be "/etc/init.d/php7.2-fpm". Is this a configuration setting? I can't find it.
    • By LukasH
      [Dieses Problem hat sich gelöst, ich hab mich doch tatsächlich verlesen, im Einsatz ist nur die .de, die .com ist nur eine Weiterleitung, klar funktioniert die nicht]
       
      ______________________________________________________________________________
       
      Dann habe ich noch ein weiteres Problem und zwar habe ich eine neue Subdomain angelegt, beim versuch ein SSL Zertifikat zu ziehen kommen nun nur die folgenden Fehlermeldungen:
      [Lets Encrypt self-check] Please check http://www.mail.hoerth.eu/.well-known/acme-challenge/_s_fIpGAblEU_T6A9Iej0RV1Wp-gte-xrTeVRu9naPI - token seems to be not available. This is just a simple self-check, it might be wrong but consider using this information when Let's Encrypt fails to issue a certificate Could not get Let's Encrypt certificate for mail.hoerth.eu: Verification ended with error: {"identifier":{"type":"dns","value":"www.mail.hoerth.eu"},"status":"invalid","expires":"2018-06-15T12:01:38Z","challenges":[{"type":"dns-01","status":"invalid","uri":"https:\/\/acme-v01.api.letsencrypt.org\/acme\/challenge\/SXa_3IeDJd19Xg3oVtLd0iaj3H2lKBN_fzM1cZPtguc\/5014287643","token":"mOYe0nDwOyTxrfZc83fmpBVeL1vZesbZrV-t_nkRdZ0"},{"type":"http-01","status":"invalid","error":{"type":"urn:acme:error:dns","detail":"DNS problem: NXDOMAIN looking up A for www.mail.hoerth.eu","status":400},"uri":"https:\/\/acme-v01.api.letsencrypt.org\/acme\/challenge\/SXa_3IeDJd19Xg3oVtLd0iaj3H2lKBN_fzM1cZPtguc\/5014287644","token":"_s_fIpGAblEU_T6A9Iej0RV1Wp-gte-xrTeVRu9naPI","keyAuthorization":"_s_fIpGAblEU_T6A9Iej0RV1Wp-gte-xrTeVRu9naPI.JriXbK73HFGeqTSIPL3Qg0VCDy2Qt0n4wrUZon9dCEM","validationRecord":[{"url":"http:\/\/www.mail.hoerth.eu\/.well-known\/acme-challenge\/_s_fIpGAblEU_T6A9Iej0RV1Wp-gte-xrTeVRu9naPI","hostname":"www.mail.hoerth.eu","port":"80"}]}],"combinations":[[0],[1]]} Ich habe dann mal nachgesehen und der Token existiert defintiv nicht - klar findet ihn Lets Encrypt also nicht, was ist denn gerade bei mir Los?
    • By jonny87
      Guten Morgen liebe Community,
      ich hab schon gesucht hier, aber nicht wirklich was passendes gefunden, darum mach ich jetzt hier nochmal nen Thread auf. Ich nutz Froxlor nun erfolgreich seit über einem Jahr auf zwei Servern, es funktioniert soweit auch alles mit LetsEncrypt und den Zertifikaten.
      Jetzt hab ich nur folgendes Problem, bzw. ist dies möglich, da ich mehrere Kunden über Froxlor auf zwei Servern verwalte, muss ich natürlich auch E-Mails verwalten, und zwar verschlüsselt. Kann man das über Froxlor machen? Sprich, dass die Kunden ihre Emails über
      imap.kunde1.de & smtp.kunde1.de sowie imap.kunde2.de & smtp.kunde2.de usw. abrufen können. 
      Momentan muss man ja bzw. so hat es mein Admin gemacht, ein Zertifikat für alle hinterlegen, welches auch nicht automatisch per Script geupdatet wird?! -> Ist das so richtig?
      Oder müssen alle Kunden ihre E-Mails per imap.hauptdomain.de abrufen? 
       
       
       
       
       




×
×
  • Create New...