Jump to content
Froxlor Forum
d00p

Release 0.10.9 - API based froxlor with 2FA, MySQL8 compatibility, new Let's Encrypt implementation and much more...

Recommended Posts

Dear Froxlor Community,

I am proud to finally release the stable version of a new API based froxlor. Due to massive internal improvements and changes in the core (almost 600 commits since 0.9.40.1) users are now able to list/create/edit/delete resources and entities of froxlor via API (requires activation of api-usage in the settings and a user based API-key). The froxlor frontend itself uses the API backend too.

Froxlor now uses composer to include some of its requirements like phpMailer, Logger, IdnaConvert and TwoFactorAuth libraries. All required files will be included in the official tarball so you do not need to worry about installing and using composer (only if you are using / testing the git-master, see https://github.com/Froxlor/Froxlor/wiki/Install-froxlor-from-git-sources).

Most important changes:

  • froxlor now requires at least php-7.0 or newer, php-5.6 is no longer supported because of its EOL almost a year ago
  • you can access data via API, for more information see https://api.froxlor.org/doc/. An example can be found here: https://github.com/Froxlor/Froxlor/tree/master/doc/example
  • PHPUnit tested API backend with MySQL 5.6, 5.7 and 8 as well as MariaDB 10.3 and 10.4, see https://travis-ci.com/Froxlor/Froxlor
  • compatibility for MySQL8
  • 2FA (two-factor-authentication) for admins/resellers/customers (email or authenticator app)
  • all froxlor-database tables will automatically be converted to the InnoDB engine
  • added support for Debian 10 (buster) and Ubuntu 18.04 (bionic beaver)
  • implemented Let's Encrypt via acme.sh - Note: all your current Let's Encrypt certificates will be removed and re-created due to another structure
  • customizable error/access log handling for webserver (format, level, pipe-to-script, etc.)
  • deprecated Debian 7 (wheezy) and Ubuntu 14.04 (trusty tahr) support
  • dropped support for Ubuntu 12.04 (precise pangolin)
  • dropped ticketsystem

Changes in 0.10.1:

  • allow/disallow API access on a per-customer base
    • new API parameters for Admins.add(), Admins.update(), Customers.add() and Customers.update()
      • bool $api_allowed (default: false for Customers, true for Admins)
  • add explicit tlsv1.3 ciphersuite setting
  • fixed wrong behaviour in Ftps.add() if customer is newly created and setting customer.ftpatdomain is true
  • added expiration date to SSL certificates loaded via API request
  • fixed wrong return in Certificates.get() if given domain does not have a certificate
  • allow setting http2 flag for (sub)domains in customer view, fixes #725

Changes in 0.10.2:

  • force Let's Encrypt ACMEv2 API, fixed #728
  • added default-ssl-vhost settings and optionally allow including of non-ssl default-vhost settings, fixes #727
    • new API parameters for Domains.add() and Domains.update()
      • string $ssl_specialsettings
      • bool $include_specialsettings
      • bool $dont_use_default_ssl_ipandport_if_empty
    • removed API parameters in Domains.add()
      • bool $use_default_ssl_ipandport_if_empty
    • new API parameters for IpsAndPorts.add() and IpsAndPorts.update()
      • string $ssl_specialsettings
      • bool $include_specialsettings
      • string $ssl_default_vhostconf_domain
      • bool $include_default_vhostconf_domain
  • implemented DomainZones.listing() to return custom stored dns entries
  • fix registration and termination date to flip between empty-value and 0000-00-00

Changes in 0.10.3:

  • fallback to /tmp/froxlor.log if file-log is activated but no file given or not writeable; fixes #737
  • added tls-settings per domain for admins with change_serversettings-flag set; fixes #519
    • new API parameter for Domains.add() and Domains.update()
      • bool $override_tls (default: false)
      • array $ssl_protocols
      • string $ssl_cipher_list
      • string $tlsv13_cipher_list
  • preserve downward compatibility for 0.10.1 updaters regarding specialsettings for ssl-enabled domains; fixes #739

Changes in 0.10.4:

  • added support for CIDR/netmask in mysql-access-hosts; fixes #564
  • fixed invalid handling of escape-sequences in api-endpoint, fixes #746
  • fixed an issue with adding the default ftp user for new customer when added by admin/reseller with no ftp-resources; fixes #741
  • fixed nginx configuration issue with fastcgi_split_path_info option; fixes #744

Changes in 0.10.5:

  • bugfix release due to errors in Let's Encrypt re-new check; fixes #747

Changes in 0.10.6:

  • introducing new API parameters sql_search, sql_limit, sql_offset, sql_orderby for almost all listing() calls
  • introducing new API method listingCount() for almost all modules to return the total number of entities available
  • changed behavior of SubDomains.listing() to return all fields from the domain table instead of the limited ones for customers when called as admin
  • added new API module SysLog to query froxlor logs according to permission
  • optimized panel_admins and panel_customers table to avoid mysql/mariadb warning: Row size too large (> 8126); fixes #752
  • corrected update of hosting plans via interface; fixes #753
  • implemented API method EmailForwarders.listing(); fixes #754
  • fixed parameters defaults for Domains.update() parameters ssl_ipandports and add new parameter (see below); fixes #756
    • new API parameters for Domains.update()
      • bool $remove_ssl_ipandport

Changes in 0.10.7:

  • corrected behavior when changing mysql-access-host values; fixes #758
  • fix UI error "API keys not accessable due to missing Paging-class"
  • fix trauncating of SysLog using SysLog.delete()
  • corrected UI issue of incorrect listing of domains for customers and admin, fixes #759
  • corrected ordering of listings in UI regarding pagination
  • added new settings to set default value of domain-edit-settings 'Apply specialsettings to all subdomains' and 'Apply php-config to all subdomains'
  • corrected vhost-merging of specialsettings in nginx; fixes #757

Changes in 0.10.8:

  • fix duplicate domain entries in customer-domain-list when domain has aliases
  • fix searching for alias-domains by link in customer_domains
  • use correct apiendpoint for lets encrypt; pass debug-flag onto acme.sh; fixes #762
  • fix removing of ssl-ip-relation to domain if no ssl-ip is selected via interface
  • Debian package: Move mysql server dependency to redommends; fixes #761

Changes in 0.10.9:

  • fix SQL error when searching for certificates by domainname, fixes #764
  • fix ordering of listings when natural sorting is activated, fixes #765
  • check for valid result when reading database usage from information_schema; fixes #766

Download: 0.10.9

Note: Debian/Ubuntu packages are available as of 21th of October 2019 - Note that there are no packages for oldoldstable (jessie) anymore

Attention: The auto-update feature is currently not working correctly for updaters from 0.9.x due to the archive taking a bit longer to extract and froxlor trying to redirect too soon thus leading to an internal server error. A quick reload does "fix" the problem. To avoid that please use the manual update options, see https://github.com/Froxlor/Froxlor/wiki

Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.freenode.net for support, help, participation or just a chat

Thank you,
d00p

Share this post


Link to post
Share on other sites

Congratulations! and thank you for all your efforts and work!

I'll update when Debian packages become available.

Cheers.

Share this post


Link to post
Share on other sites

It currently seems not possible without getting the 500 error because I would need to add a short sleep() to admin_autoupdate which I cannot for existing installations :)

Share this post


Link to post
Share on other sites

Congratulations for this huge release. Can you give any detail about when the packages will be available?

Share this post


Link to post
Share on other sites
Am 3.10.2019 um 13:07 schrieb d00p:

Note: Debian packages will be created and released as soon as possible, please be patient

Guten Abend, sag gibt es schon Entwicklung bezüglich der Veröffentlichung?
Paar Kunden schreien förmlich danach.

Good evening, are there any developments regarding the release? 
Couple of customers are screaming for it.

Share this post


Link to post
Share on other sites

Nothing new yet. This topic will be updated accordingly if it happens

Share this post


Link to post
Share on other sites

Thanks d00p,

I tried to update a Debian Stretch server to the latest 0.10.2 but it seems there are only packages for Buster? Is it possible to update Stretch to the 0.10.2 with Debian packages?

Thanks!

Share this post


Link to post
Share on other sites

I don't think Stretch packages have been updated yet.. last update was December 5th 2018.. Am I doing something wrong?

 

Architectures: amd64 arm64 armel armhf i386
Codename: stretch
Components: main
Date: Wed, 05 Dec 2018 07:51:29 +0000
Label: Froxlor Repository
Origin: froxlor.org
Suite: stable

 

Share this post


Link to post
Share on other sites
5 minutes ago, llucps said:

I don't think Stretch packages have been updated yet.. last update was December 5th 2018.. Am I doing something wrong?

 


Architectures: amd64 arm64 armel armhf i386
Codename: stretch
Components: main
Date: Wed, 05 Dec 2018 07:51:29 +0000
Label: Froxlor Repository
Origin: froxlor.org
Suite: stable

 

I'll check what's up there, sorry for the inconvinience

Share this post


Link to post
Share on other sites

If I use this testing repository, can then I change to the "production" one for future updates? If there can be conflicts after using both.. I'll wait for @Dessa to fix repository.

Thanks!

Share this post


Link to post
Share on other sites

Sure, the testing repo will be the new production repo later anyway (supporting Ubuntu besides Debian)

Share this post


Link to post
Share on other sites

Hi there,

I finally could update to the latest Froxlor version with the testing repository.

Thanks!

 

  • Like 1

Share this post


Link to post
Share on other sites

I got these errors after upgrading:

Class 'Settings' not found in /var/www/froxlor/lib/init.php

Debugging, I found that my template was incompatible with the new version. Moving it out of /var/www/froxlor/templates solved the issue.

Just in case someone runs into the same issue.

Share this post


Link to post
Share on other sites

Yup, it's all in namespaces now. Thanks for the notice, might help People with custom theme

Share this post


Link to post
Share on other sites

I encounter a strange issue in 0.10.6-1 (from Debian Stretch repository): For some customers, some domains show up multiple times. The domains appear once in admins domain list and in the customer dashboard. But in the domain settings of the customer, where the customer can configure subdomains, the same domain appears multiple times. Some domains twice, one domain 7 times. They link to the exact same edit link. I am not talking about subdomains, the affected domains do not even have subdomains.

This is not the case for all domains, not even all domains of the affected customer.

In the database, everything seems fine, the domain is only there once. It looks like there is some JOIN going wrong duplicating the domains.

Edit: I checked a different server also running froxlor (same version) and it also is affected. There domains with subdomains are affected and the subdomains are also listed multiple times.

Share this post


Link to post
Share on other sites
42 minutes ago, crazy4chrissi said:

I encounter a strange issue in 0.10.6-1 (from Debian Stretch repository): For some customers, some domains show up multiple times. The domains appear once in admins domain list and in the customer dashboard. But in the domain settings of the customer, where the customer can configure subdomains, the same domain appears multiple times. Some domains twice, one domain 7 times. They link to the exact same edit link. I am not talking about subdomains, the affected domains do not even have subdomains.

This is not the case for all domains, not even all domains of the affected customer.

In the database, everything seems fine, the domain is only there once. It looks like there is some JOIN going wrong duplicating the domains.

Edit: I checked a different server also running froxlor (same version) and it also is affected. There domains with subdomains are affected and the subdomains are also listed multiple times.

There are known issues in 0.10.6 with the new listing which have been fixed for the upcoming 0.10.7 (tomorrow), sorry for any inconvenience

Share this post


Link to post
Share on other sites
On 11/21/2019 at 11:07 AM, d00p said:

There are known issues in 0.10.6 with the new listing which have been fixed for the upcoming 0.10.7 (tomorrow), sorry for any inconvenience

I installed 0.10.7-1 and it does not quite fix the problem completely.

In the previous version, the domains and all subdomains had been duplicated. Example:

example.com [Statistics]
example.com %PATH% [edit] [delete] [letsencrypt]
somesub.example.com %PATH% [edit] [delete] [letsencrypt]
example.com [Statistics]
example.com %PATH% [edit] [delete] [letsencrypt]
somesub.example.com %PATH% [edit] [delete] [letsencrypt]

The part in bold is the duplicate that shouldn't be there.

Now, the domain is there once, but under that, the line where you can configure it is duplicated. Example:

example.com [Statistics]
example.com %PATH% [edit] [delete] [letsencrypt]
example.com %PATH% [edit] [delete] [letsencrypt]
somesub.example.com %PATH% [edit] [delete] [letsencrypt]
 

The bold part shouldn't be there. The same domains are affected as in the last version.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • By ZARk
      Hello

      I can't renew certs (or create new certs) since the 0.10 upgrade. was working fine before on 0.9

      I'm basically getting the same output everytime i run this command.
       
      xander /var/www/froxlor # /usr/bin/php7.3 -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug [information] Requesting/renewing Let's Encrypt certificates [information] Creating certificate for Westecheurope.eu [information] Adding SAN entry: Westecheurope.eu [information] Adding SAN entry: www.Westecheurope.eu [Mon 4 Nov 11:23:46 CET 2019] It is recommended to install socat first. [Mon 4 Nov 11:23:46 CET 2019] We use socat for standalone server if you use standalone mode. [Mon 4 Nov 11:23:46 CET 2019] If you don't use standalone mode, just ignore this warning. [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Mon 4 Nov 11:23:45 CET 2019] Installing from online archive. [Mon 4 Nov 11:23:45 CET 2019] Downloading https://github.com/Neilpang/acme.sh/archive/master.tar.gz [Mon 4 Nov 11:23:46 CET 2019] Extracting master.tar.gz [Mon 4 Nov 11:23:46 CET 2019] Installing to /root/.acme.sh [Mon 4 Nov 11:23:46 CET 2019] Installed to /root/.acme.sh/acme.sh [Mon 4 Nov 11:23:46 CET 2019] Good, bash is found, so change the shebang to use bash as preferred. [Mon 4 Nov 11:23:47 CET 2019] OK [Mon 4 Nov 11:23:47 CET 2019] Install success! [Mon 4 Nov 11:23:47 CET 2019] Upgrade success! [Mon 4 Nov 11:23:47 CET 2019] Removing cron job [Mon 4 Nov 11:23:52 CET 2019] get to authz error. [Mon 4 Nov 11:23:52 CET 2019] _authorizations_map='www.westecheurope.eu,{"identifier":{"type":"dns","value":"www.westecheurope.eu"},"status":"pending","expires":"2019-11-07T18:17:12Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077162/e3Lmew","token":"H07E0jvAJ-vnQ4jirnVIxqLeRxDwQ_VC6PQ0RAJgEvU"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077162/rs0T6w","token":"H07E0jvAJ-vnQ4jirnVIxqLeRxDwQ_VC6PQ0RAJgEvU"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077162/ZPjfSg","token":"H07E0jvAJ-vnQ4jirnVIxqLeRxDwQ_VC6PQ0RAJgEvU"}]} westecheurope.eu,{"identifier":{"type":"dns","value":"westecheurope.eu"},"status":"pending","expires":"2019-11-07T18:17:12Z","challenges":[{"type":"http-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077160/hOWGhQ","token":"Bd7XDicTn8dtJBIYc9Eod2d7eOxZGba42pnnl5aCNyI"},{"type":"dns-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077160/nj7_Ow","token":"Bd7XDicTn8dtJBIYc9Eod2d7eOxZGba42pnnl5aCNyI"},{"type":"tls-alpn-01","status":"pending","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/1025077160/v7Bc7A","token":"Bd7XDicTn8dtJBIYc9Eod2d7eOxZGba42pnnl5aCNyI"}]} ' [Mon 4 Nov 11:23:52 CET 2019] Please add '--debug' or '--log' to check more details. [Mon 4 Nov 11:23:52 CET 2019] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh [debug] [Mon 4 Nov 11:23:48 CET 2019] Creating domain key [Mon 4 Nov 11:23:49 CET 2019] The domain key is here: /root/.acme.sh/Westecheurope.eu/Westecheurope.eu.key [Mon 4 Nov 11:23:49 CET 2019] Multi domain='DNS:Westecheurope.eu,DNS:www.Westecheurope.eu' [Mon 4 Nov 11:23:50 CET 2019] Getting domain auth token for each domain [Mon 4 Nov 11:23:52 CET 2019] Getting webroot for domain='Westecheurope.eu' [error] Could not get Let's Encrypt certificate for Westecheurope.eu: [Mon 4 Nov 11:23:48 CET 2019] Creating domain key [Mon 4 Nov 11:23:49 CET 2019] The domain key is here: /root/.acme.sh/Westecheurope.eu/Westecheurope.eu.key [Mon 4 Nov 11:23:49 CET 2019] Multi domain='DNS:Westecheurope.eu,DNS:www.Westecheurope.eu' [Mon 4 Nov 11:23:50 CET 2019] Getting domain auth token for each domain [Mon 4 Nov 11:23:52 CET 2019] Getting webroot for domain='Westecheurope.eu' [information] No new certificates or certificates due for renewal found [notice] Checking system's last guid  
    • By peterpan
      Hi,
      I have a domain equipped with a certificate from LE. The cert is valid another 2 months. Now I added a domain as an alias of the existing domain, but the certificate isn't updated to have the new domain as its SAN.
      How do I trigger getting a new and updated certificate? Should I delete the existing one?
      Thanks for helping out.
       
      Peter
    • By d00p
      Dear Froxlor Commuity,
      finally - the first release candidate of our new API based version 0.10.0! A lot of work has gone into this, many internal changes (you might miss any frontend-changes, but be patient...) most importantly the API backend which not only is used by froxlor frontend itself but can also be uses from within your website/scripts/etc.
      Froxlor now uses composer to include some of its requirements like phpMailer, Logger, IdnaConvert and TwoFactorAuth libraries.
      Here are some of the new features besides API that found their way in:
      - 2FA / TwoFactor Authentication for accounts - MySQL8 compatibility - new implementation of Let's Encrypt (acme.sh) - customizable error/access log handling for webserver (format, level, pipe-to-script, etc.) - lots and lots of bugfixes and small enhancements You can see all changes on Github at https://github.com/Froxlor/Froxlor/compare/0.9.40.1...0.10.0-rc2
      Download: 0.10.0-rc2

      Note: There will be no Debian packages for release-candidates.

      Visit http://www.froxlor.org or join our IRC channel #froxlor on irc.freenode.net.

      Thank you,
      d00p
×
×
  • Create New...