mirror of
https://github.com/myronblair/novacpx
synced 2026-06-30 17:50:41 -05:00
Fix service status refresh, DNS zones, Docker page, SSL manager, input styling, updates
- Service status: data-svc-status/data-svc-dot attrs + refreshSvcStatus() updates in-place after restart/stop/start - svc-check endpoint: lightweight is-active poll for single service - Docker page: fix function signature (was docker(el), now returns HTML) - DNS zones: fix records response (array not object), fix add-record content field, fix delete-zone accept zone_id - DNS create-zone: allow admin to create zones without account_id - SSL manager: add Generate CSR modal (openssl req), Upload Custom SSL modal, explain both options - nova.css: add input:not([type]), date/search/tel/time types, .form-control to styling selector; fix date picker icon - Updates: fix panel-up check (was fsockopen on HTTPS port, now curl -sk); add set_time_limit(180/300) - apply-os-update: set_time_limit(300) - DB engine manager: fix duplicate INSERT line Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -24,11 +24,10 @@ match ($action) {
|
||||
})(),
|
||||
|
||||
'records' => (function() use ($db, $body) {
|
||||
$zoneId = (int)($_GET['zone_id'] ?? 0);
|
||||
$zoneId = (int)($_GET['zone_id'] ?? $body['zone_id'] ?? 0);
|
||||
if (!$zoneId) Response::error("zone_id required");
|
||||
$records = $db->fetchAll("SELECT * FROM dns_records WHERE zone_id = ? ORDER BY type, name", [$zoneId]);
|
||||
$zone = $db->fetchOne("SELECT * FROM dns_zones WHERE id = ?", [$zoneId]);
|
||||
Response::success(['zone' => $zone, 'records' => $records]);
|
||||
Response::success($records);
|
||||
})(),
|
||||
|
||||
'add-record' => (function() use ($db, $body, $accountId) {
|
||||
@@ -68,10 +67,11 @@ match ($action) {
|
||||
|
||||
'create-zone' => (function() use ($db, $body, $accountId, $user) {
|
||||
Auth::getInstance()->require('admin', 'reseller');
|
||||
$domain = strtolower(trim($body['domain'] ?? ''));
|
||||
$acctId = (int)($body['account_id'] ?? $accountId ?? 0);
|
||||
$domain = strtolower(trim($body['domain'] ?? ''));
|
||||
$acctId = (int)($body['account_id'] ?? $accountId ?? 0);
|
||||
if (!$domain) Response::error("Domain required");
|
||||
if (!$acctId) Response::error("account_id required");
|
||||
// Admins can create zones not tied to any account (acctId = 0)
|
||||
if (!$acctId && $user['role'] !== 'admin') Response::error("account_id required");
|
||||
DNSManager::createZone($acctId, $domain);
|
||||
audit('dns.create-zone', $domain);
|
||||
Response::success(null, "DNS zone created for $domain");
|
||||
@@ -80,6 +80,10 @@ match ($action) {
|
||||
'delete-zone' => (function() use ($db, $body, $user) {
|
||||
Auth::getInstance()->require('admin');
|
||||
$domain = trim($body['domain'] ?? '');
|
||||
if (!$domain && isset($body['zone_id'])) {
|
||||
$row = $db->fetchOne("SELECT domain FROM dns_zones WHERE id = ?", [(int)$body['zone_id']]);
|
||||
$domain = $row['domain'] ?? '';
|
||||
}
|
||||
if (!$domain) Response::error("Domain required");
|
||||
DNSManager::removeZone($domain);
|
||||
audit('dns.delete-zone', $domain);
|
||||
|
||||
@@ -31,6 +31,34 @@ match ($action) {
|
||||
Response::success($result, "SSL certificate issued for $domain");
|
||||
})(),
|
||||
|
||||
'generate-csr' => (function() use ($body, $accountId) {
|
||||
$domain = preg_replace('/[^a-zA-Z0-9\-\.]/', '', trim($body['domain'] ?? ''));
|
||||
$country = preg_replace('/[^A-Z]/', '', strtoupper(substr(trim($body['country'] ?? 'US'), 0, 2)));
|
||||
$state = substr(trim($body['state'] ?? 'State'), 0, 64);
|
||||
$city = substr(trim($body['city'] ?? 'City'), 0, 64);
|
||||
$org = substr(trim($body['org'] ?? 'Organization'), 0, 64);
|
||||
if (!$domain) Response::error("Domain required");
|
||||
|
||||
$keyFile = tempnam('/tmp', 'ncpx_key_');
|
||||
$csrFile = tempnam('/tmp', 'ncpx_csr_');
|
||||
$subj = "/C={$country}/ST={$state}/L={$city}/O={$org}/CN={$domain}";
|
||||
$sanConf = "[req]\ndistinguished_name=req\n[san]\nsubjectAltName=DNS:{$domain},DNS:www.{$domain}";
|
||||
$confFile = tempnam('/tmp', 'ncpx_conf_');
|
||||
file_put_contents($confFile, $sanConf);
|
||||
|
||||
shell_exec("openssl req -newkey rsa:2048 -nodes -keyout " . escapeshellarg($keyFile)
|
||||
. " -out " . escapeshellarg($csrFile)
|
||||
. " -subj " . escapeshellarg($subj)
|
||||
. " -reqexts san -config " . escapeshellarg($confFile) . " 2>/dev/null");
|
||||
|
||||
$csr = file_exists($csrFile) ? trim(file_get_contents($csrFile)) : '';
|
||||
$key = file_exists($keyFile) ? trim(file_get_contents($keyFile)) : '';
|
||||
foreach ([$keyFile, $csrFile, $confFile] as $f) { @unlink($f); }
|
||||
|
||||
if (!$csr || !$key) Response::error("OpenSSL CSR generation failed — is openssl installed?");
|
||||
Response::success(['csr' => $csr, 'private_key' => $key, 'domain' => $domain], 'CSR generated');
|
||||
})(),
|
||||
|
||||
'install-custom' => (function() use ($body, $accountId) {
|
||||
$domain = trim($body['domain'] ?? '');
|
||||
$cert = trim($body['cert'] ?? '');
|
||||
|
||||
@@ -114,6 +114,7 @@ match ($action) {
|
||||
// ── Apply OS update ───────────────────────────────────────────────────────
|
||||
'apply-os-update' => (function() use ($db) {
|
||||
Auth::getInstance()->require('admin');
|
||||
set_time_limit(300);
|
||||
|
||||
$panelPorts = [PORT_USER, PORT_RESELLER, PORT_ADMIN];
|
||||
$webSvc = defined('WEB_SERVER') && WEB_SERVER === 'nginx' ? 'nginx' : 'apache2';
|
||||
@@ -199,6 +200,7 @@ match ($action) {
|
||||
// ── Apply NovaCPX update ─────────────────────────────────────────────────
|
||||
'apply-novacpx-update' => (function() use ($db) {
|
||||
Auth::getInstance()->require('admin');
|
||||
set_time_limit(180);
|
||||
$srcDir = '/opt/novacpx-src';
|
||||
$webRoot = defined('WEB_ROOT') ? WEB_ROOT : '/srv/novacpx/public';
|
||||
$webSvc = defined('WEB_SERVER') && WEB_SERVER === 'nginx' ? 'nginx' : 'apache2';
|
||||
@@ -255,19 +257,22 @@ match ($action) {
|
||||
}
|
||||
|
||||
// Reload PHP-FPM to pick up new code
|
||||
shell_exec("systemctl reload php8.3-fpm 2>/dev/null || true");
|
||||
shell_exec("systemctl reload php8.3-fpm 2>/dev/null || systemctl reload php8.2-fpm 2>/dev/null || true");
|
||||
|
||||
// Verify panel is still up
|
||||
// Verify panel is still up using curl (handles both HTTP and HTTPS)
|
||||
sleep(2);
|
||||
$panelOk = @fsockopen('127.0.0.1', PORT_ADMIN, $e, $es, 3);
|
||||
$port = defined('PORT_ADMIN') ? PORT_ADMIN : 8882;
|
||||
$schemes = ['https','http'];
|
||||
$panelOk = false;
|
||||
foreach ($schemes as $scheme) {
|
||||
$code = trim(shell_exec("curl -sk -o /dev/null -w '%{http_code}' {$scheme}://127.0.0.1:{$port}/api/system/version --max-time 5 2>/dev/null") ?: '');
|
||||
if (in_array($code, ['200','401','302','301'])) { $panelOk = true; break; }
|
||||
}
|
||||
if (!$panelOk) {
|
||||
// Restore backup and reload
|
||||
shell_exec("rsync -a --delete " . escapeshellarg("$backupDir/public/") . " " . escapeshellarg("$webRoot/") . " 2>&1");
|
||||
shell_exec("systemctl reload $webSvc 2>/dev/null");
|
||||
novacpx_log('error', "NovaCPX update failed — panel down after deploy; restored from backup");
|
||||
Response::error('Update deployed but panel went down — auto-restored from backup. Check logs.');
|
||||
} else {
|
||||
fclose($panelOk);
|
||||
}
|
||||
|
||||
audit('system.novacpx-update', "novacpx:$before→$after");
|
||||
@@ -331,6 +336,14 @@ match ($action) {
|
||||
]);
|
||||
})(),
|
||||
|
||||
// ── Single-service status check (lightweight) ─────────────────────────────
|
||||
'svc-check' => (function() {
|
||||
Auth::getInstance()->require('admin');
|
||||
$svc = preg_replace('/[^a-z0-9\-_.]/', '', $_GET['service'] ?? '');
|
||||
$status = $svc ? trim(shell_exec("systemctl is-active " . escapeshellarg($svc) . " 2>/dev/null") ?: 'unknown') : 'unknown';
|
||||
Response::success(['service' => $svc, 'status' => $status]);
|
||||
})(),
|
||||
|
||||
// ── Service control (start/stop/restart) ──────────────────────────────────
|
||||
'service' => (function() use ($body, $db) {
|
||||
Auth::getInstance()->require('admin');
|
||||
|
||||
Reference in New Issue
Block a user