mirror of
https://github.com/myronblair/novacpx
synced 2026-06-30 17:50:41 -05:00
feat: server monitoring charts, package limits, WHMCS bridge, server options (#19-22)
#19 Server monitoring charts: - server_stats table (migration 007) + collect-stats.php cron script - serverStatus() page rebuilt with Chart.js line charts (CPU/RAM/disk) - Chart.js lazy-loaded from CDN; history shown for last 24h #20 Cron job manager: already complete in prior session #21 Package limits enforcement: - email.php: checks max_email before creating email account - databases.php: checks max_databases before creating database - ftp.php: checks max_ftp before creating FTP account - stats.php: fixed column names (max_email/max_ftp/max_databases vs old aliases) #22b WHMCS billing bridge: - whmcs.php endpoint: create/suspend/unsuspend/terminate/changepackage/info - Auth via X-WHMCS-Key header; enabled/key stored in settings table #22a/c/d/e Server options admin page: - Web/mail/FTP/DNS server selection with settings persistence - Server switch triggers /opt/novacpx/bin/switch-*.sh scripts (if present) - NS health checker: live dig lookup of all zones vs configured NS1/NS2 - system.php: server-options + save-option actions - dns.php: ns-health action Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -19,6 +19,12 @@ match ($action) {
|
||||
|
||||
'create' => (function() use ($db, $body, $accountId) {
|
||||
if (!$accountId) Response::error("account_id required");
|
||||
// Package limit check
|
||||
$acctPkg = $db->fetchOne("SELECT p.max_databases FROM accounts a LEFT JOIN packages p ON p.id=a.package_id WHERE a.id=?", [$accountId]);
|
||||
if ($acctPkg && $acctPkg['max_databases'] > 0) {
|
||||
$count = (int)$db->fetchOne("SELECT COUNT(*) c FROM databases WHERE account_id=?", [$accountId])['c'];
|
||||
if ($count >= (int)$acctPkg['max_databases']) Response::error("Database limit ({$acctPkg['max_databases']}) reached for this package", 403);
|
||||
}
|
||||
$type = $body['type'] ?? 'mysql';
|
||||
$dbName = trim($body['db_name'] ?? '');
|
||||
$dbUser = trim($body['db_user'] ?? $dbName . '_user');
|
||||
|
||||
@@ -97,5 +97,29 @@ match ($action) {
|
||||
Response::success(['domain' => $domain, 'results' => $results]);
|
||||
})(),
|
||||
|
||||
// ── NS Health Checker (#22e) ─────────────────────────────────────────────
|
||||
'ns-health' => (function() use ($db) {
|
||||
Auth::getInstance()->require('admin');
|
||||
$ns1 = $db->fetchOne("SELECT value FROM settings WHERE `key`='ns1_hostname'")['value'] ?? '';
|
||||
$ns2 = $db->fetchOne("SELECT value FROM settings WHERE `key`='ns2_hostname'")['value'] ?? '';
|
||||
$zones = $db->fetchAll("SELECT domain FROM dns_zones ORDER BY domain LIMIT 200");
|
||||
$results = [];
|
||||
foreach ($zones as $z) {
|
||||
$domain = $z['domain'];
|
||||
$raw = shell_exec("dig +short NS " . escapeshellarg($domain) . " 2>/dev/null") ?? '';
|
||||
$nsRecords = array_filter(array_map('trim', explode("\n", $raw)));
|
||||
$foundNs1 = $ns1 ? in_array(rtrim($ns1,'.').'.', array_map(fn($n)=>rtrim($n,'.').'.', $nsRecords)) : null;
|
||||
$foundNs2 = $ns2 ? in_array(rtrim($ns2,'.').'.', array_map(fn($n)=>rtrim($n,'.').'.', $nsRecords)) : null;
|
||||
$results[] = [
|
||||
'domain' => $domain,
|
||||
'ns1' => $nsRecords[0] ?? null,
|
||||
'ns2' => $nsRecords[1] ?? null,
|
||||
'ok' => ($ns1 ? $foundNs1 : true) && ($ns2 ? $foundNs2 : true),
|
||||
'ns_raw' => $nsRecords,
|
||||
];
|
||||
}
|
||||
Response::success(['results' => $results, 'expected_ns1' => $ns1, 'expected_ns2' => $ns2]);
|
||||
})(),
|
||||
|
||||
default => Response::error("Unknown dns action: $action", 404),
|
||||
};
|
||||
|
||||
@@ -30,6 +30,12 @@ match ($action) {
|
||||
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) Response::error("Invalid email address");
|
||||
if (strlen($password) < 6) Response::error("Password must be at least 6 characters");
|
||||
if (!$accountId) Response::error("account_id required");
|
||||
// Package limit check
|
||||
$acctPkg = $db->fetchOne("SELECT p.max_email FROM accounts a LEFT JOIN packages p ON p.id=a.package_id WHERE a.id=?", [$accountId]);
|
||||
if ($acctPkg && $acctPkg['max_email'] > 0) {
|
||||
$count = (int)$db->fetchOne("SELECT COUNT(*) c FROM email_accounts WHERE account_id=?", [$accountId])['c'];
|
||||
if ($count >= (int)$acctPkg['max_email']) Response::error("Email account limit ({$acctPkg['max_email']}) reached for this package", 403);
|
||||
}
|
||||
$id = EmailManager::createAccount($accountId, $email, $password, $quota);
|
||||
audit('email.create', $email);
|
||||
Response::success(['id' => $id], "Email account created: $email");
|
||||
|
||||
@@ -15,6 +15,12 @@ match ($action) {
|
||||
|
||||
'create' => (function() use ($db, $body, $accountId) {
|
||||
if (!$accountId) Response::error("account_id required");
|
||||
// Package limit check
|
||||
$acctPkg = $db->fetchOne("SELECT p.max_ftp FROM accounts a LEFT JOIN packages p ON p.id=a.package_id WHERE a.id=?", [$accountId]);
|
||||
if ($acctPkg && $acctPkg['max_ftp'] > 0) {
|
||||
$count = (int)$db->fetchOne("SELECT COUNT(*) c FROM ftp_accounts WHERE account_id=?", [$accountId])['c'];
|
||||
if ($count >= (int)$acctPkg['max_ftp']) Response::error("FTP account limit ({$acctPkg['max_ftp']}) reached for this package", 403);
|
||||
}
|
||||
$username = trim($body['username'] ?? '');
|
||||
$password = $body['password'] ?? bin2hex(random_bytes(6));
|
||||
$acct = $db->fetchOne("SELECT home_dir FROM accounts WHERE id = ?", [$accountId]);
|
||||
|
||||
@@ -76,17 +76,17 @@ match ($action) {
|
||||
$pkg = $db->fetchOne("SELECT * FROM packages WHERE id = ?", [$acct['package_id'] ?? 0]);
|
||||
|
||||
Response::success([
|
||||
'disk_mb' => $diskMB,
|
||||
'disk_limit' => $pkg['disk_mb'] ?? 0,
|
||||
'inodes' => $inodes,
|
||||
'databases' => $dbCount,
|
||||
'db_limit' => $pkg['databases'] ?? 0,
|
||||
'emails' => $emailCount,
|
||||
'email_limit' => $pkg['email_accounts'] ?? 0,
|
||||
'ftp' => $ftpCount,
|
||||
'ftp_limit' => $pkg['ftp_accounts'] ?? 0,
|
||||
'domains' => $domCount,
|
||||
'subdomain_limit' => $pkg['subdomains'] ?? 0,
|
||||
'disk_mb' => $diskMB,
|
||||
'disk_limit' => $pkg['disk_mb'] ?? 0,
|
||||
'inodes' => $inodes,
|
||||
'databases' => $dbCount,
|
||||
'db_limit' => $pkg['max_databases'] ?? 0,
|
||||
'emails' => $emailCount,
|
||||
'email_limit' => $pkg['max_email'] ?? 0,
|
||||
'ftp' => $ftpCount,
|
||||
'ftp_limit' => $pkg['max_ftp'] ?? 0,
|
||||
'domains' => $domCount,
|
||||
'subdomain_limit' => $pkg['max_subdomains'] ?? 0,
|
||||
]);
|
||||
})(),
|
||||
|
||||
|
||||
@@ -349,5 +349,43 @@ match ($action) {
|
||||
Response::paginate($rows, (int)$total, $page, $perPage);
|
||||
})(),
|
||||
|
||||
// ── Server Options (#22a-e) ───────────────────────────────────────────────
|
||||
'server-options' => (function() use ($db) {
|
||||
Auth::getInstance()->require('admin');
|
||||
$keys = ['web_server','mail_server','ftp_server','dns_server','whmcs_api_key','whmcs_enabled','ns1_hostname','ns2_hostname'];
|
||||
$opts = [];
|
||||
foreach ($db->fetchAll("SELECT `key`,`value` FROM settings WHERE `key` IN ('" . implode("','", $keys) . "')") as $r) {
|
||||
$opts[$r['key']] = $r['value'];
|
||||
}
|
||||
// Detect actually-running services
|
||||
$opts['apache_active'] = !empty(trim(shell_exec('systemctl is-active apache2 2>/dev/null') ?: '')) && trim(shell_exec('systemctl is-active apache2 2>/dev/null')) === 'active';
|
||||
$opts['nginx_active'] = trim(shell_exec('systemctl is-active nginx 2>/dev/null') ?: '') === 'active';
|
||||
$opts['proftpd_active'] = trim(shell_exec('systemctl is-active proftpd 2>/dev/null') ?: '') === 'active';
|
||||
$opts['vsftpd_active'] = trim(shell_exec('systemctl is-active vsftpd 2>/dev/null') ?: '') === 'active';
|
||||
$opts['pureftpd_active'] = trim(shell_exec('systemctl is-active pure-ftpd 2>/dev/null') ?: '') === 'active';
|
||||
$opts['bind9_active'] = trim(shell_exec('systemctl is-active named 2>/dev/null || systemctl is-active bind9 2>/dev/null') ?: '') === 'active';
|
||||
$opts['powerdns_active'] = trim(shell_exec('systemctl is-active pdns 2>/dev/null') ?: '') === 'active';
|
||||
Response::success($opts);
|
||||
})(),
|
||||
|
||||
'save-option' => (function() use ($db, $body) {
|
||||
Auth::getInstance()->require('admin');
|
||||
$key = $body['key'] ?? '';
|
||||
$value = $body['value'] ?? '';
|
||||
$allowed = ['web_server','mail_server','ftp_server','dns_server','whmcs_api_key','whmcs_enabled','ns1_hostname','ns2_hostname'];
|
||||
if (!in_array($key, $allowed)) Response::error("Invalid setting key: $key");
|
||||
$db->execute("INSERT INTO settings (`key`,`value`) VALUES (?,?) ON DUPLICATE KEY UPDATE `value`=VALUES(`value`)", [$key, $value]);
|
||||
|
||||
// For server switches, run install/reload scripts
|
||||
if (in_array($key, ['web_server','ftp_server','dns_server','mail_server'])) {
|
||||
$script = "/opt/novacpx/bin/switch-{$key}.sh";
|
||||
if (is_executable($script)) {
|
||||
shell_exec("sudo {$script} " . escapeshellarg($value) . " > /var/log/novacpx/switch-{$key}.log 2>&1 &");
|
||||
}
|
||||
}
|
||||
audit("settings.{$key}", $value);
|
||||
Response::success(null, "Setting saved: {$key} = {$value}");
|
||||
})(),
|
||||
|
||||
default => Response::error("Unknown system action: $action", 404),
|
||||
};
|
||||
|
||||
@@ -0,0 +1,125 @@
|
||||
<?php
|
||||
/**
|
||||
* WHMCS provisioning bridge (#22b)
|
||||
* Auth: X-WHMCS-Key header or whmcs_key GET param
|
||||
* Actions: create, suspend, unsuspend, terminate, info
|
||||
*/
|
||||
require_once NOVACPX_LIB . '/AccountManager.php';
|
||||
|
||||
$db = DB::getInstance();
|
||||
|
||||
// WHMCS API key auth (bypasses session auth)
|
||||
$storedKey = $db->fetchOne("SELECT value FROM settings WHERE `key`='whmcs_api_key'")['value'] ?? '';
|
||||
$enabled = (bool)($db->fetchOne("SELECT value FROM settings WHERE `key`='whmcs_enabled'")['value'] ?? '0');
|
||||
|
||||
if (!$enabled || !$storedKey) Response::error('WHMCS integration is disabled', 403);
|
||||
|
||||
$receivedKey = $_SERVER['HTTP_X_WHMCS_KEY'] ?? $_GET['whmcs_key'] ?? '';
|
||||
if (!hash_equals($storedKey, $receivedKey)) Response::error('Invalid API key', 401);
|
||||
|
||||
$body = json_decode(file_get_contents('php://input'), true) ?? [];
|
||||
|
||||
match ($action) {
|
||||
|
||||
'create' => (function() use ($db, $body) {
|
||||
$username = strtolower(preg_replace('/[^a-z0-9_]/', '', $body['username'] ?? ''));
|
||||
$domain = strtolower(trim($body['domain'] ?? ''));
|
||||
$email = trim($body['email'] ?? '');
|
||||
$pkgName = trim($body['package'] ?? 'Default');
|
||||
$password = $body['password'] ?? bin2hex(random_bytes(8));
|
||||
|
||||
if (!$username || !$domain) Response::error('username and domain required');
|
||||
|
||||
// Find or use default package
|
||||
$pkg = $db->fetchOne("SELECT id FROM packages WHERE name = ? LIMIT 1", [$pkgName])
|
||||
?? $db->fetchOne("SELECT id FROM packages WHERE is_default = 1 LIMIT 1")
|
||||
?? $db->fetchOne("SELECT id FROM packages LIMIT 1");
|
||||
if (!$pkg) Response::error('No packages configured');
|
||||
|
||||
// Create panel user
|
||||
$existing = $db->fetchOne("SELECT id FROM users WHERE email = ?", [$email]);
|
||||
if ($existing) {
|
||||
$userId = (int)$existing['id'];
|
||||
} else {
|
||||
$db->execute(
|
||||
"INSERT INTO users (username, email, password, role) VALUES (?,?,?,'user')",
|
||||
[$username, $email ?: "{$username}@{$domain}", password_hash($password, PASSWORD_BCRYPT)]
|
||||
);
|
||||
$userId = (int)$db->fetchOne("SELECT LAST_INSERT_ID() as id")['id'];
|
||||
}
|
||||
|
||||
$result = AccountManager::create([
|
||||
'username' => $username,
|
||||
'domain' => $domain,
|
||||
'user_id' => $userId,
|
||||
'package_id' => $pkg['id'],
|
||||
'password' => $password,
|
||||
]);
|
||||
|
||||
audit('whmcs.create', "account:{$username}");
|
||||
Response::success([
|
||||
'account_id' => $result['account_id'] ?? null,
|
||||
'username' => $username,
|
||||
'domain' => $domain,
|
||||
'password' => $password,
|
||||
], 'Account created');
|
||||
})(),
|
||||
|
||||
'suspend' => (function() use ($db, $body) {
|
||||
$username = $body['username'] ?? '';
|
||||
$reason = $body['reason'] ?? 'WHMCS suspend';
|
||||
$acct = $db->fetchOne("SELECT id FROM accounts WHERE username = ?", [$username]);
|
||||
if (!$acct) Response::error("Account not found: $username", 404);
|
||||
AccountManager::suspend((int)$acct['id'], $reason);
|
||||
audit('whmcs.suspend', "account:{$username}");
|
||||
Response::success(null, 'Account suspended');
|
||||
})(),
|
||||
|
||||
'unsuspend' => (function() use ($db, $body) {
|
||||
$username = $body['username'] ?? '';
|
||||
$acct = $db->fetchOne("SELECT id FROM accounts WHERE username = ?", [$username]);
|
||||
if (!$acct) Response::error("Account not found: $username", 404);
|
||||
AccountManager::unsuspend((int)$acct['id']);
|
||||
audit('whmcs.unsuspend', "account:{$username}");
|
||||
Response::success(null, 'Account unsuspended');
|
||||
})(),
|
||||
|
||||
'terminate' => (function() use ($db, $body) {
|
||||
$username = $body['username'] ?? '';
|
||||
$acct = $db->fetchOne("SELECT id FROM accounts WHERE username = ?", [$username]);
|
||||
if (!$acct) Response::error("Account not found: $username", 404);
|
||||
AccountManager::terminate((int)$acct['id']);
|
||||
audit('whmcs.terminate', "account:{$username}");
|
||||
Response::success(null, 'Account terminated');
|
||||
})(),
|
||||
|
||||
'changepackage' => (function() use ($db, $body) {
|
||||
$username = $body['username'] ?? '';
|
||||
$pkgName = $body['package'] ?? '';
|
||||
$acct = $db->fetchOne("SELECT id FROM accounts WHERE username = ?", [$username]);
|
||||
if (!$acct) Response::error("Account not found: $username", 404);
|
||||
$pkg = $db->fetchOne("SELECT id FROM packages WHERE name = ?", [$pkgName]);
|
||||
if (!$pkg) Response::error("Package not found: $pkgName", 404);
|
||||
$db->execute("UPDATE accounts SET package_id = ? WHERE id = ?", [(int)$pkg['id'], (int)$acct['id']]);
|
||||
audit('whmcs.changepackage', "account:{$username} pkg:{$pkgName}");
|
||||
Response::success(null, 'Package changed');
|
||||
})(),
|
||||
|
||||
'info' => (function() use ($db, $body) {
|
||||
$username = $body['username'] ?? $_GET['username'] ?? '';
|
||||
$acct = $db->fetchOne(
|
||||
"SELECT a.*, p.name as package_name FROM accounts a LEFT JOIN packages p ON p.id=a.package_id WHERE a.username = ?",
|
||||
[$username]
|
||||
);
|
||||
if (!$acct) Response::error("Account not found: $username", 404);
|
||||
Response::success([
|
||||
'username' => $acct['username'],
|
||||
'domain' => $acct['domain'] ?? '',
|
||||
'status' => $acct['status'],
|
||||
'package' => $acct['package_name'] ?? '',
|
||||
'created' => $acct['created_at'] ?? '',
|
||||
]);
|
||||
})(),
|
||||
|
||||
default => Response::error("Unknown whmcs action: $action", 404),
|
||||
};
|
||||
Reference in New Issue
Block a user