myron/novacpx
1
0
Fork 0
mirror of https://github.com/myronblair/novacpx synced 2026-06-30 17:50:41 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
novacpx/docs/admin-guide.md
T
myron 7367fe658c Update documentation with all current features and services 
- README: full feature matrix (hosting, DNS, email, databases, files, SSL, security, Docker,
  monitoring, update channels/versioning, reseller branding, settings, API)
- Admin guide: update channels section with stable/beta table; Settings section now documents
  all DB-backed fields including update channel
- User guide: email domain dropdown note

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-09 23:10:19 +00:00

230 lines
8.3 KiB
Markdown
Raw Permalink Blame History

# NovaCPX — Administrator Guide
## Accessing the Admin Panel
The admin panel runs on port **8882**. Navigate to `https://<server-ip>:8882` and log in with your admin credentials.
The browser will show a self-signed certificate warning on a fresh install. Accept it, or replace the certificate at `/etc/novacpx/ssl/` with a trusted cert and restart Apache.
## Dashboard
The dashboard shows real-time server stats (CPU, RAM, disk, uptime), running services with restart/stop controls, and NovaCPX version information.
Click **Check for Updates** to see if a newer version is available.
## Accounts
**Accounts → All Accounts** lists every hosting account on the server. From this page you can:
- **Search** by domain or username
- **Suspend / Unsuspend** an account (suspending disables the web vhost and sends an email notification to the account holder)
- **Change Password** for any account
- **Terminate** an account permanently (deletes files, databases, DNS zone, email accounts — irreversible)
### Creating an account
**Accounts → Create Account**
| Field | Notes |
|-------|-------|
| Username | Lowercase, alphanumeric. Creates a Linux system user. |
| Domain | Primary domain for the account. A DNS zone and vhost are created automatically. |
| Email | Account holder's email. Receives the welcome notification. |
| Password | Min 8 characters. Also set as the Linux system password. |
| Package | Disk/resource limits applied to the account. |
| PHP version | Per-account PHP-FPM pool version. |
| Reseller | (Optional) Assign account to a reseller. |
After creation, the welcome email (if notifications are enabled) is sent to the account holder with login credentials.
## Resellers
**Accounts → Resellers** manages reseller sub-admin accounts. Resellers can create and manage their own customer accounts, set per-customer Docker quotas, and apply white-label branding.
To create a reseller, go to **Accounts → Create Account** and select the **Reseller** role.
## Packages
Define hosting plans. Each package sets limits on:
- Disk (MB)
- Email accounts
- MySQL databases
- FTP accounts
- Domains
- Subdomains
Accounts without a package have no enforced limits.
## DNS
### DNS Zones
Lists all DNS zones on the server. You can add, edit, and delete DNS records directly. Zones are managed by BIND9 and reloaded via `rndc`.
Supported record types: A, AAAA, CNAME, MX, TXT, NS, SRV, CAA.
### Nameservers
Set the global NS1/NS2 hostnames used when creating new zones. After saving, click **Check All** to verify the nameservers are resolving correctly.
## Services
### Web Server
Shows Apache or Nginx configuration. Switch between web servers. The switch script runs in the background — check the page again after ~30 seconds to confirm.
### PHP Manager
Install or remove PHP versions (7.4, 8.1, 8.2, 8.3). Each version gets its own PHP-FPM pool. Accounts can be assigned any installed version.
### MySQL Manager
Shows MySQL status and running databases. Provides a link to phpMyAdmin if installed.
### Mail Server
Shows Postfix/Dovecot status. Switch mail server stack (postfix-dovecot or postfix-dovecot-rspamd).
### FTP Server
Shows FTP daemon status. Switch between ProFTPD, vsftpd, and PureFTPD.
### Nginx Proxy Manager
Reverse proxy management for additional services. The Nginx Proxy Manager runs as a Docker container. Use **Setup** to configure it.
### WordPress Manager
One-click WordPress installs via WP-CLI. Actions: install, update, toggle maintenance mode, clone to staging.
### Docker
Full Docker Engine management:
- **Containers** — run, stop, start, restart, remove, view logs
- **Images** — pull, list, remove
- **Volumes** and **Networks** — list, remove
- **Compose Stacks** — create from YAML, bring up/down, view logs
## Security
### SSL Manager
View SSL certificates for all accounts. Certificates issued via Certbot (Let's Encrypt). The domain must resolve publicly for issuance to succeed.
### Firewall / Fail2Ban
Manage UFW rules (allow/deny by port, protocol, and IP). View and unban Fail2Ban jail entries. NovaCPX jails monitor:
- SSH brute-force (`sshd`)
- Panel login failures (`novacpx-auth`)
- API abuse (`novacpx-api`)
- PHP error flooding (`novacpx-php`)
- Postfix SMTP auth (`postfix-auth`)
### Audit Log
Full log of all admin, reseller, and user actions. Filter by username, action type, and date range. Click any row to expand the raw JSON detail payload.
### 2FA Manager
Manage TOTP two-factor authentication. Admins can view which accounts have 2FA enabled and reset (revoke) 2FA for a user if they lose their authenticator.
### Sessions
View all active login sessions. Revoke individual sessions or all sessions for a specific user. Useful for forcing a logout after a password reset.
## System
### Updates
Check for NovaCPX and OS updates. Results are cached for 12 hours so the page loads instantly; click **↻ Refresh now** to force a live check.
**Update channels** (set in Settings):
| Channel | GitHub branch | Versioning |
|---------|--------------|------------|
| Stable | `main` | Major/minor releases (e.g. 1.1.0) |
| Beta | `beta` | Patch and pre-release (e.g. 1.1.1-beta.3) |
The Updates page shows your installed version, the latest available version for your channel, and pending commits. Click **Update NovaCPX** to pull and deploy. PHP syntax is validated before deploy; if the panel goes down after update it auto-restores from a backup.
**OS Upgrade** streams `apt-get upgrade` output in real time. A backup of the web root is made before upgrading.
### Backups
Schedule and manage per-account backups:
- **Backup now** — immediate backup of files + databases
- **Download** — download a backup archive
- **Restore** — restore files and databases from a backup
- **Schedule** — set automatic backup frequency per account
- Optional rclone/S3 remote destination
### Cloudflare
Per-account Cloudflare API key management. Pull/push DNS zone records, toggle the CDN proxy per record.
### Server Options
Configure which services NovaCPX manages:
| Setting | Options |
|---------|---------|
| Web server | apache, nginx, openlitespeed, caddy |
| Mail server | postfix-dovecot, postfix-dovecot-rspamd |
| FTP server | proftpd, vsftpd, pureftpd |
| DNS server | bind9, powerdns, nsd, none |
| WHMCS | Enable and configure the billing bridge API key |
### Notifications
Configure email alerts sent via CyberMail:
| Field | Notes |
|-------|-------|
| CyberMail API Key | From platform.cyberpersons.com |
| From Email | Sender address (must be a verified sender domain) |
| From Name | Display name shown in email clients |
| Admin Alert Email | Receives admin copies of all notifications |
| Notifications | Enable or disable all outbound notifications |
Click **Send Test Email** to verify the configuration.
Notification triggers:
- Account created → welcome email to new user + admin alert
- Account suspended → notification to account holder + admin alert
- Disk quota ≥ 85% → daily warning (cron, 06:00)
- SSL certificate expiring ≤ 14 days → expiry notice (cron, 06:00)
### Settings
Panel-wide settings. All values are loaded from the database when the page opens and saved individually.
| Setting | Description |
|---------|-------------|
| Panel Name | Name shown in the browser title and sidebar |
| Default PHP Version | PHP version applied to new accounts (7.4, 8.1, 8.2, 8.3) |
| Primary Nameserver | NS1 hostname shown to users when setting up DNS |
| Secondary Nameserver | NS2 hostname |
| Update Channel | **Stable** (main branch) or **Beta** (beta branch) — controls which GitHub branch the Updates page checks and deploys from |
## WHMCS Billing Bridge
NovaCPX exposes a WHMCS-compatible server module API at `/api/whmcs/<action>`. Enable it in **Server Options** and set the API key. The WHMCS module calls these endpoints to provision, suspend, and terminate accounts automatically.
Supported actions: `create`, `suspend`, `unsuspend`, `terminate`, `changepackage`, `info`.
Authenticate with the `X-WHMCS-Key: <api_key>` header.
## Log files
| File | Contents |
|------|----------|
| `/var/log/novacpx/deploy.log` | Auto-deploy activity |
| `/var/log/novacpx/stats-collector.log` | Server stats cron output |
| `/var/log/novacpx/notify-checks.log` | Disk/SSL notification cron output |
| `/var/log/novacpx/switch-*.log` | Service switch script output |
Reference in New Issue View Git Blame Copy Permalink