Merge pull request #1473 from hestiacp/staging/release/v1.3.2

Release Hestia v1.3.2

CHANGELOG.md

@@ -1,6 +1,17 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## [1.3.2] - Service Release
+### Features
+- Added PHP v8.0 support for multiphp environment.
+
+### Bugfixes
+- Improved session token handling in login as function, thanks to Vulnerability Laboratory - [Evolution Security GmbH]™.
+- Fixed an where fpm pool config was not deleted when changing backend template.
+- Improved bats testing with multiphp (5.6-8.0) tests.
+- Fixed an issue where full webmail path was loaded as default value.
+
+
 ## [1.3.1] - Service Release
 ### Features
 - No new features have been introduced in this release.

README.md

@@ -2,7 +2,7 @@
 
 [Hestia Control Panel](https://www.hestiacp.com/)
 ==================================================
-**Latest stable release:** Version 1.3.0 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md)<br>
+**Latest stable release:** Version 1.3.1 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md)<br>
 
 **Web:** [www.hestiacp.com](https://www.hestiacp.com/)<br>
 **Documentation:** [docs.hestiacp.com](https://docs.hestiacp.com/)<br>
@@ -19,17 +19,18 @@ Hestia Control Panel is designed to provide administrators an easy to use web an
 Features and Services
 ----------------------------
 * Apache2 and NGINX with PHP-FPM
-* Multiple PHP versions (5.6 - 7.4, 7.3 as default for optimal compatibility)
+* Multiple PHP versions (5.6 - 7.4, 7.4 as default)
 * DNS Server (Bind) with clustering capabilities
 * POP/IMAP/SMTP mail services with Anti-Virus, Anti-Spam, and Webmail (ClamAV, SpamAssassin, and Roundcube)
 * MariaDB or PostgreSQL databases
 * Let's Encrypt SSL support with wildcard certificates
 * Firewall with brute-force attack detection and IP lists (iptables, fail2ban, and ipset).
 
-Supported operating systems
+Supported platforms and operating systems
 ----------------------------
-* Debian 10, 9
-* Ubuntu 20.04 LTS, 18.04 LTS, or 16.04 LTS
+* **CPU Architecture:** AMD64 (x86_64 Intel/AMD)
+* **Debian:** 10, 9
+* **Ubuntu:** 20.04 LTS, 18.04 LTS, or 16.04 LTS
 * **NOTE:** Hestia Control Panel must be installed on top of a fresh operating system installation to ensure proper functionality.
 
 Installing Hestia Control Panel
@@ -65,6 +66,14 @@ bash hst-install.sh -h
 ```
 Alternatively, @gabizz has made available a command-line script generator at https://gabizz.github.io/hestiacp-scriptline-generator/ which allows you to easily generate the installation command via GUI.
 
+How to upgrade an existing installation
+============================
+Automatic Updates are enabled by default on new installations of Hestia Control Panel and can be managed from **Server Settings > Updates**. To manually check for and install available updates, use the apt package manager:
+```bash
+apt-get update
+apt-get upgrade
+```
+
 Issues
 =============================
 If you've run into a problem, [file a new issue report via GitHub](https://github.com/hestiacp/hestiacp/issues) so that we may investigate further.

bin/v-add-letsencrypt-domain

@@ -55,7 +55,8 @@ query_le_v2() {
     # Save http response to file passed as "$4" arg or print to stdout if not provided
     # http response headers are always sent to stdout
     local save_to_file=${4:-"/dev/stdout"}
-    curl --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
+    curl --location --insecure --retry 5 --retry-connrefused --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
+    debug_log "API call" "exit status: $?"
 }
 
 
@@ -100,10 +101,18 @@ fi
 
 
 
+# Dump debug info
+debug_log() {
+    echo -e "\n==[${1}]==\n${2}\n" >> "$log_file"
+}
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 
+
+
+
 # Generate correct variables for mail domain SSL certificates
 if [ ! -z "$mail" ]; then
     root_domain=$domain
@@ -111,6 +120,17 @@ if [ ! -z "$mail" ]; then
     aliases="$WEBMAIL_ALIAS.$root_domain"
 fi
 
+log_file="/var/log/hestia/LE-${user}-${domain}-$(date +%Y%m%d-%H%M%S).log"
+touch "$log_file"
+chmod 600 "$log_file"
+
+echo -e "\n\n=============================
+WEB_SYSTEM: ${WEB_SYSTEM}
+PROXY_SYSTEM: ${PROXY_SYSTEM}
+user: ${user}
+domain: ${domain}
+" >> "$log_file"
+
 # Registering LetsEncrypt user account
 $BIN/v-add-letsencrypt-user $user
 if [ "$?" -ne 0  ]; then
@@ -134,6 +154,12 @@ else
     proto="http-01"
 fi
 
+echo -e "
+- aliases: ${aliases}
+- proto: ${proto}
+- wildcard: ${wildcard}
+" >> "$log_file"
+
 # Check if dns records exist for requested domain/aliases
 if [ "$proto" = "http-01" ]; then
     for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
@@ -164,6 +190,9 @@ fi
 answer=$(curl -s -I "$LE_API/directory")
 nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
 status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
+
+debug_log "Step 1" "- status: ${status}\n- nonce: ${nonce}\n- answer: ${answer}"
+
 if [[ "$status" -ne 200 ]]; then
     # Delete DNS CAA record
     if [ ! -z "$DNS_SYSTEM" ]; then
@@ -192,6 +221,9 @@ nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
 authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
 finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
 status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
+
+debug_log "Step 2" "- status: ${status}\n- nonce: ${nonce}\n- authz: ${authz}\n- finalize: ${finalize}\n- payload: ${payload}\n- answer: ${answer}"
+
 if [[ "$status" -ne 201 ]]; then
     # Delete DNS CAA record
     if [ ! -z "$DNS_SYSTEM" ]; then
@@ -212,6 +244,9 @@ for auth in $authz; do
     token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \")
     nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
     status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
+
+    debug_log "Step 3" "- status: ${status}\n- nonce: ${nonce}\n- url: ${url}\n- token: ${token}\n- answer: ${answer}"
+
     if [[ "$status" -ne 200 ]]; then
         # Delete DNS CAA record
         if [ ! -z "$DNS_SYSTEM" ]; then
@@ -303,6 +338,9 @@ for auth in $authz; do
         nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
         status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
         details=$(echo "$answer"| grep detail | cut -f 1 -d ',' | cut -f 2-4 -d ':' | cut -f 2 -d '"')
+
+        debug_log "Step 5" "- status: ${status}\n- nonce: ${nonce}\n- validation: ${validation}\n- details: ${details}\n- answer: ${answer}"
+
         if [[ "$status" -ne 200 ]]; then
             # Delete DNS CAA record
             if [ ! -z "$DNS_SYSTEM" ]; then
@@ -315,6 +353,7 @@ for auth in $authz; do
                     fi
                 fi
             fi
+            debug_log "Abort Step 5" "=> Wrong status"
             check_result $E_CONNECT "Let's Encrypt validation status $status. Details: $details"
         fi
 
@@ -331,6 +370,7 @@ for auth in $authz; do
                     fi
                 fi
             fi
+            debug_log "Abort Step 5" "=> Too many validation retries"
             check_result $E_CONNECT "Let's Encrypt domain validation timeout"
         fi
         sleep $((i*2))
@@ -362,14 +402,44 @@ answer=$(query_le_v2 "$finalize" "$payload" "$nonce")
 nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
 status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
 certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"')
+
+debug_log "Step 6" "- status: ${status}\n- nonce: ${nonce}\n- payload: ${payload}\n- certificate: ${certificate}\n- answer: ${answer}"
+
 if [[ "$status" -ne 200 ]]; then
     [ -d "$ssl_dir" ] && rm -rf "$ssl_dir"
     check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
 fi
 
 # Downloading signed certificate / STEP 7
-answer=$(query_le_v2 "$certificate" "" "$nonce" "$ssl_dir/$domain.pem")
-status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
+status=0
+retry=0
+
+while [[ $status != 200 && $retry -lt 3 ]]; do
+
+    answer=$(query_le_v2 "$certificate" "" "$nonce" "$ssl_dir/$domain.pem")
+    status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
+
+    debug_log "Step 7" "- status: ${status}\n- retry: ${retry}\n- answer: ${answer}"
+
+    if [[ $status != 200 ]]; then
+        retry=$((retry + 1))
+        sleep $((retry * 2))    # Sleep for 2s, 4s, 6s, 8s
+    fi
+
+done
+
+# Fallback on depreciated download method for certs (unauthenticated GET)
+if [[ $status != 200 ]]; then
+    answer=$(curl  --insecure --retry 5 --retry-connrefused --silent --dump-header /dev/stdout "$certificate" --output "$ssl_dir/$domain.pem")
+    status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
+
+    debug_log "Step 7 - Fallback" "- status: ${status}\n- answer: ${answer}"
+fi
+
+debug_log "CERT DIR" "$(ls -las "$ssl_dir/")"
+debug_log "CERT PEM" "$(cat "$ssl_dir/$domain.pem")"
+
+
 if [[ "$status" -ne 200 ]]; then
     [ -d "$ssl_dir" ] && rm -rf "$ssl_dir"
     check_result $E_NOTEXIST "Let's Encrypt downloading signed cert failed status:$status"
@@ -384,10 +454,13 @@ ca_end=$(grep -n  "BEGIN" $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
 ca_end=$(( pem_lines - crt_end + 1 ))
 tail -n $ca_end $ssl_dir/$domain.pem > $ssl_dir/$domain.ca
 
+debug_log "CERT CRT" "$(cat "$ssl_dir/$domain.crt")"
+debug_log "CERT CA-1" "$(cat "$ssl_dir/$domain.ca")"
 # Temporary fix for double "END CERTIFICATE"
 if [[ $(head -n 1 $ssl_dir/$domain.ca) = "-----END CERTIFICATE-----" ]]; then
     sed -i '1,2d' $ssl_dir/$domain.ca
 fi
+debug_log "CERT CA-2" "$(cat "$ssl_dir/$domain.ca")"
 
 # Rename certs for mail
 if [ ! -z "$mail" ]; then
@@ -467,4 +540,7 @@ send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully"
 # Logging
 log_event "$OK" "$ARGUMENTS"
 
+# Cleanup debug since the SSL was issues succesfully
+rm -f "$log_file"
+
 exit

bin/v-add-web-php

@@ -3,7 +3,7 @@
 # options: VERSION
 # labels: hestia
 #
-# example: v-add-web-php 7.4
+# example: v-add-web-php 8.0
 #
 # The function checks and delete a fpm php version if not used by any domain.
 
@@ -32,7 +32,7 @@ php_fpm="/etc/init.d/php$version-fpm"
 # Verify php version format
 if [[ ! $version =~ ^[0-9]\.[0-9]+ ]]; then
     echo "The specified PHP version format is invalid, it should look like [0-9].[0-9]."
-    echo "Example:  7.0, 7.4"
+    echo "Example:  7.0, 7.4, 8.0"
     exit
 fi
 
@@ -67,6 +67,11 @@ if [[ `echo "$version 7.2" | awk '{print ($1 < $2)}'` == 1 ]]; then
     mph="$mph php$version-mcrypt"
 fi
 
+# Check if version is 8.0 or higher and drop php json.
+if [[ ${version:0:1} == "8" ]]; then
+    mph=$(echo "$mph" | sed -e "s/php$version-json//")
+fi
+
 if ! echo "$DB_SYSTEM" | grep -w 'mysql' >/dev/null; then
     mph=$(echo "$mph" | sed -e "s/php$version-mysql//")
 fi

bin/v-change-web-domain-backend-tpl

@@ -52,12 +52,12 @@ check_hestia_demo_mode
 #                       Action                             #
 #----------------------------------------------------------#
 
-# Deleting current backend
-delete_web_backend
-
 # Prepare new backend configuration
 prepare_web_backend
 
+# Deleting current backend
+delete_web_backend
+
 # Allocating backend port
 backend_port=9000
 ports=$(grep -v '^;' $pool/* 2>/dev/null |grep listen |grep -o :[0-9].*)

install/deb/multiphp/apache2/PHP-56.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ ! -f "$pool_file_56" ]; then
     echo "$pool_conf" > $pool_file_56
@@ -76,4 +77,9 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/apache2/PHP-70.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -76,4 +77,9 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/apache2/PHP-71.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -76,4 +77,9 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/apache2/PHP-72.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -76,4 +77,9 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/apache2/PHP-73.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -76,4 +77,9 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/apache2/PHP-74.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -76,4 +77,9 @@ if [ ! -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/apache2/PHP-80.sh

@@ -0,0 +1,85 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php8.0-fpm-$2.sock
+listen.owner = $1
+listen.group = www-data
+listen.mode = 0660
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 8
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f info@$2
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ ! -f "$pool_file_74" ]; then
+    echo "$pool_conf" > $pool_file_74
+    service php7.4-fpm restart
+fi
+
+if [ -f "$pool_file_80" ]; then
+    echo "$pool_conf" > $pool_file_80
+    service php8.0-fpm restart
+fi
+
+exit 0

install/deb/multiphp/apache2/PHP-80.stpl

@@ -0,0 +1,36 @@
+<VirtualHost %ip%:%web_ssl_port%>
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    <Directory %home%/%user%/web/%domain%/stats>
+        AllowOverride All
+    </Directory>
+    <Directory %sdocroot%>
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	</Directory>
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    <FilesMatch \.php$>
+        SetHandler "proxy:unix:/run/php/php8.0-fpm-%domain%.sock|fcgi://localhost"
+    </FilesMatch>
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.ssl.conf_*
+
+</VirtualHost>
+

install/deb/multiphp/apache2/PHP-80.tpl

@@ -0,0 +1,33 @@
+<VirtualHost %ip%:%web_port%>
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+        
+    IncludeOptional %home%/%user%/conf/web/%domain%/apache2.forcessl.conf*
+    
+    <Directory %home%/%user%/web/%domain%/stats>
+        AllowOverride All
+    </Directory>
+    <Directory %sdocroot%>
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    </Directory>
+
+    <FilesMatch \.php$>
+        SetHandler "proxy:unix:/run/php/php8.0-fpm-%domain%.sock|fcgi://localhost"
+    </FilesMatch>
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.conf_*
+
+</VirtualHost>
+

install/deb/multiphp/nginx/PHP-56.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ ! -f "$pool_file_56" ]; then
     echo "$pool_conf" > $pool_file_56
@@ -76,4 +77,9 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/nginx/PHP-70.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -76,4 +77,9 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/nginx/PHP-71.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -76,4 +77,9 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/nginx/PHP-72.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -76,4 +77,9 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/nginx/PHP-73.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -71,4 +72,9 @@ if [ ! -f "$pool_file_73" ]; then
     service php7.3-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/nginx/PHP-74.sh

@@ -45,6 +45,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -76,4 +77,9 @@ if [ ! -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
 exit 0

install/deb/multiphp/nginx/PHP-80.sh

@@ -0,0 +1,85 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.4-fpm-$2.sock
+listen.owner = $1
+listen.group = www-data
+listen.mode = 0660
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 8
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f info@$2
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ -f "$pool_file_74" ]; then
+    echo "$pool_conf" > $pool_file_74
+    service php7.4-fpm restart
+fi
+
+if [ ! -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    service php8.0-fpm restart
+fi
+
+exit 0

install/deb/multiphp/nginx/PHP-80.stpl

@@ -0,0 +1,53 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+            fastcgi_hide_header "Set-Cookie";
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    unix:/run/php/php7.4-fpm-%domain%.sock;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}

install/deb/multiphp/nginx/PHP-80.tpl

@@ -0,0 +1,48 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+        
+    include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+            fastcgi_hide_header "Set-Cookie";
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    unix:/run/php/php7.4-fpm-%domain%.sock;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     %home%/%user%/conf/web/%domain%/nginx.conf_*;
+}

install/hst-install-debian.sh

@@ -23,9 +23,9 @@ HESTIA_INSTALL_DIR="$HESTIA/install/deb"
 VERBOSE='no'
 
 # Define software versions
-HESTIA_INSTALL_VER='1.3.1'
+HESTIA_INSTALL_VER='1.3.2'
 pma_v='5.0.4'
-multiphp_v=("5.6" "7.0" "7.1" "7.2" "7.3" "7.4")
+multiphp_v=("5.6" "7.0" "7.1" "7.2" "7.3" "7.4" "8.0")
 fpm_v="7.4"
 mariadb_v="10.5"
 

install/hst-install-ubuntu.sh

@@ -23,9 +23,9 @@ HESTIA_INSTALL_DIR="$HESTIA/install/deb"
 VERBOSE='no'
 
 # Define software versions
-HESTIA_INSTALL_VER='1.3.1'
+HESTIA_INSTALL_VER='1.3.2'
 pma_v='5.0.4'
-multiphp_v=("5.6" "7.0" "7.1" "7.2" "7.3" "7.4")
+multiphp_v=("5.6" "7.0" "7.1" "7.2" "7.3" "7.4" "8.0")
 fpm_v="7.4"
 mariadb_v="10.5"
 

install/upgrade/upgrade.conf

@@ -22,8 +22,8 @@
 # These flags should be set to true if any changes are made to the template files
 # to ensure that they are properly updated on the end-user's system.
 UPGRADE_UPDATE_WEB_TEMPLATES='true'
-UPGRADE_UPDATE_MAIL_TEMPLATES='true'
-UPGRADE_UPDATE_DNS_TEMPLATES='true'
+UPGRADE_UPDATE_MAIL_TEMPLATES='false'
+UPGRADE_UPDATE_DNS_TEMPLATES='false'
 
 # Update phpMyAdmin to the latest version during upgrade
 UPGRADE_UPDATE_PHPMYADMIN='true'
@@ -35,7 +35,7 @@ UPGRADE_UPDATE_FILEMANAGER='false'
 UPGRADE_UPDATE_FILEMANAGER_CONFIG='true'
 
 # Post installation clean-up
-UPGRADE_REBUILD_USERS='true'
+UPGRADE_REBUILD_USERS='false'
 UPGRADE_RESTART_SERVICES='true'
 
 #######################################################################################
@@ -43,4 +43,4 @@ UPGRADE_RESTART_SERVICES='true'
 #######################################################################################
 
 # Set version of phpMyAdmin to install during upgrade if not already installed
-pma_v='5.0.4'
+pma_v='5.0.4'

install/upgrade/versions/1.3.2.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+# Hestia Control Panel upgrade script for target version 1.3.2
+
+#######################################################################################
+#######                      Place additional commands below.                   #######
+#######################################################################################

src/deb/hestia/control

@@ -1,7 +1,7 @@
 Source: hestia
 Package: hestia
 Priority: optional
-Version: 1.3.1
+Version: 1.3.2
 Section: admin
 Maintainer: HestiaCP <info@hestiacp.com>
 Homepage: https://www.hestiacp.com

test/test.bats

@@ -506,6 +506,205 @@ function validate_webmail_domain() {
 }
 
 
+#----------------------------------------------------------#
+#                      MULTIPHP                            #
+#----------------------------------------------------------#
+
+@test "Multiphp: Default php Backend version" {
+    def_phpver=$(multiphp_default_version)
+    multi_domain="multiphp.${domain}"
+
+    run v-add-web-domain $user $multi_domain 198.18.0.125
+    assert_success
+    refute_output
+
+    echo -e "<?php\necho PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;" > "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+    validate_web_domain $user $multi_domain "$def_phpver" 'php-test.php'
+    rm "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+
+}
+
+@test "Multiphp: Change backend version - PHP v5.6" {
+    test_phpver='5.6'
+    multi_domain="multiphp.${domain}"
+
+    if [ ! -d "/etc/php/${test_phpver}/fpm/pool.d/" ]; then
+        skip "PHP ${test_phpver} not installed"
+    fi
+
+    run v-change-web-domain-backend-tpl $user $multi_domain 'PHP-5_6' 'yes'
+    assert_success
+    refute_output
+
+    # Changing web backend will create a php-fpm pool config in the corresponding php folder
+    assert_file_exist "/etc/php/${test_phpver}/fpm/pool.d/${multi_domain}.conf"
+
+    # A single php-fpm pool config file must be present
+    num_fpm_config_files="$(find -L /etc/php/ -name "${multi_domain}.conf" | wc -l)"
+    assert_equal "$num_fpm_config_files" '1'
+
+    echo -e "<?php\necho 'hestia-multiphptest:'.PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;" > "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+    validate_web_domain $user $multi_domain "hestia-multiphptest:$test_phpver" 'php-test.php'
+    rm "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+}
+
+@test "Multiphp: Change backend version - PHP v7.0" {
+    test_phpver='7.0'
+    multi_domain="multiphp.${domain}"
+
+    if [ ! -d "/etc/php/${test_phpver}/fpm/pool.d/" ]; then
+        skip "PHP ${test_phpver} not installed"
+    fi
+
+    run v-change-web-domain-backend-tpl $user $multi_domain 'PHP-7_0' 'yes'
+    assert_success
+    refute_output
+
+    # Changing web backend will create a php-fpm pool config in the corresponding php folder
+    assert_file_exist "/etc/php/${test_phpver}/fpm/pool.d/${multi_domain}.conf"
+
+    # A single php-fpm pool config file must be present
+    num_fpm_config_files="$(find -L /etc/php/ -name "${multi_domain}.conf" | wc -l)"
+    assert_equal "$num_fpm_config_files" '1'
+
+    echo -e "<?php\necho 'hestia-multiphptest:'.PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;" > "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+    validate_web_domain $user $multi_domain "hestia-multiphptest:$test_phpver" 'php-test.php'
+    rm "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+}
+
+@test "Multiphp: Change backend version - PHP v7.1" {
+    test_phpver='7.1'
+    multi_domain="multiphp.${domain}"
+
+    if [ ! -d "/etc/php/${test_phpver}/fpm/pool.d/" ]; then
+        skip "PHP ${test_phpver} not installed"
+    fi
+
+    run v-change-web-domain-backend-tpl $user $multi_domain 'PHP-7_1' 'yes'
+    assert_success
+    refute_output
+
+    # Changing web backend will create a php-fpm pool config in the corresponding php folder
+    assert_file_exist "/etc/php/${test_phpver}/fpm/pool.d/${multi_domain}.conf"
+
+    # A single php-fpm pool config file must be present
+    num_fpm_config_files="$(find -L /etc/php/ -name "${multi_domain}.conf" | wc -l)"
+    assert_equal "$num_fpm_config_files" '1'
+
+    echo -e "<?php\necho 'hestia-multiphptest:'.PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;" > "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+    validate_web_domain $user $multi_domain "hestia-multiphptest:$test_phpver" 'php-test.php'
+    rm "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+}
+
+@test "Multiphp: Change backend version - PHP v7.2" {
+    test_phpver='7.2'
+    multi_domain="multiphp.${domain}"
+
+    if [ ! -d "/etc/php/${test_phpver}/fpm/pool.d/" ]; then
+        skip "PHP ${test_phpver} not installed"
+    fi
+
+    run v-change-web-domain-backend-tpl $user $multi_domain 'PHP-7_2' 'yes'
+    assert_success
+    refute_output
+
+    # Changing web backend will create a php-fpm pool config in the corresponding php folder
+    assert_file_exist "/etc/php/${test_phpver}/fpm/pool.d/${multi_domain}.conf"
+
+    # A single php-fpm pool config file must be present
+    num_fpm_config_files="$(find -L /etc/php/ -name "${multi_domain}.conf" | wc -l)"
+    assert_equal "$num_fpm_config_files" '1'
+
+    echo -e "<?php\necho 'hestia-multiphptest:'.PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;" > "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+    validate_web_domain $user $multi_domain "hestia-multiphptest:$test_phpver" 'php-test.php'
+    rm "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+}
+
+@test "Multiphp: Change backend version - PHP v7.3" {
+    test_phpver='7.3'
+    multi_domain="multiphp.${domain}"
+
+    if [ ! -d "/etc/php/${test_phpver}/fpm/pool.d/" ]; then
+        skip "PHP ${test_phpver} not installed"
+    fi
+
+    run v-change-web-domain-backend-tpl $user $multi_domain 'PHP-7_3' 'yes'
+    assert_success
+    refute_output
+
+    # Changing web backend will create a php-fpm pool config in the corresponding php folder
+    assert_file_exist "/etc/php/${test_phpver}/fpm/pool.d/${multi_domain}.conf"
+
+    # A single php-fpm pool config file must be present
+    num_fpm_config_files="$(find -L /etc/php/ -name "${multi_domain}.conf" | wc -l)"
+    assert_equal "$num_fpm_config_files" '1'
+
+    echo -e "<?php\necho 'hestia-multiphptest:'.PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;" > "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+    validate_web_domain $user $multi_domain "hestia-multiphptest:$test_phpver" 'php-test.php'
+    rm "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+}
+
+@test "Multiphp: Change backend version - PHP v7.4" {
+    test_phpver='7.4'
+    multi_domain="multiphp.${domain}"
+
+    if [ ! -d "/etc/php/${test_phpver}/fpm/pool.d/" ]; then
+        skip "PHP ${test_phpver} not installed"
+    fi
+
+    run v-change-web-domain-backend-tpl $user $multi_domain 'PHP-7_4' 'yes'
+    assert_success
+    refute_output
+
+    # Changing web backend will create a php-fpm pool config in the corresponding php folder
+    assert_file_exist "/etc/php/${test_phpver}/fpm/pool.d/${multi_domain}.conf"
+
+    # A single php-fpm pool config file must be present
+    num_fpm_config_files="$(find -L /etc/php/ -name "${multi_domain}.conf" | wc -l)"
+    assert_equal "$num_fpm_config_files" '1'
+
+    echo -e "<?php\necho 'hestia-multiphptest:'.PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;" > "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+    validate_web_domain $user $multi_domain "hestia-multiphptest:$test_phpver" 'php-test.php'
+    rm "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+}
+
+@test "Multiphp: Change backend version - PHP v8.0" {
+    test_phpver='8.0'
+    multi_domain="multiphp.${domain}"
+
+    if [ ! -d "/etc/php/${test_phpver}/fpm/pool.d/" ]; then
+        skip "PHP ${test_phpver} not installed"
+    fi
+
+    run v-change-web-domain-backend-tpl $user $multi_domain 'PHP-8_0' 'yes'
+    assert_success
+    refute_output
+
+    # Changing web backend will create a php-fpm pool config in the corresponding php folder
+    assert_file_exist "/etc/php/${test_phpver}/fpm/pool.d/${multi_domain}.conf"
+
+    # A single php-fpm pool config file must be present
+    num_fpm_config_files="$(find -L /etc/php/ -name "${multi_domain}.conf" | wc -l)"
+    assert_equal "$num_fpm_config_files" '1'
+
+    echo -e "<?php\necho 'hestia-multiphptest:'.PHP_MAJOR_VERSION.'.'.PHP_MINOR_VERSION;" > "$HOMEDIR/$user/web/$multi_domain/public_html/php-test.php"
+    validate_web_domain $user $multi_domain "hestia-multiphptest:$test_phpver" 'php-test.php'
+    rm $HOMEDIR/$user/web/$multi_domain/public_html/php-test.php
+}
+
+@test "Multiphp: Cleanup" {
+    multi_domain="multiphp.${domain}"
+
+    run v-delete-web-domain $user $multi_domain 'yes'
+    assert_success
+    refute_output
+
+    # No php-fpm pool config file must be present
+    num_fpm_config_files="$(find -L /etc/php/ -name "${multi_domain}.conf" | wc -l)"
+    assert_equal "$num_fpm_config_files" '0'
+}
+
+
 #----------------------------------------------------------#
 #                         DNS                              #
 #----------------------------------------------------------#

web/add/user/index.php

@@ -105,7 +105,7 @@ if (!empty($_POST['ok'])) {
     // Flush field values on success
     if (empty($_SESSION['error_msg'])) {
         $_SESSION['ok_msg'] = sprintf(_('USER_CREATED_OK'),htmlentities($_POST['v_username']),htmlentities($_POST['v_username']));
-        $_SESSION['ok_msg'] .= " / <a href=/login/?loginas=".htmlentities($_POST['v_username']).">" . _('login as') ." ".htmlentities($_POST['v_username']). "</a>";
+        $_SESSION['ok_msg'] .= " / <a href=/login/?loginas=".htmlentities($_POST['v_username'])."&token=".htmlentities($_SESSION['token']).">" . _('login as') ." ".htmlentities($_POST['v_username']). "</a>";
         unset($v_username);
         unset($v_password);
         unset($v_email);

web/edit/server/index.php

@@ -45,6 +45,7 @@ $v_php_versions = [
     'php-7.2',
     'php-7.3',
     'php-7.4',
+    'php-8.0',
 ];
 sort($v_php_versions);
 

web/login/index.php

@@ -16,6 +16,10 @@ if (isset($_GET['logout'])) {
 
 // Login as someone else
 if (isset($_SESSION['user'])) {
+    if (empty($_GET['loginas']) ){
+        header("Location: /list/web/");
+        exit;
+    }
     if ($_SESSION['user'] == 'admin' && !empty($_GET['loginas'])) {
         exec (HESTIA_CMD . "v-list-user ".escapeshellarg($_GET['loginas'])." json", $output, $return_var);
         if ( $return_var == 0 ) {
@@ -34,6 +38,7 @@ if (isset($_SESSION['user'])) {
 }
 
 function authenticate_user($user, $password, $twofa = ''){
+    unset($_SESSION['login']);
     if(isset($_SESSION['token']) && isset($_POST['token']) && $_POST['token'] == $_SESSION['token']) {
     $v_user = escapeshellarg($user);
     $v_ip = escapeshellarg($_SERVER['REMOTE_ADDR']);

web/logout/index.php

@@ -1,13 +1,13 @@
 <?php
-
 session_start();
 
 if (!empty($_SESSION['look'])) {
+
     unset($_SESSION['look']);
+    header("Location: /");
 } else {
     session_destroy();
+    header("Location: /login/");
 }
-
-header("Location: /login/");
 exit;
 ?>

web/templates/admin/list_mail.html

@@ -64,7 +64,7 @@
 
       <?
         list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
-        $webmail = "http://webmail.".$http_host."/";
+        $webmail = "webmail";
         if (!empty($_SESSION['WEBMAIL_ALIAS'])) $webmail = $_SESSION['WEBMAIL_ALIAS'];
 
         foreach ($data as $key => $value) {
@@ -101,7 +101,7 @@ sort-accounts="<?=$data[$key]['ACCOUNTS']?>" sort-star="<? if($_SESSION['favouri
                           <div class="actions-panel clearfix">
                             <div class="actions-panel__col actions-panel__logs shortcut-n" key-action="href"><a href="/add/mail/?domain=<?=$key?>&token=<?=$_SESSION['token']?>" title="<?=_('Add Mail Account')?>"><i class="fas fa-plus-circle status-icon green status-icon dim"></i></a></div>
                             <div class="actions-panel__col actions-panel__edit shortcut-l" key-action="href"><a href="?domain=<?=$key?>&token=<?=$_SESSION['token']?>" title="<?=_('mail accounts')?>"><i class="fas fa-users status-icon blue status-icon dim"></i></a></div>
-                            <div class="actions-panel__col actions-panel__edit" key-action="href"><a href="http://webmail.<?=$key?>/" target="_blank" title="<?=_('open webmail')?>"><i class="fas fa-paper-plane status-icon lightblue status-icon dim"></i></a></div>
+                            <div class="actions-panel__col actions-panel__edit" key-action="href"><a href="http://<?=$webmail;?>.<?=$key?>/" target="_blank" title="<?=_('open webmail')?>"><i class="fas fa-paper-plane status-icon lightblue status-icon dim"></i></a></div>
                             <div class="actions-panel__col actions-panel__logs shortcut-enter" key-action="href"><a href="/edit/mail/?domain=<?=$key?>&token=<?=$_SESSION['token']?>" title="<?=_('Editing Mail Domain')?>"><i class="fas fa-pencil-alt status-icon orange status-icon dim"></i></a></div>
 
                             <div class="actions-panel__col actions-panel__suspend shortcut-s" key-action="js">

web/templates/admin/list_mail_acc.html

@@ -1,3 +1,7 @@
+<?php
+    $v_webmail_alias = "webmail";
+    if (!empty($_SESSION['WEBMAIL_ALIAS'])) $v_webmail_alias = $_SESSION['WEBMAIL_ALIAS'];
+?>
     <div class="l-center">
       <div class="l-sort clearfix noselect">
         <div class="l-unit-toolbar__buttonstrip">
@@ -93,7 +97,7 @@ sort-star="<? if($_SESSION['favourites']['MAIL_ACC'][$key."@".$_GET['domain']] =
               <div class="clearfix l-unit__stat-col--left text-right compact-4">
                 <div class="l-unit-toolbar__col l-unit-toolbar__col--right noselect">
                   <div class="actions-panel clearfix">
-                    <div class="actions-panel__col actions-panel__edit" key-action="href"><a href="http://mail.<?=htmlspecialchars($_GET['domain'])?>/?_user=<?=$key?>@<?=htmlspecialchars($_GET['domain'])?>" target="_blank" title="<?=_('open webmail')?>"><i class="fas fa-envelope-open-text status-icon maroon status-icon dim"></i></a></div>
+                    <div class="actions-panel__col actions-panel__edit" key-action="href"><a href="http://<?=$v_webmail_alias;?>.<?=htmlspecialchars($_GET['domain'])?>/?_user=<?=$key?>@<?=htmlspecialchars($_GET['domain'])?>" target="_blank" title="<?=_('open webmail')?>"><i class="fas fa-envelope-open-text status-icon maroon status-icon dim"></i></a></div>
                     <div class="actions-panel__col actions-panel__logs shortcut-enter" key-action="href"><a href="/edit/mail/?domain=<?=htmlspecialchars($_GET['domain'])?>&account=<?=$key?>&token=<?=$_SESSION['token']?>" title="<?=_('Editing Mail Account')?>"><i class="fas fa-pencil-alt status-icon orange status-icon dim"></i></a></div>
 
                     <div class="actions-panel__col actions-panel__suspend shortcut-s" key-action="js">

web/templates/user/list_mail.html

@@ -63,7 +63,7 @@
 
       <?
         list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
-        $webmail = "http://webmail.".$http_host."/";
+        $webmail = "webmail";
         if (!empty($_SESSION['WEBMAIL_ALIAS'])) $webmail = $_SESSION['WEBMAIL_ALIAS'];
 
         foreach ($data as $key => $value) {
@@ -100,7 +100,7 @@ sort-accounts="<?=$data[$key]['ACCOUNTS']?>" sort-star="<? if($_SESSION['favouri
                           <div class="actions-panel clearfix">
                             <div class="actions-panel__col actions-panel__logs shortcut-n" key-action="href"><a href="/add/mail/?domain=<?=$key?>&token=<?=$_SESSION['token']?>" title="<?=_('Add Mail Account')?>"><i class="fas fa-plus-circle status-icon green status-icon dim"></i></a></div>
                             <div class="actions-panel__col actions-panel__edit shortcut-l" key-action="href"><a href="?domain=<?=$key?>&token=<?=$_SESSION['token']?>" title="<?=_('mail accounts')?>"><i class="fas fa-users status-icon blue status-icon dim"></i></a></div>
-                            <div class="actions-panel__col actions-panel__edit" key-action="href"><a href="http://webmail.<?=$key?>/" target="_blank" title="<?=_('open webmail')?>"><i class="fas fa-paper-plane status-icon lightblue status-icon dim"></i></a></div>
+                            <div class="actions-panel__col actions-panel__edit" key-action="href"><a href="http://<?=$webmail;?>.<?=$key?>/" target="_blank" title="<?=_('open webmail')?>"><i class="fas fa-paper-plane status-icon lightblue status-icon dim"></i></a></div>
                             <div class="actions-panel__col actions-panel__logs shortcut-enter" key-action="href"><a href="/edit/mail/?domain=<?=$key?>&token=<?=$_SESSION['token']?>" title="<?=_('Editing Mail Domain')?>"><i class="fas fa-pencil-alt status-icon orange status-icon dim"></i></a></div>
 
                             <div class="actions-panel__col actions-panel__suspend shortcut-s" key-action="js">

web/templates/user/list_mail_acc.html

@@ -1,3 +1,7 @@
+<?php
+    $v_webmail_alias = "webmail";
+    if (!empty($_SESSION['WEBMAIL_ALIAS'])) $v_webmail_alias = $_SESSION['WEBMAIL_ALIAS'];
+?>
     <div class="l-center">
       <div class="l-sort clearfix noselect">
         <div class="l-unit-toolbar__buttonstrip">
@@ -93,7 +97,7 @@ sort-star="<? if($_SESSION['favourites']['MAIL_ACC'][$key."@".$_GET['domain']] =
               <div class="clearfix l-unit__stat-col--left text-right compact-4">
                 <div class="l-unit-toolbar__col l-unit-toolbar__col--right noselect">
                   <div class="actions-panel clearfix">
-                    <div class="actions-panel__col actions-panel__edit" key-action="href"><a href="http://mail.<?=htmlspecialchars($_GET['domain'])?>/?_user=<?=$key?>@<?=htmlspecialchars($_GET['domain'])?>" target="_blank" title="<?=_('open webmail')?>"><i class="fas fa-envelope-open-text status-icon maroon status-icon dim"></i></a></div>
+                    <div class="actions-panel__col actions-panel__edit" key-action="href"><a href="http://<?=$v_webmail_alias;?>.<?=htmlspecialchars($_GET['domain'])?>/?_user=<?=$key?>@<?=htmlspecialchars($_GET['domain'])?>" target="_blank" title="<?=_('open webmail')?>"><i class="fas fa-envelope-open-text status-icon maroon status-icon dim"></i></a></div>
                     <div class="actions-panel__col actions-panel__logs shortcut-enter" key-action="href"><a href="/edit/mail/?domain=<?=htmlspecialchars($_GET['domain'])?>&account=<?=$key?>&token=<?=$_SESSION['token']?>" title="<?=_('Editing Mail Account')?>"><i class="fas fa-pencil-alt status-icon orange status-icon dim"></i></a></div>
 
                     <div class="actions-panel__col actions-panel__suspend shortcut-s" key-action="js">