Merge branch 'main' into fix/php-warnings

bin/v-add-letsencrypt-domain

@@ -386,7 +386,7 @@ for auth in $authz; do
         status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
         details=$(echo "$answer"| grep detail | cut -f 1 -d ',' | cut -f 2-4 -d ':' | cut -f 2 -d '"')
 
-        debug_log "Step 5" "- status: ${status}\n- nonce: ${nonce}\n- validation: ${validation}\n- details: ${details}\n- answer: ${answer}"
+        debug_log "Step 5" "- status: ${status}\n- url: ${url}\n- nonce: ${nonce}\n- validation: ${validation}\n- details: ${details}\n- answer: ${answer}"
 
         if [[ "$status" -ne 200 ]]; then
             # Delete DNS CAA record
@@ -400,8 +400,14 @@ for auth in $authz; do
                     fi
                 fi
             fi
-            debug_log "Abort Step 5" "=> Wrong status"
-            check_result "$E_CONNECT" "Let's Encrypt validation status $status ($domain). Details: $details"
+            # Download debug info from LE server
+            result=$(wget -qO- $url)
+            debug_log "Debug information Step 5"  "$result"
+            details=$(echo $result | jq '.error.detail' )
+            error_code=$(echo $result | jq '.error.status' )            
+            
+            debug_log "Abort Step 5" "=> Wrong status" 
+            check_result "$E_CONNECT" "Let's Encrypt validation status $status ($domain). Details: $error_code:$details"
         fi
 
         i=$((i + 1))

bin/v-add-web-php

@@ -135,6 +135,11 @@ sed -i "s/9999/99$v_tpl/g" /etc/php/$version/fpm/pool.d/dummy.conf
 cp -f $HESTIA_INSTALL_DIR/php-fpm/php-fpm.conf /etc/php/$version/fpm/
 sed -i "s/fpm_v/$version/g" /etc/php/$version/fpm/php-fpm.conf
 
+# Increase max upload and max post size 
+sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 100M/g" /etc/php/$version/fpm/php.ini
+sed -i "s/post_max_size = 8M/post_max_size = 100M/g" /etc/php/$version/fpm/php.ini
+sed -i "s/max_execution_time = 30/max_execution_time = 60/g" /etc/php/$version/fpm/php.ini
+
 # Install backend template
 cp -f $HESTIA_INSTALL_DIR/php-fpm/multiphp.tpl \
     $HESTIA/data/templates/web/php-fpm/PHP-${version/\./_}.tpl

bin/v-list-sys-services

@@ -94,6 +94,11 @@ get_srv_state() {
     if [ -z "$pids" ] && [ "$name" != 'nginx' ]; then
         pids=$(pgrep $name |tr '\n' '|')
     fi
+    
+    # Prevent from an SSH false positive when there is a TTY or SFTP connection but service is down
+    if [ "$name" == 'ssh' ] && [ "$(systemctl show sshd.service | grep 'SubState=' | cut -f2 -d=)" != "running" ]; then
+        pids=''
+    fi
 
     # Checking pid
     if [ -n "$pids" ]; then

bin/v-log-user-login

@@ -38,7 +38,7 @@ is_format_valid 'user' 'ip'
 is_common_format_valid "$session_id" "SESSION_ID"
 format_no_quotes "$user_agent" "USER_AGENT"
 is_common_format_valid "$authlog" "AUTHLOG"
-is_common_format_valid "$reason" "REASON"
+format_no_quotes "$reason" "REASON"
 
 
 is_object_valid 'user' 'USER' "$user"

func/domain.sh

@@ -988,16 +988,16 @@ is_base_domain_owner(){
                     parse_object_kv_list "$web"
                     if [ -z "$ALLOW_USERS" ] ||  [ "$ALLOW_USERS" != "yes" ]; then
                         # Don't care if $basedomain all ready exists only if the owner is of the base domain is the current user
-                        is_domain_new "" $basedomain;
+                        check=$(is_domain_new "" $basedomain)
                         if [ $? -ne 0 ]; then
-                            echo "Error: $basedomain belongs to a different user";
+                            echo "Error: Unable to add $object. $basedomain belongs to a different user";
                             exit 4;
                         fi
                     fi
                 else
-                    is_domain_new "" "$basedomain"
+                    check=$(is_domain_new "" "$basedomain")
                     if [ $? -ne 0 ]; then
-                        echo "Error: $basedomain belongs to a different user";
+                        echo "Error: Unable to add $object. $basedomain belongs to a different user";
                         exit 4;
                     fi
                 fi

install/deb/fail2ban/jail.local

@@ -53,3 +53,7 @@ logpath  = /var/log/fail2ban.log
 maxretry = 5
 findtime = 86400
 bantime  = 864000
+
+#Uncomment and add your IPs and or domains to the Whitelist
+#[DEFAULT]
+#ignoreip = 111.111.111.111 222.222.222.222 subdomain.example.tld example.tld 333.333.333.333

install/hst-install-debian.sh

@@ -53,7 +53,7 @@ software="nginx apache2 apache2-utils apache2-suexec-custom
   dnsutils bsdmainutils cron hestia=${HESTIA_INSTALL_VER} hestia-nginx
   hestia-php expect libmail-dkim-perl unrar-free vim-common acl sysstat
   rsyslog openssh-server util-linux ipset libapache2-mpm-itk zstd
-  lsb-release"
+  lsb-release jq"
 
 
 installer_dependencies="apt-transport-https curl dirmngr gnupg wget ca-certificates"

install/hst-install-ubuntu.sh

@@ -52,7 +52,7 @@ software="apache2 apache2.2-common apache2-suexec-custom apache2-utils
     php$fpm_v-opcache php$fpm_v-pspell php$fpm_v-readline php$fpm_v-xml
     postgresql postgresql-contrib proftpd-basic quota rrdtool spamassassin sudo hestia=${HESTIA_INSTALL_VER}
     hestia-nginx hestia-php vim-common vsftpd whois unzip zip acl sysstat setpriv rsyslog
-    ipset libonig5 libzip5 openssh-server lsb-release zstd"
+    ipset libonig5 libzip5 openssh-server lsb-release zstd jq"
 
 installer_dependencies="apt-transport-https curl dirmngr gnupg wget software-properties-common ca-certificates"
 

install/rpm/fail2ban/jail.local

@@ -53,3 +53,7 @@ logpath  = /var/log/fail2ban.log
 maxretry = 5
 findtime = 86400
 bantime  = 864000
+
+#Uncomment and add your IPs and or domains to the Whitelist
+#[DEFAULT]
+#ignoreip = 111.111.111.111 222.222.222.222 subdomain.example.tld example.tld 333.333.333.333

install/upgrade/versions/1.6.8.sh

@@ -29,4 +29,11 @@ fi
 if [ -f "/etc/roundcube/config.inc.php" ]; then
     sed -i "s/?>//" /etc/roundcube/config.inc.php
     sed -i "s/?>//" /etc/roundcube/mimetypes.php    
-fi
+fi
+
+for version in $($HESTIA/bin/v-list-sys-php plain); do 
+    # Increase max upload and max post size 
+    sed -i "s/upload_max_filesize = 2M/upload_max_filesize = 100M/g" /etc/php/$version/fpm/php.ini
+    sed -i "s/post_max_size = 8M/post_max_size = 100M/g" /etc/php/$version/fpm/php.ini
+    sed -i "s/max_execution_time = 30$/max_execution_time = 60/g" /etc/php/$version/fpm/php.ini    
+done

src/deb/hestia/control

@@ -6,7 +6,7 @@ Section: admin
 Maintainer: HestiaCP <[email protected]>
 Homepage: https://www.hestiacp.com
 Architecture: amd64
-Depends: bash, awk, sed, acl, sysstat, setpriv | util-linux (>= 2.33), zstd, lsb-release, idn2
+Depends: bash, awk, sed, acl, sysstat, setpriv | util-linux (>= 2.33), zstd, lsb-release, idn2, jq
 Description: hestia
  hestia is an open source hosting control panel.
  hestia has a clean and focused interface without the clutter.

src/rpm/hestia/hestia.spec

@@ -15,6 +15,7 @@ Requires:       acl
 Requires:       sysstat
 Requires:       (setpriv or util-linux)
 Requires:       zstd
+Requires:       jq
 Conflicts:      vesta
 Provides:       hestia = %{version}
 BuildRequires:  systemd-rpm-macros

test/checks.bats

@@ -320,6 +320,11 @@ r' "key"
     assert_failure $E_INVALID
 }
 
+@test "format_no_quotes test2" {
+     run format_no_quotes 'test bericht' "key"
+    assert_success
+}
+
 @test "format_no_quotes .." {
      run format_no_quotes '..' "key"
     assert_success

web/templates/pages/edit_server.html

@@ -80,6 +80,9 @@
 														if ((!empty($v_timezone)) && ( $key == $v_timezone)){
 															echo ' selected' ;
 														}
+														if($key == "UTC" && $v_timezone == "Etc/UTC"){
+															echo ' selected' ;
+														}
 														echo ">".$value."</option>\n";
 													}
 												?>

web/templates/pages/edit_web.html

@@ -337,7 +337,7 @@
 															<?=$v_ssl_issuer?>
 														</td>
 													</tr>
-													<tr id="letsinfo" style="display:<?php if ($v_letsencrypt == 'yes' || $v_letencrypt == 'on' ) { echo 'block';} else {echo 'none';} ?>">
+													<tr id="letsinfo" style="display:<?php if ($v_letsencrypt == 'yes' || $v_letsencrypt == 'on' ) { echo 'block';} else {echo 'none';} ?>">
 														<td><a href="#" onclick="elementHideShow('ssl-details'); return false;" class="generate"><?=_('Show Certificate');?></a></td>
 													</tr>
 												</table>
@@ -517,7 +517,7 @@
 											</table>
 										</td>
 									</tr>
-									<?php if (in_array($_SESSION['FTP_SYSTEM'], array('vsftpd', 'proftpd'))) { ?>  
+									<?php if (in_array($_SESSION['FTP_SYSTEM'], array('vsftpd', 'proftpd'))) { ?>
 										<tr>
 											<td class="vst-text input-label">
 												<label><input type="checkbox" size="20" class="vst-checkbox" name="v_ftp" <?php if (!empty($v_ftp_user)) echo "checked=yes" ?> onclick="App.Actions.WEB.toggle_additional_ftp_accounts(this)"><?=_('Additional FTP Account');?></label>
@@ -671,4 +671,4 @@
 </div>
 <script>
 	GLOBAL.FTP_USER_PREFIX =  "<?=$user_plain.'_';?>";
-</script>
+</script>