Fix DNS issues (#3396)

* Update SERIAL on DNS change

* Update permisions and force rebuild users

* Add check if DNSSEC is supported

* Add missing keys on install

* Use public ip instead of internal ip / local ip

* Move version_ge to main.sh

Is allready included on default saves on view pages load in upgrade.sh to use this function

* Remove upgrade.sh to source

* Add setting to check for DNSSEC Support based of named version

Instead OS version

* Hide box when DNSSEC is not availble

* Fix: #3398 Quick install error

bin/v-add-dns-record

@@ -132,6 +132,8 @@ chmod 660 $zone
 # Sorting records
 sort_dns_records
 
+# Update serial
+update_domain_serial
 # Updating zone
 if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
 	# Do full rebuild due DNS SEC

bin/v-add-remote-dns-domain

@@ -58,8 +58,13 @@ fi
 if [ "$DNS_CLUSTER_SYSTEM" = "hestia-zone" ]; then
 	str=$(echo "$str" | sed "s/SLAVE='no'/SLAVE='yes'/g")
 	str=$(echo "$str" | sed "s/SLAVE=''/SLAVE='yes'/g")
-	ip=$($BIN/v-list-sys-ips plain | cut -f1 | head -n1)
-	str=$(echo "$str" | sed "s/MASTER=''/MASTER='$ip'/g")
+	ip=$(ip addr | grep 'inet ' | grep global | head -n1 | awk '{print $2}' | cut -f1 -d/)
+	source_conf $HESTIA/data/ips/$ip
+	if [ -z $NAT ]; then
+		str=$(echo "$str" | sed "s/MASTER=''/MASTER='$ip'/g")
+	else
+		str=$(echo "$str" | sed "s/MASTER=''/MASTER='$NAT'/g")
+	fi
 fi
 
 IFS=$'\n'

bin/v-change-dns-domain-dnssec

@@ -51,6 +51,15 @@ fi
 # Perform verification if read-only mode is enabled
 check_hestia_demo_mode
 
+if [ "$DNS_CLUSTER_SYSTEM" != 'hestia-zone' ]; then
+	check_result "$E_DISABLED" "DNSSEC is not supported when DNS_CLUSTER_SYSTEM is not set to hestia-zone"
+fi
+
+version=$(named -v | awk 'NR==1{print $2}')
+if version_ge '9.18' $version; then
+	check_result "$E_DISABLED" "DNSSEC is not supported when bind / named < 9.18"
+fi
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
@@ -64,8 +73,9 @@ syshealth_repair_dns_config
 # Changing exp
 update_object_value 'dns' 'DOMAIN' "$domain" '$DNSSEC' "$status"
 
+# Update serial
+update_domain_serial
 # Rebuild DNS config
-
 rebuild_dns_domain_conf
 
 if [ $status = "no" ]; then

bin/v-change-dns-domain-ip

@@ -63,6 +63,8 @@ update_object_value 'dns' 'DOMAIN' "$domain" '$IP' "$ip"
 # Changing records
 sed -i "s/$old/$ip/g" $USER_DATA/dns/$domain.conf
 
+# Update serial
+update_domain_serial
 # Updating zone
 if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
 	rebuild_dns_domain_conf

bin/v-change-dns-domain-soa

@@ -57,6 +57,8 @@ check_hestia_demo_mode
 # Changing soa
 update_object_value 'dns' 'DOMAIN' "$domain" '$SOA' "$soa"
 
+# Update serial
+update_domain_serial
 # Updating zone
 if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
 	rebuild_dns_domain_conf

bin/v-change-dns-domain-tpl

@@ -131,6 +131,8 @@ if [ "$template" = "office365" ]; then
 	fi
 fi
 
+# Update serial
+update_domain_serial
 # Updating zone
 if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
 	rebuild_dns_domain_conf

bin/v-change-dns-domain-ttl

@@ -56,6 +56,8 @@ check_hestia_demo_mode
 # Changing ttl
 update_object_value 'dns' 'DOMAIN' "$domain" '$TTL' "$ttl"
 
+# Update serial
+update_domain_serial
 # Updating zone
 if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
 	rebuild_dns_domain_conf

bin/v-change-dns-record

@@ -136,6 +136,8 @@ echo "$dns_rec" >> $USER_DATA/dns/$domain.conf
 # Sorting records
 sort_dns_records
 
+# Update serial
+update_domain_serial
 # Updating zone
 if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
 	rebuild_dns_domain_conf

bin/v-change-dns-record-id

@@ -62,6 +62,8 @@ sed -i "s/^ID='$id'/ID='$newid'/" $USER_DATA/dns/$domain.conf
 # Sorting records
 sort_dns_records
 
+# Update serial
+update_domain_serial
 # Updating zone
 if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
 	rebuild_dns_domain_conf

bin/v-delete-dns-record

@@ -56,6 +56,8 @@ check_hestia_demo_mode
 # Deleting record
 sed -i "/^ID='$id'/d" $USER_DATA/dns/$domain.conf
 
+# Update serial
+update_domain_serial
 # Updating zone
 if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
 	rebuild_dns_domain_conf

bin/v-list-sys-config

@@ -44,6 +44,8 @@ json_list() {
         "DB_SYSTEM": "'$DB_SYSTEM'",
         "DNS_SYSTEM": "'$DNS_SYSTEM'",
         "DNS_CLUSTER": "'$DNS_CLUSTER'",
+		"DNS_CLUSTER_SYSTEM": "'$DNS_CLUSTER_SYSTEM'",
+		"SUPPORT_DNSSEC": "'$SUPPORT_DNSSEC'",
         "STATS_SYSTEM": "'$STATS_SYSTEM'",
         "BACKUP_SYSTEM": "'$BACKUP_SYSTEM'",
         "CRON_SYSTEM": "'$CRON_SYSTEM'",
@@ -266,6 +268,13 @@ csv_list() {
 #                       Action                             #
 #----------------------------------------------------------#
 
+version=$(named -v | awk 'NR==1{print $2}')
+if version_ge '9.18' $version; then
+	SUPPORT_DNSSEC="yes"
+else
+	SUPPORT_DNSSEC="no"
+fi
+
 # Listing data
 case $format in
 	json) json_list ;;

bin/v-sync-dns-cluster

@@ -86,8 +86,13 @@ for cluster in $hosts; do
 						str=$(echo "$str" | sed "s/SLAVE='no'/SLAVE='yes'/g")
 						str=$(echo "$str" | sed "s/SLAVE=''/SLAVE='yes'/g")
 
-						ip=$($BIN/v-list-sys-ips plain | cut -f1 | head -n1)
-						str=$(echo "$str" | sed "s/MASTER=''/MASTER='$ip'/g")
+						ip=$(ip addr | grep 'inet ' | grep global | head -n1 | awk '{print $2}' | cut -f1 -d/)
+						source_conf $HESTIA/data/ips/$ip
+						if [ -z $NAT ]; then
+							str=$(echo "$str" | sed "s/MASTER=''/MASTER='$ip'/g")
+						else
+							str=$(echo "$str" | sed "s/MASTER=''/MASTER='$NAT'/g")
+						fi
 
 						# Syncing domain data
 						cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME $flush 'no'

func/main.sh

@@ -169,6 +169,9 @@ check_args() {
 	fi
 }
 
+# Define version check function
+version_ge() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1" -o -n "$1" -a "$1" = "$2"; }
+
 # Subsystem checker
 is_system_enabled() {
 	if [ -z "$1" ] || [ "$1" = no ]; then

func/rebuild.sh

@@ -170,7 +170,7 @@ rebuild_user_conf() {
 		else
 			dns_group='bind'
 		fi
-		chown root:$dns_group $HOMEDIR/$user/conf/dns
+		chown $dns_group:$dns_group $HOMEDIR/$user/conf/dns
 		if [ "$create_user" = "yes" ]; then
 			$BIN/v-rebuild-dns-domains $user $restart
 		fi

func/upgrade.sh

@@ -14,9 +14,6 @@ source $HESTIA/func/syshealth.sh
 #######                Functions & Initialization             #######
 #####################################################################
 
-# Define version check function
-function version_ge() { test "$(printf '%s\n' "$@" | sort -V | head -n 1)" != "$1" -o -n "$1" -a "$1" = "$2"; }
-
 add_upgrade_message() {
 	if [ -f "$HESTIA_BACKUP/message.log" ]; then
 		echo -e $1 >> $HESTIA_BACKUP/message.log

install/hst-install-debian.sh

@@ -2109,6 +2109,7 @@ write_config_value "SERVER_SMTP_PASSWD" ""
 write_config_value "SERVER_SMTP_ADDR" ""
 write_config_value "POLICY_CSRF_STRICTNESS" "1"
 write_config_value "DISABLE_IP_CHECK" "no"
+write_config_value "DNS_CLUSTER_SYSTEM" "hestia"
 
 # Add /usr/local/hestia/bin/ to path variable
 echo 'if [ "${PATH#*/usr/local/hestia/bin*}" = "$PATH" ]; then

install/hst-install-ubuntu.sh

@@ -2157,6 +2157,7 @@ write_config_value "SERVER_SMTP_PASSWD" ""
 write_config_value "SERVER_SMTP_ADDR" ""
 write_config_value "POLICY_CSRF_STRICTNESS" "1"
 write_config_value "DISABLE_IP_CHECK" "no"
+write_config_value "DNS_CLUSTER_SYSTEM" "hestia"
 
 # Add /usr/local/hestia/bin/ to path variable
 echo 'if [ "${PATH#*/usr/local/hestia/bin*}" = "$PATH" ]; then

install/upgrade/versions/1.7.1.sh

@@ -17,10 +17,10 @@
 ####### You can use \n within the string to create new lines.                   #######
 #######################################################################################
 
-upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'false'
+upgrade_config_set_value 'UPGRADE_UPDATE_WEB_TEMPLATES' 'true'
 upgrade_config_set_value 'UPGRADE_UPDATE_DNS_TEMPLATES' 'false'
 upgrade_config_set_value 'UPGRADE_UPDATE_MAIL_TEMPLATES' 'false'
-upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'false'
+upgrade_config_set_value 'UPGRADE_REBUILD_USERS' 'true'
 upgrade_config_set_value 'UPGRADE_UPDATE_FILEMANAGER_CONFIG' 'false'
 
 # Moved from 1.6.15.sh

web/src/app/System/HestiaApp.php

@@ -234,7 +234,7 @@ class HestiaApp {
 			}
 		} else {
 			$supported = $this->run("v-list-sys-php", "json", $result);
-			return $this->$result->json[0];
+			return $result->json[0];
 		}
 	}
 

web/templates/pages/add_dns.php

@@ -88,12 +88,14 @@
 					</button>
 				</div>
 				<div x-cloak  x-show="showAdvanced" id="advtable">
+					<?php if ($_SESSION['DNS_CLUSTER_SYSTEM'] == 'hestia-zone' && $_SESSION['SUPPORT_DNSSEC'] == 'yes'){?>
 					<div class="form-check u-mb10">
 						<input class="form-check-input" type="checkbox" name="v_dnssec" id="v_dnssec" value="yes" <?php if($v_dnssec === 'yes'){ echo ' checked'; } ?>>
 						<label for="v_dnssec">
 							<?= _("Enable DNSSEC") ?>
 						</label>
 					</div>
+					<?php } ?>
 					<div class="u-mb10">
 						<label for="v_exp" class="form-label">
 							<?= _("Expiration Date") ?> <span class="optional">(<?= _("YYYY-MM-DD") ?>)</span>

web/templates/pages/edit_dns.php

@@ -64,12 +64,14 @@
 					</select>
 				</div>
 			<?php } ?>
+			<?php if ($_SESSION['DNS_CLUSTER_SYSTEM'] == 'hestia-zone' && $_SESSION['SUPPORT_DNSSEC'] == 'yes'){?>
 			<div class="form-check u-mb10">
 				<input class="form-check-input" type="checkbox" name="v_dnssec" id="v_dnssec" value="yes" <?php if($v_dnssec === 'yes'){ echo ' checked'; } ?>>
 				<label for="v_dnssec">
 					<?= _("Enable DNSSEC") ?>
 				</label>
 			</div>
+			<?php } ?>
 			<div class="u-mb10">
 				<label for="v_exp" class="form-label">
 					<?= _("Expiration Date") ?><span class="optional">(<?= _("YYYY-MM-DD") ?>)</span>