Separate acme.sh certificate issuance and installation steps to ensure
domain configurations are properly stored. Previously, combining --issue
with --cert-file/--key-file/--fullchain-file in a single command caused
acme.sh to skip storing domain configs, breaking automatic renewals and
requiring manual certificate recreation for domain aliases.
- Ensure /home/cyberpanel directory exists with proper permissions before download
- Set directory permissions to 755 to allow application write access
- Refactor SCP/SFTP fallback logic to work regardless of debug mode
- Add better status messages during download process
- MySQL restore may return warnings that don't indicate actual failure
- Database restoration verification is handled by subsequent password operations
- Improves reliability of compressed backup restoration
- Changed from checking exit code to verifying file existence and size
- Resolves issue where successful mysqldump was incorrectly reported as failed
- Ensures backup file is created and not empty before marking as successful
- Added configurable compression for database backups using gzip streaming
- Implemented auto-detection in restore function for compressed and uncompressed formats
- Added performance optimizations including --single-transaction and --extended-insert
- Created configuration file for gradual feature rollout with safe defaults
- Added helper functions for checking system capabilities and configuration
- Included comprehensive test suite to verify backward compatibility
- Maintained 100% backward compatibility with existing backup infrastructure
- Implement timestamp-based filename verification (Method 1)
- Add file size validation with 1KB minimum requirement (Method 2)
- Filter to only check today's backup directory for accuracy (Method 3)
- Add optional SHA256 checksum verification for integrity (Method 5)
- Use find command with size filter for efficient SSH verification
- Fallback to SFTP with comprehensive file validation
- Enhanced logging for all verification steps and failures
- Remove unused 'Yesterday' variable that was never used
- Prevents false positives from old backup files
- Detects corrupted/incomplete backups via size check
- Fix inverted .find() logic that sent notifications when backups SUCCEEDED
- Add 'status': 'failed' field required by platform API
- Change HTTP to HTTPS for BackupFailedNotify endpoint
- Add comprehensive error handling and logging
- Add 30-second timeout on API requests
- Properly handle actualDomain vs site.domain.domain cases
- Implement directory integrity checks to detect missing CyberPanel components
- Add automatic recovery by cloning fresh repository when essential directories are lost
- Create database credential recovery with automatic password reset capability
- Update all service configurations (FTP, PowerDNS, Postfix, Dovecot) when password is reset
- Add service restart functionality to apply new configurations
- Preserve existing configuration files during recovery process
- Handle both Ubuntu (root password) and CentOS (separate password) database configurations
This ensures upgrades can complete successfully even when /usr/local/CyberCP is completely lost.
- Remove CSF menu item from sidebar navigation
- Disable CSF-related URL endpoints in firewall module
- Update upgrade process to automatically remove CSF and restore firewalld
- Archive CSF template and configuration files
- Clean up CSF references in settings and upgrade scripts
CSF (ConfigServer Security & Firewall) is shutting down on August 31, 2025.
This commit removes CSF integration and ensures firewalld is restored as the
default firewall solution during upgrades.
Fixes#1473
The issue was that restoreCriticalFiles was restoring the OLD settings.py from backup
which didn't have new apps like 'aiScanner' in INSTALLED_APPS.
Solution:
- Modified restoreCriticalFiles to skip settings.py restoration
- Keep the NEW settings.py from the fresh clone (which has aiScanner in INSTALLED_APPS)
- Only update the DATABASES section with saved credentials from backup
- This preserves all new app registrations while maintaining database connectivity
This properly fixes the RuntimeError about aiScanner.status_models.ScanStatusUpdate
not being in INSTALLED_APPS after upgrades.
During the upgrade process, settings.py was being overwritten with only the DATABASES
section preserved, causing loss of INSTALLED_APPS and other configurations. This resulted
in the 'aiScanner' app not being recognized after upgrade.
Fixed by:
- Improving the regex pattern to more accurately match only the DATABASES dictionary
- Adding re.DOTALL flag to handle multi-line DATABASES configuration
- Ensuring all other settings including INSTALLED_APPS are preserved during upgrade
This resolves the RuntimeError about aiScanner.status_models.ScanStatusUpdate not having
an explicit app_label.
usmannasir
Master3395