Version 1.53.3

Released: 2018-08-16

direct_crons=1 new default new

Relating to feature:

Direct Cron listing.

Change in the default behavior to now be:

direct_crons=1

where it was previously 0.

To disable this feature, add:

direct_crons=0

to your directadmin.conf and restart DA.

CMD_API_ADDITIONAL_DOMAINS?domain=domain.com new

The CMD_API_ADDITIONAL_DOMAINS had two main method of calling a domain, eg:

  1. CMD_API_ADDITIONAL_DOMAINS

  2. CMD_API_ADDITIONAL_DOMAINS?domain=domain.com&action=view

They both give different results, due to performance reasons.

There are some options, like local_main in #1 no in #2, but you might not want all domains in the output.

This change lets you use #1 but filtering by domain.. giving similar results to #2 but with all options from #2.

To use this, call without the aciton=view:

CMD_API_ADDITIONAL_DOMAINS?domain=domain.com

which gives a domain list, like #1, but without the other domains.

This saves the redundancy of making the two commands match, leaving the ability to alter action=view&domain=com in the future (could have gone either way, but this is fairly simple)

Range / If-Range available in plugins new

If the Range and/or If-Range headers are included in the request, DA will pass them onto the plugins in the variable names:

HEADER_RANGE

HEADER_IF_RANGE

Global pre/post file before each apache/nginx template new

For the main domain http/https/subomain templates, you can now create custom template files that will be tokenized and inserted outside of the VirtualHost/server{} entry.

For example, if you want code before all main virtual_host2.conf templates, create:

/usr/local/directadmin/data/templates/custom/virtual_host2.conf.pre

with the code you want, and it will show up before all VirtualHosts from that given template.

This can be repeated for other template files:

nginx_server_secure_sub.conf
nginx_server_secure.conf
virtual_host2_secure_sub.conf
virtual_host2_secure.conf
nginx_server_secure.conf
nginx_server.conf
virtual_host2_secure.conf
virtual_host2.conf

Plugin option to show notice count in Evolution new

New plugin.conf options, eg:

notice_count_url_admin=/CMD_PLUGINS_ADMIN/custombuild/updates_count.raw
notice_count_url_reseller=
notice_count_url_user=

which will be included in the call to:

CMD_PLUGINS_ADMIN?json=yes
CMD_PLUGINS_RESELLER?json=yes
CMD_PLUGINS?json=yes

Note that a given CMD_PLUGIN* level call will only show the notice_count_url* entries for that given level and below.

Eg, the CMD_PLUGINS_ADMIN call shows all 3, while CMD_PLUGINS will only show the notice_count_url_user entry.

Cluster: Allow/Deny for user/domain zone check and sync new

You might have some domains or Users that you do not want the Multi-Server Setup clustering tool to be working with.

Two new files give you the ability to skip both the "Zone Transfer" and "Domain Check" features of the MSS:

/usr/local/directadmin/data/admin/cluster_zone_allow.list
/usr/local/directadmin/data/admin/cluster_zone_deny.list

both of these lists can contain Users and/or Domains.

  1. If neither file exists, all zones for the given Users/Domains are synced

  2. If allow exists, no zones for the given Users/Domains are synced, unless in this file. This file overrides deny.

  3. If User and/or Domain is the deny, their zone will not be synced.

-> Only one of the User or Domain is required in the allow file. If either can be present, although User may cover multiple Domains.

-> If either of the User or Domain is in the deny, the related zone will not be synced, unless already allowed via "allow", but:

-> if allow exists, the deny is never checked.

-> Applies both Zone Transfer, and Domain Check, meaning a remote zone can have a duplicate name but wont error if it's skipped locally.

-> Creating/Writing/Deleting will also be skipped remotely, if skipped locally.

Global pre/post per-file before each apache/nginx CUSTOMX token new

Very similar to this feature, which allow pre/post code to be inserted before each CUSTOM/CUSTOM# token:

Global custom include templates for apache/nginx (SKINS)

this variation does the same thing, but not for all templates, rather for the specific template that is named, eg:

All inside this directory:

/usr/local/directadmin/data/templates/custom/

virtual_host2.conf.CUSTOM.pre
nginx_server.conf.CUSTOM.4.post
virtual_host2_secure_sub.conf.CUSTOM.1.pre
etc.

Where the format is:

<templatename>.<tokenname>.<pre|post>

Note these per-template token files are included before the id=1816 files, which is still included, if both exist.

=======

ALSO at the start/end of the entire httpd.conf or nginx.conf file, unrelated to any VirtualHost or CUSTOM token:

/usr/local/directadmin/data/templates/custom/cust_httpd.pre
/usr/local/directadmin/data/templates/custom/cust_httpd.post
/usr/local/directadmin/data/templates/custom/cust_nginx.pre
/usr/local/directadmin/data/templates/custom/cust_nginx.post

which shows up just after the comments, before the user_virtual_host.conf, and at the very end of the .conf files.

Note that these start/end .conf templates do not share the token files, like per-domains do, so you cannot pass variables around in the same way.

However, like all apache/nginx templates, they run as root, and they have embedded scripting abilities, so you can read or write data to disk, even a database, and control things that way.

eg: Ability to add scripting to the virtual_host.conf files.

Optional template |PROXY_IP| variable (TEMPLATES) new

New directadmin.conf option, where you can set:

proxy_ip=1.2.3.4

into the directadmin.conf, and it will add that value:

|PROXY_IP|

available in the apache and nginx templates (including proxy).

If you don't set it in the directadmin.conf, it will be set to the default |IP|


If the proxy_ip is an ipv6, the token will be wrapped with square brakets, eg:

proxy_ip=::1

will load in the token:

PROXY_IP=[::1]

TEMPLATES

The 4 nginx_* templates are all modified in the proxy_pass line, where applicable, eg:

proxy_pass http://|PROXY_IP|:|PORT_8080|;

so the |IP| has been swapped with |PROXY_IP| in just the proxy_pass line.

nginx_server.conf
nginx_server_secure.conf
nginx_server_secure_sub.conf
nginx_server_sub.conf

Show effective DNS record value (trailing dot issue) (SKINS) new

www.domain.com

vs

www.domain.com.

can often cause confusion for Users.

This change will show them the "final" result at the top of the "Add Domain Records" table.

So if they type:

www

it will show www.domain.com. in the top.

If they type:

www.domain.com

it will show:

"domain.com.domain.com." - Missing end dot?

on the assumption that they've likely missed it.

This is not enforcing, meaning they can still try to submit, in case they do actually want a double-zone value.

The alternating rows have been changed from list/list2 css classes to use a more reliable nth-child(odd) nth-child(even) mechanism,

as it was starting to get messy with the on/off switches for dns_*= settings in the directadmin.conf.

SKINS

new JS file:

user/dns.js


user/dns_control.html

admin/dns_admin_control.html

moved the selectAllDNS() JS function to user/dns.js

many new functions to help with this procedure.

The left/right values have onchange functions to trigger the checks.

A new <tr> row has been added, just after the "Add Domain Records" <tr>, but it's hidden by default.


style.css

tr:nth-child(odd) > td.list_alt, tr:nth-child(odd) > td.listwrap_alt
tr:nth-child(even) > td.list_alt, tr:nth-child(even) > td.listwrap_alt

which can be used for css alternating tr rows, rather than the messy list vs list2 rows.

New #true_values_tr id with some definitions.

Allow Local Mailserver option without dns control (SKINS) new

New value, with internal default:

local_mailserver_without_dnscontrol=0

where, if you add:

local_mailserver_without_dnscontrol=1

to your directadmin.conf, the "MX Records" URL will show up when viewing a domain,

and you can make changes to the "Local Mail Server" option,

where you might have dnscontrol=OFF in your account.

Some Users might have external DNS, hence they shouldn't change their dns settings, but still need to change their Local Email Server settings.

SKINS

data/skins/enhanced/user/dns_mx_control.html

No significant changes to this page with regards to the feature, but added DNS_DISABLED in more areas to avoid confusion.

eg: to disable the add MX record input fields, and "Add" button.


data/skins/enhanced/user/show_domain.html

Change the MX URL to have these conditions:
|?CAN_MX=ON|
|*if USERDNSCONTROL!="ON"|
|?CAN_MX=OFF|
|*endif|
|*if LOCAL_MAILSERVER_WITHOUT_DNSCONTROL="1"|
|?CAN_MX=ON|
|*endif|


|*if CAN_MX="ON"|
<a href="/CMD_DNS_MX?domain=|domain|">|LANG_MX_RECORDS|</a><br>
|*endif|

Race condition during account deletion new

Lets say we have 2 User accounts and they're both going to be deleted.

User A fairly large, and is deleted first, this will take a while.

In a 2nd call, before the deletion of A is done, another call is made to remove the smaller user B.

The 2nd call finished before the 1st call.

Both Users are gone, but User A is still in the list. Why?

We have a race condition, where DA reads the users.list file at the start of the deletion, removes the user from the list, and only after the account is gone is the users.list rewritten.

Because the start/end of the 2nd deletion of B happened after the read, and before the write of A, either:

  • User B would still be in the list, since A had the final say, and wasn't aware of the deletion

  • DA noticed a change in the users.list, but due to deletion, it decided this process should win, so overwrite the users.list with the removed A, thus leaving B in the list again.

Code has been changed so that anytime an account is removed from any of:

users.list

reseller.list

admin.list

At that moment (after the account data is actually gone) it will:

  • lock the file

  • re-read the file, in case there were other changes

  • remove the line from the container (in memory)

  • write the file

  • unlock the file

This "point of time" method is better, avoid race conditions and should prevent stray Users from the users.list during removal of larger accounts.

Exists Check: CMD_FILE_MANAGER/some/file.txt?action=exists&json=yes new

New "action=exists" for CMD_FILEMANAGER and CMD_API_FILEMANAGER, and json, to determine if a file or directory exists.

Sample call, pass via GET:

CMD_FILE_MANAGER/.shadow?action=exists&json=yes

where you can either use the url path, as above, or you can set the path, eg:

CMD_FILE_MANAGER?path=/.shadow&action=exists&json=yes

Sample return if it's a file:

{
    "exists": "1",
    "result": "/.shadow",
    "success": "File exists check",
    "type": "file"
}

CMD_FILE_MANAGER?path=/domains&action=exists&json=yes

Sample if it's a directory:

{
    "exists": "1",
    "result": "/domains",
    "success": "File exists check",
    "type": "directory"
}

Does not exist:

CMD_FILE_MANAGER?path=/blah&action=exists&json=yes

{
    "exists": "0",
    "result": "/blah",
    "success": "File exists check"
}

and if there is an error:

CMD_FILE_MANAGER?path=%3C%3E&action=exists&json=yes

{
    "error": "Error check if file exists",
    "result": "Invalid path.  Must also start with /\"
}

Remove RFC4870: DKIM TXT o=~ new

Older RFC4870 protocols used:

_domainkey.domain.com. TXT o=~

to define sending policy for DKIM.

This has since been removed.

New domains will no longer get the _domainkey TXT o=~ record.

The x._domainkey will still be added,

T12353

LetsEncrypt Wildcard: missing root pointers and domains. fixed

When the "wildcard" option is used, domain pointers and additions domains did have their extended values show up, eg:

*.pointer.com

*.additionaldomain.com

However, this excluded the root level, so the bugfix was to also include:

pointer.com

additionaldomain.com

to the list.

Evolution: all_pre.sh all_post.sh not generating json fixed

Fixed the all_pre.sh and all_post.sh scripts, so if the abort the current request and json=yes was used to make the current call, it will generate the proper json output.

Added August 10th 2018: 2:44PM MST.

Last Updated: