ghzhost
diff --git a/‎CHANGELOG.md‎
Lines changed: 29 additions & 18 deletions b/‎CHANGELOG.md‎
Lines changed: 29 additions & 18 deletions
diff --git a/‎README.md‎
Lines changed: 1 addition & 1 deletion b/‎README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎bin/v-add-dns-domain‎
Lines changed: 12 additions & 2 deletions b/‎bin/v-add-dns-domain‎
Lines changed: 12 additions & 2 deletions
diff --git a/‎bin/v-add-dns-on-web-alias‎
Lines changed: 1 addition & 1 deletion b/‎bin/v-add-dns-on-web-alias‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎bin/v-add-dns-record‎
Lines changed: 4 additions & 1 deletion b/‎bin/v-add-dns-record‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎bin/v-add-domain‎
Lines changed: 1 addition & 1 deletion b/‎bin/v-add-domain‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎bin/v-add-web-domain-fast-cgi-cache‎ ‎bin/v-add-fastcgi-cache‎bin/v-add-web-domain-fast-cgi-cache renamed to bin/v-add-fastcgi-cache
Lines changed: 20 additions & 18 deletions b/‎bin/v-add-web-domain-fast-cgi-cache‎ ‎bin/v-add-fastcgi-cache‎bin/v-add-web-domain-fast-cgi-cache renamed to bin/v-add-fastcgi-cache
Lines changed: 20 additions & 18 deletions
diff --git a/‎bin/v-add-letsencrypt-domain‎
Lines changed: 2 additions & 2 deletions b/‎bin/v-add-letsencrypt-domain‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎bin/v-add-mail-account‎
Lines changed: 1 addition & 1 deletion b/‎bin/v-add-mail-account‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎bin/v-add-mail-account-alias‎
Lines changed: 4 additions & 1 deletion b/‎bin/v-add-mail-account-alias‎
Lines changed: 4 additions & 1 deletion
@@ -4,44 +4,55 @@ All notable changes to this project will be documented in this file.
 ## [DEVELOPMENT]
 ### Features
 - Introduced single sign-on support for phpMyAdmin.
-- Introduced support for NGINX Fast CGI Cache.
+- Introduced support for NGINX FastCGI cache.
 - Introduced support for SMTP Relay / smarthosts (server-wide or per-domain).
-- Introduced the ability to choose which webmail client to use per-domain (Roundcube or Rainloop)
+- Introduced the ability to choose which webmail client to use per-domain (Roundcube or Rainloop).
 - Added B2 Backup Support for Remote Backup Location - thanks **@rez0n**!
-- Added template support for osticket - thanks **@madito**!
-- Install phpMyAdmin directly from source and provide a migration script for existing installations.
+- Added template support for osTicket - thanks **@madito**!
+- Packages for phpMyAdmin, Roundcube, and Rainloop will be pulled directly from their upstream source instead of APT for new installations.
+- Added DNS records view to mail domains which provides DKIM, SPF, and other entries to use with an external provider.
 - Added an upgrade script to provide in-place upgrades to php7.4 (or any other version).
 
+
 ### Bugfixes
 - Fixed an issue where user name was duplicated when editing FTP users. (#1411)
 - Fixed an issue where the iptables service would appear to be in a stopped state when fail2ban is stopped. (#1374)
 - Fixed an issue where the default language value was incorrectly set under Server Settings > Configure.
 - Fixed an issue with the dark theme where available updates were incorrectly displayed.
 - Fixed an issue where local and FTP backup files were not deleted when running `v-delete-user-backup`. (#1421)
 - Fixed an issue where IP addresses could not be deleted. (#1423)
-- Fixed an issue where nginx web statistics authorization file was placed in the wrong directory.
-- Fixed multiple small issues in mail domain handling and webmail stack.
-- Fixed an issue which caused the custom docroot value to be not set when restoring a backup.
+- Fixed an issue where `v-rebuild-user` would incorrectly rebuild domain items in addition to user account configuration.
+- Fixed an issue which caused a web domain's custom document root value to be lost when restoring from backup.
 - Fixed an issue which caused a `NSPOSIXErrorDomain:100` error when using Safari/iOS (thanks **@stsimb**).
-- Fixed multiple small issues which occured when using PostgreSQL.
-- Fixed an issue where exim ignored the conigured mail quota limit.
-- Fixed an issue with the invalid character validation for mail auto replies.
-- Fixed an issue which caused Let's Encrypt to fail when using the Moodle template - thanks **@ArturoBlanco**.
+- Fixed an issue where exim ignored the configured mail quota limit.
+- Fixed an issue where invalid character validation was performed when editing mail auto replies.
+- Fixed an issue which caused Let's Encrypt to fail when using the Moodle template (thanks **@ArturoBlanco**).
 - Fixed an issue where the MySQL `wait_timeout` value was not saved due to wrong regexp attribute (thanks **@guicapanema**).
+- Fixed an issue where nginx web statistics authorization file was placed in the wrong directory.
+- Fixed several small issues that were reported when using PostgreSQL.
+- Improved reliability of mail domains and webmail clients.
+- Improved reliability of service restarts during upgrades.
 - Improved compatibility with Blesta / WHMCS plugins.
 - Improved API error handling routines - thanks **@danielalexis**!
-- Improved performance by enabling multithreading when creating backups using the `zstd` compression type.
+- Improved backup performance through the use of multi-threading when creating archives using the `zstd` compression type.
 - Improved error handling when creating firewall rules.
-- Improved overview to provide DKIM and other mail server settings in mail overview.
-- Improved removal handling to allow the remove of suspended users, domains, etc.
+- Improved handling of suspended users and domains to allow deletion without unsuspension.
 - Improved dependencies over package control to install `lsb-release` and `zstd`.
-- Improved SFTP connection handling, changing expect to be case insensitive in SFTP (thanks **@lazzurs**).
+- Improved SFTP connection handling to be case insensitive (thanks **@lazzurs**).
 - Improved domain validation to prevent creating subdomains when the top-level domain belongs to another account (thanks **@KuJoe** and **@sickcodes**).
 - Improved IDN domain handling to resolve issues with Let's Encrypt SSL and mail domain services.
-- Added private folder to openbasedir permission for all main templates.
+- Added private folder to openbasedir permissions for all main templates.
 - Disabled changing backup folder via Web UI because it used symbolic link instead of mount causing issues with restore mail / user files.
-- Fixed xss vulnerability in v-add-sys-ip and user history log (thanks **@numanturle**)
-- Fixed remote execution possibility when deleting ssh key (thanks **@numanturle**)
+- Fixed XSS vulnerability in `v-add-sys-ip` and user history log (thanks **@numanturle**).
+- Fixed remote code execution vulnerability which could occur when deleting SSH keys (thanks **@numanturle**).
+
+## [1.3.5] - Service Release
+### Features
+- No new features have been introduced in this release.
+
+### Bugfixes
+- Updated APT repository key for PHP from packages.sury.org (https://forum.hestiacp.com/t/apt-upgrade-failed-gpg-error-packages-sury-org)
+- Updated phpMyAdmin to v5.1.0.
 
 ## [1.3.4] - Service Release
 ### Features
 
@@ -2,7 +2,7 @@
 
 [Hestia Control Panel](https://www.hestiacp.com/)
 ==================================================
-**Latest stable release:** Version 1.3.4 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md)<br>
+**Latest stable release:** Version 1.3.5 | [View Changelog](https://github.com/hestiacp/hestiacp/blob/release/CHANGELOG.md)<br>
 
 **Web:** [www.hestiacp.com](https://www.hestiacp.com/)<br>
 **Documentation:** [docs.hestiacp.com](https://docs.hestiacp.com/)<br>
 
@@ -18,7 +18,7 @@
 
 # Argument definition
 user=$1
-domain=$(idn -t --quiet -a "$2" )
+domain=$2
 ip=$3
 ns1=$4
 ns2=$5
@@ -38,6 +38,7 @@ source $HESTIA/conf/hestia.conf
 # Additional argument formatting
 format_domain
 format_domain_idn
+domain_utf=$(idn -t --quiet -u "$domain_idn")
 
 #----------------------------------------------------------#
 #                    Verifications                         #
@@ -48,7 +49,16 @@ is_format_valid 'user' 'domain' 'ip'
 is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
-is_domain_new 'dns' "$domain"
+
+if [ "$($BIN/v-list-dns-domain $user $domain_utf plain |cut -f 1) " != "$domain" ]; then
+    is_domain_new 'dns' "$domain_utf"
+fi
+if [ "$($BIN/v-list-dns-domain $user $domain_idn plain |cut -f 1) " != "$domain" ]; then
+    is_domain_new 'dns' "$domain_idn"
+else
+    is_domain_new 'dns' "$domain"
+fi
+
 is_package_full 'DNS_DOMAINS'
 template=$(get_user_value '$DNS_TEMPLATE')
 is_dns_template_valid $template
 
@@ -14,7 +14,7 @@
 
 # Argument definition
 user=$1
-alias=$(idn -t --quiet -a "$2" )
+alias=$2
 ip=$3
 restart=$4
 
 
@@ -17,7 +17,8 @@
 
 # Argument definition
 user=$1
-domain=$(idn -t --quiet -a "$2" )
+domain=$2
+domain_idn=$2
 record=$(idn -t --quiet -u "$3" )
 record=$(echo "$record" | tr '[:upper:]' '[:lower:]')
 rtype=$(echo "$4"| tr '[:lower:]' '[:upper:]')
@@ -71,6 +72,8 @@ fi
 # Additional argument formatting
 format_domain
 format_domain_idn
+# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
+
 
 #----------------------------------------------------------#
 #                    Verifications                         #
 
@@ -14,7 +14,7 @@
 
 # Argument definition
 user=$1
-domain=$(idn -t --quiet -a "$2" )
+domain=$2
 ip=$3
 restart="${4-yes}"
 
 
@@ -1,12 +1,12 @@
 #!/bin/bash
-# info: Adding fast cgi nginx support
+# info: Add FastCGI nginx support
 # options: USER DOMAIN [DEBUG]
 # labels: hestia web
 #
-# example: v-add-web-domain-fast-cgi-cache user domain.tld
+# example: v-add-fastcgi-cache user domain.tld
 #
-# Function enables fast cgi support for Nginx
-# Add "yes" as last parameter append debug information to response headers
+# The function enables FastCGI cache for nginx
+# Add "yes" as last parameter to append debug information to response headers
 
 
 #----------------------------------------------------------#
@@ -15,7 +15,7 @@
 
 # Argument definition
 user=$1
-domain=$(idn -t --quiet -a "$2" )
+domain=$2
 debug=$3
 
 # Includes
@@ -45,16 +45,16 @@ check_hestia_demo_mode
 # Load domain data
 parse_object_kv_list $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
 
-# Check if web server is NGINX standalone
+# Check if nginx is not in proxy mode
 if [ "$WEB_SYSTEM" != 'nginx' ]; then
-    echo "Error: NGINX not in Stand Alone mode"
+    echo "Error: nginx is in proxy mode"
     exit $E_NOTEXIST
 fi
 
-
 if ! grep --quiet "forcessl" $HESTIA/data/templates/web/nginx/default.tpl; then
     $BIN/v-update-web-templates
 fi
+
 fastcgi="$HOMEDIR/$user/conf/web/$domain/$WEB_SYSTEM.fastcgi_cache.conf"
 no_cache='$no_cache'
 cookie_session='$cookie_session'
@@ -63,9 +63,11 @@ status='$upstream_cache_status'
 
 cat << EOF > $fastcgi
     fastcgi_cache $domain;
-    fastcgi_no_cache $no_cache;
+    fastcgi_cache_valid 200 2m;
+    fastcgi_cache_valid 301 302 10m;
+    fastcgi_cache_valid 404 10m;
     fastcgi_cache_bypass $no_cache;
-    fastcgi_cache_bypass $cookie_session $http_x_update;
+    fastcgi_no_cache $no_cache;  
 EOF
 
 if [ ! -z "$debug" ]; then
@@ -75,18 +77,18 @@ fi
 chown root:$user $fastcgi
 chmod 640 $fastcgi
 
-str="fastcgi_cache_path /var/cache/nginx/php-fpm/$domain levels=2" 
-str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
-conf='/etc/nginx/conf.d/01_fast_cgi_caching_pool.conf'
-if [ -e "$conf" ]; then
+str="fastcgi_cache_path /var/cache/nginx/micro/$domain levels=1:2" 
+str="$str keys_zone=$domain:10m max_size=512m inactive=30m;" 
+conf='/etc/nginx/conf.d/fastcgi_cache_pool.conf'
+if [ -f "$conf" ]; then
     if [ -z "$(grep "=${domain}:" $conf)" ]; then
         echo "$str" >> $conf
     fi
 else
     echo "$str" >> $conf
 fi
 
-mkdir -p /var/cache/nginx/php-fpm/$domain
+mkdir -p /var/cache/nginx/micro/$domain
 
 #----------------------------------------------------------#
 #                       Hestia                             #
@@ -96,15 +98,15 @@ if [ -z "$FASTCGI" ]; then
     add_object_key "web" 'DOMAIN' "$domain" 'FASTCGI_CACHE' 'ALIAS'
 fi
 
-# Set FASTCGI flag to enabled
+# Set FastCGI cache flag to enabled
 update_object_value 'web' 'DOMAIN' "$domain" '$FASTCGI_CACHE' 'yes'
 
 # Restart web server
 $BIN/v-restart-web
-check_result $? "Web restart failed" > /dev/null
+check_result $? "Web server restart failed" > /dev/null
 
 # Logging
-log_history "enabled fast cgi support for $domain"
+log_history "Enabled FastCGI cache for $domain"
 log_event "$OK" "$ARGUMENTS"
 
 exit
@@ -14,7 +14,7 @@
 
 # Argument definition
 user=$1
-domain=$(idn -t --quiet -a "$2" )
+domain=$2
 aliases=$3
 mail=${4// }
 
@@ -118,7 +118,7 @@ check_hestia_demo_mode
 if [ ! -z "$mail" ]; then
     root_domain=$domain
     domain="mail.$root_domain"
-    webmail=$(get_object_value "mail" "$domain" '$WEBMAIL');
+    webmail=$(get_object_value "mail" "DOMAIN" "$root_domain" '$WEBMAIL');
     if [ ! -z "$webmail" ]; then
         aliases="$WEBMAIL_ALIAS.$root_domain"
     fi
 
@@ -14,7 +14,7 @@
 
 # Argument definition
 user=$1
-domain=$(idn -t --quiet -a "$2" )
+domain=$2
 account=$3
 password=$4; HIDE=4
 quota=${5-unlimited}
 
@@ -14,7 +14,8 @@
 
 # Argument definition
 user=$1
-domain=$(idn -t --quiet -a "$2" )
+domain=$2
+domain_idn=$2
 account=$3
 malias=$4
 
@@ -26,6 +27,8 @@ source $HESTIA/conf/hestia.conf
 # Additional argument formatting
 format_domain
 format_domain_idn
+# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
+
 
 #----------------------------------------------------------#
 #                    Verifications                         #