From 8ca3ae1b4994906b3522948ecdceb6ee31a5b92c Mon Sep 17 00:00:00 2001 From: Master3395 Date: Thu, 18 Sep 2025 21:37:48 +0200 Subject: [PATCH] Remove SECURITY_INSTALLATION.md and implement SSL reconciliation features in manageSSL module. Add new views and URLs for SSL reconciliation, enhance mobile responsiveness in templates, and update SSL utilities for improved functionality. Update upgrade script for scheduled SSL reconciliation tasks. --- SECURITY_INSTALLATION.md | 193 ------ .../templates/baseTemplate/index.html | 53 +- .../templates/manageSSL/sslReconcile.html | 318 ++++++++++ manageSSL/urls.py | 6 + manageSSL/views.py | 502 ++++------------ plogical/management/__init__.py | 1 + plogical/management/commands/__init__.py | 1 + plogical/management/commands/ssl_reconcile.py | 98 ++++ plogical/sslReconcile.py | 419 +++++++++++++ plogical/sslUtilities.py | 56 +- plogical/upgrade.py | 2 + plogical/vhostConfs.py | 18 +- .../baseTemplate/assets/mobile-responsive.css | 552 ++++++++++++++++++ test_ssl_integration.py | 236 ++++++++ .../websiteFunctions/domainAlias.html | 4 +- .../websiteFunctions/launchChild.html | 6 +- .../templates/websiteFunctions/listCron.html | 164 ++++++ .../templates/websiteFunctions/website.html | 111 +++- 18 files changed, 2123 insertions(+), 617 deletions(-) delete mode 100644 SECURITY_INSTALLATION.md create mode 100644 manageSSL/templates/manageSSL/sslReconcile.html create mode 100644 plogical/management/__init__.py create mode 100644 plogical/management/commands/__init__.py create mode 100644 plogical/management/commands/ssl_reconcile.py create mode 100644 plogical/sslReconcile.py create mode 100644 static/baseTemplate/assets/mobile-responsive.css create mode 100644 test_ssl_integration.py diff --git a/SECURITY_INSTALLATION.md b/SECURITY_INSTALLATION.md deleted file mode 100644 index 60cd302c3..000000000 --- a/SECURITY_INSTALLATION.md +++ /dev/null @@ -1,193 +0,0 @@ -# CyberPanel Secure Installation Guide - -## Overview - -This document describes the secure installation process for CyberPanel that eliminates hardcoded passwords and implements environment-based configuration. - -## Security Improvements - -### ✅ **Fixed Security Vulnerabilities** - -1. **Hardcoded Database Passwords** - Now generated securely during installation -2. **Hardcoded Django Secret Key** - Now generated using cryptographically secure random generation -3. **Environment Variables** - All sensitive configuration moved to `.env` file -4. **File Permissions** - `.env` file set to 600 (owner read/write only) - -### 🔐 **Security Features** - -- **Cryptographically Secure Passwords**: Uses Python's `secrets` module for password generation -- **Environment-based Configuration**: Sensitive data stored in `.env` file, not in code -- **Secure File Permissions**: Environment files protected with 600 permissions -- **Credential Backup**: Automatic backup of credentials for recovery -- **Fallback Security**: Maintains backward compatibility with fallback method - -## Installation Process - -### 1. **Automatic Secure Installation** - -The installation script now automatically: - -1. Generates secure random passwords for: - - MySQL root user - - CyberPanel database user - - Django secret key - -2. Creates `.env` file with secure configuration: - ```bash - # Generated during installation - SECRET_KEY=your_64_character_secure_key - DB_PASSWORD=your_24_character_secure_password - ROOT_DB_PASSWORD=your_24_character_secure_password - ``` - -3. Creates `.env.backup` file for credential recovery -4. Sets secure file permissions (600) on all environment files - -### 2. **Manual Installation** (if needed) - -If you need to manually generate environment configuration: - -```bash -cd /usr/local/CyberCP -python install/env_generator.py /usr/local/CyberCP -``` - -## File Structure - -``` -/usr/local/CyberCP/ -├── .env # Main environment configuration (600 permissions) -├── .env.backup # Credential backup (600 permissions) -├── .env.template # Template for manual configuration -├── .gitignore # Prevents .env files from being committed -└── CyberCP/ - └── settings.py # Updated to use environment variables -``` - -## Security Best Practices - -### ✅ **Do's** - -- Keep `.env` and `.env.backup` files secure -- Record credentials from `.env.backup` and delete the file after installation -- Use strong, unique passwords for production deployments -- Regularly rotate database passwords -- Monitor access to environment files - -### ❌ **Don'ts** - -- Never commit `.env` files to version control -- Don't share `.env` files via insecure channels -- Don't use default passwords in production -- Don't leave `.env.backup` files on the system after recording credentials - -## Recovery - -### **Lost Credentials** - -If you lose your database credentials: - -1. Check if `.env.backup` file exists: - ```bash - sudo cat /usr/local/CyberCP/.env.backup - ``` - -2. If backup doesn't exist, you'll need to reset MySQL passwords using MySQL recovery procedures - -### **Regenerate Environment** - -To regenerate environment configuration: - -```bash -cd /usr/local/CyberCP -sudo python install/env_generator.py /usr/local/CyberCP -``` - -## Configuration Options - -### **Environment Variables** - -| Variable | Description | Default | -|----------|-------------|---------| -| `SECRET_KEY` | Django secret key | Generated (64 chars) | -| `DB_PASSWORD` | CyberPanel DB password | Generated (24 chars) | -| `ROOT_DB_PASSWORD` | MySQL root password | Generated (24 chars) | -| `DEBUG` | Debug mode | False | -| `ALLOWED_HOSTS` | Allowed hosts | localhost,127.0.0.1,hostname | - -### **Custom Configuration** - -To use custom passwords during installation: - -```bash -python install/env_generator.py /usr/local/CyberCP "your_root_password" "your_db_password" -``` - -## Troubleshooting - -### **Installation Fails** - -If the new secure installation fails: - -1. Check installation logs for error messages -2. The system will automatically fallback to the original installation method -3. Verify Python dependencies are installed: - ```bash - pip install python-dotenv - ``` - -### **Environment Loading Issues** - -If Django can't load environment variables: - -1. Ensure `.env` file exists and has correct permissions: - ```bash - ls -la /usr/local/CyberCP/.env - # Should show: -rw------- 1 root root - ``` - -2. Install python-dotenv if missing: - ```bash - pip install python-dotenv - ``` - -## Migration from Old Installation - -### **Existing Installations** - -For existing CyberPanel installations with hardcoded passwords: - -1. **Backup current configuration**: - ```bash - cp /usr/local/CyberCP/CyberCP/settings.py /usr/local/CyberCP/CyberCP/settings.py.backup - ``` - -2. **Generate new environment configuration**: - ```bash - cd /usr/local/CyberCP - python install/env_generator.py /usr/local/CyberCP - ``` - -3. **Update settings.py** (already done in new installations): - - The settings.py file now supports environment variables - - It will fallback to hardcoded values if .env is not available - -4. **Test the configuration**: - ```bash - cd /usr/local/CyberCP - python manage.py check - ``` - -## Support - -For issues with the secure installation: - -1. Check the installation logs -2. Verify file permissions -3. Ensure all dependencies are installed -4. Review the fallback installation method if needed - ---- - -**Security Notice**: This installation method significantly improves security by eliminating hardcoded credentials. Always ensure proper file permissions and secure handling of environment files. - diff --git a/baseTemplate/templates/baseTemplate/index.html b/baseTemplate/templates/baseTemplate/index.html index 742a8f49f..63928508b 100644 --- a/baseTemplate/templates/baseTemplate/index.html +++ b/baseTemplate/templates/baseTemplate/index.html @@ -20,6 +20,9 @@ {{ cosmetic.MainDashboardCSS | safe }} + + + @@ -955,7 +958,7 @@ @@ -169,7 +169,7 @@
-

+

×
diff --git a/websiteFunctions/templates/websiteFunctions/launchChild.html b/websiteFunctions/templates/websiteFunctions/launchChild.html index 687d73be7..93ebb4e1f 100644 --- a/websiteFunctions/templates/websiteFunctions/launchChild.html +++ b/websiteFunctions/templates/websiteFunctions/launchChild.html @@ -963,7 +963,7 @@

+ class="glyph-icon icon-close text-danger mt-5" style="font-size: 24px; cursor: pointer;">×
@@ -1019,7 +1019,7 @@

+ class="glyph-icon icon-close text-danger mt-5" style="font-size: 24px; cursor: pointer;">×
@@ -1059,7 +1059,7 @@

+ href="">

×

diff --git a/websiteFunctions/templates/websiteFunctions/listCron.html b/websiteFunctions/templates/websiteFunctions/listCron.html index 408cc201f..67e44acfc 100644 --- a/websiteFunctions/templates/websiteFunctions/listCron.html +++ b/websiteFunctions/templates/websiteFunctions/listCron.html @@ -403,6 +403,170 @@ font-size: 16px; } + /* Mobile Responsive Styles */ + @media (max-width: 768px) { + .page-wrapper { + padding: 10px; + } + + .page-container { + max-width: 100%; + } + + .container { + padding: 10px; + } + + #page-title { + padding: 20px; + margin-bottom: 20px; + } + + #page-title h1 { + font-size: 1.5rem !important; + } + + #page-title p { + font-size: 14px !important; + } + + /* Table improvements for mobile */ + .table-responsive { + border: none; + margin-bottom: 20px; + } + + .table { + font-size: 14px !important; + min-width: 600px; + } + + .table th, .table td { + padding: 8px 6px !important; + font-size: 13px !important; + white-space: nowrap; + } + + /* Hide less important columns on mobile */ + .table .d-none-mobile { + display: none !important; + } + + /* Button improvements for mobile */ + .btn { + font-size: 16px !important; + padding: 12px 20px !important; + margin-bottom: 10px; + width: 100%; + } + + .btn-group { + display: flex; + flex-direction: column; + width: 100%; + } + + .btn-group .btn { + margin-bottom: 10px; + width: 100%; + } + + /* Form improvements for mobile */ + .form-horizontal .form-group { + margin-bottom: 15px; + } + + .form-horizontal .control-label { + text-align: left !important; + margin-bottom: 5px; + font-size: 16px !important; + } + + .form-horizontal .col-sm-3, + .form-horizontal .col-sm-6, + .form-horizontal .col-sm-9 { + width: 100% !important; + float: none !important; + } + + .form-control, input, textarea, select { + font-size: 16px !important; + padding: 12px 16px !important; + width: 100%; + } + + /* Modal improvements for mobile */ + .modal-dialog { + margin: 10px; + width: calc(100% - 20px); + max-width: none; + } + + .modal-content { + padding: 20px 15px; + } + + .modal-title { + font-size: 1.25rem !important; + } + + /* Card improvements for mobile */ + .card { + margin-bottom: 15px; + } + + .card-body { + padding: 15px; + } + + .card-title { + font-size: 1.125rem !important; + } + + .card-text { + font-size: 14px !important; + } + } + + @media (max-width: 576px) { + /* Extra small devices */ + .page-wrapper { + padding: 5px; + } + + .container { + padding: 5px; + } + + #page-title { + padding: 15px; + } + + #page-title h1 { + font-size: 1.25rem !important; + } + + .table th, .table td { + padding: 6px 4px !important; + font-size: 12px !important; + } + + /* Hide even more columns on very small screens */ + .table .d-none-mobile-sm { + display: none !important; + } + + .btn { + font-size: 14px !important; + padding: 10px 15px !important; + } + + .form-control, input, textarea, select { + font-size: 16px !important; + padding: 10px 14px !important; + } + } + /* Dark mode specific adjustments */ [data-theme="dark"] body { background: var(--bg-primary); diff --git a/websiteFunctions/templates/websiteFunctions/website.html b/websiteFunctions/templates/websiteFunctions/website.html index 7fd02f0db..97a271777 100644 --- a/websiteFunctions/templates/websiteFunctions/website.html +++ b/websiteFunctions/templates/websiteFunctions/website.html @@ -629,6 +629,107 @@ } } + /* Additional mobile improvements */ + @media (max-width: 768px) { + .cyberpanel-website-page { + padding: 10px; + } + + /* Improve table responsiveness */ + .table-responsive { + border: none; + margin-bottom: 20px; + } + + .table { + font-size: 14px !important; + min-width: 600px; + } + + .table th, .table td { + padding: 8px 6px !important; + font-size: 13px !important; + white-space: nowrap; + } + + /* Hide less important columns on mobile */ + .table .d-none-mobile { + display: none !important; + } + + /* Improve form layout on mobile */ + .form-horizontal .form-group { + margin-bottom: 15px; + } + + .form-horizontal .control-label { + text-align: left !important; + margin-bottom: 5px; + } + + .form-horizontal .col-sm-3, + .form-horizontal .col-sm-6, + .form-horizontal .col-sm-9 { + width: 100% !important; + float: none !important; + } + + /* Improve button layout */ + .btn-group { + display: flex; + flex-direction: column; + width: 100%; + } + + .btn-group .btn { + margin-bottom: 10px; + width: 100%; + } + + /* Improve modal on mobile */ + .modal-dialog { + margin: 5px; + width: calc(100% - 10px); + max-width: none; + } + + .modal-content { + padding: 15px; + } + + /* Improve close button visibility */ + .glyph-icon.icon-close { + font-size: 20px !important; + min-width: 44px; + min-height: 44px; + display: flex; + align-items: center; + justify-content: center; + } + } + + @media (max-width: 576px) { + /* Extra small devices */ + .cyberpanel-website-page { + padding: 5px; + } + + .table th, .table td { + padding: 6px 4px !important; + font-size: 12px !important; + } + + /* Hide even more columns on very small screens */ + .table .d-none-mobile-sm { + display: none !important; + } + + .btn { + font-size: 14px !important; + padding: 10px 15px !important; + } + } + /* Modal and Form Modal Styling for Rewrite Rules */ .form-horizontal.bordered-row { background: var(--bg-secondary, white); @@ -1562,7 +1663,7 @@
-

+

×
@@ -1607,7 +1708,7 @@
-

+

×
@@ -1671,7 +1772,7 @@
-

+

×
@@ -1828,7 +1929,7 @@
-

+

×
@@ -2119,7 +2220,7 @@

+ href="">

×