New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Just configure backups in WHM and backup the directory where backups are stored.
SSH password login failed..
I readded the server many times, yet still same error..
Try
ssh -vvv <user>@<host> -p <port>
on the backup server, can it connect?@PetaByet ,
Can't get this to run under Docker using the latest Apache/PHP build:
That mounts port 80 of the guest LXC container onto port 80 of the host, thus using the official PHP5.6/Apache2.4 docker image (which is based off of Debian/Ubuntu, with default-ish settings.)
This gives a 500 error in the console, and an empty page being loaded at the URL.
@GoodHosting Have you checked Apache's error logs?
It's not writing anything out to the logs, which is why I was sort of confused.
It's worth noting that eventually I ended up with a db/ folder and includes/ folder both with the *.db files inside of them, both chmod'd 0755 somehow. So I'm sure I screwed that up somewhere along the way.
In my most recent (clean) attempt, I used the instructions from the manual install page:
Right, your original documentation stated
includes/*.json
as the chmod target, but it would seem that the database files are now part ofdb/*.json
, so I've chmodded those instead. I have also tried chmodding both locations, incase it wanted to create the files.The errors log in Apache was empty, and PHP's error related settings are:
And when attempting to wget / curl:
Seems kind of odd considering nothing major is shown on the terminal, guessing the issue here is with Apache / PHP missing a module somewhere that was required? Tried without the .htaccess file as well just incase, and got the same results.
Enable error logging?
The official PHP containers log to STDOUT and STDERR through Apache (also tried setting the following to no avail):
Sadly didn't get anything there either, blank file. And as I said, blank pages too.
Not much reason for this not to work, unless
$config['debug']
doesn't work as advertised in CDP :PThe odd thing, is that if I set
debug
on, andlevel
to 2; I do get the fewprint_r
results in my browser (PHPSESSID, and an empty array); but nothing else (a blank screen otherwise.) What PHP version is recommended for running this / which webserver? About to try docker's nginx and php-fpm images to see if they have a better success in running this.Right, the same issue doesn't exist when using the
nginx
andphp-fpm
docker containers instead, odd.@Petabyet , I re-set the admin password manually in the db file, was it mentioned somewhere in the documentation that I missed, or was it intended to find/replace md5 in the
db/db-users.json
file manually for admin ?Thanks for pointing that out, databases were in includes but were moved to db in a recent commit. I have fixed the documentation.
Have you installed all required PHP modules / restarted apache after installing them? I'm not familiar with how Apache works on Docker though.
You can change the password by editing the user using the web UI.
Sure, but is the default password shown in the documentation? (I had tried
admin
without that working, as well as "Password"; and blank input, and all failed to login with (Login failed.) when working through nginx.I'll look into what modules the official images have that differ between php-fpm and the official php5.6-apache images, and maybe there is a difference there that is creating the blank screen / random error 500 issue encountered.
@GoodHosting The default login is admin/password.
If you need to get chmod 777 to the files from
/db/
directory you are making it wrong. On the commit that I've made, all database files was chmoded to 644 when it should really be 600 or at least 640. Make the database world writable is a BIG security issue and can give you some monstrous problems when using that on a shared server or when you are running other applications at the same PHP instance or web server of CDP.The biggest source of problems when you can't write or read the database files is related to wrong
user:group
. You need to chown your/db/
dir to match ownership to the user that runs apache and PHP (if you are using PHP as CGI). In general, this should bewww-data:www-data
, take a look at apache config. But, really, you don't want databases with 777 permissions.Agreed further, however; it's worth noting that specialized permissions are hell for docker, as that means you have to make your own Dockerfile to implement them, which invalidates the cache, and fun ensues. I will be pushing a git issue shortly with a working, and non-working docker official images for comparison, as I have gotten to the bottom of the issue @Petabyet .
I agree with you. As I'm on the final week of my semester at the University I'm really busy and don't have any time to implement and correct some security functions at CDP and submit to @PetaByet take a look. When I has finished all my tests, I will start to work at the code again and will try to adress that db problem. I'm not a fan of file-as-db because it don't scalate and is insecure as hell because depends on you making fine tuning on the web server config. I'd rather use a DBMS but will follow @PetaByet design decisions.
If I can give you, @GoodHosting, some advice, don't use Apache to build your backup server. Use Hiawatha instead as it is security focused (and very stable/light). And don't use CDP on production. Really, don't do that. Not by now.
The idea was CDP-as-a-service , hence docker .
Coming soon to a certain as-a-service mongoloid near you.
Secrets are best told very loudly, and confusingly.
Either way, Apache was just to test it working in the simplest config, with the default (official) images released by the PHP group themselves to the Docker hub (the ultimate compatibility test, if it will work right out of the box on a freshly installed and officially maintained system.)
CDP as a service is a good idea, but the code is a mess by now. You could end with a very big performance issue and some data leaks
And the Hiawatha web server works very well under Docker (with PHP-FPM running on another container). You should take a look at this.
Are there any official Hiawatha images? I couldn't find any on the hub.
PHP maintains their very own official images here:
https://registry.hub.docker.com/_/php/
@EkaatyLinux @GoodHosting I'm releasing a new update soon which will include an optional server agent for better security and isolation.
>
No official images for Hiawatha available. What isn't a problem as the only thing you need to do is compile Hiawatha on your container. Take a dockerfile and edit it to the latest version or build one by yourself. It will just work.
Of course, I was just hoping it had it's own version out there that was tested and guaranteed to work just for itself. That's why I was so surprised when CDP.me didn't work on the official PHP563 images from Docker, as those are what I would be running on my -as-a-service FPM images either way.
Even if it was a missing required extension (like GD), it's easy enough to check for missing functions and tell the user about it during installation, or initial configuration.
@PetaByet this is really cool. I want to take a look at this update. I want to ask you to commit your updates in small pieces to make code revision easier. If you release only a big chunk of data it becomes a pain to review. This way the workflow becomes more fluid and you make easier for contributors to make comments on your implementations.
I want to ask you, do you plan to use any PHP framework on the near future? Smarty is good for template isolation but I think that you should use a light PHP framework (as Fat-Free Framework that is pure love) to make your code more maintanable (man, your index.php is a mess) and secure. Think about it.
Also worth noting is that Smarty is not fullproof. If you have any WYSIWYG areas of your site, or any areas of the software that will print back whatever the client / user enters, this is a security risk and attack vector of its own. Smarty has workaround areas such as the triple handlebar, or execute code block
{{{php}}}rm -rf index.php{{{/php}}}
Of course this should fail if PHP is not running as the apache user, but I digress; if you can run any PHP, you can do anything.Can you open a issue on Github asking for that function?
@PetaByet how does the cPanel work?
Are you talking about cPanel backups?
Yep
cPanel's API.
@PetaByet Everything is working exept that i get: File not found when i try to download the Backup. E-Mail says backup has been completed. It was a fresh installation.
Can you PM me the email contents?