UniqueSoft/openpanel
2
0
Fork 0
mirror of https://github.com/stefanpejcic/openpanel synced 2025-06-26 18:28:26 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

fork refine

Browse Source
This commit is contained in:
Stefan Pejcic
2024-02-05 10:23:04 +01:00
parent 3fffde9a8f
commit 8496a83edb
3634 changed files with 715528 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
documentation/docs/admin/settings/_category_.json Normal file
View File

@@ -0,0 +1,7 @@
{
"label": "Settings",
"position": 6,
"link": {
"type": "generated-index"
}
}

26
documentation/docs/admin/settings/adminpanel.md Normal file
View File

@@ -0,0 +1,26 @@
---
sidebar_position: 6
---
# OpenAdmin
Manage admin users, enable features and disable admin interface.
![openadmin admin panel settings](/img/admin/adminpanel_openadmin_settings.png)
The Settings > OpenAdmin page allows you to manage Admin users, enable/disable server-wide settings such as backups or domain access logs.
## Admin Users
For options on managing admin users please [visit this page](/docs/admin/users/openadmin).
## Enable Features
To enable a eature check it and click on save.
## Disable Admin Panel
As an advanced security measure, you can temporarily disable access to the OpenAdmin interface. This will disable the admin panel and you can turn it back on when needed by executing the command `opencli admin on`
## Server Information Report
Generate a report on server information and service status, and provide it when reaching out for support on [community.openpanel.co](https://community.openpanel.co/)

6
documentation/docs/admin/settings/backups.md Normal file
View File

@@ -0,0 +1,6 @@
---
sidebar_position: 6
---
# Backups

11
documentation/docs/admin/settings/docker.md Normal file
View File

@@ -0,0 +1,11 @@
---
sidebar_position: 2
---
# Docker
:::info
This feature is still experimental and not yet released.
:::
![openadmin docker settings](/img/admin/adminpanel_docker_settings.png)

41
documentation/docs/admin/settings/firewall.md Normal file
View File

@@ -0,0 +1,41 @@
---
sidebar_position: 4
---
# Firewall
View and edit firewall (UFW) rules
![openadmin firewall settings](/img/admin/adminpanel_firewall_settings.png)
The firewall settings page provides three tabs:
- IPv4 - that lists all IPv4 firewall rules
- IPv6 - that lists all IPv6 firewall rules
- Logs - displays the UFW service log
## View existing rules
The table shows firewall rules, showcasing information such as rule ID, action, ports, source/destination IP, and the username of the user utilizing the port.
For IPv6 rules, navigate to the IPv6 tab.
![openadmin firewall ipv6 rules](/img/admin/adminpanel_firewall_ipv6.png)
## Add Rules
To create a new rule click on the 'New Rule' button and in the modal choose 'ALLOW' to allow the IP address or port, and 'DENY' to block access for IP address or port.
![openadmin firewall add rule](/img/admin/adminpanel_firewall_add_rule.png)
## Delete Rules
To delete a rule click on the 'Delete' link next to it, and in the confirmaiton modal click on 'Delete' button.
![openadmin firewall delete rule](/img/admin/adminpanel_firewall_delete_rule.png)
## View logs
For logs, navigate to the 'Logs' tab.
![openadmin firewall logs](/img/admin/adminpanel_firewall_logs.png)

70
documentation/docs/admin/settings/general.md Normal file
View File

@@ -0,0 +1,70 @@
---
sidebar_position: 1
---
# General Settings
Change ports, domain, enable ssl, etc.
![openadmin general panel settings](/img/admin/adminpanel_general_settings.png)
The General Settings page enables you to specify the domain name for accessing both the admin and user panels, with an option to switch to an IP address.
## Set domain for OpenPanel
To enable access to both OpenAdmin and OpenPanel through a domain name, such as srv.your-domain.com:2083, follow these three steps:
1. Set the desired name as the server hostname.
2. Point the domain name to the public IP of the server.
3. Configure the domain name in OpenAdmin under OpenAdmin Settings.
Completing these steps will allow users to access both OpenAdmin and OpenPanel using the specified domain name and port.
![openadmin set_domainname](/img/admin/adminpanel_domainname.png)
## Set IP address for OpenPanel
To access OpenPanel and OpenAdmin via server public IP address, choose the "Server IP address" option and click save. The modification is immediate, redirecting you to the designated IP:2087 for the admin panel upon saving.
![openadmin set ip](/img/admin/adminpanel_serverip.png)
## Change OpenPanel port
Port configurations for OpenAdmin and OpenPanel interfaces can be modified from their default settings (2087 for OpenAdmin and 203 for OpenPanel).
![openadmin set port for openpanel](/img/admin/openpanel_settings.png)
To modify the port for the OpenPanel from the default `2083` to another value, you can easily set the desired port in the "OpenPanel Port" field.
It's important to note that the port must fall within the range of 1000-33000.
## Change OpenAdmin port
Port configurations for OpenAdmin and OpenPanel interfaces can be modified from their default settings (2087 for OpenAdmin and 203 for OpenPanel).
![openadmin set port for openadmin](/img/admin/openadmin_settings.png)
To modify the port for the AdminPanel from the default `2087` to another value, you can easily set the desired port in the "OpenAdmin Port" field.
It's important to note that the port must fall within the range of 1000-33000.
# Force HTTPS
Enabling the "Force HTTPS" option ensures that the panels are accessible via HTTPS, recommended for enhanced security features like CORS and header checks in the OpenPanel interface.
To activate HTTPS, select the "Force HTTPS" option; to deactivate, simply uncheck it.
# Change /openpanel
By default, when users add a domain, the addition of "/openpanel" to the domain URL will redirect them to the OpenPanel interface. However, you have the flexibility to customize this, such as changing it to "/awesome," allowing users to access the OpenPanel via "their-domain.com/awesome".
To change the "/openpanel" to something else, simply set the value for the "OpenPanel is also available on:" field and click on save. Changes take effect instantly without service interruption.
![openadmin set custom path](/img/admin/openpanel_settings_available_on_openpanel.png)
## Enable Updates
The Update Preferences section provides the option to enable or disable Auto updates and Auto patches. Patches involve minor updates aimed at fixing bugs without introducing new features. On the other hand, Updates encompass major updates that introduce new features, potentially impacting existing functionality.
![openadmin set update preferences](/img/admin/openpanel_settings_updates.png)
Examples:
- Autoupdate: 1.0.2 will **NOT** be updated to 1.0.3 BUT 1.0.2 will be updated to 2.0.0
- Autopatch: 1.0.2 will be updated to 1.0.3 BUT 1.0.2 will **NOT** be updated to 2.0.0

71
documentation/docs/admin/settings/openpanel.md Normal file
View File

@@ -0,0 +1,71 @@
---
sidebar_position: 3
---
# OpenPanel
Edit nameservers, disable features and more.
![openadmin openpanel settings](/img/admin/adminpanel_openpanel_settings.png)
The OpenPanel Settings page allows you to edit setitngs and features availabnel to users in their OpenPanel interface.
## Branding
To set a custom name visible in the OpenPanel sidebar and on login pages, enter the desired name in the "Brand name" option. Alternatively, to display a logo instead, provide the URL in the "Logo image" field and save the changes.
## Set nameservers
Before adding any domains its important to first create nameservers so that added domains will have valid dns zone files and be able to propagate.
Configuring nameservers involves two steps:
1. Create private nameservers (glue DNS records) for the domain through your domain registry.
2. Add the nameservers into the OpenPanel configuration.
Here are tutorials for some popular domain providers:
- [Cloudflare](https://developers.cloudflare.com/dns/additional-options/custom-nameservers/zone-custom-nameservers/)
- [GoDaddy](https://uk.godaddy.com/help/add-custom-hostnames-12320)
- [NameCheap](https://www.namecheap.com/support/knowledgebase/article.aspx/768/10/how-do-i-register-personal-nameservers-for-my-domain/#:~:text=Click%20on%20the%20Manage%20option,5.)
To add nameservers from OpenAdmin navgiate to Settings > OpenPanel and set nameservers in ns1 and ns2 fields and click on save:
![openpanel add nameservers](/img/admin/openadmin_add_ns.png)
Or from terminal run commands:
```bash
opencli config update ns1 your_ns1.domain.com
opencli config update ns2 your_ns2.domain.com
```
:::info
After creating nameservers it can take up to 12h for the records to be globally accessible. Use a tool sush as [whatsmydns.net](https://www.whatsmydns.net/) to monitor the status.
If you still experience problems after the propagation process, then please check this guide: [dns server not responding to reqeuests](https://community.openpanel.co/d/5-dns-server-does-not-respond-to-request-for-domain-zone).
:::
## Enable Features
Administrators have the ability to enable or disable each feature (page) in the OpenPanel interface. To activate a feature, select it in the "Enable Features" section and click save. The change is immediate and necessitates the restart of the OpenPanel service to implement the modifications.
Once enabled, the feature becomes instantly available to all users, appearing in the OpenPanel interface sidebar, search results, and dashboard icons.
![openpanel enable modules](/img/admin/openpanel_settings_modules.png)
## Other settings
Additional settings available in the Settings > OpenPanel page include:
- **Logout URL:** Set the URL for redirecting users upon logout from the OpenPanel.
- **Avatar Type:** Choose to display Gravatar, Letter, or Icon as avatars for users.
- **Resource Usage Charts:** Opt to display 1, 2, or no charts on the Resource Usage page.
- **Default PHP Version:** Specify the default PHP version for domains added by users (users can override this setting).
- **Enable Password Reset:** Activate password reset on login forms (not recommended).
- **Display 2FA Nag:** Show a message in users' dashboards encouraging them to set up 2FA for added security.
- **Display How-to Guides:** Display how-to articles for users in their dashboard pages.
- **Login Records:** Set the number of login records to keep for each user.
- **Activities per Page:** Specify the number of activity items to display per page.
- **Usage per Page:** Specify the number of Resource Usage items to display per page.
- **Usage Retention:** Set the number of Resource Usage items to keep for each user.
- **Domains per Page:** Specify the number of domains to display per page.

51
documentation/docs/admin/settings/waf.md Normal file
View File

@@ -0,0 +1,51 @@
---
sidebar_position: 5
---
# WAF
Install ModSecurity and enable it for user domains.
The Settings > ModSecurity page allows you to install ModSecurity for Nginx and configures the [OWASP core ruleset](https://owasp.org/www-project-modsecurity-core-rule-set/)
The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity that will increase the security of user domains and websites.
## Install ModSecurity
Upon the initial access to the ModSecurity page, you will be prompted to install the ModSecurity plugin.
:::warning
The installation process may require up to 10 minutes and involves rebuilding the Nginx configuration. It's important to note that any customizations to the service will be permanently removed during this process. It is advisable to perform the installation during off-peak hours to minimize the risk of causing downtime for websites.
:::
To install ModSecurity click on the 'Install' button.
![openadmin modsec install](/img/admin/adminpanel_modsec_install.png)
Or from terminal run: [opencli nginx-install_modsec](/docs/admin/scripts/webserver#install-modsecurity)
## Activate ModSecurity
Upon ModSecurity installation, all new domains will have ModSecurity enabled by default. However, individual users can choose to disable ModSecurity for their domains at any time through their OpenPanel interface. [More information](/docs/panel/advanced/server_settings#modsecurity-settings)
## Customize ModSecurity rules
Adjusting ModSecurity rules means fine-tuning security settings for your specific needs, giving administrators the power to better protect against specific threats and reduce false positives.
You can follow user-friendly guides to easily customize ModSecurity rules, adapting security settings to your specific needs.
- [Nginx Docs: Using the OWASP CRS with the NGINX ModSecurity WAF](https://docs.nginx.com/nginx-waf/admin-guide/nginx-plus-modsecurity-waf-owasp-crs/)
- [Nginx Docs: Using the ModSecurity Rules from Trustwave SpiderLabs with the NGINX ModSecurity WAF](https://docs.nginx.com/nginx-waf/admin-guide/nginx-plus-modsecurity-waf-trustwave-spiderlabs-rules/)
- [ModSecurity Documentation](https://github.com/SpiderLabs/ModSecurity/wiki)
- [ProSec Blog: Modsecurity Core Rule Sets and Custom Rules](https://www.prosec-networks.com/en/blog/modsecurity-core-rule-sets-und-eigene-regeln/)
## Enable ModSecurity for existing domains
After installing ModSecurioty only new domains that users add will by default have ModSecurity activate, and for existing users this process can be performed by the administrator from this page or from each user panel individually. To enable ModSecurity on all domains owneed by a user, select the user anc click on 'Enable' button.
![openadmin modsec settings](/img/admin/adminpanel_modsec_use.png)
Or from terminal run: [opencli domains-enable_modsec](/docs/admin/scripts/domains#enable-modsecurity)