BlueOnyx YUM updates: 5106R/5107R/5108R
Overhauled BlueOnyx 5106R/5107R/5108R released.
I just pushed the (imaginary) button and released about four months worth of YUM updates for 5106R, 5107R and 5108R.
Everything from the "Testing" YUM repositories has been moved to the production YUM repositories. Depending on your type of BlueOnyx that'll amount to roughly 500 updated and/or new RPMs.
- Still the old GUI (am still working on the new one)
- New languages:
- The translation for these was done with the Google Translate API, so the translations aren't perfect. The French locale has been cleaned up a little (still work in progress) by Meaulnes Legler and Antoine Hayoz. Many thanks for that!
- base-api: Will now get installed automatically. Allows remote provisioning of Vsites via a web based API. More info: http://www.blueonyx.it/index.php?page=api
- base-istat: Allows monitoring of the server health via an iPhone or iPad application available in the Apple Appstore.
- FTP: Better FTPS support. FTP and FTPS can now be separately enabled/disabled via "Network Services" / "FTP".
- Web: Apache can now be configured to run on other ports than the standard port 80 (HTTP) and port 443 (HTTPS). This allows users to put something else in front of Apache (like a Varnish cache for example) if they want to.
- AdmServ: No longer runs as user "httpd", but as user "admserv".
- 5107R/5108R only: Dovecot now supports TLSv1, TLSv1.1 and TLSv1.2. Additionally Dovecot has been switched to use stronger ciphers.
- HTTPS: Vsites that use HTTPS are enforcing the use of stronger ciphers. On 5107R/5108R TLSv1.2 is also possible now. Wherever possible "Perfect Forwarding Secrecy" will be used, but for IE browsers this is not yet possible as our OpenSSL (thanks to idiosyncrasies on behalf of RedHat) is missing the needed ECDH ciphers. Additionally "HTTP Strict Transport Security" will be enforced on HTTPS transactions. For more info on that one please see: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
- "Reseller"-support: It is now possible to use the existing "Server Administrators" as "reseller" accounts. Each admin set up that way can be granted extra permissions such as "Virtual Site Management". He can then create as many sites and users as you allow him to. Existing Vsites can be moved to and from the control of such an admin. Suspension and/or deletion of such an administrator will also affect the Vsites under his control. The sites will then either be suspended or deleted, too.
- Shop Integration: Under "Software Updates" there is a new menu entry that points to the BlueOnyx Shop and presents
the available products sorted by category.
- YUM Updates: A scheduled YUM update will now also try to "auto-complete" your BlueOnyx install. For that it runs a separate "yum groupinstall blueonyx" after each update run. That will make sure that your install is not missing any RPMs that we deem essential and which might or might not be missing.
- Updated CMU: This new version of CMU already supports 5207R and 5208R.
I don't know where to start on that one. It's basically too many to remember. However, these really stick out and should be mentioned:
- Loss of web server alias on SSL enable/disable: Fixed
- Sporadic loss of MBR record on 5106R with RAID1: Fixed
- Wrong cert concatenation for the Sendmail cert: Fixed
Generally the whole server alias stuff should now be working a lot more reliably. In the past we had these cases where either the email server alias(es) or the web server alias(es) would go walkies. They would still show in the GUI, but were gone in the respective config files. The problem there was that quite a few handlers run on these transactions and sometimes they just got into each others way, too.
Well, the stuff was in the testing YUM repositories since December. Every reported bug got fixed. But there still might be the odd glitch here and there that was missed. If you find something, say so and it'll get fixed ASAP.
Problems during the YUM update:
I had updated all my own VPS's over the last couple of weeks. I also just updated a few client servers. The updates themselves throw a few minor complains here and there with some scripts failing during the post-install. That is of no concern.
After this massive YUM update you might experience that the AdmServ might have stopped or failed to restart. Simply restart it again manually.
If the YUM update didn't go all the way through, then just do another "yum update" and it should finish.
However, so far I haven't seen any larger defects with or after a YUM update of these new updates. But if you need assistance, please post here or in emergencies use the contact details on www.solarspeed.net.