| Age | Commit message (Collapse) | Author |
|---|
|
|
|
On fresh Debian 12+, Ubuntu 24+ and recent RHEL-family minimal images
the fail2ban package ships with `banaction = nftables-multiport` as
the default in /etc/fail2ban/jail.conf but does not pull in the
`nftables` package as a dependency. The first SSH brute-force attempt
hits the default sshd jail and fail2ban logs
stderr: /bin/sh: 1: nft: not found
returned 127 -- HINT on 127: "Command not found"
repeatedly, which users mistake for a 3x-ui regression (see the
discussion on #4083). The 3x-ipl jail itself is unaffected — it uses
an iptables-based action configured in create_iplimit_jails — so this
is only stray noise, but noisy enough to look like a real failure on
first install.
Add `nftables` to the package list in every branch of install_iplimit
so new installs end up with a working default sshd jail out of the
box. Existing installs where `nftables` is already present are a
no-op.
|
|
success/failure logs (#4004)
* perf: replace /dev/urandom | tr with openssl rand to fix CPU spike
* fix: add cron to default package installation and improve SSL certificate handling
* Reworked `--installcert` success criteria, cleanup behavior adjusted.
|
|
|
|
looks like now cert management is option 19
|
|
|
|
it should be 'default' runlevel when add x-ui service to openrc, default is 'sysinit' runlevel. 'sysinit' runlevel is unnecessary,maybe.
if not, there is an error when call to function 'check_enabled()' as command 'grep default -c' can`t print 'default' runlevel.
check_enabled() {
if [[ $release == "alpine" ]]; then
if [[ $(rc-update show | grep -F 'x-ui' | grep default -c) == 1 ]]; then
return 0
else
return 1
fi
|
|
|
|
Replace simple curl+trim checks with a response+http_code parse to ensure the remote URL returns HTTP 200 and a non-empty body before assigning server_ip. Changes applied to install.sh, update.sh and x-ui.sh: use curl -w to append the status code, extract http_code and ip_result, and only set server_ip when http_code == 200 and ip_result is non-empty. This makes the IP discovery more robust against error pages or partial responses while keeping the existing timeout behavior.
|
|
|
|
|
|
|
|
|
|
Introduces user prompts to select the port for ACME HTTP-01 certificate validation (default 80), checks if the chosen port is available, and provides guidance for port forwarding. Adds is_port_in_use helper to all scripts and improves messaging for certificate issuance and error handling.
|
|
|
|
|
|
|
|
* Remove wget dependency
* Merge branch 'curl_only' of https://github.com/nebulosa2007/3x-ui into nebulosa2007-curl_only
---------
Co-authored-by: Sanaei <ho3ein.sanaei@gmail.com>
|
|
* Set Variables for settings
|
|
* Set log folder variable to /var/log/3x-ui
* Set log folder as x-ui and create the log folder
* Create the log folder in install and update scripts
|
|
The is_domain function was being called in ssl_cert_issue() but was never
defined in x-ui.sh, causing 'Invalid domain format' errors for valid domains.
Added is_ipv4, is_ipv6, is_ip, and is_domain helper functions to match
the definitions in install.sh and update.sh.
Co-authored-by: wyatt <wyatt@Wyatts-MacBook-Air.local>
|
|
|
|
|
|
* Update install.sh
* Update update.sh
* Update x-ui.sh
* Update install.sh
* Update update.sh
* Update x-ui.sh
* fix
|
|
Add curl & openssl pkgs for acme inside docker container
|
|
* added update-all-geofiles key to x-ui.sh that updated all geofiles
* fix
* text fixes
* typo fix
* cleanup
|
|
* Update update.sh
* Update install.sh
* Update x-ui.sh
* Update x-ui.sh
|
|
(#3571)
* Update x-ui.sh
* Update x-ui.sh
* Update x-ui.sh
* Update x-ui.sh
|
|
* feat: Add update script
* Small fix
* Fixed typo
* Fixed typo
* chmod +x
* Update x-ui
* Fixed update message
* Fixed typo
* Added downloading via IPv4
* Remove check_glibc_version
* Fixed self destroy
* Fixed typo
* Fixed self destroy
---------
|
|
* Add Alpine linux support
* Fix for reading logs
|
|
|
|
|
|
|
|
|
|
* chore: add `resetTwoFactor` argument for main.go
fixes #3025
* chore: reset two-factor authentication after changing admin credentials
* chore: reset two-factor authentication after changing admin credentials
---------
Co-authored-by: somebodywashere <68244480+somebodywashere@users.noreply.github.com>
Co-authored-by: Sanaei <ho3ein.sanaei@gmail.com>
|
|
|
|
* Code refactoring
read without -r will mangle backslashes
https://github.com/koalaman/shellcheck/wiki/SC2162
* Update x-ui.sh
|
|
* chore: implement 2fa auth
from #2786
* chore: format code
* chore: replace two factor token input with qr-code
* chore: requesting confirmation of setting/removing two-factor authentication
otpauth library was taken from cdnjs
* chore: revert changes in `ClipboardManager`
don't need it.
* chore: removing twoFactor prop in settings page
* chore: remove `twoFactorQr` object in `mounted` function
|
|
* read without -r will mangle backslashes.
https://github.com/koalaman/shellcheck/wiki/SC2162
* read without -r will mangle backslashes.
|
|
replace with OS check
|
|
|
|
|
|
|
|
|
|
|
|
https://github.com/actions/runner-images/issues/11101
|
|
|
|
|
|
|
|
* Revert "json post base path bug fixed (#2647)"
This reverts commit 04cf250a547bb64265d256e7d15af7cea5ecfa67.
* Revert "Group Management of Subscription Clients"
* Revert "fix getSubGroupClients for enable/disable and edit clients."
* Revert "Enhance database initialization in db.go (#2645)"
This reverts commit 66fe84181b9c4e2f6c6be943a7f486b4308c32ff.
* Revert "Add checkpoint handling in CloseDB function (#2646)"
This reverts commit 4dd40f6f192e3f94f2ea4fe9e942e6663b5a1527.
* Revert "Improved database model migration and added indexing (#2655)"
This reverts commit b922d986d6783ce28d00ca948024dee44a11f29e.
|
