admin/yakpanel-core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new changes

Browse Source
This commit is contained in:
Niranjan
2026-04-07 04:03:46 +05:30
parent 73148d2b09
commit e2f2d5cc38
1 changed files with 63 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
YakPanel-server/install.sh
View File

@@ -246,31 +246,19 @@ npm run build
echo ""
echo "[5/6] Configuring systemd..."
REDIS_AFTER="redis.target"
if [ "$PKG" = apt ]; then
REDIS_WANTS=""
case "$PKG" in
apt)
REDIS_AFTER="redis-server.service"
fi
cat > "/etc/systemd/system/${SYSTEMD_UNIT}.service" << EOF
[Unit]
Description=YakPanel Backend
After=network.target $REDIS_AFTER
[Service]
Type=simple
User=root
WorkingDirectory=$INSTALL_PATH/backend
Environment="PATH=$INSTALL_PATH/backend/venv/bin:\$PATH"
ExecStart=$INSTALL_PATH/backend/venv/bin/uvicorn app.main:app --host 127.0.0.1 --port $BACKEND_PORT
Restart=always
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable "$SYSTEMD_UNIT"
systemctl restart "$SYSTEMD_UNIT" || systemctl start "$SYSTEMD_UNIT"
REDIS_WANTS="Wants=redis-server.service"
;;
dnf|yum)
REDIS_AFTER="redis.service"
REDIS_WANTS="Wants=redis.service"
;;
esac
# Redis must be up before Uvicorn; starting it after the panel caused 502 (nginx OK, API down).
case "$PKG" in
apt)
systemctl enable redis-server 2>/dev/null || true
@@ -282,6 +270,45 @@ case "$PKG" in
;;
esac
cat > "/etc/systemd/system/${SYSTEMD_UNIT}.service" << EOF
[Unit]
Description=YakPanel Backend
After=network.target $REDIS_AFTER
$REDIS_WANTS
[Service]
Type=simple
User=root
WorkingDirectory=$INSTALL_PATH/backend
Environment="PATH=$INSTALL_PATH/backend/venv/bin:\$PATH"
ExecStart=$INSTALL_PATH/backend/venv/bin/uvicorn app.main:app --host 127.0.0.1 --port $BACKEND_PORT
Restart=always
RestartSec=3
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl enable "$SYSTEMD_UNIT"
systemctl restart "$SYSTEMD_UNIT" || systemctl start "$SYSTEMD_UNIT"
backend_ok=0
for _ in {1..40}; do
if curl -sfS --max-time 2 "http://127.0.0.1:${BACKEND_PORT}/api/health" >/dev/null 2>&1; then
backend_ok=1
break
fi
sleep 0.5
done
if [ "$backend_ok" -ne 1 ]; then
echo ""
echo "WARNING: Backend did not respond on http://127.0.0.1:${BACKEND_PORT}/api/health (login will show 502 via Nginx)."
echo "Check: systemctl status $SYSTEMD_UNIT --no-pager"
echo "Logs: journalctl -u $SYSTEMD_UNIT -n 80 --no-pager"
echo "If SELinux is Enforcing: setsebool -P httpd_can_network_connect 1"
fi
write_nginx_site() {
local target="$1"
cat > "$target" << NGINXEOF
@@ -300,6 +327,9 @@ server {
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
}
NGINXEOF
@@ -319,6 +349,13 @@ systemctl start nginx 2>/dev/null || true
nginx -t
systemctl reload nginx 2>/dev/null || systemctl restart nginx
# Nginx -> upstream (e.g. 127.0.0.1:$BACKEND_PORT) is blocked by default on EL + SELinux => 502.
if command -v getenforce >/dev/null 2>&1 && [ "$(getenforce 2>/dev/null)" = "Enforcing" ]; then
if command -v setsebool >/dev/null 2>&1; then
setsebool -P httpd_can_network_connect 1 2>/dev/null || true
fi
fi
if systemctl is-active --quiet firewalld 2>/dev/null; then
firewall-cmd --permanent --add-port="${PANEL_PORT}/tcp" >/dev/null 2>&1 || true
firewall-cmd --reload >/dev/null 2>&1 || true
@@ -337,5 +374,6 @@ echo " Access: http://YOUR_SERVER_IP:$PANEL_PORT"
echo " Login: admin / admin"
echo ""
echo " Change your password after first login."
echo " SELinux: if Nginx returns 403, see README (labels or temporary permissive)."
echo " UI works but login shows 502? Backend down or SELinux: systemctl status $SYSTEMD_UNIT; journalctl -u $SYSTEMD_UNIT -n 50"
echo " SELinux: installer calls setsebool httpd_can_network_connect if Enforcing; see README for 403 on static files."
echo "=========================================="