[BlueOnyx:25700] Re: BlueOnyx 5211R Released

Ernie ernie at info.eis.net.au
Tue Nov 22 07:13:35 -05 2022 

Well that was unexpected so soon, will certainly give it a try.

- Ernie.


> Hi all,
> 
> [ HTML-Version of this text:                                   ]
> [ https://www.blueonyx.it/news/310/54/BlueOnyx-5211R-Released  ]
> 
> 
> BlueOnyx 5211R has been released today! \o/
> ============================================
> 
> After a 12 month development ordeal (starting on RHEL9 Beta!) BlueOnyx 
> 5211R for EL9 (RHEL9, AlmaLinux 9, Rocky Linux 9) we finally have a 
> release candidate ready to present.
> 
> We don't have an ISO image yet (will follow in the next few days), but 
> we do have VMDK and VDI images as well as a procedure for a manual 
> install of BlueOnyx 5211R onto an existing (minimal) install of RHEL9, 
> AlmaLinux 9 or Rocky Linux 9:
> 
> https://www.blueonyx.it/5211r-manual-install
> 
> 
> Differences between 5211R and its predecessor 5210R:
> ====================================================
> 
> Let us start with some changes on the OS level: EL9 now ships with 
> PHP-8.0.20 and "upstream" (RedHat) decided that this release was a good 
> time to finally deprecate the PHP DSO module from their build. After 
> all: Apache cannot use the faster HTTP/2 protocol if PHP is loaded as 
> DSO module. We debated a bit back and forth if we should ignore this, 
> make DSO or HTTP/2 mode electable and provide our own PHP DSO. In the 
> end we bowed to the wisdom of the decision to deprecate PHP as DSO. The 
> only benefit would have been the continued usage of DSO + mod_ruid2. 
> But: Even mod_ruid2 is on its way out and can be considered as good as 
> dead as far as the further development of it goes.
> 
> So this leaves us with HTTP/2 for Apache out of the box for BlueOnyx 
> 5211R and we no longer need to use Nginx as HTTP/2 proxy. You still can, 
> but there is no real reason to do so anymore. On the PHP side BlueOnyx 
> 5211R can run Vsites now with suPHP or PHP-FPM (which is the new default).
> 
> The days when our PHP-FPM implementation had issues with .htaccess files 
> are long gone, so PHP-FPM is the best choice anyway.
> 
> Under the hood EL9 behaves much the same as EL8 and there aren't really 
> any new tricks to learn. While EL9 is newer than EL8, it doesn't blow us 
> out of the water as far as OS related improvements go. Daemons and 
> libraries are newer, OpenSSL 3.0 is now used for SSL, Python 2 had been 
> deprecated and removed for good, but that's mostly it.
> 
> 
> The new BlueOnyx 5211R GUI
> ===========================
> 
> It looks the same as before, right? Yeah, but under the hood it's all 
> new. That alone was a three months round the clock (weekends included) 
> coding effort.
> 
> The new BlueOnyx GUI uses the latest CodeIgniter 4.2.10, brings its own 
> PHP-8.1.12 aboard (installed in /home/solarspeed/admserv-php-8.1/) and 
> AdmServ (now with HTTP/2) uses a separate AdmServ-PHP-FPM daemon to run 
> the new PHP just for the GUI.
> 
> This unshackles the OS provided PHP from the GUI and you can do with 
> that whatever you want. It may break your Vsites PHP implementation if 
> you upgrade PHP yourself, but the GUI will still work as it now brings 
> its own.
> 
> The new CodeIgniter 4 that we use made it necessary that all GUI pages 
> were rewritten entirely to match the new format. This allowed us to do a 
> thorough cleanup job and re-think how we did certain things before. The 
> new GUI is leaner and meaner, has less baggage, a CCEd cache for 
> speeding up certain very often used transactions and re-uses and 
> combines function calls into a so called "BaseController" that is used 
> by all GUI pages.
> 
> The end result is a 2-3x speed improvement of the GUI.
> 
> While the GUI still looks the same as far as optics go, here are some 
> notable differences. Some of it has already been mentioned:
> 
> - GUI uses separate PHP-8.1 instance unrelated to OS PHP
> 
> - Vsite PHP options are now suPHP and PHP-FPM
> 
> - Net2FTP and its GUI integration has been deprecated
> 
> - Mailman functionality has been removed until a suitable EL9 Mailman
>    RPM surfaces
> 
> - /root/network_settings.sh now requires you to set the server name
>    as this is required for the new GUI.
> 
> - GUI now has a brute force login prevention mechanism.
> 
> - GUI now ONLY works via HTTPS (HTTP directly redirects to HTTPS).
> 
> - GUI CSRF protection is enabled by default.
> 
> - API and WHMCS module are fully working.
> 
> - Easy-Migrate for migrations to and from BlueOnyx 5211R is provided.
> 
> - Postfix is now the default MTA, although Sendmail can still be
>    selected in the GUI.
> 
> - NTPd has been replaced with Chronyd.
> 
> 
> What's next?
> ============
> 
> Although BlueOnyx 5211R is now officially released, our plate is still 
> full and these are the things that we need to tackle in the next 2-3 weeks:
> 
>      - Bugfixes (there may be some - there always are on a new release)
>      - Rolling up of an AlmaLinux 9.1 ISO image of BlueOnyx 5211R
>      - Porting existing BlueOnyx Shop PKGs over to BlueOnyx 5211R
>        (AV-SPAM, PHP, Firewalld GUI, WebApps, Fail2ban and so on)
>      - We will try to release some older PHP versions for BlueOnyx
>        5211R as well for downward compatibility
> 
> That should keep us busy until Christmas 2022. However, the new GUI had 
> us thinking a little "What if?"
> 
> Now what if we port this back to BlueOnyx 5210R as well?
> 
> The speed improvements are so dramatic that it's almost a crime that the 
> older BlueOnyx 5210R should continue to drag an anchor until its EOL 
> many, many years down the road. If we release (more or less) the same 
> GUI for 5210R as well, then it would also make code maintenance a LOT 
> easier for us. Both BlueOnyx 5210R and 5211R then would share 38 
> identical modules and only a dozen would need to be maintained 
> separately due to OS related differences.
> 
> We haven't yet decided if we do this, but it's likely.
> 
> 
> So stay tuned and if you can: Give BlueOnyx 5211R a try and let us know 
> what you think! If you know BlueOnyx 5210R, then you should feel right 
> at home in BlueOnyx 5211R as well and we hope that you like the speed 
> improvements of the GUI.
> 
> -- 
> With best regards
> 
> Michael Stauber
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx

More information about the Blueonyx mailing list