diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0966ba0..3700310 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,19 +1,22 @@
# Changelog
All notable changes to Proxmox VE for WHMCS will be documented in this file.
-## [1.2.1b] - 2023-06-18
+## [1.2.1b] - 2023-06-20
### Added
- Link from Health tab of Admin GUI to WHMCS Marketplace re: reviews
+- Images for all supported Operating Systems & Kernel types (some fixed)
+- Ground-work for noVNC overhaul, to support PVE Auth & VNC Tunnel tickets
### Changed
- Stop VM/CT (Client Area) renamed to Hard Stop, compared to Shut Down
+- Modify the PHP API2 class, adding getTicket() so we can dual-auth (VNC)
### Fixed
- noVNC render method updated to stop out-of-order data flow problem
- noVNC back-end vncproxy and vncwebsocket methods updated re: spec
- Client Area actions (Power Off/On, etc) fixed for LXC (QEMU OK)
-- Error with both VNC methods. We are likely to remove TigerVNC
+- Error with both VNC methods. We are going to remove TigerVNC
## [1.2.0b] - 2023-06-18
diff --git a/README.md b/README.md
index 8e44525..f6b7fad 100644
--- a/README.md
+++ b/README.md
@@ -15,12 +15,35 @@ https://marketplace.whmcs.com/product/6935-proxmox-ve-for-whmcs
- (WHMCS) Service ID >100
- (PHP) v8.x.x stable
- (Proxmox) VE v7/8
+- (Proxmox) 2 users
**SID >100:** The WHMCS Service ID requirement is critical, as Proxmox reserves VMIDs <100.
_If you don't have enough services (any status) in WHMCS, create services until you reach SID 101._
-**PROXMOX 8.x:** As this major release is in beta (as of June 2023), support is experimental.
+### 🥽 VNC CONSOLE TUNNELING:
+
+noVNC (HTML5) is supported via this WHMCS Module, and TigerVNC (Java) is being removed.
+
+To access VNC via WHMCS Client Area, you need to follow the PVE User Requirement below.
+
+**WIP NOTE:** noVNC is being overhauled to deliver on the dual-ticket PVE requirements.
+
+At the moment, the vnc_secret field in the DB (mod_pvewhmcs tables) can't be set via GUI.
+
+Currently, the noVNC functionality is not operational. We are avoiding using iframe instead.
+
+### 👥 PROXMOX USER REQUIREMENT:
+
+You must have a root (etc) account to Create/Access services. Configured via WHMCS Config > Servers.
+
+Additionally, to improve security, for VNC you must have a Restricted User. "" via Module Config.
+
+For the VNC User in Proxmox you need to:
+1. Create User Group "VNC" via PVE > Datacenter / Permissions / Group
+2. Create new User > Datacenter / Permissions / Users - select Group: "VNC", Realm: pve
+3. Create new Role -> Datacenter / Permissions / Roles - select Name: "VNC", Privileges: VM.Console (only)
+3. Add permission to access VNC -> Datacenter / Node / VM / Permissions / Add Group Permissions - select Group: "VNC", Role: "VNC"
### 🤬 ABUSE - ZERO TOLERANCE:
diff --git a/modules/addons/pvewhmcs/db.sql b/modules/addons/pvewhmcs/db.sql
index 1ced1d3..d5f39cb 100644
--- a/modules/addons/pvewhmcs/db.sql
+++ b/modules/addons/pvewhmcs/db.sql
@@ -1,6 +1,7 @@
CREATE TABLE IF NOT EXISTS `mod_pvewhmcs` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
- `config` text,
+ `config` varchar(255),
+ `vnc_secret` varchar(255),
PRIMARY KEY (`id`)
);
INSERT INTO `mod_pvewhmcs` (`id`, `config`) VALUES (1, NULL);
diff --git a/modules/addons/pvewhmcs/proxmox.php b/modules/addons/pvewhmcs/proxmox.php
index 64a4ca6..cf2fbe2 100644
--- a/modules/addons/pvewhmcs/proxmox.php
+++ b/modules/addons/pvewhmcs/proxmox.php
@@ -133,6 +133,15 @@ class PVE2_API {
setrawcookie("PVEAuthCookie", $this->login_ticket['ticket'], 0, "/");
}
+ # Gets the PVE Access Ticket
+ public function getTicket() {
+ if ($this->login_ticket['ticket']) {
+ return $this->login_ticket;
+ } else {
+ return false;
+ }
+ }
+
/*
* bool check_login_ticket ()
* Checks if the login ticket is valid still, returns false if not.
diff --git a/modules/servers/pvewhmcs/img/os/centos.png b/modules/servers/pvewhmcs/img/os/centos.png
index 0c09b9b..e2ca7ea 100644
Binary files a/modules/servers/pvewhmcs/img/os/centos.png and b/modules/servers/pvewhmcs/img/os/centos.png differ
diff --git a/modules/servers/pvewhmcs/img/os/debian.png b/modules/servers/pvewhmcs/img/os/debian.png
index fb2e6f1..076a2bf 100644
Binary files a/modules/servers/pvewhmcs/img/os/debian.png and b/modules/servers/pvewhmcs/img/os/debian.png differ
diff --git a/modules/servers/pvewhmcs/img/os/other.png b/modules/servers/pvewhmcs/img/os/other.png
new file mode 100644
index 0000000..86df8e9
Binary files /dev/null and b/modules/servers/pvewhmcs/img/os/other.png differ
diff --git a/modules/servers/pvewhmcs/img/os/solaris.png b/modules/servers/pvewhmcs/img/os/solaris.png
new file mode 100644
index 0000000..785a422
Binary files /dev/null and b/modules/servers/pvewhmcs/img/os/solaris.png differ
diff --git a/modules/servers/pvewhmcs/img/os/ubuntu.png b/modules/servers/pvewhmcs/img/os/ubuntu.png
index 5a64816..fe4b031 100644
Binary files a/modules/servers/pvewhmcs/img/os/ubuntu.png and b/modules/servers/pvewhmcs/img/os/ubuntu.png differ
diff --git a/modules/servers/pvewhmcs/img/os/w2k.png b/modules/servers/pvewhmcs/img/os/w2k.png
index 0c2edde..081ca9e 100644
Binary files a/modules/servers/pvewhmcs/img/os/w2k.png and b/modules/servers/pvewhmcs/img/os/w2k.png differ
diff --git a/modules/servers/pvewhmcs/img/os/w2k3.png b/modules/servers/pvewhmcs/img/os/w2k3.png
index 4922e98..e4af1b6 100644
Binary files a/modules/servers/pvewhmcs/img/os/w2k3.png and b/modules/servers/pvewhmcs/img/os/w2k3.png differ
diff --git a/modules/servers/pvewhmcs/img/os/w2k8.png b/modules/servers/pvewhmcs/img/os/w2k8.png
index 08c349a..3359f72 100644
Binary files a/modules/servers/pvewhmcs/img/os/w2k8.png and b/modules/servers/pvewhmcs/img/os/w2k8.png differ
diff --git a/modules/servers/pvewhmcs/img/os/win10.png b/modules/servers/pvewhmcs/img/os/win10.png
new file mode 100644
index 0000000..e9439e2
Binary files /dev/null and b/modules/servers/pvewhmcs/img/os/win10.png differ
diff --git a/modules/servers/pvewhmcs/img/os/win11.png b/modules/servers/pvewhmcs/img/os/win11.png
new file mode 100644
index 0000000..e16c4aa
Binary files /dev/null and b/modules/servers/pvewhmcs/img/os/win11.png differ
diff --git a/modules/servers/pvewhmcs/img/os/win7.png b/modules/servers/pvewhmcs/img/os/win7.png
index 0724d0e..a3af4ae 100644
Binary files a/modules/servers/pvewhmcs/img/os/win7.png and b/modules/servers/pvewhmcs/img/os/win7.png differ
diff --git a/modules/servers/pvewhmcs/img/os/win8.png b/modules/servers/pvewhmcs/img/os/win8.png
new file mode 100644
index 0000000..5f1cc6a
Binary files /dev/null and b/modules/servers/pvewhmcs/img/os/win8.png differ
diff --git a/modules/servers/pvewhmcs/img/os/wvista.png b/modules/servers/pvewhmcs/img/os/wvista.png
index 5acaccc..b964fc5 100644
Binary files a/modules/servers/pvewhmcs/img/os/wvista.png and b/modules/servers/pvewhmcs/img/os/wvista.png differ
diff --git a/modules/servers/pvewhmcs/img/os/wxp.png b/modules/servers/pvewhmcs/img/os/wxp.png
index 4cede2d..fe3c260 100644
Binary files a/modules/servers/pvewhmcs/img/os/wxp.png and b/modules/servers/pvewhmcs/img/os/wxp.png differ
diff --git a/modules/servers/pvewhmcs/novnc_router.php b/modules/servers/pvewhmcs/novnc_router.php
new file mode 100644
index 0000000..a9f2133
--- /dev/null
+++ b/modules/servers/pvewhmcs/novnc_router.php
@@ -0,0 +1,18 @@
+
\ No newline at end of file
diff --git a/modules/servers/pvewhmcs/pvewhmcs.php b/modules/servers/pvewhmcs/pvewhmcs.php
index 622de8a..d75f365 100644
--- a/modules/servers/pvewhmcs/pvewhmcs.php
+++ b/modules/servers/pvewhmcs/pvewhmcs.php
@@ -712,9 +712,9 @@ function pvewhmcs_vmStat($params) {
function pvewhmcs_noVNC($params) {
$serverip = $params["serverip"];
- $serverusername = $params["serverusername"];
- $serverpassword = $params["serverpassword"];
- $proxmox=new PVE2_API($serverip, $serverusername, "pam", $serverpassword);
+ $serverusername = 'vnc';
+ $serverpassword = Capsule::table('mod_pvewhmcs')->where('id', '1')->value('vnc_secret');
+ $proxmox=new PVE2_API($serverip, $serverusername, "pve", $serverpassword);
if ($proxmox->login()) {
# Get first node name.
$nodes = $proxmox->get_node_list();
@@ -723,17 +723,16 @@ function pvewhmcs_noVNC($params) {
$guest=Capsule::table('mod_pvewhmcs_vms')->where('id','=',$params['serviceid'])->get()[0] ;
$vm_vncproxy=$proxmox->post('/nodes/'.$first_node.'/'.$guest->vtype.'/'.$params['serviceid'] .'/vncproxy', array( 'websocket' => '1' )) ;
- $path = 'api2/json/nodes/'.$first_node.'/vncwebsocket?port=' . $vm_vncproxy['port'] . '&vncticket=' . urlencode($vm_vncproxy['ticket']);
+ $pveticket = $proxmox->getTicket();
+ $csrf_token = $pveticket['CSRFPreventionToken'];
+ $path = 'api2/json/nodes/' . $first_node . '/' . $guest->vtype . '/' . $params['serviceid'] . '/vncwebsocket?port=' . $vm_vncproxy['port'] . '&vncticket=' . urlencode($vm_vncproxy['ticket']);
- $url='./modules/servers/pvewhmcs/novnc/novnc_pve.php?host='.$serverip.'&port=8006&ticket='.$vm_vncproxy['ticket'].'&path='.urlencode($path) ;
+ $url='/modules/servers/pvewhmcs/novnc_router.php?host='.$serverip.'&pveticket='.urlencode($pveticket['ticket']).'&csrf_token='.urlencode($csrf_token).'&path='.urlencode($path) ;
$vncreply='Console (noVNC) prepared for usage. Click here to open the noVNC window.' ;
- // echo '';
-
return $vncreply;
- //echo '';
} else {
$vncreply='Failed to prepare noVNC. Please contact Technical Support.';
return $vncreply;
@@ -906,4 +905,4 @@ function time2format($s) {
}
return $str;
}
-?>
+?>
\ No newline at end of file