- PHP 73.7%
- Blade 26.3%
VpsControl's destructive actions (startVps/reboot/shutdown/rebuildVps), the root and VNC password changes, and the live VNC-password reveal (loadVncCredentials) authorized only on team_service_access, with no service-status check. The only Active check was the cosmetic blade render gate; every action is reachable directly over /livewire/update, so a customer whose VPS was suspended for non-payment/abuse could replay the action calls to boot/reboot/rebuild the VM and read the live VNC password, defeating suspension. The sibling SSO + VNC-console surfaces already gate on Active; VpsControl was the missed one. authorizeAccess() now requires status === Active for the customer path (staff retain access for support). Test: a customer is 403'd on a Suspended service and passes on an Active one. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| config | ||
| database/migrations | ||
| resources | ||
| routes | ||
| src | ||
| tests/Feature | ||
| .gitattributes | ||
| .gitignore | ||
| composer.json | ||
| LICENSE.md | ||
| README.md | ||
LiBilling SolusVM Provisioning Module
A LiBilling server module for SolusVM VPS provisioning. Provides automated virtual server lifecycle management including provisioning, suspension, termination, password changes, and usage stats via the SolusVM API.
Features
- VPS Lifecycle: Create, suspend, unsuspend, terminate virtual servers
- Password Management: Change VPS root/admin passwords
- Usage Stats: Disk, bandwidth, and memory usage from SolusVM API
- Service Info: VPS IP, hostname, virtualization type display
- Server Admin: Test connection, account count, package listing
Installation
This package is loaded as a local Composer path repository. No separate installation is needed when developing within the LiBilling monorepo.
For standalone installation:
composer require libilling/libilling-solusvm
Configuration
Publish the config file:
php artisan vendor:publish --tag=libilling-solusvm
Config Options
| Key | Env | Default | Description |
|---|---|---|---|
verify_ssl |
SOLUSVM_VERIFY_SSL |
true |
Verify SSL when connecting to SolusVM API |
Usage
In SolusVM's architecture:
- A server record represents the SolusVM master node / hypervisor
- Services represent individual VPS instances provisioned on that hypervisor
When adding a SolusVM server in the admin panel, provide:
- Hostname: The SolusVM master node hostname or IP
- Port: API port (default: 5656)
- API Key: Your SolusVM API key
- API Hash: Your SolusVM API hash
Capabilities
Declared via supports() using ModuleCapability constants:
suspend: VPS suspensionunsuspend: VPS unsuspensionterminate: VPS termination/deletionchange_password: Root/admin password changesusage_stats: Disk, bandwidth, and memory usageservice_info: VPS IP, hostname, virtualization type
Dependencies
- SolusVM API (HTTP) -- VPS management API
Testing
vendor/bin/sail artisan test --filter=ModuleSystemTest
License
LiBilling is (C) Lithium Holdings, LLC. All components except for third-party modules and select packages with their own license are licensed under a Commercial License. Contact licensing@lithiumholdings.com for licensing enquiries. Any dissemination of material herein is prohibited without expressed written consent of Lithium Holdings.
This package, libilling-solusvm is licensed under The MIT License (MIT). Please see License File for more information.
Is it any good?
Yes.
When people first hear about a new product, they frequently ask if it is any good. A Hacker News user remarked:
Note to self: Starting immediately, all raganwald projects will have a "Is it any good?" section in the readme, and the answer shall be "yes.".