PHPackages                             nawasara/whm - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [HTTP &amp; Networking](/categories/http)
4. /
5. nawasara/whm

ActiveLibrary[HTTP &amp; Networking](/categories/http)

nawasara/whm
============

WHM/cPanel hosting and email operations dashboard for the Nawasara superapp framework — accounts, packages, email accounts, mail queue, mail log search, email statistics, and mail security.

v0.2.3(3w ago)044MITPHPPHP ^8.1

Since May 8Pushed 3w agoCompare

[ Source](https://github.com/nawasara/whm)[ Packagist](https://packagist.org/packages/nawasara/whm)[ RSS](/packages/nawasara-whm/feed)WikiDiscussions main Synced 1w ago

READMEChangelogDependencies (8)Versions (7)Used By (0)

Nawasara WHM
============

[](#nawasara-whm)

Dashboard manajemen WHM/cPanel untuk Nawasara — kelola akun hosting OPD, email accounts, dan operasional mail server tanpa buka WHM langsung.

Fitur
-----

[](#fitur)

### Hosting

[](#hosting)

- **Account Management** — list, create, suspend, unsuspend, terminate, change password
- **Server Status** — load average, service status, disk usage, WHM version
- **Package Management** — list, create, delete hosting packages
- **Usage Dashboard** — monitoring disk/bandwidth per akun dengan threshold warning (80%) dan critical (95%)

### Email (butuh SSH untuk fitur lanjutan)

[](#email-butuh-ssh-untuk-fitur-lanjutan)

- **Email Accounts** — list (DB-cached), create, edit quota, reset password, suspend, delete; bulk actions
- **Mail Queue** — list Exim queue lewat SSH, force/freeze/thaw/bounce/delete dengan delivery log per message
- **Mail Log Search** — search log Exim by date/sender/recipient/message-id/status, dengan trace mode (full event chain per message)
- **Email Stats** — dashboard real-time: received/delivered/bounced/deferred/spam, trend chart 3-30 hari, top senders/domain, hourly volume
- **Mail Security** — rejected SMTP analysis: kategorisasi auth\_fail/RBL/unknown\_user/spam, top blocked IPs, top targeted accounts (deteksi brute force)

### Cross-cutting

[](#cross-cutting)

- **Registry Integration** — setiap akun cPanel otomatis jadi `hosting_account` asset dengan OPD/PIC tagging
- **Multi-server** — satu dashboard untuk banyak server WHM (role `hosting`/`mail`/`both`)
- **DB cache + queue pattern** — list view fast (dari DB snapshot), mutation lewat queue, sync via scheduler hourly
- **Audit log** — setiap mutation tercatat di `/admin/sync/jobs` dengan user, action, payload (sensitive masked)

---

Setup API Token WHM
-------------------

[](#setup-api-token-whm)

WHM API Token dipakai untuk semua operasi yang lewat HTTP API (account/email/package management). Lebih aman dari password root karena bisa di-revoke + scope-restricted + IP-restricted.

### Langkah 1 — Login ke WHM

[](#langkah-1--login-ke-whm)

```
https://your-server.com:2087

```

Login sebagai `root` atau user reseller yang punya akses API.

### Langkah 2 — Buka Menu API Tokens

[](#langkah-2--buka-menu-api-tokens)

```
Home » Development » Manage API Tokens

```

### Langkah 3 — Generate Token

[](#langkah-3--generate-token)

1. Klik **Generate Token**
2. Form:

    - **Token Name**: `nawasara`
    - **IP Address Restrictions** (opsional, sangat disarankan): IP server Nawasara
    - **Expiration**: `Does Not Expire` untuk integrasi permanent
3. **Privileges** — minimal:

    PrivilegeWajib?AlasanList Accounts✅Daftar cPanel accountCreate / Modify / Suspend / Terminate Account✅CRUD accountList / Add / Edit / Kill Package✅Package managementShow Account Summary✅Detail accountBasic WHM Functions✅Version, service, load**Email** (`Email::*`)✅ untuk fitur Email AccountsUAPI: list\_pops\_with\_disk, add\_pop, delete\_pop, passwd\_pop, edit\_pop\_quota, suspend\_*, unsuspend\_*Praktis: pilih **All Features** kalau user adalah root admin.
4. **Save** → token muncul **sekali**, langsung copy.

### Langkah 4 — Simpan di Vault Nawasara

[](#langkah-4--simpan-di-vault-nawasara)

1. **Vault → Credentials → WHM / cPanel → + Tambah Instance**
2. Form:
    - **Nama Instance**: `WHM-Ryder`, `cpanel-kominfo`, dll
    - **Host**: `https://cpanel.ponorogo.go.id:2087`
    - **Username**: `root` (atau user yang generate token)
    - **API Token**: paste token
    - **Server Role**: `hosting` / `mail` / `both`
        - `hosting`: server cPanel websites
        - `mail`: server email (`Email Accounts`, `Mail Queue`, `Mail Log`, `Email Stats`, `Mail Security` akan auto-pilih server ini)
        - `both`: server multi-purpose
3. (Opsional) Field SSH — wajib untuk fitur Mail Queue/Log/Stats/Security. Lihat bagian **Setup SSH** di bawah.
4. **Simpan**

### Langkah 5 — Verifikasi

[](#langkah-5--verifikasi)

1. Buka **WHM Hosting → Accounts** → akun cPanel harus muncul
2. Buka **WHM Hosting → Email Accounts** → email muncul setelah klik "Sync Sekarang" pertama kali

Common errors:

- **Unauthorized** → token salah / expired
- **Connection refused** → host/port salah, atau IP restriction blocking IP server Nawasara
- **SSL error** → package sudah set `withoutVerifying()`, jadi self-signed cert tidak masalah

---

Setup SSH (untuk Mail Queue / Log / Stats / Security)
-----------------------------------------------------

[](#setup-ssh-untuk-mail-queue--log--stats--security)

Empat fitur mail-ops itu pakai **SSH ke server mail**, karena Exim queue &amp; log access lewat HTTP API terbatas. Kalau cuma butuh Email Account CRUD, SSH boleh skip.

### Langkah 1 — Cek port SSH server mail

[](#langkah-1--cek-port-ssh-server-mail)

Login ke server mail via SSH dengan tools yang biasa kamu pakai (PuTTY/terminal), lalu:

```
ss -tlnp | grep sshd
# atau
grep -E "^Port" /etc/ssh/sshd_config
```

Catat port — biasanya `22`, kadang custom (`2222`, `6416`, dll).

### Langkah 2 — Generate SSH key dedicated untuk Nawasara

[](#langkah-2--generate-ssh-key-dedicated-untuk-nawasara)

Jangan pakai key root yang sudah ada — generate baru biar bisa di-revoke kapan saja.

```
# Di server mail
ssh-keygen -t ed25519 -C "nawasara@nawasara-dev" -f ~/.ssh/nawasara_id -N ""
```

Hasil:

- `~/.ssh/nawasara_id` → **private key** (yang akan disimpan di Vault)
- `~/.ssh/nawasara_id.pub` → public key

### Langkah 3 — Pasang public key ke authorized\_keys

[](#langkah-3--pasang-public-key-ke-authorized_keys)

```
cat ~/.ssh/nawasara_id.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh
```

### Langkah 4 — Copy private key

[](#langkah-4--copy-private-key)

```
cat ~/.ssh/nawasara_id
```

Output (copy semuanya, **termasuk** baris `-----BEGIN ...` dan `-----END ...`):

```
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAA...
...
-----END OPENSSH PRIVATE KEY-----

```

### Langkah 5 — Isi field SSH di Vault

[](#langkah-5--isi-field-ssh-di-vault)

Edit instance WHM → field SSH:

FieldIsi**SSH Host** (opsional)kosongkan kalau host SSH = host WHM (auto-extract dari URL WHM)**SSH Port**hasil step 1 (default `22`)**SSH User**biasanya `root`**SSH Private Key (PEM)**paste private key step 4 (textarea, multi-line)Save.

### Langkah 6 — Verifikasi

[](#langkah-6--verifikasi)

Via tinker:

```
php artisan tinker --execute='
$exim = app(\Nawasara\Whm\Services\EximClient::class)->forInstance("WHM-Ryder");
echo "test: " . ($exim->testConnection() ?? "OK") . PHP_EOL;
echo "version: " . $exim->version() . PHP_EOL;
echo "queue: " . $exim->getQueueCount() . PHP_EOL;
'
```

Atau langsung buka **WHM Hosting → Mail Queue** — kalau berhasil, queue tampil. Kalau gagal, halaman akan kasih hint apa yang salah.

---

Multi-Server Setup
------------------

[](#multi-server-setup)

Tambah instance baru di Vault untuk tiap server. Tiap page yang role-aware (Email/Queue/Stats/Security/Account/dll) auto-filter server yang match role-nya, dan munculkan dropdown "Server" untuk switch.

Setiap server **harus punya API token sendiri** — jangan share token antar server.

---

Sync ke Registry
----------------

[](#sync-ke-registry)

Akun cPanel otomatis di-sync ke Registry sebagai asset `hosting_account`:

- **Scheduler**: `whm:sync-accounts` jalan tiap 30 menit
- **Manual**: `php artisan whm:sync-accounts`
- **Email accounts**: `whm:sync-emails` tiap jam (basic) + dailyAt 02:00 dengan `--with-disk` (heavy)
- **Linking**: saat buat akun via dashboard, asset otomatis terbuat dengan OPD/PIC dari form
- **Deactivation**: akun yang dihapus dari WHM akan di-mark `inactive` di registry (tidak dihapus permanen)

---

Permissions
-----------

[](#permissions)

Setelah install / update, run:

```
php artisan db:seed --class="Nawasara\Whm\Database\Seeders\PermissionSeeder" --force
```

PermissionFungsi**Account**`whm.account.view`Lihat list akun`whm.account.create`Buat akun baru`whm.account.suspend`Suspend/unsuspend`whm.account.terminate`Hapus akun permanen`whm.account.manage`Change password, change package**Package**`whm.package.view`Lihat list package`whm.package.manage`Create/delete package**Server**`whm.server.view`Lihat server status`whm.server.manage`Future: restart service, etc.**Email**`whm.email.view`Lihat list email account`whm.email.create`Tambah email account`whm.email.manage`Edit quota, reset password, suspend, delete**Mail Queue**`whm.mailqueue.view`Lihat queue Exim`whm.mailqueue.manage`Force/freeze/thaw/bounce/delete message**Mail Log**`whm.maillog.view`Search &amp; trace mail log**Email Stats**`whm.emailstats.view`Lihat dashboard stats**Spam / Mail Security**`whm.spam.view`Lihat reject log analysis`whm.spam.manage`Future: blacklist/whitelist edit**System**`whm.ssh.execute`Gating untuk operasi via SSH`whm.sync.execute`Run manual sync**Session (cross-package — webmail SSO bridge)**`whm.session.create`Internal: panggil API `create_user_session``webmail.session.launch`User-facing webmail auto-login (default-attached ke role `guest` + `developer`)`webmail.session.audit.view`Audit-only — lihat history launch tanpa kemampuan launch (compliance reviewer)`webmail.session.launch_as`Admin impersonation: buka webmail user manapun. **Sensitive** — manual assign per admin`whm.cpanel.launch_as`Admin impersonation: buka cPanel akun manapun (full hosting control). **Sensitive** — separate dari webmail.\*Semua permission otomatis ter-assign ke role `developer`.

> **Catatan permission webmail.\* dan whm.cpanel.launch\_as:** namespace `webmail.*` di-share dengan controller di `nawasara/core` (`WebmailLaunchController`) tapi declared di sini karena WHM API yang mint Roundcube session. Kalau install nawasara/core tanpa nawasara/whm, permission `webmail.*` tidak akan ada di DB dan launch akan ditolak — install kedua package, atau hapus tombol launch dari UI.

---

Audit Log
---------

[](#audit-log)

Setiap mutation (buat email, ganti password, suspend, hapus, dll) tercatat di **`/admin/sync/jobs`** dengan:

- Service + action (label human-readable)
- Target ID
- User yang trigger (nama + email)
- Status (queued/running/success/failed/conflict)
- Payload — **sensitive field (password, token, key) di-mask sebagai `***`** sebelum disimpan
- Trigger source (manual / scheduler)
- Duration &amp; timestamp

Filter by user, by service, by status untuk investigasi cepat.

---

Troubleshooting
---------------

[](#troubleshooting)

### WHM API

[](#whm-api)

ProblemCauseFix`Unauthorized`Token salah / expired / revokedGenerate ulang di WHM, update di Vault`Connection refused`Host/port salah, atau IP firewall blockTest `telnet host 2087` dari server Nawasara`cURL error 60 SSL`Self-signed certSudah handle by `withoutVerifying()` — tetap error berarti firewall outbound block`cURL error 28 timed out`Server lambat / network slowNaikkan `timeout` di `config/nawasara-whm.php``listaccts` emptyToken user tidak punya akses ke akunLogin sebagai root atau reseller dengan akun di bawahnya### SSH (Exim ops)

[](#ssh-exim-ops)

ProblemCauseFix`SSH credentials belum di-set di Vault`Field SSH belum diisiIsi di Vault → instance → field SSH`SSH authentication gagal`Public key belum dipasang di server / key invalidCek `cat ~/.ssh/authorized_keys` di server, pastikan public key Nawasara ada`Invalid SSH private key`Format PEM salah / newline corruptPastikan paste lengkap dengan `-----BEGIN/END-----` lines, pakai textarea (bukan single-line)Connection timeoutPort SSH custom / firewall blockCek `ss -tlnp | grep sshd` di server, sesuaikan SSH Port di Vault`Permission denied` saat `exim -Mrm` / `exim -Mf`SSH user bukan root, dan tidak ada sudoEither pakai user `root`, atau grant sudo NOPASSWD untuk binary `/usr/sbin/exim`Mail Queue/Log emptyPath log non-defaultOverride `EximClient::DEFAULT_MAINLOG` constant atau pass `path` di `searchLog()` filters### Performance

[](#performance)

SymptomTuningPage Email Accounts lambatLihat di `/admin/sync/jobs` apakah `sync_emails` finish — kalau pending, queue worker mati. Run `php artisan queue:work`Mail Log search lambatNaikkan `limit` filter? Default 200, kasih lebih kecil. SSH timeout `60s` cukup untuk log GB.Stats trend kosong di hari sebelumnyaLog Exim daily-rotated; aggregator sudah baca `*.gz`. Kalau tetap kosong, cek `ls /var/log/exim_mainlog*` di server

###  Health Score

39

—

LowBetter than 84% of packages

Maintenance95

Actively maintained with recent releases

Popularity11

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity36

Early-stage or recently created project

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~2 days

Total

5

Last Release

21d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/16914951?v=4)[Pringgo J. Saputro](/maintainers/pringgojs)[@pringgojs](https://github.com/pringgojs)

![](https://www.gravatar.com/avatar/edcf770bde3babcc9fa554e305e361b8614c1e505470e75842de75ea3e502548?d=identicon)[nawasara](/maintainers/nawasara)

---

Top Contributors

[![pringgojs](https://avatars.githubusercontent.com/u/16914951?v=4)](https://github.com/pringgojs "pringgojs (53 commits)")

---

Tags

laravelhostingcpanelmail queuewhmeximNawasaraemail-management

### Embed Badge

![Health badge](/badges/nawasara-whm/health.svg)

```
[![Health](https://phpackages.com/badges/nawasara-whm/health.svg)](https://phpackages.com/packages/nawasara-whm)
```

###  Alternatives

[venturedrake/laravel-crm

A free open source CRM built as a package for laravel projects

39910.0k](/packages/venturedrake-laravel-crm)[nasirkhan/laravel-starter

A CMS like modular Laravel starter project.

1.4k2.7k](/packages/nasirkhan-laravel-starter)[tallstackui/tallstackui

TallStackUI is a powerful suite of Blade components that elevate your workflow of Livewire applications.

719160.4k12](/packages/tallstackui-tallstackui)[api-platform/laravel

API Platform support for Laravel

59156.3k10](/packages/api-platform-laravel)[mwguerra/web-terminal

A web-based terminal component for Filament/Laravel with command whitelisting and multiple connection types

274.5k](/packages/mwguerra-web-terminal)[tomshaw/electricgrid

A feature-rich Livewire package designed for projects that require dynamic, interactive data tables.

119.2k](/packages/tomshaw-electricgrid)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)