The Bug:
Virtualmin is not cleaning up dns_submode=1 and dns_subof=XXXX when changing a virtual-servers “server template” where the previous template used:
“Add sub-domain DNS records to parent domain = Yes”
and the new template uses:
“Add sub-domain DNS records to parent domain = No”
found in (Server template → DNS for Domain → “Add sub-domain DNS records to parent domain”)
A pre-condition for this happening is that the virtual server in it’s past was converted from a subdomain to a standalone parent domain while the original parent domain remains on the same server.
Issues observed as a result:
Virtualmin then gets confused when en/disabling the “DNS for domain” setting for the domains that where converted in their past.
When enabling “DNS for domain” the confusion results in Virtualmin trying to make a new dns zone for the XXX.dom.tld and failing to create a working config.
The new zone file is missing the TTL block section. ( Somewhat to be expected if the code thinks it is adding records to the parent domain zone file )
The TLSA records for xxx.dom.tld are however added to the previous parent domain (dom.tld) corrupting that zone as well.
Expected behavior
Virtualmin respects the selected option as set in "Server template → DNS for Domain → “Add sub-domain DNS records to parent domain”.
After manually removing those two entries from the previously subdomains, and cycling DNS for domain off and back on the zone seems to have created as expected, time will tell if there is more to the bug.
I am sorry to “push” this question, however given there was not a reply at all, i would like to highlight it so its noted and picked up. I think this will be one for @Jamie or possibly for @Joe.
I’m not asking for when it’s fixed, just would like to see the bug confirmed / triaged if there is other things going on.
Sorry for the delay, I didn’t notice this ticket originally.
But to answer you question, templates in Virtualmin only control the initial settings for a virtual server when it is created - changing a template won’t cause configs on existing domains to be updated.
So in this case, the only behavior you could expect is for the sub-domain mode to be changed if DNS was disabled and then re-enabled after the template was changed.
As is exactly what the problem is and mentioned in the report:
convert sub → standalone, get a mess, change template, disable dns on domain, enable dns → Domain partially retains behavior from the previous template instead of behaving as defined in the new template. ( tlsa stuff goes in the old parent. What would be the new standalone ( A,AAAA,MX ) goes into a new zone, the new zone misses the $TTL block. ) kinda like a split-brain.
edit the domain config file manual → remove dns_submode=1 and dns_subof=XXXX → disable dns → clean the mess made from the parent → enable dns → works as expected.
i understand that simply changing template does nothing on it’s own, however if the template has “no” set for “add sub-domain to parent”, the enable of dns should either ignore the dns_subXXX options set in the config for the domain, or at least behave consistent and place all parts of the config in either the parent zone, or the standalone sub-zone