Adminbolt 1.1.0 Released

adminbolt

[1.1.0] - 2026-06-25

Adminbolt 1.1.0 is the first minor version bump in the 1.x line. The headline of this release is multi-server management with hub mode, joined by full cross-node account migration with on-target provisioning, DNS clustering across hub, nodes, and external sources (cPanel, DirectAdmin, Plesk), RFC 6186 mail autodiscovery, central webmail routing, and Slack/Discord notifications. The release also includes stability fixes around node polling and rate limiting, cron setup, DNS SRV records, plus a number of upgrade and operational improvements.

New Features

Multi-server management (AB-979): Hub mode orchestrates one or more full Adminbolt panels over their admin REST API. A node can be added by installing it from scratch over SSH or by connecting an existing panel via API. Pairing creates an admin-scoped API key on the node, stores it encrypted on the hub, and verifies connectivity. Hub/node exclusivity is enforced: a hub cannot become a node, and a managed node cannot enable hub mode. Deliberate takeover from a previous hub is available via a separate Force Re-pair action. Node health polling runs through bolt:nodes-health-check (with --prune to drop snapshots past the retention window). Node panel_version is exposed over the API and surfaced per node with version pinning, which flags drift and blocks migrations to incompatible nodes. The Hub Dashboard shows the hub itself as its own server table alongside the managed nodes, with one-click admin SSO into any node panel.
Account migration with on-target provisioning: Move an account between nodes, with the hub usable as a source or target. Account credentials (database, mail, FTP) can optionally be preserved so services keep authenticating without re-issued passwords. The migration provisions everything on the target: system user, vhost and docroot, PHP-FPM pool, DNS, databases and db users with grants, FTP, mailboxes, forwarders, autoresponders, default addresses, mailing lists, redirects, error pages, git repos, cron, IP blocks, hotlink protection, and SSL. DNS cutover is automatic: slave zones' master is updated to the target and a fresh AXFR is requested via the hub's local agent. Pre-flight checks verify the nodes are paired, version-compatible, and that the account exists. Optional source suspend; the source copy is always kept. Hosting files (website docroot contents, database row contents, mailbox/maildir contents) are out of scope. A dedicated Node Migrations page shows live per-stage status and errors.
DNS clustering: The hub aggregates DNS zones from every managed node and every connected external source into a single Global DNS Zones view. External sources (cPanel and DirectAdmin via API or AXFR, Plesk XML-API) are synced via dns:sync-external-sources and remain authoritative (the hub never writes back). The hub's own PowerDNS uses cluster nameservers (up to ns1 through ns4) and a hub-generated SOA serial, with a Resync All Zones action. A standalone DNS Slave node role wires a node as a cluster secondary via the node admin API (the SSH-based path was retired). DNS provisioning is also now over the node admin API instead of SSH. Cross-source conflict detection uses a sticky earliest-claim owner with admin owner-pinning via the Global DNS Zones page, so conflicting zones are no longer clobbered (make-before-break: the owner serves authoritatively, other sources stop overwriting). A Cluster Members overview reports per-member status, zone count, sync method, last sync, last error, and a Resync action. Slave Servers entries belonging to managed nodes are locked down to prevent accidental edits.
Mail autodiscovery (RFC 6186): Mail SRV records (_imaps._tcp, _submission._tcp) and mail.<domain> advertisement are added automatically once a domain's SNI certificate is live, wired into the domain and email-account lifecycle. SRV records are updated when a domain certificate is issued or removed.
Central webmail routing: A Roundcube plugin maps each mailbox domain to its hosting node and points IMAP/SMTP at that node, with a safe fallback when the hub is unreachable. Per-node domain inventory is synced from node panels during health polling.
Slack/Discord notifications: Strictly opt-in (no URL means no requests) incoming-webhook channels for the existing system notification bus. Configurable minimum severity (everything, warnings and above, or critical only). Editable webhook text and a Send Test Webhook header action that delivers a test message and reports per-channel result. Events are emitted on state transitions only, with no per-poll spam: node offline/recovered, role services degraded/recovered, provisioning failed, account migration completed/failed, DNS zone conflict detected. Eight default templates for these events are seeded on upgrade.

Bug Fixes

Email forwarders (AB-998): Fixed forwarders with multiple destinations delivering to only one recipient.
Branding (AB-985): Fixed the branding logo not being applied in the Client, Reseller, and installation panels.
Account import (AB-984): Fixed disk usage always showing 0 after an account import.
DNS SRV records: Fixed SRV records not being created on new domains, and corrected the weight/port columns used when formatting SRV records.
Node stability: Stopped node status flapping caused by overly frequent polling on the View Node and Node Services pages, added a central HTTP 429 guard so a rate-limited node stays "up but throttled" instead of flipping to offline, and fixed node metrics freshness, zone resync, and service-health attribution.
PowerDNS 5.x compatibility: Generate cluster drop-ins with the 4.5+ setting names (primary, secondary, autosecondary); the older master, slave, superslave names were removed in PowerDNS 5.x and crash-looped the node's pdns.
Node Services counters: Exclude not-installed optional services from the running/total/stopped counters so running services are no longer reported as degraded.
Cron setup: Removed a redundant cron-job setup path that ran during installation, preventing double execution.

Improvements

Upgrades: Upgrade steps now run from the RPM post-upgrade hook. Cron jobs are re-registered on upgrade, and the scheduler cron is installed through the managed cron setup. Added backfill upgrade steps for mail SRV records, templates, and autodiscover SRV/MX records.
DNS UX: DirectAdmin zone import enumerates admin or reseller-visible users via SHOW_ALL_USERS / SHOW_USERS and collects each user's domains, with a fallback to own-domains. The External DNS Source form has per-type help (admin/reseller/user scope and Login Key vs password for DirectAdmin, XML-API enablement for Plesk). DNS Slave is a standalone toggle separate from the DNS role checkbox. A clickable error popup on Global DNS Zones opens a modal with every per-zone sync error in full. Hub-local domains are included in cluster conflict resolution.
Add-node UX: The Add Node form is organized around intent (connect via API or install over SSH) with conditional SSH fields. Connect Node is reachable from the Hub Dashboard. Standalone Cluster-group pages have consistent breadcrumbs.
Migration safety: The migration dialog warns prominently that it copies configuration only and spells out what is not transferred. The DNS Slave toggle leads with a warning to enable it only if you understand the implications (the node becomes a public secondary for the whole cluster).

Install

curl -sSL https://get.adminbolt.com/install.sh | bash

Or via the installer page: https://get.adminbolt.com/install-version?version=stable

Upgrade from 1.0.5

Log in to the Admin Panel.
Open System → System Updates (/admin/system-updates).
Click Check for updates, then View changelog to review the release notes.
Start the update if a newer version is available.

The technical changelog can also be previewed in the admin panel by clicking the 1.1.0 version link in the footer.