Hestia CP — это панель управления с открытым исходным кодом.

Установка

Установка Docker

Ubuntu

1)
`#Install docker`       sudo apt install docker.io -y                                                                               
`#Start docker`         sudo systemctl start docker                                                                                 
`#Autostart docker`     sudo systemctl enable docker                                                                                
`#Freeing port 53`      sudo systemctl stop systemd-resolved && sudo systemctl disable systemd-resolved && sudo rm /etc/resolv.conf && sudo echo -e "nameserver 8.8.8.8\nnameserver 8.8.4.4" >> /etc/resolv.conf && sudo sed -i 's/main]/main] \ndns=default/' /etc/NetworkManager/NetworkManager.conf && sudo service network-manager restart

CentOS

1)
`#Install docker`       yum install docker -y                                                                                       
`#Start docker`         systemctl start docker                                                                                      
`#Autostart docker`     systemctl enable docker                                                                                     
`#Freeing port 25`      systemctl stop postfix && systemctl disable postfix                                                         

Fedora

1)
`#Install docker`       sudo dnf install docker -y                                                                                  
`#Start docker`         sudo systemctl start docker                                                                                 
`#Autostart docker`     sudo systemctl enable docker                                                                                
`#Switch to cgroup v1`  sudo dnf install grubby -y && sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"   
`#Reboot system`        reboot

Скачать Control Panel

2) sudo docker pull smied/hestia-cp:latest `#Download/update image`

Установка панели управления на Ubuntu/CentOS/Fedora

Используя сеть docker (вы не увидите реальный ip пользователей, но можете удобно переназначить порты)

3.1) sudo docker network create `#Docker network for made static ip of container` \
  --driver=bridge \
  --subnet 10.1.0.0/16 \
  --ip-range 10.1.1.0/24 \
  --gateway=10.1.0.1 \
  Docker_Network

или в одной строке

3.1) sudo docker network create --driver=bridge --subnet 10.1.0.0/16 --ip-range 10.1.1.0/24 --gateway=10.1.0.1 Docker_Network
3.2) sudo docker run -d \
--privileged                                                                                                    `#(For iptables work)` \
--name=Hestia-CP -e TZ=Europe/Moscow --restart=always                                                           `#Set your time zone` \
--hostname cp.yourdomain.com                                                                                    `#Set your hostname` \
--network Docker_Network --ip=10.1.1.30                                                                                              \
-p 8083:8083/tcp -p 23:23/tcp -p 80:80/tcp -p 443:443/tcp -p 20:20/tcp -p 21:21/tcp -p 12000-12100:12000-12100/tcp -p 25:25/tcp -p 53:53/udp -p 53:53/tcp -p 465:465/tcp -p 587:587/tcp -p 110:110/tcp -p 993:993/tcp -p 995:995/tcp -p 143:143/tcp -p 3306:3306 \
--volume Hestia-home:/home -v Hestia-usr:/usr -v Hestia-backup:/backup -v Hestia-etc:/etc -v Hestia-var:/var    `#(For backup work)` \
--tmpfs /tmp --tmpfs /run --tmpfs /run/lock                                                                     `#(For systemd work)` \
-v /sys/fs/cgroup:/sys/fs/cgroup:ro                                                                             `#(For systemd work)` \
smied/hestia-cp:latest

или в одной строке

3.2) sudo docker run -d --privileged --name=Hestia-CP -e TZ=Europe/Moscow --restart=always --hostname cp.yourdomain.com --net Docker_Network --ip=10.1.1.30 -p 8083:8083/tcp -p 23:23/tcp -p 80:80/tcp -p 443:443/tcp -p 20:20/tcp -p 21:21/tcp -p 12000-12100:12000-12100/tcp -p 25:25/tcp -p 53:53/udp -p 53:53/tcp -p 465:465/tcp -p 587:587/tcp -p 110:110/tcp -p 993:993/tcp -p 995:995/tcp -p 143:143/tcp -p 3306:3306 --volume Hestia-home:/home -v Hestia-usr:/usr -v Hestia-backup:/backup -v Hestia-etc:/etc -v Hestia-var:/var --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro smied/hestia-cp:latest

Используя хост-сети (вы увидите реальный IP-адрес пользователей, но не сможете удобно переназначить порты)

3.1) sudo echo -e "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf && sysctl -p /etc/sysctl.conf
3.2) sudo docker run -d \
--privileged                                                                                                    `#(For iptables work)` \
--name=Hestia-CP -e TZ=Europe/Moscow --restart=always                                                           `#Set your time zone` \
--hostname cp.yourdomain.com                                                                                    `#Set your hostname` \
--network host                                                                                                                       \
--volume Hestia-home:/home -v Hestia-usr:/usr -v Hestia-backup:/backup -v Hestia-etc:/etc -v Hestia-var:/var    `#(For backup work)` \
--tmpfs /tmp --tmpfs /run --tmpfs /run/lock                                                                     `#(For systemd work)` \
-v /sys/fs/cgroup:/sys/fs/cgroup:ro                                                                             `#(For systemd work)` \
smied/hestia-cp:latest

or in one line

3.2) sudo docker run -d --privileged --name=Hestia-CP -e TZ=Europe/Moscow --restart=always --hostname cp.yourdomain.com --network host --volume Hestia-home:/home -v Hestia-usr:/usr -v Hestia-backup:/backup -v Hestia-etc:/etc -v Hestia-var:/var --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro smied/hestia-cp:latest

Cron

4) `# Add admin default cron to your system`
(crontab -l 2>/dev/null; echo '00 6 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-hestia-all"') | crontab -
(crontab -l 2>/dev/null; echo '*/5 * * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-rrd"') | crontab -
(crontab -l 2>/dev/null; echo '20 00 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-user-stats"') | crontab -
(crontab -l 2>/dev/null; echo '10 05 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-backup-users"') | crontab -
(crontab -l 2>/dev/null; echo '*/5 * * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue backup"') | crontab -
(crontab -l 2>/dev/null; echo '30 03 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue webstats"') | crontab -
(crontab -l 2>/dev/null; echo '10 00 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue traffic"') | crontab -
(crontab -l 2>/dev/null; echo '15 02 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue disk"') | crontab -
(crontab -l 2>/dev/null; echo '10 00 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue daily"') | crontab -
(crontab -l 2>/dev/null; echo '*/2 * * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue restart"') | crontab -

Использование

5) Open in browser - https://<yourip>:8083/

Панель управления

login: admin

mail: [email protected]

password: changethispassword

host: localhost.localdomain

SSH

ssh [email protected]<yourip> -p 23
root password: changethispassword

Hestia CP

Быстрый доступ:

Data base web access:
https://<YourSite>/phpmyadmin/
(Opens for any your site/Access for all databases):

Web Mail:
https://webmail.<YourSite>/ or alias https://mail.<YourSite>/
(Opens for any your site where enabled mail authorization works for all mail accounts added in Control Panel)

Stats:
https://<YourSite>/vstats/
(Opens for any your site where enabled stats/Stats for only this site)
(You must enable the password so that no one else can access the statistics)

Mail:

Username: Email address - <Yourmail> / Email address and Site - <<Yourmail>.<Yoursite>>

IMAP/POP3, SMTP Hostname: mail.<YourSite> (not imap.<YourSite>/pop.<YourSite>, smtp.<YourSite>)

IMAP - Incoming mail server

143 - No secure
143 - STARTTLS
993 - SSL

POP3 - Incoming mail

110 - No secure
110 - STARTTLS
995 - SSL

SMTP - Outgoing mail server

25/587 - No secure
Auto - STARTTLS
465 - SSL/TLS

FTP:

ftp.<YourSite>:21

or

<YourIp>:21

MySQL

see root password:

cat /usr/local/hestia/conf/mysql.conf

Settings:

  • 1 Site on multiple domains or subdomains:

1) Add site test1.com 2) Add aliases sub.test2.com

And the site test1.com will be available at sub.test2.com

  • Catch all email:

MAIL — [domain] — Edit domain mail — Catch-All Email

  • Subdomain:

Just add site like subdomain.mysite.com

  • Control panel as a subdomain and use in subdomains other services like gitlab:

Use Nginx proxy manager or Traefik

Nginx proxy manager

1) docker run -d \
 --name=Proxy-Manager  \
 --network host -e TZ=Europe/Moscow --restart=always \
 -e DB_MYSQL_HOST=IP -e DB_MYSQL_NAME=Proxy-Manager -e DB_MYSQL_USER=DataBaseUser -e DB_MYSQL_PASSWORD=Password -e DB_MYSQL_PORT=3307 \
 --volume /Docker/Proxy-Manager/data:/data --volume /Docker/Proxy-Manager/letsencrypt:/etc/letsencrypt \
jc21/nginx-proxy-manager:github-real_ip
docker cp Proxy-Manager:/app/config/default.json /root/default.json
cp default.json production.json
rm default.json
Change base in production.json
docker cp production.json Proxy-Manager:/app/config/production.json
Info

Used ports:

81, 80, 443

https://IP:81

Email: [email protected]

Password: changeme

Clean logs
0 * * * * rm -rf /Docker/Proxy-Manager/data/logs/*
Config

HTTPS

proxy_set_header Accept-Encoding ""; # no compression allowed
sub_filter "https://" "https://";
sub_filter_once off;

Real IP

proxy_set_header X-Real-IP $remote_addr;

Other

Change default passwords

root:
echo 'root:yournewpassword' | chpasswd

admin:
echo 'admin:yournewpassword' | chpasswd

Cron

View CRON tasks for different users:
crontab -u root -l #standard system user
crontab -u admin -l #standard control panel user
crontab -u hosting -l #example user of control panel

Rights:

rootsudowithout sudo
command++
command run script++
cron run script
adminsudowithout sudo
command++
command run script+
cron run script
hostingsudowithout sudo
command+
command run script+
cron run script
System to Dockersudowithout sudo
command+
command run script+
cron run script+
Example
System to Docker:
0 * * * * * sudo -u root docker exec Hestia-CP su - hosting -c "/bin/bash /home/hosting/web/Script.sh |& tee -a /home/hosting/web/Script.log"
Also:

* Get access to the terminal as user of Control Panel
Edit user in Control Panel settings (system /etc/passwd)

* Should always specify the full path (Home folder for terminal commands /usr/local/hestia/bin/)
Example:
hosting example user: /bin/bash /home/hosting/web/Script.sh |& tee -a /home/hosting/web/Script.log

Logs

See system logs inside the container:
cat /var/log/syslog

See the CRON logs:
grep CRON /var/log/syslog

Backup

/var/lib/docker/volumes/Hestia-home       #/home   - Websites
/var/lib/docker/volumes/Hestia-usr        #/usr    - Control panel (/usr/local/hestia)
/var/lib/docker/volumes/Hestia-backup     #/backup - Backups
/var/lib/docker/volumes/Hestia-etc        #/etc    - Configs
/var/lib/docker/volumes/Hestia-var        #/var    - Logs: system (/var/log/syslog), control panel (/var/log/hestia/)

After restore:

1) Update password

admin:
echo 'admin:yournewpassword' | chpasswd

2) Update access to the terminal as user of Control Panel if this was used

Hestia CP Копии

v-restore-user USER BACKUP [WEB] [DNS] [MAIL] [DB] [CRON] [UDIR] [NOTIFY]

Пример:

Востановить WEB каждые 15 минут (Для демо сайта)
*/15 * * * * sudo -u root docker exec Hestia-CP su - root -c "/usr/local/hestia/bin/v-restore-user user user.xxxx-xx-xx_xx-xx-xx.tar 'site.com' no no no no no no"

Удаление

1) docker exec Hestia-CP bash -c 'userdel -rfRZ admin' && docker container rm --force Hestia-CP
2) mv /var/lib/docker/volumes/Hestia-home/ /tmp && docker volume rm --force Hestia-usr && docker volume rm --force Hestia-backup && docker volume rm --force Hestia-etc && docker volume rm --force Hestia-var && reboot

Ошибки

ОшибкаРешение
502Перезагрузите контейнер
При обновлении панели управления пароль администратора сбрасывается по умолчаниюНе используйте cron «/usr/local/hestia/bin/v-update-sys-hestia-all»
Не удается удалить volume Hestia-homemv /var/lib/docker/volumes/Hestia-home/_data /tmp && reboot

Если вы нашли ошибку, пожалуйста, выделите фрагмент текста и нажмите Ctrl+Enter.

Подписаться
Уведомить о
guest
4 комментариев
Старые
Новые Популярные
Межтекстовые Отзывы
Посмотреть все комментарии
Alexander

Спасибо за статью!

Alexander

Подскажите как правильно «завернуть» в docker-compose и связать с Nginx Proxy Manager. Заранее спасибо.

Eduard Eduard

1) Создайте docker-compose nano docker-compose.yml 2) Вставьте следующее version: '3' services:   nginxproxy:     container_name: Proxy-Manager     image: jc21/nginx-proxy-manager:github-real_ip     volumes:       - /Docker/Proxy-Manager/data:/data       - /Docker/Proxy-Manager/letsencrypt:/etc/letsencrypt \     restart: always     network_mode: host     environment:       TZ: Europe/Moscow       DB_MYSQL_HOST: IP       DB_MYSQL_NAME: Proxy-Manager       DB_MYSQL_USER: DataBaseUser       DB_MYSQL_PASSWORD: Password       DB_MYSQL_PORT: 3307   hestiacp:     privileged: true     container_name: Hestia-CP     hostname: 'cp.yourdomain.com'     image: smied/hestia-cp:latest     volumes:       - Hestia-home:/home       - Hestia-usr:/usr       - Hestia-backup:/backup       - Hestia-etc:/etc       - Hestia-var:/var       - /sys/fs/cgroup:/sys/fs/cgroup:ro     restart: always     network_mode: host     environment:       TZ: Europe/Moscow     tmpfs:      - /tmp      - /run      - /run/lock volumes:  Hestia-home:  Hestia-usr:  Hestia-backup:  Hestia-etc:  Hestia-var: 3) Запускайте docker-compose -f docker-compose.yml --project-name WEB-Server up -d 4) Поменять порты в контейнере Hestia-CP docker exec -ti Hestia-CP… Подробнее »

Repliseen

How to Configure Nginx to Execute PHP Using PHP-FPM (remove apache2)? 

4
0
Оставьте комментарий! Напишите, что думаете по поводу статьи.x
()
x

Сообщить об опечатке

Текст, который будет отправлен нашим редакторам: