Vesta CP — это панель управления с открытым исходным кодом.
Установка
Установка Docker
Ubuntu
1)
`#Install docker` sudo apt install docker.io -y
`#Start docker` sudo systemctl start docker
`#Autostart docker` sudo systemctl enable docker
`#Freeing port 53` sudo systemctl stop systemd-resolved && sudo systemctl disable systemd-resolved && sudo rm /etc/resolv.conf && sudo echo -e "nameserver 8.8.8.8\nnameserver 8.8.4.4" >> /etc/resolv.conf && sudo sed -i 's/main]/main] \ndns=default/' /etc/NetworkManager/NetworkManager.conf && sudo service network-manager restartCentOS
1)
`#Install docker` yum install docker -y
`#Start docker` systemctl start docker
`#Autostart docker` systemctl enable docker
`#Freeing port 25` systemctl stop postfix && systemctl disable postfix Fedora
1)
`#Install docker` sudo dnf install docker -y
`#Start docker` sudo systemctl start docker
`#Autostart docker` sudo systemctl enable docker
`#Switch to cgroup v1` sudo dnf install grubby -y && sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"
`#Reboot system` rebootСкачать Control Panel
2) sudo docker pull smied/vesta-cp:latest `#Download/update image`Install Control Panel on Ubuntu/CentOS/Fedora
Using the docker network (you will not see the real ip of users, but you can conveniently reassign ports)
3.1) sudo docker network create `#Docker network for made static ip of container` \
--driver=bridge \
--subnet 10.1.0.0/16 \
--ip-range 10.1.1.0/24 \
--gateway=10.1.0.1 \
Docker_Networkor in one line
3.1) sudo docker network create --driver=bridge --subnet 10.1.0.0/16 --ip-range 10.1.1.0/24 --gateway=10.1.0.1 Docker_Network3.2) sudo docker run -d \
--privileged `#(For iptables work)` \
--name=Vesta-CP -e TZ=Europe/Moscow --restart=always `#Set your time zone` \
--hostname cp.yourdomain.com `#Set your hostname` \
--network Docker_Network --ip=10.1.1.30 \
-p 8083:8083/tcp -p 23:23/tcp -p 80:80/tcp -p 443:443/tcp -p 20:20/tcp -p 21:21/tcp -p 12000-12100:12000-12100/tcp -p 25:25/tcp -p 53:53/udp -p 53:53/tcp -p 465:465/tcp -p 587:587/tcp -p 110:110/tcp -p 993:993/tcp -p 995:995/tcp -p 143:143/tcp -p 3306:3306 \
--volume Vesta-home:/home -v Vesta-usr:/usr -v Vesta-backup:/backup -v Vesta-etc:/etc -v Vesta-var:/var `#(For backup work)` \
--tmpfs /tmp --tmpfs /run --tmpfs /run/lock `#(For systemd work)` \
-v /sys/fs/cgroup:/sys/fs/cgroup:ro `#(For systemd work)` \
smied/vesta-cp:latestor in one line
3.2) sudo docker run -d --privileged --name=Vesta-CP -e TZ=Europe/Moscow --restart=always --hostname cp.yourdomain.com --net Docker_Network --ip=10.1.1.30 -p 8083:8083/tcp -p 23:23/tcp -p 80:80/tcp -p 443:443/tcp -p 20:20/tcp -p 21:21/tcp -p 12000-12100:12000-12100/tcp -p 25:25/tcp -p 53:53/udp -p 53:53/tcp -p 465:465/tcp -p 587:587/tcp -p 110:110/tcp -p 993:993/tcp -p 995:995/tcp -p 143:143/tcp -p 3306:3306 --volume Vesta-home:/home -v Vesta-usr:/usr -v Vesta-backup:/backup -v Vesta-etc:/etc -v Vesta-var:/var --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro smied/vesta-cp:latestUsing the host network (you will see the real ip of users, but you can’t conveniently reassign ports)
3.1) sudo echo -e "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf && sysctl -p /etc/sysctl.conf3.2) sudo docker run -d \
--privileged `#(For iptables work)` \
--name=Vesta-CP -e TZ=Europe/Moscow --restart=always `#Set your time zone` \
--hostname cp.yourdomain.com `#Set your hostname` \
--network host \
--volume Vesta-home:/home -v Vesta-usr:/usr -v Vesta-backup:/backup -v Vesta-etc:/etc -v Vesta-var:/var `#(For backup work)` \
--tmpfs /tmp --tmpfs /run --tmpfs /run/lock `#(For systemd work)` \
-v /sys/fs/cgroup:/sys/fs/cgroup:ro `#(For systemd work)` \
smied/vesta-cp:latestor in one line
3.2) sudo docker run -d --privileged --name=Vesta-CP -e TZ=Europe/Moscow --restart=always --hostname cp.yourdomain.com --network host --volume Vesta-home:/home -v Vesta-usr:/usr -v Vesta-backup:/backup -v Vesta-etc:/etc -v Vesta-var:/var --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro smied/vesta-cp:latestCron
4) `# Add admin default cron to your system`
(crontab -l 2>/dev/null; echo '00 6 * * * sudo -u root docker exec Vesta-CP su - admin -c "sudo /usr/local/vesta/bin/v-update-sys-vesta-all"') | crontab -
(crontab -l 2>/dev/null; echo '*/5 * * * * sudo -u root docker exec Vesta-CP su - admin -c "sudo /usr/local/vesta/bin/v-update-sys-rrd"') | crontab -
(crontab -l 2>/dev/null; echo '20 00 * * * sudo -u root docker exec Vesta-CP su - admin -c "sudo /usr/local/vesta/bin/v-update-user-stats"') | crontab -
(crontab -l 2>/dev/null; echo '10 05 * * * sudo -u root docker exec Vesta-CP su - admin -c "sudo /usr/local/vesta/bin/v-backup-users"') | crontab -
(crontab -l 2>/dev/null; echo '*/5 * * * * sudo -u root docker exec Vesta-CP su - admin -c "sudo /usr/local/vesta/bin/v-update-sys-queue backup"') | crontab -
(crontab -l 2>/dev/null; echo '30 03 * * * sudo -u root docker exec Vesta-CP su - admin -c "sudo /usr/local/vesta/bin/v-update-sys-queue webstats"') | crontab -
(crontab -l 2>/dev/null; echo '10 00 * * * sudo -u root docker exec Vesta-CP su - admin -c "sudo /usr/local/vesta/bin/v-update-sys-queue traffic"') | crontab -
(crontab -l 2>/dev/null; echo '15 02 * * * sudo -u root docker exec Vesta-CP su - admin -c "sudo /usr/local/vesta/bin/v-update-sys-queue disk"') | crontab -Usage
5) Open in browser - https://<yourip>:8083/Control Panel
login: admin
mail: [email protected]
password: changethispassword
host: localhost.localdomainSSH
ssh [email protected]<yourip> -p 23root password: changethispasswordVesta CP
Quick acces:
Data base web access:
https://<YourSite>/phpmyadmin/
(Opens for any your site/Access for all databases):
Web Mail:
https://webmail.<YourSite>/
(Opens for any your site where enabled mail authorization works for all mail accounts added in Control Panel)
Stats:
https://<YourSite>/vstats/
(Opens for any your site where enabled stats/Stats for only this site)
(You must enable the password so that no one else can access the statistics)Mail:
Email address/Username: <<Yourmail>.<Yoursite>>
IMAP/SMTP Hostname: mail.<YourSite>
IMAP - Incoming mail server
143 - without ssl
993 - ssl
SMTP - Outgoing mail server
25 - without ssl
465/587 - sslFTP:
ftp.<YourSite>:21
or
<YourIp>:21MySQL
see root password:
cat /usr/local/vesta/conf/mysql.confSettings:
- 1 Site on multiple domains or subdomains:
1) Add site test1.com 2) Add aliases sub.test2.com
And the site test1.com will be available at sub.test2.com
- Catch all email:
MAIL — [domain] — Edit domain mail — Catch-All Email
- Subdomain:
Just add site like subdomain.mysite.com
- Control panel as a subdomain and use in subdomains other services like gitlab:
Use Nginx proxy manager or Traefik
Nginx proxy manager
1) docker run -d \
--name=Proxy-Manager \
--network host -e TZ=Europe/Moscow --restart=always \
-e DB_MYSQL_HOST=IP -e DB_MYSQL_NAME=Proxy-Manager -e DB_MYSQL_USER=DataBaseUser -e DB_MYSQL_PASSWORD=Password -e DB_MYSQL_PORT=3307 \
--volume /Docker/Proxy-Manager/data:/data --volume /Docker/Proxy-Manager/letsencrypt:/etc/letsencrypt \
jc21/nginx-proxy-manager:github-real_ipdocker cp Proxy-Manager:/app/config/default.json /root/default.json
cp default.json production.json
rm default.json
Change base in production.json
docker cp production.json Proxy-Manager:/app/config/production.jsonInfo
Used ports:
81, 80, 443
Email: [email protected]
Password: changeme
Clean logs
0 * * * * rm -rf /Docker/Proxy-Manager/data/logs/*Config
HTTPS
proxy_set_header Accept-Encoding ""; # no compression allowed
sub_filter "https://" "https://";
sub_filter_once off;Real IP
proxy_set_header X-Real-IP $remote_addr;Other
Change default passwords
root:
echo 'root:yournewpassword' | chpasswd
admin:
echo 'admin:yournewpassword' | chpasswdCron
View CRON tasks for different users:
crontab -u root -l #standard system user
crontab -u admin -l #standard control panel user
crontab -u hosting -l #example user of control panelRights:
| root | sudo | without sudo |
|---|---|---|
| command | + | + |
| command run script | + | + |
| cron run script | — | — |
| admin | sudo | without sudo |
|---|---|---|
| command | + | + |
| command run script | + | — |
| cron run script | — | — |
| hosting | sudo | without sudo |
|---|---|---|
| command | — | + |
| command run script | — | + |
| cron run script | — | — |
| System to Docker | sudo | without sudo |
|---|---|---|
| command | + | — |
| command run script | + | — |
| cron run script | + | — |
Example
System to Docker:
0 * * * * * sudo -u root docker exec Vesta-CP su - hosting -c "/bin/bash /home/hosting/web/Script.sh |& tee -a /home/hosting/web/Script.log"Also:
* Get access to the terminal as user of Control Panel
Edit user in Control Panel settings (system /etc/passwd)
* Should always specify the full path (Home folder for terminal commands /usr/local/vesta/bin/)
Example:
hosting example user: /bin/bash /home/hosting/web/Script.sh |& tee -a /home/hosting/web/Script.logLogs
See system logs inside the container:
cat /var/log/syslog
See the CRON logs:
grep CRON /var/log/syslogBackup
/var/lib/docker/volumes/Vesta-home #/home - Websites
/var/lib/docker/volumes/Vesta-usr #/usr - Control panel (/usr/local/vesta)
/var/lib/docker/volumes/Vesta-backup #/backup - Backups
/var/lib/docker/volumes/Vesta-etc #/etc - Configs
/var/lib/docker/volumes/Vesta-var #/var - Logs: system (/var/log/syslog), control panel (/var/log/vesta/)
After restore:
1) Update password
admin:
echo 'admin:yournewpassword' | chpasswd
2) Update access to the terminal as user of Control Panel if this was usedПроблемы
| Проблемы | Решение |
|---|---|
| 502 | Перезагрузите контейнер |
| При обновлении панели управления пароль администратора сбрасывается по умолчанию | Не используйте cron «/usr/local/hestia/bin/v-update-sys-hestia-all» |
Если вы нашли ошибку, пожалуйста, выделите фрагмент текста и нажмите Ctrl+Enter.
