Hestia CP – is an open source control panel.

Install

Install Docker

Ubuntu

1)
`#Install docker`       sudo apt install docker.io -y                                                                               
`#Start docker`         sudo systemctl start docker                                                                                 
`#Autostart docker`     sudo systemctl enable docker                                                                                
`#Freeing port 53`      sudo systemctl stop systemd-resolved && sudo systemctl disable systemd-resolved && sudo rm /etc/resolv.conf && sudo echo -e "nameserver 8.8.8.8\nnameserver 8.8.4.4" >> /etc/resolv.conf && sudo sed -i 's/main]/main] \ndns=default/' /etc/NetworkManager/NetworkManager.conf && sudo service network-manager restart

CentOS

1)
`#Install docker`       yum install docker -y                                                                                       
`#Start docker`         systemctl start docker                                                                                      
`#Autostart docker`     systemctl enable docker                                                                                     
`#Freeing port 25`      systemctl stop postfix && systemctl disable postfix                                                         

Fedora

1)
`#Install docker`       sudo dnf install docker -y                                                                                  
`#Start docker`         sudo systemctl start docker                                                                                 
`#Autostart docker`     sudo systemctl enable docker                                                                                
`#Switch to cgroup v1`  sudo dnf install grubby -y && sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"   
`#Reboot system`        reboot

Download Control Panel

2) sudo docker pull smied/hestia-cp:latest `#Download/update image`

Install Control Panel on Ubuntu/CentOS/Fedora

Using the docker network (you will not see the real ip of users, but you can conveniently reassign ports)

3.1) sudo docker network create `#Docker network for made static ip of container` \
  --driver=bridge \
  --subnet 10.1.0.0/16 \
  --ip-range 10.1.1.0/24 \
  --gateway=10.1.0.1 \
  Docker_Network

or in one line

3.1) sudo docker network create --driver=bridge --subnet 10.1.0.0/16 --ip-range 10.1.1.0/24 --gateway=10.1.0.1 Docker_Network
3.2) sudo docker run -d \
--privileged                                                                                                    `#(For iptables work)` \
--name=Hestia-CP -e TZ=Europe/Moscow --restart=always                                                           `#Set your time zone` \
--hostname cp.yourdomain.com                                                                                    `#Set your hostname` \
--network Docker_Network --ip=10.1.1.30                                                                                              \
-p 8083:8083/tcp -p 23:23/tcp -p 80:80/tcp -p 443:443/tcp -p 20:20/tcp -p 21:21/tcp -p 12000-12100:12000-12100/tcp -p 25:25/tcp -p 53:53/udp -p 53:53/tcp -p 465:465/tcp -p 587:587/tcp -p 110:110/tcp -p 993:993/tcp -p 995:995/tcp -p 143:143/tcp -p 3306:3306 \
--volume Hestia-home:/home -v Hestia-usr:/usr -v Hestia-backup:/backup -v Hestia-etc:/etc -v Hestia-var:/var    `#(For backup work)` \
--tmpfs /tmp --tmpfs /run --tmpfs /run/lock                                                                     `#(For systemd work)` \
-v /sys/fs/cgroup:/sys/fs/cgroup:ro                                                                             `#(For systemd work)` \
smied/hestia-cp:latest

or in one line

3.2) sudo docker run -d --privileged --name=Hestia-CP -e TZ=Europe/Moscow --restart=always --hostname cp.yourdomain.com --net Docker_Network --ip=10.1.1.30 -p 8083:8083/tcp -p 23:23/tcp -p 80:80/tcp -p 443:443/tcp -p 20:20/tcp -p 21:21/tcp -p 12000-12100:12000-12100/tcp -p 25:25/tcp -p 53:53/udp -p 53:53/tcp -p 465:465/tcp -p 587:587/tcp -p 110:110/tcp -p 993:993/tcp -p 995:995/tcp -p 143:143/tcp -p 3306:3306 --volume Hestia-home:/home -v Hestia-usr:/usr -v Hestia-backup:/backup -v Hestia-etc:/etc -v Hestia-var:/var --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro smied/hestia-cp:latest

Using the host network (you will see the real ip of users, but you can’t conveniently reassign ports)

3.1) sudo echo -e "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf && sysctl -p /etc/sysctl.conf
3.2) sudo docker run -d \
--privileged                                                                                                    `#(For iptables work)` \
--name=Hestia-CP -e TZ=Europe/Moscow --restart=always                                                           `#Set your time zone` \
--hostname cp.yourdomain.com                                                                                    `#Set your hostname` \
--network host                                                                                                                       \
--volume Hestia-home:/home -v Hestia-usr:/usr -v Hestia-backup:/backup -v Hestia-etc:/etc -v Hestia-var:/var    `#(For backup work)` \
--tmpfs /tmp --tmpfs /run --tmpfs /run/lock                                                                     `#(For systemd work)` \
-v /sys/fs/cgroup:/sys/fs/cgroup:ro                                                                             `#(For systemd work)` \
smied/hestia-cp:latest

or in one line

3.2) sudo docker run -d --privileged --name=Hestia-CP -e TZ=Europe/Moscow --restart=always --hostname cp.yourdomain.com --network host --volume Hestia-home:/home -v Hestia-usr:/usr -v Hestia-backup:/backup -v Hestia-etc:/etc -v Hestia-var:/var --tmpfs /tmp --tmpfs /run --tmpfs /run/lock -v /sys/fs/cgroup:/sys/fs/cgroup:ro smied/hestia-cp:latest

Cron

4) `# Add admin default cron to your system`
(crontab -l 2>/dev/null; echo '00 6 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-hestia-all"') | crontab -
(crontab -l 2>/dev/null; echo '*/5 * * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-rrd"') | crontab -
(crontab -l 2>/dev/null; echo '20 00 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-user-stats"') | crontab -
(crontab -l 2>/dev/null; echo '10 05 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-backup-users"') | crontab -
(crontab -l 2>/dev/null; echo '*/5 * * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue backup"') | crontab -
(crontab -l 2>/dev/null; echo '30 03 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue webstats"') | crontab -
(crontab -l 2>/dev/null; echo '10 00 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue traffic"') | crontab -
(crontab -l 2>/dev/null; echo '15 02 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue disk"') | crontab -
(crontab -l 2>/dev/null; echo '10 00 * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue daily"') | crontab -
(crontab -l 2>/dev/null; echo '*/2 * * * * sudo -u root docker exec Hestia-CP su - admin -c "sudo /usr/local/hestia/bin/v-update-sys-queue restart"') | crontab -

Usage

5) Open in browser - https://<yourip>:8083/

Control Panel

login: admin

mail: [email protected]

password: changethispassword

host: localhost.localdomain

SSH

ssh [email protected]<yourip> -p 23
root password: changethispassword

Hestia CP

Quick acces:

Data base web access:
https://<YourSite>/phpmyadmin/
(Opens for any your site/Access for all databases):

Web Mail:
https://webmail.<YourSite>/ or alias https://mail.<YourSite>/
(Opens for any your site where enabled mail authorization works for all mail accounts added in Control Panel)

Stats:
https://<YourSite>/vstats/
(Opens for any your site where enabled stats/Stats for only this site)
(You must enable the password so that no one else can access the statistics)

Mail:

Username: Email address - <Yourmail> / Email address and Site - <<Yourmail>.<Yoursite>>

IMAP/POP3, SMTP Hostname: mail.<YourSite> (not imap.<YourSite>/pop.<YourSite>, smtp.<YourSite>)

IMAP - Incoming mail server

143 - No secure
143 - STARTTLS
993 - SSL

POP3 - Incoming mail

110 - No secure
110 - STARTTLS
995 - SSL

SMTP - Outgoing mail server

25/587 - No secure
Auto - STARTTLS
465 - SSL/TLS

FTP:

ftp.<YourSite>:21

or

<YourIp>:21

MySQL

see root password:

cat /usr/local/hestia/conf/mysql.conf

Settings:

  • 1 Site on multiple domains or subdomains:
  1. Add site test1.com
  2. Add aliases sub.test2.com

And the site test1.com will be available at sub.test2.com

  • Catch all email:

MAIL – [domain] – Edit domain mail – Catch-All Email

  • Subdomain:

Just add site like subdomain.mysite.com

  • Control panel as a subdomain and use in subdomains other services like gitlab:

Use Nginx proxy manager or Traefik

Other

Change default passwords

root:
echo 'root:yournewpassword' | chpasswd

admin:
echo 'admin:yournewpassword' | chpasswd

Cron

View CRON tasks for different users:
crontab -u root -l #standard system user
crontab -u admin -l #standard control panel user
crontab -u hosting -l #example user of control panel

Rights:

root sudo without sudo
command + +
command run script + +
cron run script
admin sudo without sudo
command + +
command run script +
cron run script
hosting sudo without sudo
command +
command run script +
cron run script
System to Docker sudo without sudo
command +
command run script +
cron run script +
Example
System to Docker:
0 * * * * * sudo -u root docker exec Hestia-CP su - hosting -c "/bin/bash /home/hosting/web/Script.sh |& tee -a /home/hosting/web/Script.log"
Also:

* Get access to the terminal as user of Control Panel
Edit user in Control Panel settings (system /etc/passwd)

* Should always specify the full path (Home folder for terminal commands /usr/local/hestia/bin/)
Example:
hosting example user: /bin/bash /home/hosting/web/Script.sh |& tee -a /home/hosting/web/Script.log

Logs

See system logs inside the container:
cat /var/log/syslog

See the CRON logs:
grep CRON /var/log/syslog

Manual update CP inside the container

docker exec -ti Hestia-CP bash
sudo /usr/local/hestia/bin/v-update-sys-hestia-all
echo 'admin:yournewpassword' | chpasswd

Backup Docker

/var/lib/docker/volumes/Hestia-home       #/home   - Websites
/var/lib/docker/volumes/Hestia-usr        #/usr    - Control panel (/usr/local/hestia)
/var/lib/docker/volumes/Hestia-backup     #/backup - Backups
/var/lib/docker/volumes/Hestia-etc        #/etc    - Configs
/var/lib/docker/volumes/Hestia-var        #/var    - Logs: system (/var/log/syslog), control panel (/var/log/hestia/)

After restore:

1) Update password

admin:
echo 'admin:yournewpassword' | chpasswd

2) Update access to the terminal as user of Control Panel if this was used

Hestia CP Backups and Restore


v-backup-users (Enabled by default in cron)
v-backup-user

Examples:

Backup 2 users
sudo -u root docker exec Hestia-CP su - root -c "/usr/local/hestia/bin/v-backup-user hosting && /usr/local/hestia/bin/v-backup-user hosting2"

Backup 2 users by cron (Every Friday at 5)
0 5 * * 5 sudo -u root docker exec Hestia-CP su - root -c "/usr/local/hestia/bin/v-backup-user hosting && /usr/local/hestia/bin/v-backup-user hosting2"

v-restore-user USER BACKUP [WEB] [DNS] [MAIL] [DB] [CRON] [UDIR] [NOTIFY]

Examples:

Restore WEB every 15 minutes (For demo site)
*/15 * * * * sudo -u root docker exec Hestia-CP su - root -c "/usr/local/hestia/bin/v-restore-user hosting hosting.xxxx-xx-xx_xx-xx-xx.tar 'site.com' no no no no no no"

Restore WEB for site1.com,site2.com, DNS for all sites
/usr/local/hestia/bin/v-restore-user hosting hosting.xxxx-xx-xx_xx-xx-xx.tar 'site1.com,site2.com' '*' no no no no no

Step by step for site
/usr/local/hestia/bin/v-restore-user hosting hosting.xxxx-xx-xx_xx-xx-xx.tar 'site1.com' no no no no no no
/usr/local/hestia/bin/v-restore-user hosting hosting.xxxx-xx-xx_xx-xx-xx.tar no 'site1.com' no no no no no
/usr/local/hestia/bin/v-restore-user hosting hosting.xxxx-xx-xx_xx-xx-xx.tar no no 'site1.com' no no no no
/usr/local/hestia/bin/v-restore-user hosting hosting.xxxx-xx-xx_xx-xx-xx.tar no no no 'site1.com' no no no

Restore database manualy from archive hosting.xxxx-xx-xx_xx-xx-xx.tar/db/hosting_dbuser/hosting_dbname.mysql.sql.gz/hosting_dbname.mysql.sql
mysql --user=hosting_dbuser --password=password hosting_dbname < /home/hosting/Disk/hosting_dbname.mysql.sql

Transfer files from user to user with saving attributes

Make folder for extra files on server

as root

mkdir /home/hosting/Disk/
mkdir /home/hosting2/Disk/
chmod -R 777 /home/hosting/Disk/
chmod -R 777 /home/hosting2/Disk/
tar -zcvpf /home/hosting2/files.tgz /home/hosting/Disk
su - hosting2 -c "tar -zxvpf /home/hosting2/files.tgz -C /home/hosting2/Disk/"
rm /home/hosting2/files.tgz

Uninstall

1) docker exec Hestia-CP bash -c 'userdel -rfRZ admin' && docker container rm --force Hestia-CP
2) mv /var/lib/docker/volumes/Hestia-home/ /tmp && docker volume rm --force Hestia-usr && docker volume rm --force Hestia-backup && docker volume rm --force Hestia-etc && docker volume rm --force Hestia-var && reboot

Issues

Issue Solution
502 Reboot container
When control panel updated, admin password is reset to default Don’t use cron “/usr/local/hestia/bin/v-update-sys-hestia-all”
Can’t delete volume Hestia-home mv /var/lib/docker/volumes/Hestia-home/_data /tmp && reboot

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.

Subscribe
Notify of
guest
0 комментариев
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x

Spelling error report

The following text will be sent to our editors: