bayrepo/hestiacp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial

Browse Source
This commit is contained in:
Alexey Berezhok
2024-03-19 22:05:27 +03:00
commit 346a50856b
1572 changed files with 182163 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

163
docs/.vitepress/config.js Normal file
View File

@@ -0,0 +1,163 @@
import { defineConfig } from 'vitepress';
import { version } from '../../package.json';
export default defineConfig({
lang: 'en-US',
title: 'Hestia Control Panel',
description: 'Open-source web server control panel.',
lastUpdated: true,
cleanUrls: false,
head: [
['link', { rel: 'icon', sizes: 'any', href: '/favicon.ico' }],
['link', { rel: 'icon', type: 'image/svg+xml', sizes: '16x16', href: '/logo.svg' }],
['link', { rel: 'apple-touch-icon', sizes: '180x180', href: '/apple-touch-icon.png' }],
['link', { rel: 'manifest', href: '/site.webmanifest' }],
['meta', { name: 'theme-color', content: '#b7236a' }],
],
themeConfig: {
logo: '/logo.svg',
nav: nav(),
socialLinks: [
{ icon: 'github', link: 'https://github.com/hestiacp/hestiacp' },
{ icon: 'twitter', link: 'https://twitter.com/HestiaPanel' },
{ icon: 'facebook', link: 'https://www.facebook.com/hestiacp' },
],
sidebar: { '/docs/': sidebarDocs() },
outline: [2, 3],
editLink: {
pattern: 'https://github.com/hestiacp/hestiacp/edit/main/docs/:path',
text: 'Edit this page on GitHub',
},
footer: {
message: 'Released under the GPLv3 License.',
copyright: 'Copyright © 2019-present Hestia Control Panel',
},
algolia: {
appId: 'V04P0P5D2R',
apiKey: '7a90a3ac7f9313f174c50b0f301f7ec6',
indexName: 'hestia_cp',
},
},
});
/** @returns {import("vitepress").DefaultTheme.NavItem[]} */
function nav() {
return [
{ text: 'Features', link: '/features.md' },
{ text: 'Install', link: '/install.md' },
{ text: 'Documentation', link: '/docs/introduction/getting-started.md', activeMatch: '/docs/' },
{ text: 'Team', link: '/team.md' },
{ text: 'Demo', link: 'https://demo.hestiacp.com:8083/' },
{ text: 'Forum', link: 'https://forum.hestiacp.com/' },
{ text: 'Donate', link: '/donate.md' },
{
text: `v${version}`,
items: [
{
text: 'Changelog',
link: 'https://github.com/hestiacp/hestiacp/blob/main/CHANGELOG.md',
},
{
text: 'Contributing',
link: 'https://github.com/hestiacp/hestiacp/blob/main/CONTRIBUTING.md',
},
{
text: 'Security policy',
link: 'https://github.com/hestiacp/hestiacp/blob/main/SECURITY.md',
},
],
},
];
}
/** @returns {import("vitepress").DefaultTheme.SidebarItem[]} */
function sidebarDocs() {
return [
{
text: 'Introduction',
collapsed: false,
items: [
{ text: 'Getting started', link: '/docs/introduction/getting-started.md' },
{ text: 'Best practices', link: '/docs/introduction/best-practices.md' },
],
},
{
text: 'User guide',
collapsed: false,
items: [
{ text: 'Account', link: '/docs/user-guide/account.md' },
{ text: 'Backups', link: '/docs/user-guide/backups.md' },
{ text: 'Cron jobs', link: '/docs/user-guide/cron-jobs.md' },
{ text: 'Databases', link: '/docs/user-guide/databases.md' },
{ text: 'DNS', link: '/docs/user-guide/dns.md' },
{ text: 'File manager', link: '/docs/user-guide/file-manager.md' },
{ text: 'Mail domains', link: '/docs/user-guide/mail-domains.md' },
{ text: 'Notifications', link: '/docs/user-guide/notifications.md' },
{ text: 'Packages', link: '/docs/user-guide/packages.md' },
{ text: 'Statistics', link: '/docs/user-guide/statistics.md' },
{ text: 'Users', link: '/docs/user-guide/users.md' },
{ text: 'Web domains', link: '/docs/user-guide/web-domains.md' },
],
},
{
text: 'Server administration',
collapsed: false,
items: [
{ text: 'Backup & restore', link: '/docs/server-administration/backup-restore.md' },
{ text: 'Configuration', link: '/docs/server-administration/configuration.md' },
{ text: 'Customisation', link: '/docs/server-administration/customisation.md' },
{ text: 'Databases & phpMyAdmin', link: '/docs/server-administration/databases.md' },
{ text: 'DNS clusters & DNSSEC', link: '/docs/server-administration/dns.md' },
{ text: 'Email', link: '/docs/server-administration/email.md' },
{ text: 'File manager', link: '/docs/server-administration/file-manager.md' },
{ text: 'Firewall', link: '/docs/server-administration/firewall.md' },
{ text: 'OS upgrades', link: '/docs/server-administration/os-upgrades.md' },
{ text: 'Rest API', link: '/docs/server-administration/rest-api.md' },
{ text: 'SSL certificates', link: '/docs/server-administration/ssl-certificates.md' },
{ text: 'Web templates & caching', link: '/docs/server-administration/web-templates.md' },
{ text: 'Troubleshooting', link: '/docs/server-administration/troubleshooting.md' },
],
},
{
text: 'Contributing',
collapsed: false,
items: [
{ text: 'Building Packages', link: '/docs/contributing/building.md' },
{ text: 'Development', link: '/docs/contributing/development.md' },
{ text: 'Documentation', link: '/docs/contributing/documentation.md' },
{ text: 'Quick install app', link: '/docs/contributing/quick-install-app.md' },
{ text: 'Testing', link: '/docs/contributing/testing.md' },
{ text: 'Translations', link: '/docs/contributing/translations.md' },
],
},
{
text: 'Community',
collapsed: false,
items: [
{ text: 'Hestia Nginx Cache', link: '/docs/community/hestia-nginx-cache.md' },
{
text: 'Ioncube installer for Hestia',
link: '/docs/community/ioncube-hestia-installer.md',
},
{ text: 'Install script generator', link: '/docs/community/install-script-generator.md' },
],
},
{
text: 'Reference',
collapsed: false,
items: [
{ text: 'API', link: '/docs/reference/api.md' },
{ text: 'CLI', link: '/docs/reference/cli.md' },
],
},
];
}

46
docs/.vitepress/theme/components/FeatureList.vue Normal file
View File

@@ -0,0 +1,46 @@
<script>
export default {
props: {
items: {
required: true,
},
},
};
</script>
<template>
<ul class="FeatureList">
<li v-for="item in items">
<span v-html="item.text"></span>
<ul v-if="item.items">
<li v-for="nested in item.items">
<span v-html="nested.text"></span>
</li>
</ul>
</li>
</ul>
</template>
<style scoped>
.FeatureList {
margin: 0.55em 0;
padding-left: 1em;
list-style: disc;
line-height: 1.5;
}
.FeatureList ul {
padding-left: 1em;
list-style: disc;
}
.FeatureList li {
margin-top: 0.5em;
}
@media (min-width: 640px) {
.FeatureList {
font-size: 1.15rem;
}
}
</style>

29
docs/.vitepress/theme/components/FeaturePage.vue Normal file
View File

@@ -0,0 +1,29 @@
<template>
<div class="FeaturePage">
<slot></slot>
</div>
</template>
<style scoped>
.FeaturePage {
line-height: 1.5;
}
.FeaturePage :deep(.container) {
display: flex;
flex-direction: column;
margin: 0 auto;
max-width: 1152px;
}
.FeaturePage :deep(a) {
font-weight: 500;
color: var(--vp-c-brand);
text-decoration-style: dotted;
transition: color 0.25s;
}
.FeaturePage :deep(a:hover) {
color: var(--vp-c-brand-dark);
}
</style>

121
docs/.vitepress/theme/components/FeaturePageSection.vue Normal file
View File

@@ -0,0 +1,121 @@
<script>
export default {
props: ["image"],
};
</script>
<template>
<div class="FeaturePageSection">
<div class="container">
<figure v-if="image">
<img :src="image" alt="" />
</figure>
<div>
<h2>
<slot name="title" />
</h2>
<p v-if="$slots.lead" class="lead">
<slot name="lead" />
</p>
<slot name="list" />
</div>
</div>
</div>
</template>
<style scoped>
.FeaturePageSection {
margin: 0 0 0.5em;
padding: 0 24px;
}
.FeaturePageTitle + .FeaturePageSection {
padding: 48px 24px 0;
}
.FeaturePageSection:last-child {
padding: 0 24px 48px;
}
.FeaturePageSection + .FeaturePageSection {
margin: 2em 0 0.5em;
}
.FeaturePageSection h2 {
margin: 0 0 0.5em;
font-size: 1.5rem;
font-weight: 700;
line-height: inherit;
}
.FeaturePageSection .lead {
margin: 0.5em 0;
font-style: italic;
}
@media (min-width: 640px) {
.FeaturePageSection {
padding: 0 48px;
}
.FeaturePageTitle + .FeaturePageSection {
padding: 48px 48px 0;
}
.FeaturePageSection:last-child {
padding: 0 48px 48px;
}
.FeaturePageSection + .FeaturePageSection {
margin: 4em 0 0.5em;
}
.FeaturePageSection h2 {
font-size: 1.85rem;
}
.FeaturePageSection .lead {
font-size: 1.15rem;
}
}
@media (min-width: 960px) {
.FeaturePageSection {
padding: 0 64px;
}
.FeaturePageTitle + .FeaturePageSection {
padding: 64px 64px 0;
}
.FeaturePageSection:last-child {
padding: 0 64px 64px;
}
}
.FeaturePageSection .container {
flex-direction: column;
gap: 2rem;
}
@media (min-width: 640px) {
.FeaturePageSection .container {
flex-direction: row;
align-items: flex-start;
}
.FeaturePageSection:nth-child(2n + 1) .container {
flex-direction: row-reverse;
}
.FeaturePageSection .container > * {
width: 50%;
}
}
figure {
padding: 2rem;
border-radius: 8px;
background-color: var(--vp-c-bg-alt);
}
</style>

42
docs/.vitepress/theme/components/FeaturePageTitle.vue Normal file
View File

@@ -0,0 +1,42 @@
<template>
<header class="FeaturePageTitle">
<div class="container">
<h1>
<slot name="title"></slot>
</h1>
<p v-if="$slots.lead" class="lead">
<slot name="lead" />
</p>
</div>
</header>
</template>
<style scoped>
.FeaturePageTitle {
padding: 0 24px;
background-color: var(--vp-c-bg-alt);
}
.FeaturePageTitle h1 {
margin: 0.75em 0;
font-size: 2rem;
font-weight: 700;
line-height: inherit;
}
@media (min-width: 640px) {
.FeaturePageTitle {
padding: 0 48px;
}
.FeaturePageTitle h1 {
font-size: 2.5rem;
}
}
@media (min-width: 960px) {
.FeaturePageTitle {
padding: 0 64px;
}
}
</style>

337
docs/.vitepress/theme/components/InstallOptions.vue Normal file
View File

@@ -0,0 +1,337 @@
<script>
export default {
props: {
languages: {
required: true,
selected: "en",
},
items: {
required: true,
},
},
data() {
return {
pageloader: false,
hestia_wget:
"wget https://raw.githubusercontent.com/hestiacp/hestiacp/release/install/hst-install.sh",
hestia_install: "sudo bash hst-install.sh",
installStr: "",
};
},
methods: {
getOptionString(item) {
if (item.textField) {
return item.selected ? `${item.param} '${item.text}'` : "";
}
if (item.selectField) {
return item.selected ? `${item.param} '${item.text}'` : "";
}
return item.param.includes("force") && item.selected
? item.param
: `${item.param}${item.selected ? " yes" : " no"}`;
},
generateString() {
const installStr = this.items.map(this.getOptionString).filter(Boolean);
this.installStr = `${this.hestia_install} ${installStr.join(" ")}`;
this.$refs.dialog.showModal();
},
closeDialog(e) {
if (e.target === this.$refs.dialogClose || e.target === this.$refs.dialog) {
this.$refs.dialog.close();
}
},
checkNeedEnabled(e) {
if (e.target.value != "") {
let id = e.target.getAttribute("target");
if (!document.getElementById(id).checked) {
document.getElementById(id).click();
}
}
},
toggleOption(e) {
if (e.target.checked) {
let conflicts = e.target.getAttribute("conflicts");
if (conflicts) {
if (document.getElementById(conflicts).checked) {
document.getElementById(conflicts).click();
}
}
let depends = e.target.getAttribute("depends");
if (depends) {
if (!document.getElementById(depends).checked) {
document.getElementById(depends).click();
}
}
}
},
copyToClipboard(text, button) {
navigator.clipboard.writeText(text).then(
() => {
button.textContent = "Copied!";
setTimeout(() => {
button.textContent = "Copy";
}, 1000);
},
(err) => {
console.error("Could not copy to clipboard:", err);
}
);
},
},
};
</script>
<template>
<div class="container">
<div class="grid">
<div class="form-group" v-for="item in items">
<div class="form-check u-mb10">
<input
@change="toggleOption"
type="checkbox"
class="form-check-input"
v-model="item.selected"
:value="item.value"
:id="item.id"
:conflicts="item.conflicts"
:depends="item.depends"
/>
<label :for="item.id">{{ item.id }}</label>
</div>
<template v-if="item.textField || item.selectField">
<label class="form-label" :for="'input-' + item.id">{{ item.desc }}</label>
</template>
<template v-else>
<p>{{ item.desc }}</p>
</template>
<div v-if="item.textField">
<input
@change="checkNeedEnabled"
type="text"
class="form-control"
v-model="item.text"
:target="item.id"
:id="'input-' + item.id"
:type="'+item.type+'"
/>
</div>
<div v-if="item.selectField">
<select class="form-select" v-model="item.text" :id="'input-' + item.id">
<option v-for="language in languages" :value="language.value" :key="language.value">
{{ language.text }}
</option>
</select>
</div>
</div>
</div>
<div class="u-text-center u-mb10">
<button @click="generateString" class="form-submit" type="button">Submit</button>
</div>
<dialog ref="dialog" class="modal" @click="closeDialog">
<button class="modal-close" @click="closeDialog" type="button" ref="dialogClose">
Close
</button>
<div ref="dialogContent" class="modal-content">
<h1 class="modal-heading">Installation instructions</h1>
<p class="u-mb10">
Log in to your server as root, either directly or via SSH:
<code>ssh root@your.server</code> and download the installation script:
</p>
<div class="u-pos-relative">
<input
type="text"
class="form-control u-monospace u-mb10"
v-model="hestia_wget"
readonly
/>
<button
class="button-positioned"
@click="copyToClipboard(hestia_wget, $event.target)"
type="button"
title="Copy to Clipboard"
>
Copy
</button>
</div>
<p class="u-mb10">Then run the following command:</p>
<div class="u-pos-relative">
<textarea class="form-control u-min-height100" v-model="installStr" readonly />
<button
class="button-positioned"
@click="copyToClipboard(installStr, $event.target)"
type="button"
title="Copy to Clipboard"
>
Copy
</button>
</div>
</div>
</dialog>
</div>
</template>
<style scoped>
.container {
margin: 0px auto;
max-width: 1152px;
}
.grid {
display: grid;
grid-gap: 20px;
margin-top: 30px;
margin-bottom: 30px;
@media (min-width: 640px) {
grid-template-columns: 1fr 1fr;
}
@media (min-width: 960px) {
grid-template-columns: 1fr 1fr 1fr;
}
}
.form-group {
font-size: 0.9em;
border-radius: 10px;
padding: 15px 20px;
background-color: var(--vp-c-bg-alt);
}
.form-label {
display: inline-block;
margin-left: 2px;
padding-bottom: 5px;
text-transform: capitalize;
}
.form-control {
font-size: 0.9em;
border: 1px solid var(--vp-c-border);
border-radius: 4px;
background-color: var(--vp-c-bg);
width: 100%;
padding: 5px 10px;
&:hover {
border-color: var(--vp-c-border-hover);
}
&:focus {
border-color: var(--vp-c-brand);
}
}
.form-select {
appearance: auto;
font-size: 0.9em;
border: 1px solid var(--vp-c-border);
border-radius: 4px;
background-color: var(--vp-c-bg);
padding: 5px 10px;
width: 100%;
&:hover {
border-color: var(--vp-c-border-hover);
}
&:focus {
border-color: var(--vp-c-brand);
}
}
.form-check {
position: relative;
padding-left: 20px;
margin-left: 3px;
min-height: 24px;
& label {
font-weight: 600;
}
}
.form-check-input {
position: absolute;
margin-top: 5px;
margin-left: -20px;
}
.form-submit {
border: 1px solid transparent;
display: inline-block;
font-weight: 600;
transition: color 0.25s, border-color 0.25s, background-color 0.25s;
border-radius: 20px;
font-size: 16px;
padding: 10px 20px;
background-color: var(--vp-button-brand-bg);
border-color: var(--vp-button-brand-border);
color: var(--vp-button-brand-text);
&:hover {
background-color: var(--vp-button-brand-hover-bg);
border-color: var(--vp-button-brand-hover-border);
color: var(--vp-button-brand-hover-text);
}
&:active {
background-color: var(--vp-button-brand-active-bg);
border-color: var(--vp-button-brand-active-border);
color: var(--vp-button-brand-active-text);
}
}
.button-positioned {
position: absolute;
right: 1px;
top: 1px;
border-top-right-radius: 3px;
border-bottom-right-radius: 3px;
color: var(--vp-c-brand);
font-weight: 600;
padding: 6px 10px;
background-color: var(--vp-c-bg);
}
.modal {
position: fixed;
border-radius: 10px;
border: 1px solid var(--vp-c-border);
box-shadow: 0 8px 40px 0 rgb(0 0 0 / 35%);
padding: 0;
&::backdrop {
background-color: rgb(0 0 0 / 50%);
}
}
.modal-close {
position: absolute;
top: 10px;
right: 15px;
font-weight: 600;
color: var(--vp-c-brand);
}
.modal-content {
padding: 30px;
}
.modal-heading {
font-weight: 600;
font-size: 1.3em;
text-align: center;
margin-bottom: 15px;
}
code {
background-color: var(--vp-c-bg-alt);
border-radius: 3px;
padding: 2px 5px;
}
.u-mb10 {
margin-bottom: 10px !important;
}
.u-min-height100 {
min-height: 100px;
}
.u-text-center {
text-align: center !important;
}
.u-monospace {
font-family: monospace !important;
}
.u-pos-relative {
position: relative !important;
}
</style>

29
docs/.vitepress/theme/components/InstallOptionsSection.vue Normal file
View File

@@ -0,0 +1,29 @@
<template>
<form class="InstallForm" id="form">
<div class="InstallOptionsSection">
<slot name="list" />
</div>
<cite
>Based on: <a href="https://github.com/gabizz/hestiacp-scriptline-generator">@gabizz</a> and
<a href="https://github.com/turbopixel/HestiaCP-Command-Creator">@turbopixel</a></cite
>
</form>
</template>
<style scoped>
.InstallForm {
margin: 0.55em 0;
padding: 0 1em;
line-height: 1.5;
}
cite {
font-size: small;
margin: 0.55em 0;
display: block;
text-align: center;
& a {
color: var(--vp-c-txt-1) !important;
}
}
</style>

28
docs/.vitepress/theme/components/InstallPage.vue Normal file
View File

@@ -0,0 +1,28 @@
<template>
<div class="InstallPage">
<slot></slot>
</div>
</template>
<style scoped>
.InstallPage {
line-height: 1.5;
}
.InstallPage :deep(.container) {
display: flex;
flex-direction: column;
margin: 0 auto;
max-width: 1152px;
}
.InstallPage :deep(a) {
font-weight: 500;
color: var(--vp-c-brand);
text-decoration-style: dotted;
transition: color 0.25s;
}
.InstallPage :deep(a:hover) {
color: var(--vp-c-brand-dark);
}
</style>

42
docs/.vitepress/theme/components/InstallPageTitle.vue Normal file
View File

@@ -0,0 +1,42 @@
<template>
<header class="InstallPageTitle">
<div class="container">
<h1>
<slot name="title"></slot>
</h1>
<p v-if="$slots.lead" class="lead">
<slot name="lead" />
</p>
</div>
</header>
</template>
<style scoped>
.InstallPageTitle {
padding: 0 24px;
background-color: var(--vp-c-bg-alt);
}
.InstallPageTitle h1 {
margin: 0.75em 0;
font-size: 2rem;
font-weight: 700;
line-height: inherit;
}
@media (min-width: 640px) {
.InstallPageTitle {
padding: 0 48px;
}
.InstallPageTitle h1 {
font-size: 2.5rem;
}
}
@media (min-width: 960px) {
.InstallPageTitle {
padding: 0 64px;
}
}
</style>

16
docs/.vitepress/theme/index.js Normal file
View File

@@ -0,0 +1,16 @@
import Theme from 'vitepress/theme';
import '@fortawesome/fontawesome-free/css/fontawesome.css';
import '@fortawesome/fontawesome-free/css/brands.css';
import '@fortawesome/fontawesome-free/css/solid.css';
import './styles/base.css';
import './styles/vars.css';
import FeaturePage from './components/FeaturePage.vue';
import InstallPage from './components/InstallPage.vue';
export default {
...Theme,
enhanceApp({ app }) {
app.component('FeaturePage', FeaturePage);
app.component('InstallPage', InstallPage);
},
};

27
docs/.vitepress/theme/styles/base.css Normal file
View File

@@ -0,0 +1,27 @@
html {
scroll-behavior: smooth;
}
.VPMenu .item.social-links {
justify-content: center;
}
.has-outline .nested {
padding-left: 0;
}
.has-outline .nested .outline-link::before {
content: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='5 6 12 8' width='10' height='13'%3E%3Cpath fill='black' d='M12.172 12L9.343 9.172l1.414-1.415L15 12l-4.243 4.243l-1.414-1.415z'%3E%3C/path%3E%3C/svg%3E");
margin: 0 5px;
opacity: 0.5;
transition: opacity 0.5s;
}
.dark .has-outline .nested .outline-link::before {
content: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='5 6 12 8' width='10' height='13'%3E%3Cpath fill='white' d='M12.172 12L9.343 9.172l1.414-1.415L15 12l-4.243 4.243l-1.414-1.415z'%3E%3C/path%3E%3C/svg%3E");
}
.has-outline .nested .outline-link.active::before,
.has-outline .nested .outline-link:hover::before {
opacity: 1;
}

18
docs/.vitepress/theme/styles/vars.css Normal file
View File

@@ -0,0 +1,18 @@
:root {
--vp-c-brand-lighter: #ff558f;
--vp-c-brand-light: #da4778;
--vp-c-brand: #b7236a;
--vp-c-brand-dark: #9a1d5a;
--vp-c-brand-darker: #781746;
--vp-home-hero-name-color: transparent;
--vp-home-hero-name-background: linear-gradient(120deg, #d83182, #633288, #41d1ff);
}
.dark {
--vp-c-bg: #282828;
--vp-c-brand-lighter: #ff85ae;
--vp-c-brand-light: #ff558f;
--vp-c-brand: #ff558f;
--vp-c-brand-dark: #da4778;
--vp-c-brand-darker: #b7236a;
}

79
docs/_data/features.js Normal file
View File

@@ -0,0 +1,79 @@
/** @typedef {{ text: string, items?: { text: string }[] }} FeatureListItem */
/** @type {FeatureListItem[]} */
export const users = [
{ text: 'Support for SFTP chroot jails' },
{ text: 'Two-Factor Authentication support for the Admin Panel' },
{ text: 'SSH keys for login via SFTP and SSH' },
];
/** @type {FeatureListItem[]} */
export const webDomains = [
{ text: 'Nginx FastCGI cache support for Nginx + PHP-FPM' },
{ text: 'Nginx Proxy cache support for Nginx + Apache2' },
{ text: 'Per-domain TLS certificates for web domains' },
{ text: 'MultiIP support for Web/Mail/DNS' },
{
text: 'MultiPHP support for',
items: [
{ text: "PHP 5.6 (<a href='https://www.php.net/supported-versions.php'>EOL</a>)" },
{ text: "PHP 7.0 (<a href='https://www.php.net/supported-versions.php'>EOL</a>)" },
{ text: "PHP 7.1 (<a href='https://www.php.net/supported-versions.php'>EOL</a>)" },
{ text: "PHP 7.2 (<a href='https://www.php.net/supported-versions.php'>EOL</a>)" },
{ text: "PHP 7.3 (<a href='https://www.php.net/supported-versions.php'>EOL</a>)" },
{ text: "PHP 7.4 (<a href='https://www.php.net/supported-versions.php'>EOL</a>)" },
{ text: 'PHP 8.0' },
{ text: 'PHP 8.1' },
{ text: 'PHP 8.2' },
],
},
{
text: 'One-Click Install Apps',
items: [
{ text: 'WordPress' },
{ text: 'Dokuwiki' },
{ text: 'Drupal' },
{ text: 'Grav' },
{ text: 'Laravel' },
{ text: 'MediaWiki' },
{ text: 'NextCloud' },
{ text: 'OpenCart' },
{ text: 'Prestashop' },
{ text: 'Symphony' },
],
},
];
/** @type {FeatureListItem[]} */
export const mail = [
{
text: 'Per-domain TLS certificates for inbound and outbound mail services (Exim 4, Dovecot, Webmail)',
},
{ text: 'SMTP relay setup for Exim in case port 25 is blocked by the provider' },
{ text: 'Rate limit adjustable per user or email account' },
{ text: 'Lets Encrypt support for mail domains' },
{ text: 'Latest version of Roundcube' },
{ text: 'Optional SnappyMail installation' },
];
/** @type {FeatureListItem[]} */
export const dns = [
{ text: 'Create your own nameservers' },
{ text: 'Easy DNS cluster setup' },
{ text: 'Support for DNSSEC on domains' },
];
/** @type {FeatureListItem[]} */
export const databases = [
{ text: 'Support for MariaDB 10.2 -> 10.11 with 10.11 as default' },
{ text: 'Support for MySQL 8' },
{ text: 'Support for PostgreSQL' },
{ text: 'Latest version of phpMyAdmin and phpPgAdmin' },
];
/** @type {FeatureListItem[]} */
export const serverAdmin = [
{
text: "Automated backups to SFTP, FTP and via Rclone with 50+ <a href='https://rclone.org/overview/'>Cloud storage providers</a>",
},
];

43
docs/_data/languages.js Normal file
View File

@@ -0,0 +1,43 @@
export const languages = [
{ text: 'Arabic', value: 'ar' },
{ text: 'Armenian', value: 'hy' },
{ text: 'Azerbaijani', value: 'az' },
{ text: 'Bengali', value: 'bn' },
{ text: 'Bosnian', value: 'bs' },
{ text: 'Bulgarian', value: 'bg' },
{ text: 'Catalan', value: 'ca' },
{ text: 'Croatian', value: 'hr' },
{ text: 'Czech', value: 'cs' },
{ text: 'Danish', value: 'da' },
{ text: 'Dutch', value: 'nl' },
{ text: 'English', value: 'en' },
{ text: 'Finnish', value: 'fi' },
{ text: 'French', value: 'fr' },
{ text: 'Georgian', value: 'ka' },
{ text: 'German', value: 'de' },
{ text: 'Greek', value: 'el' },
{ text: 'Hungarian', value: 'hu' },
{ text: 'Indonesian', value: 'id' },
{ text: 'Italian', value: 'it' },
{ text: 'Japanese', value: 'ja' },
{ text: 'Korean', value: 'ko' },
{ text: 'Kurdish Sorani', value: 'ku' },
{ text: 'Norwegain', value: 'no' },
{ text: 'Persian', value: 'fa' },
{ text: 'Polish', value: 'pl' },
{ text: 'Portuguese', value: 'pt' },
{ text: 'Portuguese (Brasil)', value: 'pt-br' },
{ text: 'Romanian', value: 'ro' },
{ text: 'Russian', value: 'ru' },
{ text: 'Serbian', value: 'sr' },
{ text: 'Simplified Chinese (China)', value: 'zh-cn' },
{ text: 'Slovak', value: 'sk' },
{ text: 'Spanish', value: 'es' },
{ text: 'Swedish', value: 'sv' },
{ text: 'Thai', value: 'th' },
{ text: 'Traditional Chinese (Taiwan)', value: 'zh-tw' },
{ text: 'Turkish', value: 'tr' },
{ text: 'Ukrainian', value: 'uk' },
{ text: 'Urdu', value: 'ur' },
{ text: 'Vietnamese', value: 'vi' },
];

178
docs/_data/options.js Normal file
View File

@@ -0,0 +1,178 @@
export const options = [
{
name: ' --port',
id: 'port',
param: '--port',
desc: 'Change Hestia Port',
selected: true,
text: '8083',
textField: true,
},
{
name: ' --lang',
id: 'language',
param: '--lang',
desc: 'ISO 639-1 codes',
selected: true,
default: 'en',
selectField: true,
text: 'en',
},
{
name: ' --hostname',
id: 'hostname',
param: '--hostname',
desc: 'Set hostname',
selected: false,
text: '',
textField: true,
},
{
name: ' --email',
id: 'email',
param: '--email',
desc: 'Set admin email',
selected: false,
text: '',
textField: true,
},
{
name: ' --password',
id: 'password',
param: '--password',
desc: 'Set admin password',
selected: false,
text: '',
textField: true,
},
{
name: ' --apache',
id: 'apache',
param: '--apache',
desc: 'Web server with htaccess support.',
selected: true,
},
{ name: ' --phpfpm', id: 'phpfpm', param: '--phpfpm', desc: 'Install PHP-FPM.', selected: true },
{
name: ' --multiphp',
id: 'multiphp',
param: '--multiphp',
desc: 'Allows installing multiple PHP versions.',
selected: true,
},
{
name: ' --vsftpd',
id: 'vsftpd',
param: '--vsftpd',
desc: 'Lightweight, minimalist and secure FTP server.',
selected: true,
conflicts: 'proftpd',
},
{
name: ' --proftpd',
id: 'proftpd',
param: '--proftpd',
desc: 'Advanced, modular FTP server that supports LDAP.',
selected: false,
conflicts: 'vsftpd',
},
{
name: ' --named',
id: 'named',
param: '--named',
desc: 'Custom DNS name server.',
selected: true,
},
{
name: ' --mariadb',
id: 'mariadb',
param: '--mariadb',
desc: 'Fork of MySQL with additional features and improvements.',
selected: true,
conflicts: 'mysql8',
},
{
name: ' --mysql8',
id: 'mysql8',
param: '--mysql8',
desc: 'Open-source database system.',
selected: false,
conflicts: 'mariadb',
},
{
name: ' --postgresql',
id: 'postgresql',
param: '--postgresql',
desc: 'Open-source database system.',
selected: false,
},
{
name: ' --exim',
id: 'exim',
param: '--exim',
desc: 'Allows sending emails from webmail or via SMTP.',
selected: true,
},
{
name: ' --dovecot',
id: 'dovecot',
param: '--dovecot',
desc: 'Receive emails and connect with email clients via IMAP/POP3.',
selected: true,
depends: 'exim',
},
{
name: ' --sieve',
id: 'sieve',
param: '--sieve',
desc: 'Manage your own custom email filters.',
selected: false,
depends: 'dovecot',
},
{
name: ' --clamav',
id: 'clamav',
param: '--clamav',
desc: 'Scans your email inbox for viruses.',
selected: true,
depends: 'exim',
},
{
name: ' --spamassassin',
id: 'spamassassin',
param: '--spamassassin',
desc: 'Filter out spam emails from your inbox.',
selected: true,
depends: 'exim',
},
{
name: ' --iptables',
id: 'iptables',
param: '--iptables',
desc: 'Manage your firewall within Hestia.',
selected: true,
},
{
name: ' --fail2ban',
id: 'fail2ban',
param: '--fail2ban',
desc: 'Provides Bruteforce protection for SSH, Email, FTP, database.',
selected: true,
},
{
name: ' --quota',
id: 'quota',
param: '--quota',
desc: 'Use hard disk space limits on user packages.',
selected: false,
},
{ name: ' --api', id: 'api', param: '--api', desc: 'Activate API.', selected: true },
{
name: ' --interactive',
id: 'interactive',
param: '--interactive',
desc: 'Interactive install.',
selected: true,
},
{ name: ' --force', id: 'force', param: '--force', desc: 'Force installation.', selected: false },
];

74
docs/_data/team.js Normal file
View File

@@ -0,0 +1,74 @@
/** @type {import("vitepress").DefaultTheme.TeamMember[]} */
export const projectManagers = [
{
avatar: 'https://www.github.com/ScIT-Raphael.png',
name: 'Raphael Schneeberger 🇨🇭',
title: 'Project Founder',
links: [{ icon: 'github', link: 'https://github.com/ScIT-Raphael' }],
},
{
avatar: 'https://www.github.com/jaapmarcus.png',
name: 'Jaap Marcus 🇳🇱',
links: [
{ icon: 'github', link: 'https://github.com/jaapmarcus' },
{ icon: 'twitter', link: 'https://twitter.com/jaapmarcus' },
],
},
{
avatar: 'https://www.github.com/Lupul.png',
name: 'Robert Zollner 🇷🇴',
links: [{ icon: 'github', link: 'https://github.com/Lupul' }],
},
{
avatar: 'https://www.github.com/krismkenn.png',
name: 'Kristan Kenney 🇨🇦',
links: [{ icon: 'github', link: 'https://github.com/krismkenn' }],
},
];
/** @type {import("vitepress").DefaultTheme.TeamMember[]} */
export const teamMembers = [
{
avatar: 'https://www.github.com/jakobbouchard.png',
name: 'Jakob Bouchard 🇨🇦',
title: 'Developer',
org: 'Prosomo',
orgLink: 'https://prosomo.com',
links: [
{ icon: 'github', link: 'https://github.com/jakobbouchard' },
{ icon: 'linkedin', link: 'https://linkedin.com/in/jakobbouchard' },
{
icon: {
svg: '<svg role="img" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2"><title>Website</title><path stroke-linecap="round" stroke-linejoin="round" d="M21 12a9 9 0 01-9 9m9-9a9 9 0 00-9-9m9 9H3m9 9a9 9 0 01-9-9m9 9c1.657 0 3-4.03 3-9s-1.343-9-3-9m0 18c-1.657 0-3-4.03-3-9s1.343-9 3-9m-9 9a9 9 0 019-9" /></svg>',
},
link: 'https://jakobbouchard.dev',
},
],
},
{
avatar:
'https://cdn.discordapp.com/avatars/737905427097845780/32452f630dd8684ed7c580806ccbee09.webp',
name: 'Falzo 🇩🇪',
links: [{ icon: 'github', link: 'https://github.com/falzoMAD' }],
},
{
avatar: 'https://www.github.com/divinity76.png',
name: 'divinity76 🇳🇴',
links: [{ icon: 'github', link: 'https://github.com/divinity76' }],
},
{
avatar: 'https://www.github.com/istiak101.png',
name: 'istiak101 🇧🇩',
links: [{ icon: 'github', link: 'https://github.com/istiak101' }],
},
{
avatar: 'https://www.github.com/Pleskan.png',
name: 'Anton Pleskanovskyy 🇺🇦',
links: [{ icon: 'github', link: 'https://github.com/Pleskan' }],
},
{
avatar: 'https://www.github.com/AlecRust.png',
name: 'Alec Rust 🇬🇧',
links: [{ icon: 'github', link: 'https://github.com/AlecRust' }],
},
];

10
docs/docs/community/hestia-nginx-cache.md Normal file
View File

@@ -0,0 +1,10 @@
# Hestia Nginx Cache
By [Jakob Bouchard](https://github.com/jakobbouchard/)
[View the project](https://wordpress.org/plugins/hestia-nginx-cache/) [Source code](https://github.com/jakobbouchard/hestia-nginx-cache)
::: info
Requires **Hestia >= 1.6.0**, as it uses the latest API.
:::
WordPress plugin that automatically purges the Nginx cache after you make a website change such as updating a post or changing your theme. You also have the ability to manually purge the cache using a button in the WordPress admin bar.

6
docs/docs/community/install-script-generator.md Normal file
View File

@@ -0,0 +1,6 @@
# Install Script Generator
By [Gabriel Claudiu Maftei](https://github.com/gabizz/)
[View the project](https://gabizz.github.io/hestiacp-scriptline-generator/) [Source code](https://github.com/gabizz/hestiacp-scriptline-generator)
Tiny online app aimed to generate the necessary scriptline for an unattended Hestia Control Panel installation.

12
docs/docs/community/ioncube-hestia-installer.md Normal file
View File

@@ -0,0 +1,12 @@
# Install Ioncube on Hestia
By [Jaap Marcus](https://github.com/jaapmarcus/)
[Source code](https://github.com/jaapmarcus/ioncube-hestia-installer)
Simple tool to download and install [Ioncube loaders](https://www.ioncube.com/loaders.php) for each available PHP version that is installed.
```bash
wget https://raw.githubusercontent.com/jaapmarcus/ioncube-hestia-installer/main/install_ioncube.sh
chmod +x install_ioncube.sh
./install_ioncube.sh
```

93
docs/docs/contributing/building.md Normal file
View File

@@ -0,0 +1,93 @@
# Building packages
::: info
For building `hestia-nginx` or `hestia-php`, at least 2 GB of memory is required!
:::
Here is more detailed information about the build scripts that are run from `src`:
## Installing Hestia from a branch
The following is useful for testing a Pull Request or a branch on a fork.
1. Install Node.js [Download](https://nodejs.org/en/download) or use [Node Source APT](https://github.com/nodesource/distributions)
```bash
# Replace with https://github.com/username/hestiacp.git if you want to test a branch that you created yourself
git clone https://github.com/hestiacp/hestiacp.git
cd ./hestiacp/
# Replace main with the branch you want to test
git checkout main
# Install Dependencies
npm install
# Build
npm run build
cd ./src/
# Compile packages
./hst_autocompile.sh --all --noinstall --keepbuild '~localsrc'
cd ../install
bash hst-install-{os}.sh --with-debs /tmp/hestiacp-src/deb/
```
Any option can be appended to the installer command. [See the complete list](../introduction/getting-started#list-of-installation-options).
## Build packages only
```bash
# Only Hestia
./hst_autocompile.sh --hestia --noinstall --keepbuild '~localsrc'
```
```bash
# Hestia + hestia-nginx and hestia-php
./hst_autocompile.sh --all --noinstall --keepbuild '~localsrc'
```
## Build and install packages
::: info
Use if you have Hestia already installed, for your changes to take effect.
:::
```bash
# Only Hestia
./hst_autocompile.sh --hestia --install '~localsrc'
```
```bash
# Hestia + hestia-nginx and hestia-php
./hst_autocompile.sh --all --install '~localsrc'
```
## Updating Hestia from GitHub
The following is useful for pulling the latest staging/beta changes from GitHub and compiling the changes.
::: info
The following method only supports building the `hestia` package. If you need to build `hestia-nginx` or `hestia-php`, use one of the previous commands.
:::
1. Install Node.js [Download](https://nodejs.org/en/download) or use [Node Source APT](https://github.com/nodesource/distributions)
```bash
v-update-sys-hestia-git [USERNAME] [BRANCH]
```
**Note:** Sometimes dependencies will get added or removed when the packages are installed with `dpkg`. It is not possible to preload the dependencies. If this happens, you will see an error like this:
```bash
dpkg: error processing package hestia (install):
dependency problems - leaving unconfigured
```
To solve this issue, run:
```bash
apt install -f
```

173
docs/docs/contributing/development.md Normal file
View File

@@ -0,0 +1,173 @@
# Contributing to Hestias development
Hestia is an open-source project, and we welcome contributions from the community. Please read the [contributing guidelines](https://github.com/hestiacp/hestiacp/blob/main/CONTRIBUTING.md) for additional information.
Hestia is designed to be installed on a web server. To develop Hestia on your local machine, a virtual machine is recommend.
::: warning
Development builds are unstable. If you encounter a bug please [report it via GitHub](https://github.com/hestiacp/hestiacp/issues/new/choose) or [submit a Pull Request](https://github.com/hestiacp/hestiacp/pulls).
:::
## Creating a virtual machine for development
These are example instructions for creating a virtual machine running Hestia for development.
These instructions use [Multipass](https://multipass.run/) to create the VM. Feel free to adapt the commands for any virtualization software you prefer.
::: warning
Sometimes the mapping between the source code directory on your local machine to the directory in the VM can be lost with a "failed to obtain exit status for remote process" error. If this happens simply unmount and remount e.g.
```bash
multipass unmount hestia-dev
multipass mount $HOME/projects/hestiacp hestia-dev:/home/ubuntu/hestiacp
```
:::
1. [Install Multipass](https://multipass.run/install) for your OS.
1. [Fork Hestia](https://github.com/hestiacp/hestiacp/fork) and clone the repository to your local machine
```bash
git clone https://github.com/YourUsername/hestiacp.git $HOME/projects
```
1. Create an Ubuntu VM with at least 2G of memory and 15G of disk space
```bash
multipass launch --name hestia-dev --memory 2G --disk 15G
```
1. Map your cloned repository to the VM's home directory
```bash
multipass mount $HOME/projects/hestiacp hestia-dev:/home/ubuntu/hestiacp
```
1. SSH into the VM as root and install some required packages
```bash
multipass exec hestia-dev -- sudo bash
sudo apt update && sudo apt install -y jq libjq1
```
1. Outside of the VM (in a new terminal) ensure [Node.js](https://nodejs.org/)
16 or later is installed
```bash
node --version
```
1. Install dependencies and build the theme files:
```bash
npm install
npm run build
```
1. Back in the VM terminal, navigate to `/src` and build Hestia packages
```bash
cd src
./hst_autocompile.sh --hestia --noinstall --keepbuild '~localsrc'
```
1. Navigate to `/install` and install Hestia
_(update the [installation flags](../introduction/getting-started#list-of-installation-options) to your liking, note that login credentials are set here)_
```bash
cd ../install
bash hst-install-ubuntu.sh -D /tmp/hestiacp-src/deb/ --interactive no --email admin@example.com --password Password123 --hostname demo.hestiacp.com -f
```
1. Reboot the VM (and exit SSH session)
```bash
reboot
```
1. Find the IP address of the VM
```bash
multipass list
```
1. Visit the VM's IP address in your browser using the default Hestia port and login with `admin`/`Password123`
_(proceed past any SSL errors you see when loading the page)_
```bash
e.g. https://192.168.64.15:8083
```
Hestia is now running in a virtual machine. If you'd like to make changes to the source code and test them in your browser, please continue to the next section.
## Making changes to Hestia
After setting up Hestia in a VM you can now make changes to the source code at `$HOME/projects/hestiacp` on your local machine (outside of the VM) using your editor of choice.
The following are example instructions for making a change to Hestia's UI and testing it locally.
1. At the root of the project on your local machine, ensure the latest packages are installed
```bash
npm install
```
1. Make a change to a file that we can later test, then build the UI assets
_e.g. change the body background color to red in `web/css/src/base.css` then run:_
```bash
npm run build
```
1. SSH into the VM as root and navigate to `/src`
```bash
multipass exec hestia-dev -- sudo bash
cd src
```
1. Run the Hestia build script
```bash
./hst_autocompile.sh --hestia --install '~localsrc'
```
1. Reload the page in your browser to see your changes
::: info
A backup is created each time the Hestia build script is run. If you run this a lot it can fill up your VM's disk space.
You can delete the backups by running `rm -rf /root/hst_backups` as root user on the VM.
:::
Please refer to the [contributing guidelines](https://github.com/hestiacp/hestiacp/blob/main/CONTRIBUTING.md) for more details on submitting code changes for review.
## Running automated tests
We currently use [Bats](https://github.com/bats-core/bats-core) to run our automated tests.
### Install
```bash
# Clone Hestia repo with testing submodules
git clone --recurse-submodules https://github.com/hestiacp/hestiacp
# Or, using an existing local repo with an up-to-date main branch
git submodule update --init --recursive
# Install Bats
test/test_helper/bats-core/install.sh /usr/local
```
### Run
::: danger
Do not run any testing script on a live server. It might cause issues or downtime!
:::
```bash
# Run Hestia tests
test/test.bats
```

15
docs/docs/contributing/documentation.md Normal file
View File

@@ -0,0 +1,15 @@
# Contributing to Hestias documentation
The documentation is built using [VitePress](https://vitepress.vuejs.org). There are a couple of requirements to contribute to it.
## Requirements
- Node.js 16 or higher
- A code editor with Vue and Markdown support. We suggest [Visual Studio Code](https://code.visualstudio.com).
## Viewing your changes locally
1. Open the project folder in your terminal.
2. If the dependencies are not installed yet, install them by running `npm install`.
3. Run `npm run docs:dev`.
4. Navigate to `http://localhost:5173` in your browser.

76
docs/docs/contributing/quick-install-app.md Normal file
View File

@@ -0,0 +1,76 @@
# Quick install app
One of Hestias most requested feature is to add support for Softaculous. However, due to the required use of Ioncube in hestia-php and because we are against the use of proprietary software, we have instead developed our own **Quick install app** solution.
More information can be found in the [hestia-quick-install repo](https://github.com/hestiacp/hestia-quick-install/blob/main/Example/ExampleSetup.php)
## Creating a new app
1. Make a new folder called `Example` in `/usr/local/hestia/web/src/app/WebApp/Installers/`
2. Create a file named `ExampleSetup.php`.
3. Copy the [example files content](https://github.com/hestiacp/hestia-quick-install/blob/main/Example/ExampleSetup.php) into your new file.
This will add an app called “Example” when you open the **Quick install app** page.
## Info
The following settings are required to display the info on the **Quick install app** list:
- Name: Display name of the application. Please be aware that the naming of your app should follow the following regex: `[a-zA-Z][a-zA-Z0,9]`. Otherwise, it will not register as a working app!
- Group: Currently not used, but we might add features that use it in the future. Currently used: `cms`, `ecommerce`, `framework`.
- Enabled: Whether or not to show the app in the **Quick install app** page. Default set to `true`.
- Version: `x.x.x` or `latest`.
- Thumbnail: The image file for the app icon, include it in the same folder. The max size is 300px by 300px.
## Settings
### Form fields
The following fields are available:
- Text input
- Selection dropdown
- Checkbox
- Radio button
Since this is quite a complex feature, please check our existing apps for usage examples.
### Database
Flag to enable database auto-creation. If enabled, a checkbox is shown, allowing the user to automatically create a new database, as well as the 3 following fields:
- Database Name
- Database User
- Database Password
### Downloading the apps source code
Currently the following methods of download are supported:
- Download a archive from a URL.
- Via [Composer](https://getcomposer.org).
- Via [WP-CLI](https://wp-cli.org).
### Server settings
Enables you to set app requirements and web server templates. For example, some apps require a specific Nginx template or will only run on PHP 8.0 or higher.
- Nginx: Template used for Nginx + PHP-FPM setup.
- Apache2: Template used for Apache2 setup. Can be usually be omitted.
- PHP version: Array of all supported PHP versions.
## Installing the web application
There are multiple ways to install and configure the web app after it is has been downloaded.
- Manipulation of config files.
- Run commands. For example, use `drush` to install [Drupal](https://github.com/hestiacp/hestiacp/blob/88598deb49cec6a39be4682beb8e9b8720d59c7b/web/src/app/WebApp/Installers/Drupal/DrupalSetup.php#L56-L65).
- Using curl to provide configure the app over HTTP.
::: warning
To prevent any issues, make that all commands are executed as the user, instead of `root` or `admin`. All the commands that are supplied by HestiaCP do this by default.
:::
## Sharing
Once you are done, you can [submit a Pull Request](https://github.com/hestiacp/hestiacp/pulls) and we will review the code. If it meets our standards, we will include in the next release.

54
docs/docs/contributing/testing.md Normal file
View File

@@ -0,0 +1,54 @@
# Beta and release candidate testing
::: tip
If there is a beta or release candidate available, we will announce it via our Discord server or our forum.
:::
In the last few months, we have seen a growing number of issues when releasing minor and major updates. To prevent this from happening, we have decided to setup a beta apt server so we can push more regular updates, enabling us to test at a larger scale than only 4 or 5 users.
## Activating the beta repo on an existing install
::: danger
Betas and release candidates might still contain bugs and can possibly break your server. We cannot guarantee it will be fixed directly! Please be careful when testing on servers in production or containing important data!
:::
Run the following commands as root:
```bash
# Collecting system data
ARCH=$(arch)
case $(arch) in x86_64) ARCH="amd64" ;; aarch64) ARCH="arm64" ;; esac
codename="$(lsb_release -s -c)"
apt="/etc/apt/sources.list.d"
# Add the beta repo to hestia.list
sed -i 's/^/#/' $apt/hestia.list
echo "deb [arch=$ARCH signed-by=/usr/share/keyrings/hestia-beta-keyring.gpg] https://beta-apt.hestiacp.com/ $codename main" >> $apt/hestia.list
curl -s "https://beta-apt.hestiacp.com/pubkey.gpg" | gpg --dearmor | tee /usr/share/keyrings/hestia-beta-keyring.gpg > /dev/null 2>&1
# Update to the beta version
apt update && apt upgrade
```
## Install from beta repo
If you want to install a new Hestia installation form the beta server.
```bash
# Debian
wget https://beta-apt.hestiacp.com/hst-install-debian.sh
# or Ubuntu
wget https://beta-apt.hestiacp.com/hst-install-ubuntu.sh
```
Then install via bash hst-install-debian.sh or bash hst-install-ubuntu.sh
## Disabling the beta repo
Edit `/etc/apt/sources.list.d/hestia.list` and remove the `#` in front of `apt.hestiacp.com`, and add a `#` in front of `beta-apt.hestiacp.com`.
Once thats done, run `apt update && apt upgrade` to rollback to the regular release.
## Reporting bugs
If you encounter a bug, please [open an issue](https://github.com/hestiacp/hestiacp/issues/new/choose) or [submit a Pull Request](https://github.com/hestiacp/hestiacp/pulls). You can also report it on our forum or our Discord server

3
docs/docs/contributing/translations.md Normal file
View File

@@ -0,0 +1,3 @@
# Contributing to Hestias translations
If you are a non-English speaker and would like to improve the quality of the translations used in Hestias web interface, please go to [Hestia Translate](https://translate.hestiacp.com/projects/) to review the translations database. For more information, please read [How to contribute with Translations](https://forum.hestiacp.com/t/how-to-contribute-with-translations/1664) on our forum.

57
docs/docs/index.md Normal file
View File

@@ -0,0 +1,57 @@
# Documentation
## Getting started
- [Getting started](/docs/introduction/getting-started.md)
- [Best practices](/docs/introduction/best-practices.md)
## User Guide
- [Account](/docs/user-guide/account.md)
- [Backups](/docs/user-guide/backups.md)
- [Cron jobs](/docs/user-guide/cron-jobs.md)
- [Databases](/docs/user-guide/databases.md)
- [DNS](/docs/user-guide/dns.md)
- [File manager](/docs/user-guide/file-manager.md)
- [Mail domains](/docs/user-guide/mail-domains.md)
- [Notifications](/docs/user-guide/notifications.md)
- [Packages](/docs/user-guide/packages.md)
- [Statistics](/docs/user-guide/statistics.md)
- [Users](/docs/user-guide/users.md)
- [Web domains](/docs/user-guide/web-domains.md)
## Server administration
- [Backup & restore](/docs/server-administration/backup-restore.md)
- [Configuration](/docs/server-administration/configuration.md)
- [Customisation](/docs/server-administration/customisation.md)
- [Databases & phpMyAdmin](/docs/server-administration/databases.md)
- [DNS clusters & DNSSEC](/docs/server-administration/dns.md)
- [Email](/docs/server-administration/email.md)
- [File manager](/docs/server-administration/file-manager.md)
- [Firewall](/docs/server-administration/firewall.md)
- [OS upgrades](/docs/server-administration/os-upgrades.md)
- [Rest API](/docs/server-administration/rest-api.md)
- [SSL certificates](/docs/server-administration/ssl-certificates.md)
- [Web templates & caching](/docs/server-administration/web-templates.md)
- [Troubleshooting](/docs/server-administration/troubleshooting.md)
## Contributing
- [Building Packages](/docs/contributing/building.md)
- [Development](/docs/contributing/development.md)
- [Documentation](/docs/contributing/documentation.md)
- [Quick install app](/docs/contributing/quick-install-app.md)
- [Testing](/docs/contributing/testing.md)
- [Translations](/docs/contributing/translations.md)
## Community
- [Hestia Nginx Cache](/docs/community/hestia-nginx-cache.md)
- [Ioncube installer for Hestia](/docs/community/ioncube-hestia-installer.md)
- [Install script generator](/docs/community/install-script-generator.md)
## Reference
- [API](/docs/reference/api.md)
- [CLI](/docs/reference/cli.md)

15
docs/docs/introduction/best-practices.md Normal file
View File

@@ -0,0 +1,15 @@
# Best Practices
Managing a server is not easy. Here are some best practices you should try to adhere to while managing your Hestia server.
## Use a regular user
::: danger Never run a web or mail domain with the **admin** user
By default, the **admin** user has elevated privileges. This can pose a **security threat** to your server. For example, if you run WordPress under your **admin** user and a vulnerability is found in WordPress or a plugin, a malicious user might be able to run commands as **root**!
:::
Before adding any web or mail domain on your server, you should create a regular user. To do this, you can refer to our [User Management Guide](../user-guide/users.md#adding-a-user).
## Enable two-factor authentication (2FA) for the _admin_ user
Since the **admin** user has full control on the server, as well as elevated privileges, it is **greatly** recommended that you enable 2FA on this account. To do this, you can refer to our [Account Management](../user-guide/account.md#two-factor-authentication-2fa).

142
docs/docs/introduction/getting-started.md Normal file
View File

@@ -0,0 +1,142 @@
# Getting Started
This section will help you get Hestia installed on your server. If you already have Hestia installed and are just looking for options, you can skip this page.
::: warning
The installer needs to be run as **root**, either directly from the terminal or remotely, using SSH. If you do not do this, the installer will not proceed.
:::
## Requirements
::: warning
Hestia must be installed on top of a fresh operating system installation to ensure proper functionality.
If on a VPS/KVM, and there is already an admin account, either delete that default admin ID, or use `--force` to continue with the installation. See custom installation below for further details.
:::
| | Minimum | Recommended |
| -------------------- | ---------------------------------------------- | ------------------------------------ |
| **CPU** | 1 core, 64-bit | 4 cores |
| **Memory** | 1 GB (no SpamAssassin and ClamAV) | 4 GB |
| **Disk** | 10 GB HDD | 40 GB SSD |
| **Operating System** | Debian 10, 11 or 12<br>Ubuntu 20.04, 22.04 LTS | Latest Debian <br> Latest Ubuntu LTS |
::: warning
Hestia only runs on AMD64 / x86_64 and ARM64 / aarch64 processors. It also requires a 64bit operating system!
We currently do not support i386 or ARM7-based processors.
:::
### Supported operating systems
- Debian 10, 11 or 12
- Ubuntu 20.04 or 22.04
::: warning
Hestia does not support non-LTS Operating systems. If you install it on, for example, Ubuntu 21.10, you will not receive support from us.
:::
## Regular installation
Interactive installer that will install the default Hestia software configuration.
### Step 1: Download
Download the installation script for the latest release:
```bash
wget https://raw.githubusercontent.com/hestiacp/hestiacp/release/install/hst-install.sh
```
If the download fails due to an SSL validation error, please be sure you've installed the ca-certificate package on your system - you can do this with the following command:
```bash
apt-get update && apt-get install ca-certificates
```
### Step 2: Run
To begin the installation process, simply run the script and follow the on-screen prompts:
```bash
bash hst-install.sh
```
You will receive a welcome email at the address specified during installation (if applicable) and on-screen instructions after the installation is completed to log in and access your server.
## Custom installation
If you want to customise which software gets installed, or want to run an unattended installation, you will need to run a custom installation.
To view a list of available options, run
```bash
bash hst-install.sh -h
```
### List of installation options
::: tip
An easier way to choose your installation options is by using the [Install string generator](/install.md).
:::
To choose what software gets installed, you can provide flags to the installation script. You can view the full list of options below.
```bash
-a, --apache Install Apache [yes | no] default: yes
-w, --phpfpm Install PHP-FPM [yes | no] default: yes
-o, --multiphp Install Multi-PHP [yes | no] default: no
-v, --vsftpd Install Vsftpd [yes | no] default: yes
-j, --proftpd Install ProFTPD [yes | no] default: no
-k, --named Install Bind [yes | no] default: yes
-m, --mysql Install MariaDB [yes | no] default: yes
-M, --mysql-classic Install Mysql8 [yes | no] default: no
-g, --postgresql Install PostgreSQL [yes | no] default: no
-x, --exim Install Exim [yes | no] default: yes
-z, --dovecot Install Dovecot [yes | no] default: yes
-Z, --sieve Install Sieve [yes | no] default: no
-c, --clamav Install ClamAV [yes | no] default: yes
-t, --spamassassin Install SpamAssassin [yes | no] default: yes
-i, --iptables Install Iptables [yes | no] default: yes
-b, --fail2ban Install Fail2ban [yes | no] default: yes
-q, --quota Filesystem Quota [yes | no] default: no
-d, --api Activate API [yes | no] default: yes
-r, --port Change Backend Port default: 8083
-l, --lang Default language default: en
-y, --interactive Interactive install [yes | no] default: yes
-s, --hostname Set hostname
-e, --email Set admin email
-p, --password Set admin password
-D, --with-debs Path to Hestia debs
-f, --force Force installation
-h, --help Print this help
```
#### Example
```bash
bash hst-install.sh \
--interactive no \
--hostname host.domain.tld \
--email email@domain.tld \
--password p4ssw0rd \
--lang fr \
--apache no \
--named no \
--clamav no \
--spamassassin no
```
This command will install Hestia in French with the following software:
- Nginx Web Server
- PHP-FPM Application Server
- MariaDB Database Server
- IPtables Firewall + Fail2Ban Intrusion prevention software
- Vsftpd FTP Server
- Exim Mail Server
- Dovecot POP3/IMAP Server
## Whats next?
By now, you should have a Hestia installation on your server. You are ready to add new users, so that you (or they) can add new websites on your server.
To access your control panel, navigate to `https://host.domain.tld:8083` or `http://your.public.ip.address:8083`

36
docs/docs/reference/api.md Normal file
View File

@@ -0,0 +1,36 @@
# API
::: info
This page is work in progress. A lot of information will be missing.
:::
## Examples
Examples can be found in a separate [repo](https://github.com/hestiacp/hestiacp-api-examples).
## Upgrading from username/password authentication to access/secret keys
Replace the following code:
```php
// Prepare POST query
$postvars = [
"user" => $hst_username,
"password" => $hst_password,
"returncode" => $hst_returncode,
"cmd" => $hst_command,
"arg1" => $username,
];
```
With the following:
```php
// Prepare POST query
$postvars = [
"hash" => "access_code:secret_code",
"returncode" => $hst_returncode,
"cmd" => $hst_command,
"arg1" => $username,
];
```

6219
docs/docs/reference/cli.md Normal file
View File

File diff suppressed because it is too large Load Diff

214
docs/docs/server-administration/backup-restore.md Normal file
View File

@@ -0,0 +1,214 @@
# Backup & Restore
## How do I move a user to a new server?
The current restore function accepts backups generated by both VestaCP
and HestiaCP.
1. Create a user backup on the old server.
```bash
v-backup-user username
```
2. Copy the generated tarball to the new server and place it in `/backup`.
```bash
scp /backup/username.2020.01.01-00-00.tar root@host.domain.tld:/backup/
```
3. Restore the backup on the new server. You can restore to a different user by changing the username in the command.
```bash
v-restore-user username username.2020.01.01-00-00.tar
```
User accounts that do not exist will be created.
## What kind of backups are able to be restored?
Currently HestiaCP only support restoring backups made using:
1. HestiaCP
2. VestaCP
## How to edit the number of backups?
To edit the number of backups, please read the [Packages](../user-guide/packages.md) and [Users](../user-guide/users.md) documentation. You will need to create or edit a package, and assign it to the desired user.
## Not enough disk space available to preform the backup
For safety reasons, Hestia takes into account 2x the users disk usage when creating a backup. Therefore, before starting a backup, we check how much disk usage a user has left. If you encounter this error, you can do one of the following to solve the issue:
- Reduce the amount of backups saved per user saved.
- Move the backups to a remote storage.
- Move the backup folder to a different drive.
- Split up the user in multiple users.
- Exclude certain folders or mail accounts from the backup.
## What is the difference between zstd and gzip
zstd was developed by Facebook as a replacement for gzip. During our testing, we found a significant speed increase and lower disk space usage when compared to gzip.
For more information see [the zstd repo](https://github.com/facebook/zstd).
## What is the optimal compression ratio
The higher the number how better the compression ratio. During our testing, we discoverd that zstd level 3 is similar to level 9 for disk space, however it is much faster. zstd level 11 took about the same time, but gave us a smaller size. Levels higher than 19 should never be used, as zstd then becomes terribly slow.
## What kind of protocols are currently supported
Currently supported backup protocols are:
- FTP
- SFTP
- Rclone, which supports up to 50 different cloud providers. [See its documentation](https://rclone.org)
## How to setup an FTP backup server
Login via SSH and run the following command as root:
```bash
v-add-backup-host 'ftp' 'remote.ftp-host.tld' 'backup-user' 'p4ssw0rd' '/path-backups/' 'port'
```
### How to setup an SFTP backup server
::: warning
Please note passwords are stored as **plain text** on the server. They are only accessible by the root user, but if you want to use a more secure authentication method, use public and private keys.
:::
Login via SSH and run the following command as root:
```bash
v-add-backup-host 'sftp' 'remote.ftp-host.tld' 'backup-user' 'p4ssw0rd' '/path-backups/' 'port'
```
If using public and private keys (recommended):
```bash
v-add-backup-host 'sftp' 'remote.ftp-host.tld' 'backup-user' '/root/id_rsa' '/path-backups/' 'port'
```
## How to setup Rclone
::: tip
Initial configuration can only be done via CLI. After that, you can update the settings via the web panel.
:::
First, [download Rclone](https://rclone.org/downloads/). The easiest method is to run this command:
```bash
sudo -v
curl https://rclone.org/install.sh | sudo bash
```
Once the download and installation is complete, run `rclone config` and then `n`. Follow the instruction on the screen, then save when completed.
To verify if it is working run as intended:
```bash
echo "test" > /tmp/backuptest.txt
rclone cp /tmp/backuptest.txt $HOST:$FOLDER/backuptest.txt
rclone lsf $HOST:$FOLDER
```
And see the file has been uploaded
```bash
rclone delete $HOST:$FOLDER/backuptest.txt
```
Once the config has been saved you can setup Hestia with the following command:
```bash
v-add-backup-host 'rclone' 'remote-name' '' '' 'Bucket or Folder name' ''
```
::: tip
Configuration per endpoint might be different! Make sure to test it is working before relying on it. To verify it works run
```bash
v-backup-user admin
```
:::
For example:
```bash
rclone config
Current remotes:
Name Type
==== ====
r2 s3
```
To use the "R2" endpoint use
```bash
v-add-backup-host 'rclone' 'r2' '' '' 'folder'
```
For Blackblaze use
```bash
v-add-backup-host 'rclone' 'b2' '' '' 'hestiacp'
```
## How to change default backup folder
For security reasons, symlinks are not allowed. To change the default backup folder, you can do the following:
1. Make sure backup folder is currently set to `/backup`.
2. If it has something in it, delete it and recreate it. You can use an FTP client or type `mkdir /backup` in the console.
3. Mount the desired folder to `/backup`, using `mount`:
```bash
mount --bind /path/to/new/backup/folder /backup
```
For a permanent fix you should add a record to `fstab`, so this folder would mount on your system boot:
1. Open `/etc/fstab`.
2. Add the following line to the end:
```bash
/path/to/new/backup/folder /backup none defaults,bind 0 0
```
3. Save the file.
## How to extract .zstd file
Follow the instructions below or use WinRAR 6.10 or later to unpack .zst files.
### How to extract the domain_data.tar.zst in windows using zstd.exe
1. Download and unzip zstd.exe. It is available on the [zstd GitHub](https://github.com/facebook/zstd/releases/).
2. To decompress the backup, use the following command:
```batch
{dir_to_zstd}\zstd.exe -o {dir_to_file}\{file}.tar.zst
```
For example:
```batch
C:\Users\{user}\Downloads\zstd-v1.4.4-win64\zstd.exe -d c:\Users\{user}\Downloads\admin.2021-06-27_05-48-23\web\{domain}\domain_data.tar.zst
```
Output:
```batch
C:\Users\{user}\Downloads\admin.2021-06-27_05-48-23\web\{domain}\domain_data.tar.zst: 61440 bytes
```
3. Use your preferred program to untar the resulting tarball, and you are done.
In this case, the tar was outputted to:
```batch
C:\Users\{user}\Downloads\admin.2021-06-27_05-48-23\web\{domain}\domain_data.tar
```

137
docs/docs/server-administration/configuration.md Normal file
View File

@@ -0,0 +1,137 @@
# Server configuration
## I am not able to login
For installing dependencies we use Composer. As are currently not able
to run it under hestia-php version. We install it via /usr/bin/php. Make
sure proc_open is allowed in the main php version. In the future we look
in methods to allow install via composer via hestia-php.
## Where can I find more information about the config files?
A good starting point for every software is to check the official docs:
- For Nginx: [NGINX Docs](https://nginx.org/en/docs/)
- For Apache2: [Apache Docs](http://httpd.apache.org/docs/2.4/)
- For PHP-FPM: [PHP Docs](https://www.php.net/manual/en/install.fpm.configuration.php)
You could also try [our Forum](https://forum.hestiacp.com)
## Can I use HestiaCP behind Cloudflare CDN?
By default the [Cloudflare Proxy](https://developers.cloudflare.com/fundamentals/get-started/reference/network-ports/) supports only a limited number of ports. This means that Cloudflare will not forward port 8083, which is the default port for Hestia. To change the Hestia port to one that Cloudflare will forward, run this command:
```bash
v-change-sys-port 2083
```
You can also disable Cloudflare proxy feature.
## How to remove unused ethernet ports from RRD?
```bash
nano /usr/local/hestia/conf/hestia.conf
```
Add the following line:
```bash
RRD_IFACE_EXCLUDE='lo'
```
Add network ports as comma separated list
```bash
rm /usr/local/hestia/web/rrd/net/*
systemctl restart hestia
```
## What does the “Enforce subdomain ownership” policy mean?
In Hestia <=1.3.5 and Vesta, it was possible for users to create subdomains from domains that were owned by other users. For example, user Bob could create `bob.alice.com`, even if `alice.com` is owned by Alice. This could cause security issues and therefor we have decided to add a policy to control this behaviour. By default, the policy is enabled.
You can tweak the policy for a specific domain and user, for example for a domain that has been used for testing:
```bash
# to enable
v-add-web-domain-allow-users user domain.tld
# to disable
v-delete-web-domain-allow-users user domain.tld
```
## Can I restrict access to the `admin` account?
In Hestia 1.3, we have made it possible to give another user Administrator access. In 1.4, we have given system administrators the option to limit access to the main **System Administrator** account to improve security.
## My server IP has changed, what do I need to do?
When a server IP changes, you need to run the following command, which will rebuild all config files:
```bash
v-update-sys-ip
```
## Unable to bind address
In rare cases the network service might be slower than Apache2 and or Nginx. In that case, Nginx or Apache2 will refuse to successfully start. You can verify that this is the case by looking at the services status:
```bash
systemctl status nginx
# Output
nginx: [emerg] bind to x.x.x.x:80 failed (99: cannot assign requested address)
```
Or, in case of Apache2:
```bash
systemctl status httpd
# Output
(99)Cannot assign requested address: AH00072: make_sock: could not bind to address x.x.x.x:8443
```
The following command should allow services to assign to non existing IP addresses:
```bash
sysctl -w net.ipv4.ip_nonlocal_bind=1
```
## I am unable to monitor processes with Zabbix
For security reasons, users are not allowed to monitor processes from other users by default.
To solve the issue if you use monitoring via Zabbix, edit `/etc/fstab` and modify it to the following, then reboot the server or remount `/proc`:
```bash
proc /proc proc defaults,hidepid=2,gid=zabbix 0 0
```
## Error: 24: Too many open files
If you see an error similar to this:
```bash
2022/02/21 15:04:38 [emerg] 51772#51772: open() "/var/log/apache2/domains/domain.tld.error.log" failed (24: Too many open files)
```
It means that there are too many open files with Nginx. To resolve this issue, edit the Nginx daemon config, then reload the daemons by running `systemctl daemon-reload`:
```bash
# /etc/systemd/system/nginx.service.d/override.conf
[Service]
LimitNOFILE=65536
```
Add this to the Nginx config file (Needs to be smaller or equal to `LimitNOFILE`)
```bash
# /etc/nginx/nginx.conf
worker_rlimit_nofile 16384
```
Restart Nginx with `systemctl restart nginx`, and verify the new limits by running:
```bash
cat /proc/ < nginx-pid > /limits.
```

64
docs/docs/server-administration/customisation.md Normal file
View File

@@ -0,0 +1,64 @@
# Customisation
::: warning
We currently only support changing the layout via CSS. You can customise HTML files and templates, but they **will** be overwritten during updates, so make sure to [set up hooks](#running-commands-before-and-after-updates) to restore your changes after an update.
:::
## Adding a new theme
Create a new theme in `/usr/local/hestia/web/css/theme/custom/my_theme.css`
```css
.body-login,
.body-reset {
height: auto;
padding-top: 10%;
background: rgb(231, 102, 194) !important;
background: radial-gradient(circle, rgba(231, 102, 197, 1), rgba(174, 43, 177, 1)) !important;
}
```
## Customising a default theme
Changes to default themes are always overwritten during updates. Custom CSS files can be uploaded to `/usr/local/hestia/web/css/custom` in `.css` or `.min.css` format.
Please note that `default.css` base theme is always loaded. Other default and custom themes override the rules in this file.
## Customising the _Domain not found_ page
The _Domain not found_ page is located in `/var/www/html/index.html`. You can edit it using the following command:
```bash
nano /var/www/html/index.html
```
## Customising the default domain skeleton structure
The default structure that will be added to a domain when it gets created is located in `/usr/local/hestia/data/templates/web/skel/public_html`.
## Running commands before and after updates
With the release of Hestia 1.4.6 we have added pre-install and post-install hooks. For example, you can use hooks to:
- Disable and enable demo mode before and after an update.
- Restore a customised skeleton page.
Hooks are located in one of the following files:
- `/etc/hestiacp/hooks/pre_install.sh`
- `/etc/hestiacp/hooks/post_install.sh`
::: tip
Dont forget to make the file executable by running `chmod +x /etc/hestiacp/hooks/[file].sh`.
:::
For example, to disable demo mode on pre-install:
```bash /etc/hestiacp/hooks/pre_install.sh
#!/bin/bash
sed -i "s|^DEMO_MODE=.*'|DEMO_MODE='no'|g" $HESTIA/conf/hestia.conf
```
::: warning
If you use custom error documents you will have to rebuild all websites again!
:::

120
docs/docs/server-administration/databases.md Normal file
View File

@@ -0,0 +1,120 @@
# Database & phpMyAdmin SSO
## How to setup a remote database server
1. It is assumed you already have your second server up and running.
2. On your Hestia server run the following command (`mysql` may be replaced by `postgresql`):
```bash
v-add-database-host mysql new-server.com root password
```
To make sure the host has been added, run the following command:
```bash
v-list-database-hosts
```
## Why I cant use `http://ip/phpmyadmin/`
For security reasons, we have decided to disable this option. Please use `https://host.domain.tld/phpmyadmin/` instead.
## How can I enable access to `http://ip/phpmyadmin/`
### For Apache2
```bash
nano /etc/apache2/conf.d/ip.conf
# Add the following code before both </VirtualHost> closing tags
IncludeOptional /etc/apache2/conf.d/*.inc
# Restart apache2
systemctl restart apache2
# You can also add the following in /etc/apache2.conf instead
IncludeOptional /etc/apache2/conf.d/*.inc
```
### For Nginx
```bash
nano /etc/nginx/conf.d/ip.conf
# Replace the following
location /phpmyadmin/ {
alias /var/www/document_errors/;
return 404;
}
location /phppgadmin/ {
alias /var/www/document_errors/;
return 404;
}
# With the following
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
```
## How can I connect from a remote location to the database
By default, connections to port 3306 are disabled in the firewall. Open
port 3306 in the firewall ([documentation](./firewall.md)), then edit `/etc/mysql/mariadb.conf.d/50-server.cnf`:
```bash
nano /etc/mysql/mariadb.conf.d/50-server.cnf
# Set bind-address to one of the following
bind-address = 0.0.0.0
bind-address = "your.server.ip.address"
```
## PhpMyAdmin Single Sign On
### Unable to activate phpMyAdmin Single Sign on
Make sure the API is enabled and working properly. Hestias PhpMyAdmin Single Sign On function connects over the Hestia API.
### When clicking the phpMyAdmin Single Sign On button, I am forwarded to the login page of phpMyAdmin
Automated can sometimes cause issues. Login via SSH and open `/var/log/{webserver}/domains/{hostname.domain.tld.error.log` and look for one of the following error messages:
- `Unable to connect over API, please check API connection`
1. Check if the api has been enabled.
2. Add the public IP of your server to the allowed IPs in the **Server settings**.
- `Access denied: There is a security token mismatch`
1. Disable and then enable the phpMyAdmin SSO. This will refresh both keys.
2. If you are behind a firewall or proxy, you may want to disable it and try again.
- `Link has expired`
1. Refresh the database page and try again.
## Remote databases
If needed you can simply host Mysql or Postgresql on a remote server.
To add a remote database:
```bash
v-add-database-host TYPE HOST DBUSER DBPASS [MAX_DB] [CHARSETS] [TPL] [PORT]
```
For example:
```bash
v-add-database-host mysql db.hestiacp.com root mypassword 500
```
If you want you can setup phpMyAdmin on the host server to allow to connect to the database. Create a copy of `01-localhost` file in /etc/phpmyadmin/conf.d and change:
```php
$cfg["Servers"][$i]["host"] = "localhost";
$cfg["Servers"][$i]["port"] = "3306";
$cfg["Servers"][$i]["pmadb"] = "phpmyadmin";
$cfg["Servers"][$i]["controluser"] = "pma";
$cfg["Servers"][$i]["controlpass"] = "random password";
$cfg["Servers"][$i]["bookmarktable"] = "pma__bookmark";
```
Please make sure to create aswell the phpmyadmin user and database.
See `/usr/local/hestia/install/deb/phpmyadmin/pma.sh`

166
docs/docs/server-administration/dns.md Normal file
View File

@@ -0,0 +1,166 @@
# DNS clusters and DNSSEC
::: info
With the release of version 1.7.0, we have implemented support for DNSSEC. DNSSEC requires a Master -> Slave setup. IF the existing implementation is a Master <-> Master setup, it is not supported. DNSSEC also requires at least Ubuntu 22.04 or Debian 11!
:::
## Host your DNS on Hestia
[Create a DNS Zone](../user-guide/dns.md#adding-a-dns-zone) with the **child-ns** template, then login to your domain registrars panel and change the name servers of the domain. Depending your registrar panel, you could be able to create glue records. You may need to wait for up to 24 hours before the name servers become active.
## DNS Cluster setup
::: tip
Create for each server a unique user and assing them the "Sync DNS User" or "dns-cluster" role!
:::
If you are looking at options to minimise DNS-related downtime or for a way to manage DNS across all your servers, you might consider setting up a DNS cluster.
1. Whitelist your master server IP in **Configure Server** -> **Security** -> **Allowed IP addresses for API**, otherwise you will get an error when adding the slave server to the cluster.
2. Enable API access for admins (or all users).
3. Create an API key under the **admin** user with at least the **sync-dns-cluster** permission.
::: info
With the release of 1.6.0, we have implemented a new API authentication system. We strongly suggest using this method instead of the old system, as it is more secure due to the length of the access key and secret key!
If you still want to use the legacy API to authenticate with **admin** username and the password make sure **Enable legacy API** access is set to **yes**.
:::
### DNS Cluster with the Hestia API (Master <-> Master) "Default setup!"
::: warning
This method does not support DNSSEC!
:::
1. Create a new user on the Hestia server that will act as a “Slave”. Make sure it uses the username of "dns-cluster" or has the role `dns-cluster`
2. Run the following command to enable the DNS server.
```bash
v-add-remote-dns-host slave.yourhost.com 8083 'accesskey:secretkey' '' 'api' 'username'
```
Or if you still want to use admin and password authentication
```bash
v-add-remote-dns-host slave.yourhost.com 8083 'admin' 'strongpassword' 'api' 'username'
```
This way you can set up Master -> Slave or Master <-> Master <-> Master cluster.
There is no limitation on how to chain DNS servers.
### DNS Cluster with the Hestia API (Master -> Slave)
1. Create a new user on the Hestia server that will act as a “Slave”. Make sure it uses the username of "dns-user" or has the role `dns-cluster`
2. In `/usr/local/hestia/conf/hestia.conf`, change `DNS_CLUSTER_SYSTEM='hestia'` to `DNS_CLUSTER_SYSTEM='hestia-zone'`.
3. On the master server, open `/etc/bind/named.conf.options`, do the following changes, then restart bind9 with `systemctl restart bind9`.
```bash
# Change this line
allow-transfer { "none"; };
# To this
allow-transfer { your.slave.ip.address; };
# Or this, if adding multiple slaves
allow-transfer { first.slave.ip.address; second.slave.ip.address; };
# Add this line, if adding multiple slaves
also-notify { second.slave.ip.address; };
```
4. On the slave server, open `/etc/bind/named.conf.options`, do the following changes, then restart bind9 with `systemctl restart bind9`:
```bash
# Change this line
allow-recursion { 127.0.0.1; ::1; };
# To this
allow-recursion { 127.0.0.1; ::1; your.master.ip.address; };
# Add this line
allow-notify{ your.master.ip.address; };
```
5. Run the following command to enable the DNS server:
```bash
v-add-remote-dns-host slave.yourhost.com 8083 'accesskey:secretkey' '' 'api' 'user-name'
```
If you still want to use admin and password authentication:
```bash
v-add-remote-dns-host slave.yourhost.com 8083 'admin' 'strongpassword' 'api' 'user-name'
```
### Converting an existing DNS cluster to Master -> Slave
1. In `/usr/local/hestia/conf/hestia.conf`, change `DNS_CLUSTER_SYSTEM='hestia'` to `DNS_CLUSTER_SYSTEM='hestia-zone'`.
2. On the master server, open `/etc/bind/named.options`, do the following changes, then restart bind9 with `systemctl restart bind9`.
```bash
# Change this line
allow-transfer { "none"; };
# To this
allow-transfer { your.slave.ip.address; };
# Or this, if adding multiple slaves
allow-transfer { first.slave.ip.address; second.slave.ip.address; };
# Add this line, if adding multiple slaves
also-notify { second.slave.ip.address; };
```
3. On the slave server, open `/etc/bind/named.options`, do the following changes, then restart bind9 with `systemctl restart bind9`:
```bash
# Change this line
allow-recursion { 127.0.0.1; ::1; };
# To this
allow-recursion { 127.0.0.1; ::1; your.master.ip.address; };
# Add this line
allow-notify{ your.master.ip.address; };
```
4. Update DNS with `v-sync-dns-cluster`
## Enabling DNSSEC
::: warning
DNSSEC cant be used when Hestia Cluster is active as Master <-> Master
:::
To enable DNSSEC, check the checkbox in-front of DNSSEC and save.
To view the public key. Got to the list DNS domains and click the <i class="fas fas-key"></i> icon.
Depending on your registrar, you will either be able to create a new record based on the DNSKEY or based on DS key. After the DNSSEC public key has been added to the registrar, DNSSEC is enabled and live.
::: danger
Removing or disabling the private key in Hestia will make the domain inaccessble.
:::
## Can I separate DNS accounts by users
Yes, you can just supply the user variable at the end of the command.
````bash
v-add-remote-dns-host slave.yourhost.com 8083 'access_key:secret_key' '' '' 'username'```
````
or
```bash
v-add-remote-dns-host slave.yourhost.com 8083 admin p4sw0rd '' 'username'
```
With the new API system, you can also replace `api_key` with `access_key:secret_key`
::: info
By default the user `dns-cluster` or user with the role `dns-cluster` are exempted from syncing to other DNS servers!
:::
## I am not able to add a server as DNS host
When trying to add a DNS server for a cluster I get the following error:
```bash
/usr/local/hestia/func/remote.sh: line 43: return: Error:: numeric argument required
Error: api connection to slave.domain.tld failed
```
By default, API access has been disabled for non-local IP addresses. Please add your IP address to the **Allowed IP addresses for API** field in the server settings.

110
docs/docs/server-administration/email.md Normal file
View File

@@ -0,0 +1,110 @@
# Email and mail server
## How do I setup internal mail to be sent over SMTP?
By default, emails generated by Hestia (Notifications, Forgot password, update logs, etc.) are sent the internal mail. If you want, you can setup mail to be send over a SMTP account.
Execute the following script and follow the instructions:
```bash
bash /usr/local/hestia/install/upgrade/manual/configure-server-smtp.sh
```
## I am unable to send email
First, check that port 25 is open for outgoing traffic. A lot of providers block port 25 by default to combat spam.
To do so, run the following command:
```bash
telnet ASPMX.L.GOOGLE.COM 25
```
If the connection was successful you will see something similar to this:
```bash
Trying 2a00:1450:400c:c00::1b...
Connected to ASPMX.L.GOOGLE.COM.
Escape character is '^]'.
220 mx.google.com ESMTP a7si1253985wrr.455 - gsmtp
```
If not, you have 2 options:
1. Contact you provider and ask them to open port 25 for outgoing traffic.
2. Setup a mail relay under the mail domain settings or set it up generally for the server in system settings. For this you need to use an SMTP relay service like:
- [Amazon SES](https://aws.amazon.com/ses/)
- [SMTP2GO](https://www.smtp2go.com)
- [Sendinblue](https://www.sendinblue.com)
## What is an SMTP relay service and how to set it up
SMTP mail relay is the process of transferring an email from one server to another for delivery. Often email from a server is blocked by de service provider due to fear of spam. Or the IP reputation is so low that all email go straight into the spam box. To prevent such issues a lot of companies offer a SMTP relay that takes care of the delivery part. As they send a lot email via the same ip addresses they have a better reputation.
To setup create a account by the provider you want or use and follow their instruction to update your DNS. When completed you can enter the SMTP user account they provider in the settings under "Global SMTP" or under the "Edit mail domain" -> "SMTP relay"
## I am unable to receive email
If you are unable to receive emails, make sure you have setup your DNS properly. If you are using Cloudflare, disable the use of the proxy for `mail.domain.tld`.
When you are done you can check the configuration via [MXToolBox](https://mxtoolbox.com/MXLookup.aspx).
## How do I install SnappyMail?
You can install SnappyMail by running the following command:
```bash
v-add-sys-snappymail
```
## Can I login into the backend of SnappyMail
In the root folder, there is a file called `.snappymail` containing the username and password:
```bash
Username: admin_f0e5a5aa
Password: D0ung4naLOptuaa
Secret key: admin_f0e5a5aa
```
You can access the admin by navigating to `https://webmail.domain.tld/?admin_f0e5a5aa`, and login by using the data you found in the file. Once its not needed anymore, remove the file, for security reasons.
## Can I use Cloudflare Proxy with email
No, Cloudflares Proxy does not work with email. If you use email hosted on you server, make sure the proxy for the A record `mail.domain.tld` is switched off. Otherwise, you will not be able receive emails. The following records are suggested if you want to use Hestia as your mail server:
- A record with name **mail** pointing to your server IP.
- A record with name **webmail** pointing to your server IP.
- MX record with name **@** with pointing to `mail.domain.tld`.
- TXT record with name **@** containing `v=spf1 a mx ip4:your ip; \~all`
- TXT record with name **\_domainkey** containing `t=y; o=~;`
- TXT record with name **mail.\_domainkey** containing `t=y; o=~DKIM key;`
- TXT record with name **\_dmarc** containing `v=DMARC1; p=quarantine; sp=quarantine; adkim=s; aspf=s;`
The DKIM key and SPF record can be found in the **Mail Domains** list ([documentation](../user-guide/mail-domains.md#get-dns-records)).
## When sending send emails from my server, they end up in the spam folder
Make sure you have set up the correct RDNS, SPF records and DKIM records.
If this doesnt work, its be possible that your IP address is on one or more blacklists. You can try to unblock yourself, but often the easier method is to use SMTP and SMTP Relay with Amazon SES or another SMTP provider.
## How can I enable ManageSieve?
During Hestias installation, use the `--sieve` flag. If Hestia is already installed, there is a an upgrade script provided at the following path: `/usr/local/hestia/install/upgrade/manual/install_sieve.sh`
## Can I allow access to ManageSieve via an external mail client?
Open port 4190 in the firewall. [Read the firewall documentation](./firewall.md).
## How can I enable ManageSieve for Snappymail?
Edit `/etc/snappymail/data/_data_/_default_/domains/default.ini` and modify the following settings:
```bash
sieve_use = On
sieve_allow_raw = Off
sieve_host = "localhost"
sieve_port = 4190
sieve_secure = "None"
```

53
docs/docs/server-administration/file-manager.md Normal file
View File

@@ -0,0 +1,53 @@
# File manager
## How can I enable or disable the file manager
In a new install, the file manager will be enabled by default.
To enable or update the file manager, please run the following command:
```bash
v-add-sys-filemanager
```
To disable the file manager, please run the following command:
```bash
v-delete-sys-filemanager
```
## File manager gives “Unknown Error” message
This seems to occur specifically when the line `Subsystem sftp /usr/lib/openssh/sftp-server` is removed or changed in `/etc/ssh/sshd_config` in such a way that the install script cannot update it to `Subsystem sftp internal-sftp`.
Short answer: add `Subsystem sftp internal-sftp` to `/etc/ssh/sshd_config`.
Long answer: Refer to the install script `./install/hst-install-{distro}.sh` for all the changes made to `/etc/ssh/sshd_config`. For Debian, the changes can be summarised as follows:
```bash
# HestiaCP Changes to the default /etc/ssh/sshd_config in Debian 10 Buster
# Forced default yes
PasswordAuthentication yes
# Changed from default 2m to 1m
LoginGraceTime 1m
# Changed from default /usr/lib/openssh/sftp-server to internal-sftp
Subsystem sftp internal-sftp
# Changed from default yes
DebianBanner no
```
Changing all of the other parameters to their defaults and also changing to `PasswordAuthentication no` did not reproduce the error, thus it would seem to be isolated to the `Subsystem sftp internal-sftp` parameter.
For more information regarding debugging, inspect the Hestia Nginx log:
```bash
tail -f -s0.1 /var/log/hestia/nginx-error.log
```
## I changed SSH port and I cannot use the file manager anymore
The SSH port is loaded in a PHP session. Logging out and logging back in will reset the session, fixing the issue.

103
docs/docs/server-administration/firewall.md Normal file
View File

@@ -0,0 +1,103 @@
# Firewall
::: warning
After every edit or update the firewall, Hestia will clear the current iptables unless the rules are added via Hestia and [custom script](#how-can-i-customize-iptables-rules).
:::
## How can I open or block a port or IP?
1. Navigate to the server settings by clicking the <i class="fas fa-fw fa-cog"><span class="visually-hidden">Server</span></i> icon in the top right.
2. Click the **<i class="fas fa-fw fa-shield-alt"></i> Firewall** button.
3. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add Rule** button.
4. Select the desired action.
5. Select the desired protocol.
6. Enter the port(s) you want this rule to apply to (`0` for all ports).
7. Set the IP this rule applies to (`0.0.0.0/0` for all IPs) or select an IPSet.
8. Optionally describe the rules function.
9. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
You can also use the [v-add-firewall-rule](../reference/cli.md#v-add-firewall-rule) command.
## How do I setup an IPSet blacklist or whitelist?
IPSet are large lists of IP addresses or subnets. They can be used for blacklists and whitelists.
1. Navigate to the server settings by clicking the <i class="fas fa-fw fa-cog"><span class="visually-hidden">Server</span></i> icon in the top right.
2. Click the **<i class="fas fa-fw fa-shield-alt"></i> Firewall** button.
3. Click the **<i class="fas fa-fw fa-list"></i> Manage IP lists** button.
4. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add IP list** button.
5. Name your IP list.
6. Select the data source by entering one of the following:
- URL: `http://ipverse.net/ipblocks/data/countries/nl.zone`
- Script (with `chmod 755`): `/usr/local/hestia/install/deb/firewall/ipset/blacklist.sh`
- File: `file:/location/of/file`
- You can also use one of Hestias included sources.
7. Selected the desired IP version (v4 or v6).
8. Choose whether to auto-update the list or not.
9. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## How can I customize iptables rules?
::: danger
This is dangerously advanced feature, please make sure you understand what you are doing.
:::
Hestia supports setting custom rules, chains or flags, etc. using script.
Script must be here: `/usr/local/hestia/data/firewall/custom.sh`
1. Create custom.sh: `touch /usr/local/hestia/data/firewall/custom.sh`
2. Make it executable: `chmod +x /usr/local/hestia/data/firewall/custom.sh`
3. Edit it with your favorite editor.
4. Test and make sure it works.
5. To make custom rules persistent, run: `v-update-firewall`
**IMPLICIT PROTECTION:** Before making the rules persistent, if you screw up or lock yourself out of the server, just reboot.
custom.sh example:
```bash
#!/bin/bash
IPTABLES="$(command -v iptables)"
$IPTABLES -N YOURCHAIN
$IPTABLES -F YOURCHAIN
$IPTABLES -I YOURCHAIN -s 0.0.0.0/0 -j RETURN
$IPTABLES -I INPUT -p TCP -m multiport --dports 1:65535 -j YOURCHAIN
```
## My IPSet doesnt work
An IPSet must contain at least 10 IP or IP ranges.
## Can I combine multiple sources in one?
If you want to combine multiple IP sources together, you can do so by using the following script:
```bash
#!/bin/bash
BEL=(
"https://raw.githubusercontent.com/ipverse/rir-ip/master/country/be/ipv4-aggregated.txt"
"https://raw.githubusercontent.com/ipverse/rir-ip/master/country/nl/ipv4-aggregated.txt"
"https://raw.githubusercontent.com/ipverse/rir-ip/master/country/lu/ipv4-aggregated.txt"
)
IP_BEL_TMP=$(mktemp)
for i in "${BEL[@]}"; do
IP_TMP=$(mktemp)
((HTTP_RC = $(curl -L --connect-timeout 10 --max-time 10 -o "$IP_TMP" -s -w "%{http_code}" "$i")))
if ((HTTP_RC == 200 || HTTP_RC == 302 || HTTP_RC == 0)); then # "0" because file:/// returns 000
command grep -Po '^(?:\d{1,3}\.){3}\d{1,3}(?:/\d{1,2})?' "$IP_TMP" | sed -r 's/^0*([0-9]+)\.0*([0-9]+)\.0*([0-9]+)\.0*([0-9]+)$/\1.\2.\3.\4/' >> "$IP_BEL_TMP"
elif ((HTTP_RC == 503)); then
echo >&2 -e "\\nUnavailable (${HTTP_RC}): $i"
else
echo >&2 -e "\\nWarning: curl returned HTTP response code $HTTP_RC for URL $i"
fi
rm -f "$IP_TMP"
done
sed -r -e '/^(0\.0\.0\.0|10\.|127\.|172\.1[6-9]\.|172\.2[0-9]\.|172\.3[0-1]\.|192\.168\.|22[4-9]\.|23[0-9]\.)/d' "$IP_BEL_TMP" | sort -n | sort -mu
rm -f "$IP_BEL_TMP"
```

73
docs/docs/server-administration/os-upgrades.md Normal file
View File

@@ -0,0 +1,73 @@
# Operating system upgrades
::: danger
Before upgrading your operating system make sure to make a backup! We do not provide support for broken operating system installations. We only provide this page for information about Hestia issues that may come up while upgrading.
:::
## General
::: info
Make sure to verify that MariaDB is running on a supported version for the new operating system. If that is not the case, update MariaDB version to a supported version before upgrading your OS!
:::
Once a backup has been made, update Hestia to the last supported version:
```bash
apt update && apt upgrade
```
Follow system instructions to upgrade your OS. When done, make sure to check that the files in `/etc/apt/sources.list.d` are not hashed out. If they are, remove the hash and run `apt update && apt upgrade` again.
## Debian 10 Buster to Debian 11 Bullseye
### SHA512 password encryption
```bash
sed -i "s/obscure yescrypt/obscure sha512/g" /etc/pam.d/common-password
```
### Exim4 config
```bash
rm -f /etc/exim4/exim4.conf.template
cp -f /usr/local/hestia/install/deb/exim/exim4.conf.4.94.template /etc/exim4/exim4.conf.template
```
### ProFTPD
Comment out [line 29](https://github.com/hestiacp/hestiacp/blob/1ff8a4e5207aae1e241954a83b7e8070bcdca788/install/deb/proftpd/proftpd.conf#L29) in `/etc/profpd/prodtpd.conf`.
## Debian 9 Stretch to Debian 10 Buster
No issues have been found in the past.
## Ubuntu 20.04 Focal to Ubuntu 22.04 Jammy
::: tip
Verify that MariaDB is running at least version 10.6. If not, first upgrade to this version in your current operating system! After that, comment out the line in `/etc/apt/sources.list.d/mariadb.list` and then upgrade your OS.
:::
### SHA512 password encryption
```bash
sed -i "s/obscure yescrypt/obscure sha512/g" /etc/pam.d/common-password
```
### Exim4 config
```bash
rm -f /etc/exim4/exim4.conf.template
cp -f /usr/local/hestia/install/deb/exim/exim4.conf.4.94.template /etc/exim4/exim4.conf.template
```
### ProFTPD
Comment out [line 29](https://github.com/hestiacp/hestiacp/blob/1ff8a4e5207aae1e241954a83b7e8070bcdca788/install/deb/proftpd/proftpd.conf#L29) in `/etc/profpd/prodtpd.conf`.
## Ubuntu 18.04 Bionic to Ubuntu 20.04 Focal
No issues have been found in the past.
## Older versions
We havent tested the upgrade paths from Ubuntu 16.04 to Ubuntu 20.04 or Debian 8 Jessy to Debian 10

76
docs/docs/server-administration/rest-api.md Normal file
View File

@@ -0,0 +1,76 @@
# REST API
The Hestia REST API is available to perform core functions of the Control Panel. For example, we use it internally to synchronise DNS clusters and to integrate the WHMCS billing system. The API can also be used to create new user accounts, domains, databases or even to build an alternative web interface.
The [API reference](../reference/api.md) provides PHP code samples demonstrating how you can integrate the API into your application or script. However, you also can use any other language to communicate with the API.
With the release of Hestia v1.6.0, we have introduced a more advanced API system and it will allow non-admin users to use specific commands.
## Im unable to connect to the API
With the release of Hestia v1.4.0, we have decided the security needed to be tightened. If you want to connect to the API from a remote server, you will first need to whitelist its IP address. To add multiple addresses, separate them with a new line.
## Can I disable the API?
Yes, you can disable the API via the server settings. The file will be deleted from the server and all connections will get ignored. Please note that some functions may not work with the API disabled.
## Password vs API key vs access keys
### Password
- Should only be used by the admin user.
- Changing the admin password requires updating it everywhere its used.
- Allowed to run all commands.
### API key
- Should only be used by the admin user.
- Changing the admin password does not have consequences.
- Allowed to run all commands.
### Access keys
- User-specific.
- Can limit permissions. For example only `v-purge-nginx-cache`.
- Ability to disable login via other methods but still allow the use of api keys
- Can be restricted to admin user only or allowed for all users.
## Setup access/secret key authentication
To create an access key, follow [the guide in our documentation](../user-guide/account.md#api-access-keys).
If the software you are using already supports the hash format, use `ACCESS_KEY:SECRET_KEY` instead of your old API key.
## Create an API key
::: warning
This method has been replaced by the above access/secret key authentication. We **highly** recommend using this more secure method instead.
:::
Run the command `v-generate-api-key`.
## Return codes
| Value | Name | Comment |
| ----- | ------------- | ------------------------------------------------------------ |
| 0 | OK | Command has been successfully performed |
| 1 | E_ARGS | Not enough arguments provided |
| 2 | E_INVALID | Object or argument is not valid |
| 3 | E_NOTEXIST | Object doesnt exist |
| 4 | E_EXISTS | Object already exists |
| 5 | E_SUSPENDED | Object is already suspended |
| 6 | E_UNSUSPENDED | Object is already unsuspended |
| 7 | E_INUSE | Object cant be deleted because it is used by another object |
| 8 | E_LIMIT | Object cannot be created because of hosting package limits |
| 9 | E_PASSWORD | Wrong / Invalid password |
| 10 | E_FORBIDEN | Object cannot be accessed by this user |
| 11 | E_DISABLED | Subsystem is disabled |
| 12 | E_PARSING | Configuration is broken |
| 13 | E_DISK | Not enough disk space to complete the action |
| 14 | E_LA | Server is to busy to complete the action |
| 15 | E_CONNECT | Connection failed. Host is unreachable |
| 16 | E_FTP | FTP server is not responding |
| 17 | E_DB | Database server is not responding |
| 18 | E_RDD | RRDtool failed to update the database |
| 19 | E_UPDATE | Update operation failed |
| 20 | E_RESTART | Service restart failed |

98
docs/docs/server-administration/ssl-certificates.md Normal file
View File

@@ -0,0 +1,98 @@
# SSL Certificates
## How to setup Lets Encrypt for the control panel
Make sure the hostname of the server is pointed to the servers IP address and that you set the hostname correctly.
Running the following commands will change the hostname and generate a Lets Encrypt certificate for the control panel:
```bash
v-change-sys-hostname host.domain.tld
v-add-letsencrypt-host
```
## Common errors using Lets Encrypt
::: info
Due to changes in the code, the error message has been changed. The following list will be extended in the future.
:::
| Error | Message |
| ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
| `rateLimited` | The rate limit of the maximum requests have been passed. Please check [https://crt.sh](https://crt.sh) to see how many active certificates you have. |
### Lets Encrypt validation status 400
When requesting an SSL certificate, you may encounter the following error:
```bash
Error: Lets Encrypt validation status 400. Details: Unable to update challenge :: authorisation must be pending
```
This could mean multiple things:
1. Cloudflares proxy is enabled and the **SSL/TLS** setting is set to **Full (strict)**.
2. Nginx or Apache is not reloading correctly.
3. IPv6 is setup. Disable IPv6 in DNS.
4. There is an issue with a template.
In the future we hope to improve debugging, but currently the easiest way to debug this issue is to navigate to `/var/log/hestia/` and inspect the desired log file (`LE-{user}-{domain}.log`), which should appear after requesting a certificate.
Find **Step 5**, where you will see something similar to the following:
```bash
==[Step 5]==
- status: 200
- nonce: 0004EDQMty6_ZOb1BdRQSc-debiHXGXaXbZuyySFU2xoogk
- validation: pending
- details:
- answer: HTTP/2 200
server: nginx
date: Wed, 21 Apr 2021 22:32:16 GMT
content-type: application/json
content-length: 186
boulder-requester: 80260362
cache-control: public, max-age=0, no-cache
link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
link: <https://acme-v02.api.letsencrypt.org/acme/authz-v3/12520447717>;rel="up"
location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/12520447717/scDRXA
replay-nonce: 0004EDQMty6_ZOb1BdRQSc-debiHXGXaXbZuyySFU2xoogk
x-frame-options: DENY
strict-transport-security: max-age=604800
{
"type": "http-01",
"status": "pending",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/12520447717/scDRXA",
"token": "9yriok5bpLtV__m-rZ8f2tQmrfeQli0tCxSj4iNkv2Y"
}
```
By following the URL in the JSON response, you will get more info about what went wrong.
### Other tips for debugging Lets Encrypt
Try to use [Lets Debug](https://letsdebug.net):
1. Enter your domain name.
2. Make sure HTTP-01 is selected
3. Run the test
Once the test is completed, it will show an error or a success message, containing more information.
## Can I enable Cloudflares proxy with Lets Encrypt?
Yes, you are able to use Lets Encrypt certificates with Cloudflares proxy, however you need to follow some special steps:
1. Disable Cloudflares proxy for the desired domain.
2. Wait at least 5 minutes, for DNS caches to expire.
3. Request the certificate via the control panel or use the CLI command.
4. Reenable the proxy.
5. In the **SSL/TLS** tab, switch over to **Full (strict)**.
## Can I use a Cloudflare Origin CA SSL Certificate?
1. Create an Origin CA certificate by [following these steps](https://developers.cloudflare.com/ssl/origin-configuration/origin-ca#1-create-an-origin-ca-certificate).
2. Once generated, enter your SSL keys in the **Edit Web Domain** page.
3. In the **SSL Certificate Authority / Intermediate** box, enter [this certificate](https://developers.cloudflare.com/ssl/static/origin_ca_rsa_root.pem).
4. In Cloudflares **SSL/TLS** tab, switch over to **Full (strict)**.

124
docs/docs/server-administration/troubleshooting.md Normal file
View File

@@ -0,0 +1,124 @@
# Troubleshooting
## Command not found when I try to run a v-command as root
Add to /root/.bashrc the following code:
```bash
if [ "${PATH#*/usr/local/hestia/bin*}" = "$PATH" ]; then
. /etc/profile.d/hestia.sh
fi
```
And logout and login again.
After that you are able to run any v-command you want.
## Disabling “Use IP address allow list for login attempts” via command line
With the introduction of Hestia v1.4.0 we have added certain security features, including the possibility to limit login to certain IP addresses. If your IP address changes, you will not able to login anymore. To disable this feature, run the following commands:
```bash
# Disable the feature
v-change-user-config-value admin LOGIN_USE_IPLIST 'no'
# Remove listed IP addresses
v-change-user-config-value admin LOGIN_ALLOW_IPS ''
```
## Can I update my cronjobs via `crontab -e`?
No, you cannot. When you update HestiaCP, the crontab will simply get overwritten. The changes will not get saved in backups either.
## After update Apache2 I am not able to restart Apache2 or Nginx
The error message states (98) Address already in use: AG0072: make_sock: could not bind to address 0.0.0.0:80
When a package update sometimes comes with a new config and probally it has been overwritten...
```bash
Configuration file '/etc/apache2/apache2.conf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** apache2.conf (Y/I/N/O/D/Z) [default=N] ?
```
If you see this message **ALWAYS** press "N" or **ENTER** to select the default value!
How ever if you entered Y or I. Then replace the config that can be found in /root/hst_backups/xxxxx/conf/apache2/ folder and copy over apache2.conf and ports.conf to /etc/apache2/ folder
xxxxxx is the date/time the backup is made during the last update of HestiaCP
If you don't have have a backup made you can also copy the config in /usr/local/hestia/install/deb/apache2/apache2.conf to /etc/apache2.conf and also empty /etc/apache2/ports.conf
## Unable to bind adress
In rare cases the network service might be slower than Apache2 and or Nginx. In that case Nginx or Apache2 will refuse to start up successfully start.
```bash
systemctl status nginx
```
Will create the error an error
```bash
nginx: [emerg] bind to x.x.x.x:80 failed (99: cannot assign requested address)
```
or in case of Aapche2
```bash
(99)Cannot assign requested address: AH00072: make_sock: could not bind to address x.x.x.x:8443
```
The following command should allow services to assign to non existing ip addresses
```bash
sysctl -w net.ipv4.ip_nonlocal_bind=1
```
## Error: 24: Too many open files
```bash
2022/02/21 15:04:38 [emerg] 51772#51772: open() "/var/log/apache2/domains/<redactedforprivacy>.error.log" failed (24: Too many open files)
```
or
```bash
2022/02/21 15:04:38 [emerg] 2724394#2724394: open() "/var/log/nginx/domains/xxx.error.log" failed (24: Too many open files)
```
This error means that there are to many open files with Nginx. To resolve this issue:
/etc/systemd/system/nginx.service.d/override.conf
```bash
[Service]
LimitNOFILE=65536
```
Then run:
```bash
systemctl daemon-reload
```
Add this to the Nginx config file (Needs to be smaller or equal to LimitNOFILE!)
```bash
worker_rlimit_nofile 16384
```
And then restart nginx with systemctl restart nginx
To verifiy run:
```bash
cat /proc/ < nginx-pid > /limits
```

161
docs/docs/server-administration/web-templates.md Normal file
View File

@@ -0,0 +1,161 @@
# Web Templates and FastCGI/Proxy Cache
## How do web templates work?
::: warning
Modifying templates could cause errors on the server and may cause some services to not be able to reload or start.
:::
Every time you rebuild the user or domain, the config files of the domain are overwritten by the new templates.
This happens when:
- HestiaCP is updated.
- The admin initiates it.
- The user modifies settings.
The templates can be found in `/usr/local/hestia/data/templates/web/`.
| Service | Location |
| ----------------------- | ----------------------------------------------------- |
| Nginx (Proxy) | /usr/local/hestia/data/templates/web/nginx/ |
| Nginx - PHP FPM | /usr/local/hestia/data/templates/web/nginx/php-fpm/ |
| Apache2 (Legacy/modphp) | /usr/local/hestia/data/templates/web/apache2/ |
| Apache2 - PHP FPM | /usr/local/hestia/data/templates/web/apache2/php-fpm/ |
| PHP-FPM | /usr/local/hestia/data/templates/web/php-fpm/ |
::: warning
Avoid modifying default templates as they are overwritten by updates. To prevent that, copy them instead:
```bash
cp original.tpl new.tpl
cp original.stpl new.stpl
cp original.sh new.sh
```
:::
When you are done editing your template, enable it for the desired domain from the control panel.
After modifying an existing template, you need to rebuild the user configuration. This can be done using the [v-rebuild-user](../reference/cli.md#v-rebuild-user) command or the bulk operation in the web interface..
### Available variables
| Name | Description | Example |
| -------------------- | ----------------------------------------------------- | ------------------------------------------ |
| `%ip%` | IP Address of Server | `123.123.123.123` |
| `%proxy_port%` | Port of Proxy | `80` |
| `%proxy_port_ssl%` | Port of Proxy (SSL) | `443` |
| `%web_port%` | Port of Webserver | `8080` |
| `%web_ssl_port%` | Port of Webserver (SSL) | `8443` |
| `%domain%` | Domain | `domain.tld` |
| `%domain_idn%` | Domain (Internationalised) | `domain.tld` |
| `%alias_idn%` | Alias Domain (Internationalised) | `alias.domain.tld` |
| `%docroot%` | Document root of domain | `/home/username/web/public_html/` |
| `%sdocroot%` | Private root of domain | `/home/username/web/public_shtml/` |
| `%ssl_pem%` | Location of SSL Certificate | `/usr/local/hestia/data/user/username/ssl` |
| `%ssl_key%` | Location of SSL Key | `/usr/local/hestia/data/user/username/ssl` |
| `%web_system%` | Software used as web server | `Nginx` |
| `%home%` | Default home directory | `/home` |
| `%user%` | Username of current user | `username` |
| `%backend_lsnr%` | Your default FPM Server | `proxy:fcgi://127.0.0.1:9000` |
| `%proxy_extentions%` | Extensions that should be handled by the proxy server | A list of extensions |
::: tip
`%sdocroot%` can also be set to `%docroot%` with settings
:::
## How can I change settings for a specific domain
With the switch to PHP-FPM there are currently 2 different ways:
1. Using `.user.ini` in the home directory `/home/user/web/domain.tld/public_html`.
2. Via the PHP-FPM pool config.
Config templates for the PHP pool can be found in `/usr/local/hestia/data/templates/web/php-fpm/`.
::: warning
Due to the fact we use multi PHP we need to recognise the PHP version to be used. Therefore we use the following naming scheme: `YOURNAME-PHP-X_Y.tpl`, where X_Y is your PHP version.
For example a PHP 8.1 template would be `YOURNAME-PHP-8_1.tpl`.
:::
## Installing PHP modules
```bash
apt install php-package-name
```
For example, the following command will install `php-memcached` and `php-redis`, including the required additional packages for PHP.
```bash
apt install php-memcached php-redis
```
## Nginx FastCGI Cache
::: tip
FastCGI only applies for Nginx + PHP-FPM servers. If you use Nginx + Apache2 + PHP-FPM, this will not apply to you!
:::
FastCGI cache is an option within Nginx allowing to cache the output of FastCGI (in this case PHP). It will temporarily create a file with the contents of the output. If another user requests the same page, Nginx will check if the age of the cached file is still valid and if it is, then it will send the cached file to the user, instead of requesting it to FastCGI.
FastCGI cache works best for sites get a lot of request and where the pages dont change that often, for example a news site. For more dynamic sites, changes might be required to the configuration or it might require totally disabling it.
### Why does software package x and y not work with FastCGI cache
As we have over 20 different templates and we dont use them all, we have decided to stop releasing new ones the future and hope the community helps improving the templates by [submitting a Pull Request](https://github.com/hestiacp/hestiacp/pulls).
If you want to add support to a certain template, follow the instructions below.
### How do I enable FastCGI cache for my custom template
Locate the block where you call `fastcgi_pass`:
```bash
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $uri =404;
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
```
Add the following lines under `include /etc/nginx/fastcgi_params;`:
```bash
include %home%/%user%/conf/web/%domain%/nginx.fastcgi_cache.conf*;
if ($request_uri ~* "/path/with/exceptions/regex/whatever") {
set $no_cache 1;
}
```
### How can I clear the cache?
When FastCGI cache is enabled a **<i class="fas fa-fw fa-trash"></i> Purge Nginx Cache** button is added to the web domains **Edit** page. You can also use the API, or the following command:
```bash
v-purge-nginx-cache user domain.tld
```
### Why dont I have the option to use FastCGI cache
FastCGI cache is an option for Nginx mode only. If you are using Nginx + Apache2, you can select the proxy caching template and proxy cache will be enabled. It is functionally almost the same. In fact, the proxy caching will also work if you use a Docker image or a Node.js app.
To write custom caching templates, use the following naming scheme:
`caching-yourname.tpl`, `caching-yourname.stpl` and `caching-yourname.sh`
### Does Hestia support Web socket support
Yes, Hestia works fine with Web sockets how ever our default templates include on default:
```bash
proxy_hide_header Upgrade
```
This resolved an issue with Safari from loading websites.
To allow the use of Web sockets remove this line. Other wise Web sockets will not work

100
docs/docs/user-guide/account.md Normal file
View File

@@ -0,0 +1,100 @@
# Account
To access your account settings, click the <i class="fas fa-lg fa-fw fa-user-circle"><span class="visually-hidden">user</span></i> button in the top right.
## Security
### Password
The password requirements are as follows:
- At least 8 characters, 14 or more are recommended.
- At least 1 number.
- At least 1 capital letter and 1 lowercase letter.
If you want to generate a secure password, you can use [1Passwords generator](https://1password.com/password-generator/).
### Two-factor authentication (2FA)
1. In your account settings, check the box labeled **Enable two-factor authentication**.
2. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
3. Scan the QR code using an authentication app.
4. Save your **Account Recovery Code** somewhere safe, in case you lose access to your authenticator.
::: details Need a 2FA app?
If you do not have an authenticator app, here are a couple of recommendations.
- iCloud Keychain [Windows](https://9to5mac.com/2022/07/25/icloud-passwords-windows-2fa-code/), [macOS](https://9to5mac.com/2021/11/16/use-safari-password-manager-and-2fa-autofill/), [iOS](https://9to5mac.com/2022/03/07/use-ios-15-2fa-code-generator-plus-autofill-iphone/)
- [Tofu Authenticator](https://www.tofuauth.com/) Open-source, iOS only
- [Aegis Authenticator](https://getaegis.app/) Open-source, Android only
- [Raivo OTP](https://github.com/raivo-otp/) Open-source, iOS and macOS only
- [Google Authenticator](https://googleauthenticator.net/)
- [Microsoft Authenticator](https://www.microsoft.com/en-ca/security/mobile-authenticator-app)
- [Authy](https://authy.com/) Free, has a cloud sync feature
- [1Password](https://1password.com/) Paid password manager
- [Bitwarden](https://bitwarden.com/) Password manager. 2FA in premium plan only
:::
### Login restrictions
Hestia has the following options to help you secure your account:
- Disable login into the account.
- Whitelist your IP address to login into your account.
### Security logs
The security logs contain various information, such as: changes to web domains, API access, backup creation, etc. Click the **<i class="fas fa-fw fa-history"></i> Logs** button to view them.
### Login history
On the security logs page, click the **<i class="fas fa-fw fa-binoculars"></i> Login history** button to see the login history. The history contains the time of login, IP address, and user agent of the browser that was used.
## SSH keys
Click the **<i class="fas fa-fw fa-key"></i> Manage SSH keys** button to view the installed keys.
### Adding an SSH key
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add SSH key** button.
2. Copy your public key in the text area.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
### Deleting an SSH key
1. Hover over the SSH key you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the SSH ID.
::: details Need to generate a key?
If you do not have an SSH key, here are a couple of ways to generate one.
- For Windows: [Putty](https://www.ssh.com/academy/ssh/putty/windows/puttygen#running-puttygen).
- For macOS and Linux use `ssh-keygen`.
You can also use an app to manage them:
- [1Password](https://developer.1password.com/docs/ssh/manage-keys/)
- [Termius](https://www.termius.com/)
:::
## API access keys
::: info
This option is disabled by default for standard users. An administrator needs to enable it in the server settings.
:::
Click the **<i class="fas fa-fw fa-key"></i> Access Keys** button to view the access keys. Access keys are used for the API to autenticate instead of using the username and password.
### Creating an access key
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add Access key** button.
2. Select the permission sets you want to enable.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
4. Copy the access key and the secret key. Make sure to save the secret key somewhere safe as it **cannot** be viewed once the page is closed.
### Deleting an access key
1. Hover over the access key you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the access key.

81
docs/docs/user-guide/backups.md Normal file
View File

@@ -0,0 +1,81 @@
# Backups
To manage your backups, navigate to the **Backups <i class="fas fa-fw fa-file-archive"></i>** tab.
## Manually creating a backup
Click the **<i class="fas fa-fw fa-plus-circle"></i> Create backup** button.
A popup will be shown with the following message:
**Task has been added to the queue. You will receive an email notification when your backup is ready for download.**
## Downloading a backup
1. Hover over the backup you want to download.
2. Click the <i class="fas fa-fw fa-file-download"><span class="visually-hidden">Download</span></i> icon on the right of the backups filename.
If the backup is stored on a remote server, the file is downloaded to the server and you will get notified by email when the download is available.
## Restoring a backup
1. Hover over the backup you want to restore.
2. Click the backups filename or the <i class="fas fa-fw fa-undo"><span class="visually-hidden">Restore</span></i> icon on the right of the backups filename.
3. Restore the backup in one of the following ways:
1. You can restore the whole backup by clicking the **<i class="fas fa-fw fa-undo"></i> Restore backup** button on the top right.
2. Restore multiple parts of the backup, by selecting them, then selecting **Restore** in the **Apply to selected** menu in the top right and clicking on the <i class="fas fa-fw fa-arrow-right"><span class="visually-hidden">Apply</span></i> button.
3. Restore one part of the backup by hovering over it and clicking the <i class="fas fa-fw fa-undo"><span class="visually-hidden">Restore</span></i> icon on the right.
## Deleting a backup
1. Hover over the backup you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the backups filename.
## Excluding components from backups
1. Click the **<i class="fas fa-fw fa-folder-minus"></i> Backup Exclusion** button.
2. Click the **<i class="fas fa-fw fa-pencil-alt"></i> Edit backup exclusions** button.
### Excluding a web domain
In the box labeled **Web Domains**, enter each domain you want to exclude, one per line.
To exclude a specific folder from a domain use the following syntax:
```bash
domain.tld:public_html/wp-content/uploads:public_html/cache
```
This will excude both `public_html/wp-content/uploads/` and `public_html/cache/` from that domain.
To exclude all domains, use `*`.
### Excluding a mail domain
In the box labeled **Mail Domains**, enter each domain you want to exclude, one per line.
To exclude only one or multiple mail account use the following syntax:
```bash
domain.tld:info:support
```
This will excude both `info@domain.tld` and `support@domain.tld`.
To exclude all domains, use `*`.
### Excluding a database
In the box labeled **Databases**, enter the name of each database you want to exclude, one per line.
To exclude all databases, use `*`.
### Excluding a user directory
In the box labeled **User Directories**, enter the name of each directory you want to exclude, one per line.
To exclude all directories, use `*`.
## Editing the number of backups
To edit the number of backups, please read the [Packages](../user-guide/packages.md) and [Users](../user-guide/users.md) documentation. You will need to create or edit a package, and assign it to the desired user.

30
docs/docs/user-guide/cron-jobs.md Normal file
View File

@@ -0,0 +1,30 @@
# Cron Jobs
To manage your cron jobs, navigate to the **Cron <i class="fas fa-fw fa-clock"></i>** tab.
## Toggling cron job notifications
1. To turn them off click the **<i class="fas fa-fw fa-toggle-off"></i> Turn off notifications** button.
2. To turn them back on click the **<i class="fas fa-fw fa-toggle-off"></i> Turn on notifications** button.
## Adding a cron job
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add job** button.
2. Enter the command you want to execute.
3. Enter the schedule on which you want to execute the command. You can use the generator to help you, or a tool such as [Crontab.guru](https://crontab.guru/).
## Editing a cron job
1. Hover over the job you want to edit.
2. Click the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon on the right of the jobs command.
## Suspending a cron job
1. Hover over the job you want to suspend.
2. Click the <i class="fas fa-fw fa-pause"><span class="visually-hidden">suspend</span></i> icon on the right of the jobs command.
3. To unsuspend it, click the <i class="fas fa-fw fa-play"><span class="visually-hidden">unsuspend</span></i> icon on the right of the jobs command.
## Deleting a cron job
1. Hover over the job you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the jobs command.

34
docs/docs/user-guide/databases.md Normal file
View File

@@ -0,0 +1,34 @@
# Databases
To manage your databases, navigate to the **DB <i class="fas fa-fw fa-database"></i>** tab.
## Adding a database
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add Database** button.
2. Fill out the fields. The name and username will be prefixed with `user_`.
3. Optionally, provide an email address where the login details will be sent.
4. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
Under **Advanced Options**, you are able to select the host (`localhost` by default) and charset (`utf8` by default).
## Editing a database
1. Hover over the database you want to edit.
2. Click the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon on the right of the databases name. If you dont want to change the password, keep the password field empty.
## Accessing a database
By default, **phpMyAdmin** and **phpPgAdmin** are accessible at `https://hostname.domain.tld/phpmyadmin` and `https://hostname.domain.tld/phppgadmin` respectively. You can also click the **<i class="fas fa-fw fa-database"></i> phpMyAdmin** and **<i class="fas fa-fw fa-database"></i> phpPgAdmin** buttons in the **DB <i class="fas fa-fw fa-database"></i>** tab.
For MySQL databases, if **phpMyAdmin Single Sign On** is enabled, hovering a database will show an <i class="fas fa-fw fa-sign-in-alt"><span class="visually-hidden">phpMyAdmin</span></i> icon. Click it to login to **phpMyAdmin** directly.
## Suspending a database
1. Hover over the database you want to suspend.
2. Click the <i class="fas fa-fw fa-pause"><span class="visually-hidden">suspend</span></i> icon on the right of the databases name.
3. To unsuspend it, click the <i class="fas fa-fw fa-play"><span class="visually-hidden">unsuspend</span></i> icon on the right of the databases name.
## Deleting a database
1. Hover over the database you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the databases name. Both the database user and the database will get deleted.

125
docs/docs/user-guide/dns.md Normal file
View File

@@ -0,0 +1,125 @@
# DNS
To manage your DNS zones and records, navigate to the **DNS <i class="fas fa-fw fa-atlas"></i>** tab.
## Adding a DNS zone
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add DNS Zone** button.
2. Enter the domain name in the **Domain** field.
- Choose the appropriate template for the zone.
- If the domain requires different name servers, change them in the **Advanced Options** section.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Editing a DNS zone
1. Hover over the zone you want to edit.
2. Click the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon on the right of the zones domain.
3. Make the desired changes.
4. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Viewing DNSSEC public keys
1. Hover over the zone whose DNSSEC keys you want to see.
2. Click the <i class="fas fa-fw fa-key"><span class="visually-hidden">DNSSEC</span></i> icon on the right of the zones domain.
## Suspending a DNS zone
1. Hover over the zone you want to suspend.
2. Click the <i class="fas fa-fw fa-pause"><span class="visually-hidden">suspend</span></i> icon on the right of the zones domain.
3. To unsuspend it, click the <i class="fas fa-fw fa-play"><span class="visually-hidden">unsuspend</span></i> icon on the right of the zones domain.
## Deleting a DNS zone
1. Hover over the zone you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the zones domain.
## DNS zone configuration
### IP address
IP address that should be used for the root domain.
### Template
- **default**: Standard DNS template. Suitable for most usecases.
- **default-nomail**: Standard DNS template. Suitable for most usecases when you dont want to host mail on Hestia.
- **gmail**: When your email provider is Google Workspace.
- **office365**: When your email provider is Microsoft 365 (Exchange).
- **zoho**: When your email provider is Zoho.
- **child-ns**: When you are going to use the domain as a name server.
### Expiration date
This date is not used by Hestia, but can be used as a reminder.
### SOA
A Start of Authority (SOA) record includes administrative information about your zone, as defined by the domain name system (DNS).
### TTL
Adjust the default time-to-live. A shorter TTL means faster changes, but results in more requests to the server. If you are going to change the IP, it might be helpful to decrease it to 300 seconds (5 min).
### DNSSEC
Enable DNSSEC to improve security. However, this setting requires some changes to at your domain registrar before it is active. For more information, see the [DNS cluster](../server-administration/dns.md) documentation.
## Adding a DNS record to a zone
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add Record** button.
2. Fill out the fields.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Editing a DNS record
1. Click the recordor the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon that appears on hover.
2. Make the desired changes.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Suspending a DNS record
1. Hover over the record you want to suspend.
2. Click the <i class="fas fa-fw fa-pause"><span class="visually-hidden">suspend</span></i> icon on the right of the records domain.
3. To unsuspend it, click the <i class="fas fa-fw fa-play"><span class="visually-hidden">unsuspend</span></i> icon on the right of the records domain.
## Deleting a DNS record
1. Hover over the record you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the records domain.
## DNS record configuration
### Record
The record name. `record`.domain.tld. Use `@` for root.
### Type
The following record types are supported:
- A
- AAAA
- CAA
- CNAME
- DNSKEY
- IPSECKEY
- KEY
- MX
- NS
- PTR
- SPF
- SRV
- TLSA
- TXT
### IP or value
IP or value of the record you want to use.
### Priority
Priority of the record. Only used for MX records
### TTL
Adjust the default time-to-live. A shorter TTL means faster changes, but results in more requests to the server. If you are going to change the IP, it might be helpful to decrease it to 300 seconds (5 min).

5
docs/docs/user-guide/file-manager.md Normal file
View File

@@ -0,0 +1,5 @@
# File Manager
To access the file manager, click the **<i class="fas fa-fw fa-folder-open"></i> Files** button in the top left.
The file manager Hestia uses is called FileGator. You can find more information about it on [their website](https://filegator.io/).

156
docs/docs/user-guide/mail-domains.md Normal file
View File

@@ -0,0 +1,156 @@
# Mail Domains
To manage your mail domains, navigate to the **Mail <i class="fas fa-fw fa-mail-bulk"></i>** tab.
## Adding a mail domain
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add Mail domain** button.
2. Enter your domain name.
3. Select the options you want to use.
4. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Editing a mail domain
1. Hover over the domain you want to edit.
2. Click the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon on the right of the mail domain.
3. Edit the fields.
4. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Suspending a web domain
1. Hover over the domain you want to suspend.
2. Click the <i class="fas fa-fw fa-pause"><span class="visually-hidden">suspend</span></i> icon on the right of the mail domain.
3. To unsuspend it, click the <i class="fas fa-fw fa-play"><span class="visually-hidden">unsuspend</span></i> icon on the right of the mail domain.
## Deleting a web domain
1. Hover over the domain you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the mail domain. Both the mail domain and **all** the mail accounts will get deleted.
## Mail domain configuration
### Webmail client
We currently support Roundcube, Rainloop and SnappyMail (optional install). You can also disable webmail access.
### Catch all email
This email address will receive all emails for this domain that are sent to users that dont exist.
### Rate limit
::: info
This option is only available for the admin user.
:::
Set the limit for the amount of emails an account can send per hour.
### Spam filter
::: info
This option is not always available.
:::
Enable Spam Assassin for this domain.
### Antivirus
::: info
This option is not always available
:::
Enable ClamAV for this domain.
### DKIM
Enable DKIM for this domain.
### SSL
1. Check the **Enable SSL for this domain** box.
2. Check the **Use Lets Encrypt to obtain SSL certificate** box to use Lets Encrypt.
3. Depending on your requirements, you can enable **Enable automatic HTTPS redirection** or **Enable HTTP Strict Transport Security (HSTS)**.
4. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
If you want to use your own SSL certificate you can enter the SSL certificate in the text area.
If you are having issues with enabling Lets Encrypt, please refer to our [SSL certificates](../server-administration/ssl-certificates.md) documentation.
### SMTP relay
This option allows the user to use a different SMTP relay than server defined one or bypass the default Exim route. This can enhance deliverability.
1. Check the **SMTP Relay** box and a form will appear.
2. Enter the information from your SMTP relay provider.
### Get DNS records
If you dont host your DNS in Hestia, but you still want to use its email service, click the <i class="fas fa-atlas"><span class="visually-hidden">DNS</span></i> icon to view the DNS records you need to add to your DNS provider.
### Webmail
By default, the webmail is accessible at `https://webmail.domain.tld` or `https://mail.domain.tld` when SSL is enabled. Otherwise use `http://` instead.
## Adding a mail account to a domain
1. Click the mail domain.
2. Click **<i class="fas fa-fw fa-plus-circle"></i> Add Mail account** button.
3. Enter the account name (without the `@domain.tld` part) and a password.
4. Optionally, supply an email address that will receive the login details.
5. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
If required you can also modify the **Advanced Options**, which are explained below.
On the right side, you can see the methods to access your mail account via SMTP, IMAP and POP3.
## Editing a mail account
1. Hover over the account you want to edit.
2. Click the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon on the right of the mail account.
3. Edit the fields.
4. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Suspending a mail account
1. Hover over the account you want to suspend.
2. Click the <i class="fas fa-fw fa-pause"><span class="visually-hidden">suspend</span></i> icon on the right of the mail account.
3. To unsuspend it, click the <i class="fas fa-fw fa-play"><span class="visually-hidden">unsuspend</span></i> icon on the right of the mail account.
## Deleting a mail account
1. Hover over the account you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the mail account.
## Mail account configuration
### Quota
The maximum space the account is allowed to use. This includes mail, contacts, etc.
### Aliases
Add an alias to redirect mail to the main account. Enter the username only. For example: `alice`.
### Discard all mail
All incoming mail will not get forwarded and will get deleted.
### Do not store forwarded mail
If this option is selected, all forwarded mail will get deleted.
### Auto-Reply
Setup an auto-reply.
### Forward mail
Forward all incoming mail to the entered email address.
::: warning
A lot of spam filters may flag the forwarded mail as spam by default!
:::
### Rate limit
Set the limit for the amount of emails an account can send per hour.

5
docs/docs/user-guide/notifications.md Normal file
View File

@@ -0,0 +1,5 @@
# Notifications
To view your notifications, click the <i class="fas fa-lg fa-fw fa-bell"><span class="visually-hidden">notification</span></i> icon in the top right.
You can dismiss a notification by clicking the small red circle on its right.

124
docs/docs/user-guide/packages.md Normal file
View File

@@ -0,0 +1,124 @@
# Packages
To manage packages, log in as an **administrator** and navigate to the **Users <i class="fas fa-fw fa-users"></i>** tab.
## Adding a new package
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add Package** button.
2. Fill out the form. When clicking on <i class="fas fa-fw fa-infinity"><span class="visually-hidden">unlimited</span></i> icon, the limits will be set to unlimited.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Copying a package
1. Hover over the package you want to copy.
2. Click the <i class="fas fa-fw fa-clone"><span class="visually-hidden">copy</span></i> icon on the right of the package name.
## Editing a package
::: info
The **system** package cant be edited or renamed.
:::
1. Hover over the package you want to edit.
2. Click the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon on the right of the package name.
## Deleting a package
::: info
The **system** package cant be deleted.
:::
1. Hover over the package you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the package name.
## Importing existing packages from a different server
Packages are stored in `/usr/local/hestia/data/packages` as `package-name.pkg`. Simply copy these package files to other servers.
## Package configuration
::: info
Some options may not be available depending on your setup.
:::
### Quota
Total available storage space including the websites, email accounts, databases and the home folder. If you have enabled **File Quotas** during install or in the server settings, this value enforces the quota limit on websites, email accounts and the home folder. Databases are excluded.
### Bandwidth
Allocated bandwidth. Only outgoing traffic over web is accounted for.
Theres currently no methods of auto-suspending available.
### Backups
Maximum number of backups that can be stored.
## Web domains
### Web domains
Maximum number of web domains that can be created.
### Aliases
Maximum number of aliases that can be added per domain.
### Proxy Template
Default proxy template for created domains.
### Web Template
Default web template for created domains.
## DNS
### DNS Template
Default DNS template that get assigned on domain creation.
### DNS Domains
Maximum number of DNS domains that can be created.
### DNS records
Maximum number of DNS records that can be added per domain.
### Name Servers
Default name servers to be used by the user. Up to 8 different name servers can be added.
## Mail
### Mail Domains
Maximum number of mail domains that can be created.
### Mail accounts
Maximum number of mail accounts that can be added per domain.
### Rate limit
Maximum number of emails that accounts can send per hour.
## Databases
Maximum number of databases that can be created.
## System
### Cron jobs
Maximum number of cron jobs that can be created.
### Shell access
Select the shell that will be shown to the user when logging in via SSH.
::: warning
When set to `nologin`, SSH access is disabled but SFTP access is still allowed.
:::

16
docs/docs/user-guide/statistics.md Normal file
View File

@@ -0,0 +1,16 @@
# Statistics
To access the statistics, click the **<i class="fas fa-fw fa-chart-line"></i> Statistics** button in the top left.
This page will show the current users statistics, grouped per month. Here are the available statistics:
- Bandwidth usage
- Assigned IP addresses
- Disk usage, split by component
- Number of web domains and aliases
- Number of domains using SSL
- Number of DNS zones and records
- Number of mail domains and accounts
- Number of databases
- Number of cron jobs
- Number of backups

72
docs/docs/user-guide/users.md Normal file
View File

@@ -0,0 +1,72 @@
# Users
To manage users, log in as an **administrator** and navigate to the **Users <i class="fas fa-fw fa-users"></i>** tab.
## Adding a user
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add User** button.
2. Fill out the fields.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Impersonating a user
1. Hover over the user you want to login as.
2. Click the <i class="fas fa-fw fa-sign-in-alt"><span class="visually-hidden">login as</span></i> icon on the right of the users name and email.
3. You are now logged in as the user. As such, any action you perform will be done as this user.
## Editing a user
The settings specified below are only available to administrators. For the regular settings, you can refer to the [Account Management](../user-guide/account.md) documentation.
To edit a user you can either impersonate them and click the <i class="fas fa-lg fa-fw fa-user-circle"><span class="visually-hidden">user</span></i> icon in the top right, or follow these steps:
1. Hover over the user you want to edit.
2. Click the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon on the right of the users name and email.
## Suspending a user
1. Hover over the user you want to suspend.
2. Click the <i class="fas fa-fw fa-pause"><span class="visually-hidden">suspend</span></i> icon on the right of the users name and email.
## Deleting a user
1. Hover over the user you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete</span></i> icon on the right of the users name and email.
## User configuration
### Disabling control panel access
To remove Control Panel access from a user, check the box labelled: **Do not allow user to log in to Control Panel**.
### Changing role
To change a users role change the **Role** value from the dropdown.
::: warning
Assigning the **Administrator** role to a user will enable them to see and edit other users. They will not be able to edit the **admin** user, but will be able to see them, unless disabled in the server settings.
:::
### Changing package
To change a users package, change the **Package** value from the dropdown.
### Changing SSH access
To change a users SSH access, click the **Advanced Options** button, then change the **SSH Access** value from the dropdown.
::: warning
Using the **nologin** shell will _not_ disable SFTP access.
:::
### Changing PHP CLI version
To change a users PHP CLI version, click the **Advanced Options** button, then change the **PHP CLI Version** value from the dropdown.
### Changing default name servers
To change a users default name servers, click the **Advanced Options** button, then edit the **Default Name Servers** fields.
::: warning
At least 2 default name servers are necessary. This is to provide redundancy, in case one of them fails to answer. In fact, it is suggested that both name servers be on separate servers, for better resilience. If you are the system administrator and would like to set this up, refer to our [DNS Cluster documentation](../server-administration/dns.md#dns-cluster-setup).
:::

129
docs/docs/user-guide/web-domains.md Normal file
View File

@@ -0,0 +1,129 @@
# Web Domains
To manage your web domains, navigate to the **Web <i class="fas fa-fw fa-globe-americas"></i>** tab.
## Adding a web domain
1. Click the **<i class="fas fa-fw fa-plus-circle"></i> Add Web Domain** button.
2. Enter the domain name in the **Domain** field.
- If you wish to manage this domains DNS in Hestia, check the box labeled **Create DNS zone**
- If you wish to enable mail for this domain, check the box labeled **Enable mail for this domain**.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Installing an app
1. Click the domain name or the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon that appears on hover.
2. Click the **<i class="fas fa-fw fa-magic"></i> Quick install App** button in the top right.
3. Select the application you want to install and click the **Setup** button.
4. Fill out the fields. If the app uses a database, you will have the option to auto-create a database or use an existing one.
5. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
::: warning
Depending on the application you chose to install, this can take 30 seconds or longer. Do not reload or close the tab!
:::
## Editing a web domain
1. Click the domain name or the <i class="fas fa-fw fa-pencil-alt"><span class="visually-hidden">edit</span></i> icon that appears on hover.
2. Make your changes. The options are explained below.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
## Viewing access and error logs
1. Hover over the domain whose logs you want to view.
2. Click the <i class="fas fa-fw fa-binoculars"><span class="visually-hidden">logs</span></i> icon.
3. At the top of the page, you have the possibility to download the logs or view the error logs instead.
## Suspending a web domain
1. Hover over the domain you want to suspend.
2. Click the <i class="fas fa-fw fa-pause"><span class="visually-hidden">suspend</span></i> icon on the right of the web domain.
## Deleting a web domain
1. Hover over the domain you want to delete.
2. Click the <i class="fas fa-fw fa-trash"><span class="visually-hidden">delete user</span></i> icon on the right of the web domain. **Both** the web domain and the linked FTP accounts will get deleted.
## Web domain configuration
### Enabling statistics
1. Chose **awstats** in the selection boxed labelled **Web Statistics**.
2. If desired, enter a username and password.
3. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
4. Navigate to `https://domain.tld/vstats/` to view the stats.
### Managing redirections
1. Check the **Enable domain redirection** box.
2. Select the option you want. When selecting **Redirect visitors to a custom domain or web address** you have to option to select the HTTP status code (301 by default).
::: warning
If your domain is an [internationalized domain name (IDN)](https://en.wikipedia.org/wiki/Internationalized_domain_name) containing special characters, even if you select `www.domain.tld` or `domain.tld`, it will convert the domain to [punycode](https://en.wikipedia.org/wiki/Punycode) and select **Redirect visitors to a custom domain or web address**.
:::
### Enabling SSL
1. Check the **Enable SSL for this domain** box.
2. Check the **Use Lets Encrypt to obtain SSL certificate** box to use Lets Encrypt.
3. Depending on your requirements, you can enable **Enable automatic HTTPS redirection** or **Enable HTTP Strict Transport Security (HSTS)**.
4. Click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
If you want to use your own SSL certificate you can enter the SSL certificate in the text area.
If you are having issues with enabling Lets Encrypt, please refer to our [SSL certificates](../server-administration/ssl-certificates.md) documentation.
### Changing PHP version
::: info
This option is not always available. It may be disabled in the server settings. Please contact your server administrator for more information.
:::
1. Select the desired PHP version in the **Backend Template** field.
### Using a different root directory
1. Check the **Custom document root** box.
2. Select the domain name where you want this domain to point.
3. Select the path. For example, `/public/` will link to `/home/user/web/domain.tld/public_html/public/`.
### Additional FTP accounts
1. Check the **Additional FTP accounts** box.
2. Enter a username and a password (or generate one). The username will be prefixed by `user_`.
3. Enter the path the account will be able to access.
4. Optionally, provide an email address where the login details will be sent.
To add another FTP account, click the **Add FTP account** button, then click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
To delete an FTP account, click the **DELETE** link on the right of its name, then click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
To change the password, update the password field, then click the **<i class="fas fa-fw fa-save"></i> Save** button in the top right.
### Proxy templates
::: info
Depending on the server setup, this option may not be available.
:::
- **default**: All purpose template. Suitable for most usecases.
- **caching**: Template with proxy cache enabled. Suitable for mostly static content, for example: blogs or news websites.
- **hosting**: Similar to default.
Any custom templates will also show up here.
::: tip
Any custom templates starting with `caching-` will allow the use of the **<i class="fas fa-fw fa-trash"></i> Purge Nginx Cache** button. Make sure a `.sh` file exists for `caching-my-template` with at least [this content](https://github.com/hestiacp/hestiacp/blob/main/install/deb/templates/web/nginx/caching.sh)
:::
### Web templates
For servers running Apache2 and Nginx, the **default** template will work fine.
For servers running Nginx only, pick the template matching the app name you are going to use.
### Managing Nginx caching
When Nginx caching is enabled (using FastCGI cache or with a caching-enabled template), you can purge the cache via the **<i class="fas fa-fw fa-trash"></i> Purge Nginx Cache** button.
When using Nginx only, you can enable FastCGI caching using the **Enable FastCGI Cache** box. When checked, an option is shown to determine for how long the cache is considered valid.

17
docs/donate.md Normal file
View File

@@ -0,0 +1,17 @@
---
aside: false
lastUpdated: false
---
# Donate to the project
By donating to Hestia, you help maintain server costs, development time, and more!
Here are our official donation platforms:
- [PayPal](https://www.paypal.com/donate/?cmd=_s-xclick&hosted_button_id=ST87LQH2CHGLA)
- Crypto
- Bitcoin: bc1q48jt5wg5jaj8g9zy7c3j03cv57j2m2u5anlutu
- Ethereum: 0xfF3Dd2c889bd0Ff73d8085B84A314FC7c88e5D51
- Binance: bnb1l4ywvw5ejfmsgjdcx8jn5lxj7zsun8ktfu7rh8
- Smart Chain: 0xfF3Dd2c889bd0Ff73d8085B84A314FC7c88e5D51

59
docs/features.md Normal file
View File

@@ -0,0 +1,59 @@
---
layout: page
title: Features
---
<script setup>
import FeaturePageTitle from "./.vitepress/theme/components/FeaturePageTitle.vue";
import FeaturePageSection from "./.vitepress/theme/components/FeaturePageSection.vue";
import FeatureList from "./.vitepress/theme/components/FeatureList.vue";
import { users, webDomains, mail, dns, databases, serverAdmin } from "./_data/features";
</script>
<FeaturePage>
<FeaturePageTitle>
<template #title>Features</template>
</FeaturePageTitle>
<FeaturePageSection image="/images/undraw_two_factor_authentication_namy.svg">
<template #title>Users</template>
<template #lead>Share access to your server with other users and restrict their resources.</template>
<template #list>
<FeatureList :items="users"></FeatureList>
</template>
</FeaturePageSection>
<FeaturePageSection image="/images/undraw_web_developer_re_h7ie.svg">
<template #title>Web domains</template>
<template #lead>Add multiple domains and quickly install apps on them.</template>
<template #list>
<FeatureList :items="webDomains"></FeatureList>
</template>
</FeaturePageSection>
<FeaturePageSection image="/images/undraw_domain_names_re_0uun.svg">
<template #title>DNS</template>
<template #lead>Manage your own DNS server!</template>
<template #list>
<FeatureList :items="dns"></FeatureList>
</template>
</FeaturePageSection>
<FeaturePageSection image="/images/undraw_personal_email_re_4lx7.svg">
<template #title>Mail</template>
<template #lead>Host your own emails, no need to pay a business mail provider!</template>
<template #list>
<FeatureList :items="mail"></FeatureList>
</template>
</FeaturePageSection>
<FeaturePageSection image="/images/undraw_maintenance_re_59vn.svg">
<template #title>Databases</template>
<template #lead>From e-commerce to blogs, databases are always useful and you can choose between MySQL and PostgreSQL.</template>
<template #list>
<FeatureList :items="databases"></FeatureList>
</template>
</FeaturePageSection>
<FeaturePageSection image="/images/undraw_server_status_re_n8ln.svg">
<template #title>Server admin</template>
<template #lead>Ultra-configurable and user-friendly, Hestia is as powerful as you could want.</template>
<template #list>
<FeatureList :items="serverAdmin"></FeatureList>
</template>
</FeaturePageSection>
</FeaturePage>

46
docs/index.md Normal file
View File

@@ -0,0 +1,46 @@
---
layout: home
title: Hestia Control Panel
titleTemplate: Open-source web server control panel.
hero:
name: Hestia Control Panel
text: Open-source web server control panel
tagline: Fast, reliable, open-source. The control panel youve always wanted is just a command away.
image:
src: /logo.svg
alt: Hestia Logo
actions:
- theme: brand
text: Get started
link: /docs/introduction/getting-started
- theme: alt
text: Try the demo
link: https://demo.hestiacp.com:8083/
- theme: alt
text: View on GitHub
link: https://github.com/hestiacp/hestiacp
features:
- icon: 🚀
title: Fast & easy to learn
details: Hestia is made with ease of use in mind. Creating a user or a website is as easy as clicking a button and filling out a couple of fields, while advanced features are easily accessible.
link: /docs/introduction/getting-started
linkText: Documentation
- icon: ❤️
title: Made with love & pride
details: Hestia is open-source software that is built by passionate people from around the world. This means that the code is reviewed by multiple people and that anybody can contribute to it!
link: /team
linkText: See the team
- icon: 🛠️
title: Extendable & powerful
details: Hestia is extendable while being easy to learn. You can build your own themes, web templates, quick install applications and can interact with it using third party software via its API.
link: /docs/contributing/development
linkText: Help develop Hestia
- icon: 🤝
title: Supported by the community
details: Hestia has a great support community - join the forum! To keep the project running, we rely on donations, which can be made via PayPal or cryptocurrency.
link: /donate
linkText: Donate
---

23
docs/install.md Normal file
View File

@@ -0,0 +1,23 @@
---
layout: page
title: Install
---
<script setup>
import InstallPageTitle from "./.vitepress/theme/components/InstallPageTitle.vue";
import InstallOptions from "./.vitepress/theme/components/InstallOptions.vue";
import InstallOptionsSection from "./.vitepress/theme/components/InstallOptionsSection.vue";
import { options } from "./_data/options";
import { languages } from "./_data/languages";
</script>
<InstallPage>
<InstallPageTitle>
<template #title>Install</template>
</InstallPageTitle>
<InstallOptionsSection>
<template #list>
<InstallOptions :items="options" :languages="languages"></InstallOptions>
</template>
</InstallOptionsSection>
</InstallPage>

3
docs/public/_headers Normal file
View File

@@ -0,0 +1,3 @@
/assets/*
cache-control: max-age=31536000
cache-control: immutable

BIN
docs/public/apple-touch-icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 2.7 KiB

BIN
docs/public/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.2 KiB

BIN
docs/public/icon-192.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.8 KiB

BIN
docs/public/icon-512.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

1
docs/public/images/undraw_domain_names_re_0uun.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 6.4 KiB

1
docs/public/images/undraw_maintenance_re_59vn.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 9.0 KiB

1
docs/public/images/undraw_personal_email_re_4lx7.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 7.9 KiB

1
docs/public/images/undraw_server_status_re_n8ln.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 10 KiB

1
docs/public/images/undraw_two_factor_authentication_namy.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 8.3 KiB

1
docs/public/images/undraw_web_developer_re_h7ie.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 7.9 KiB

1
docs/public/logo.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 10 KiB

11
docs/public/site.webmanifest Normal file
View File

@@ -0,0 +1,11 @@
{
"name": "Hestia Control Panel",
"short_name": "Hestia",
"icons": [
{ "src": "/icon-192.png", "sizes": "192x192", "type": "image/png" },
{ "src": "/icon-512.png", "sizes": "512x512", "type": "image/png" }
],
"theme_color": "#b7236a",
"background_color": "#ffffff",
"display": "standalone"
}

BIN
docs/public/webfonts/fa-brands-400.ttf Normal file
View File

Binary file not shown.

BIN
docs/public/webfonts/fa-brands-400.woff2 Normal file
View File

Binary file not shown.

BIN
docs/public/webfonts/fa-solid-900.ttf Normal file
View File

Binary file not shown.

BIN
docs/public/webfonts/fa-solid-900.woff2 Normal file
View File

Binary file not shown.

37
docs/team.md Normal file
View File

@@ -0,0 +1,37 @@
---
layout: page
title: The Team
---
<script setup>
import { VPTeamPage, VPTeamPageTitle, VPTeamPageSection, VPTeamMembers } from "vitepress/theme";
import { projectManagers, teamMembers } from "./_data/team";
</script>
<VPTeamPage>
<VPTeamPageTitle>
<template #title>The Team</template>
<template #lead>
The development of Hestia is guided by an international team, some of whom have chosen to be featured below.
</template>
</VPTeamPageTitle>
<VPTeamPageSection>
<template #title>Project Managers</template>
<template #members>
<VPTeamMembers :members="projectManagers" />
</template>
</VPTeamPageSection>
<VPTeamPageSection>
<template #title>Team Members</template>
<template #members>
<VPTeamMembers :members="teamMembers" />
</template>
</VPTeamPageSection>
<!-- <VPTeamPageSection>
<template #title>Contributors ❤️</template>
<template #members>
<VPTeamMembers size="small" :members="featuredContributors" />
</template>
</VPTeamPageSection> -->
</VPTeamPage>