# Running your own vestacp instance



## wlanboy (Dec 17, 2013)

VestaCP is a free and open source contol panel.

I am running two instances for about three months and have to admit that I do like it more than zpanel.

The basic configuration is solid and the integration of:


Nginx
SSL
SPF and DKIM
AntiSpam / Antivirus
Backups
is really well done.

Installation is done by following two commands:


curl -O http://vestacp.com/pub/vst-install.sh
sudo bash vst-install.sh

Enter a valid email address where the login information is sent to.

The welcome email looks like this:


Congratulations, you have just successfully installed the Vesta Control Panel

You can login in Vesta with following credentials:
username: admin
password: ***************
https://ip-address:8083

We hope that you enjoy your installation of Vesta. Please feel free to contact us anytime if you have any questions.
Thank you.

--
Sincerely yours
vestacp.com team

Things I changed:

1. Add SSL support for mail server:


nano nano /etc/exim4/exim4.conf.template

Uncomment following lines:


# tls_advertise_hosts = *
# tls_certificate = /usr/local/vesta/ssl/certificate.crt
# tls_privatekey = /usr/local/vesta/ssl/certificate.key

You should replace the generated certs with your own.

The SSL certs for web can be entered through the web frontend.

2. Add secondary DNS servers

The dns zone files are located at:


/home/[user]/conf/dns/[domainname].db

If you look to the bind config:


cat /etc/bind/named.conf

Content:


// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local

include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

zone "domain.com" {type master; file "/home/admin/conf/dns/domain.com.db";};


The zone files themselfs are allready defined as master!

So we only have to definde the options:


nano /etc/bind/named.conf.options

And add:


options { 
allow-transfer { [ip-address of slave]; }; 
notify yes;
};

On the secondary dns servers we just have to add the zones to the named.conf:


nano /etc/bind/named.conf

Add:


zone "domain.com" {
type slave;
masters { [ip of vestacp server]; };
file "domain.com.db";
};

Done.

As I said - everything prepared and well performed.

Really enjoying my VerstaCP time.


----------



## nunim (Dec 17, 2013)

wlanboy said:


> ... The SSL certs for web can be entered through the web frontend. ...


How?  Editing default domain?  I haven't figured out how to do this yet for the CP only domains, been too lazy to install my cert through SSH.

Very happy with VestaCP so far, it's been 3x WordPress sites and some random others for me for the last 2 months and it's been working great.  Their UI could use a little bit of polish but they seem to be actively improving things and I've read support for nginx+php-fpm  only is not far off.


----------



## wlanboy (Dec 17, 2013)

nunim said:


> How?  Editing default domain?  I haven't figured out how to do this yet for the CP only domains, been too lazy to install my cert through SSH.


Quite simple.

Select "web" -> "edit" domain and klick on the "SSL" checkbox.

That will popup the SSL boxes:


----------



## drmike (Dec 17, 2013)

You! Rock!

VestaCP is quite slick.

(bows to you)


----------



## jarland (Dec 17, 2013)

nunim said:


> How?  Editing default domain?  I haven't figured out how to do this yet for the CP only domains, been too lazy to install my cert through SSH.
> 
> Very happy with VestaCP so far, it's been 3x WordPress sites and some random others for me for the last 2 months and it's been working great.  Their UI could use a little bit of polish but they seem to be actively improving things and I've read support for nginx+php-fpm  only is not far off.


If you want SSL for the panel itself, you want /usr/local/vesta/nginx/conf/nginx.conf


----------



## nunim (Dec 18, 2013)

jarland said:


> If you want SSL for the panel itself, you want /usr/local/vesta/nginx/conf/nginx.conf


Ah, I figured as much.  I got confused when he said certs for the web, I assumed he meant the panel itself. At least my default domain has SSL now    I'll get around to it eventually, just haven't had much of a need as I'm the only one who sees the panel.


----------



## peterw (Dec 18, 2013)

Thank you for the dns steps. Great panel.


----------



## Joodle (Dec 18, 2013)

Seems like a nice panel. Will try this out as soon as I have a new VPS xd.

Sent from my Samsung Galaxy S4 Mini LTE using Tapatalk


----------



## Shados (Dec 19, 2013)

wlanboy said:


> Quite simple.
> 
> Select "web" -> "edit" domain and klick on the "SSL" checkbox.
> 
> That will popup the SSL boxes:


Really hoping you were using dummy values or a random self-signed cert there...


----------



## rsk (Dec 22, 2013)

Does vesta offer API?


----------



## nunim (Dec 22, 2013)

rsk said:


> Does vesta offer API?


Seems like it : https://forum.vestacp.com/viewtopic.php?f=10&t=3912&p=6691#p6691


----------



## wlanboy (Dec 22, 2013)

Shados said:


> Really hoping you were using dummy values or a random self-signed cert there...


Yup - just a dummy .ml domain with a self signed cert.


----------



## Nikolai (Dec 26, 2013)

Using & studing it on CentOs 6.5. Simple and clear so far. Developement for developers.


----------



## wlanboy (Dec 28, 2013)

VestaCP is now supporting Ubuntu 13.10.


----------



## nehafarzana80 (Jan 5, 2014)

@wlanboy

Thanks for the nice tutorial. I have configured two DNS servers as ns1.mydomain.com, ns2.mydomain.com to other 2 VPSs. I want to use mydomain2.com to use ns1-ns2.mydomain.com too. But, each time I need to change DNS settings to slave servers  ie; [ zone "domain.com" {

type slave;
masters { [ip of vestacp server]; };
file "domain.com.db";
};

Is there any option to automate this process? I mean when I will add an addon domain, slave servers will sync the zone info automatically?

Thanks for your help.


----------



## ndelaespada (Jan 5, 2014)

great howto.. thanks for sharing


----------



## wlanboy (Jan 6, 2014)

nehafarzana80 said:


> @wlanboy
> 
> Thanks for the nice tutorial. I have configured two DNS servers as ns1.mydomain.com, ns2.mydomain.com to other 2 VPSs. I want to use mydomain2.com to use ns1-ns2.mydomain.com too. But, each time I need to change DNS settings to slave servers  ie; [ zone "domain.com" {
> 
> ...


Not an easy one.

You can create a dns-cluster using "/usr/local/vesta/bin/v-add-remote-dns-host".

First you have to create a new user "dns-cluster" to all instances.

Afterwards you have to add the dns hosts on the master:


[email protected]:/usr/local/vesta/bin# ./v-add-remote-dns-host
Error: not enought arguments
Usage: v-add-remote-dns-host HOST PORT USER PASSWORD [TYPE] [DNS_USER]

So e.g.:
./v-add-remote-dns-host ns1.wlanboy.com 8083 admin password
This of course includes that all servers are running VestaCP...

I am using small 64 MB vps for dns slaves - so no chance to install Vesta CP on them.


----------



## jarland (Jan 7, 2014)

wlanboy said:


> I am using small 64 MB vps for dns slaves - so no chance to install Vesta CP on them.


New challenge: To strip Vesta to bare essentials for DNS clustering, in a way that Vesta reads as a slave without problem.


----------



## wlanboy (Jan 7, 2014)

jarland said:


> New challenge: To strip Vesta to bare essentials for DNS clustering, in a way that Vesta reads as a slave without problem.


Would be a nice to have - but all the jobs/crons/auth is based on the database.

So php + Mysql + DNS on 64 MB RAM. Tough goal.


----------



## Reece-DM (Jan 8, 2014)

I will have to say I've been using this for a few weeks myself on various projects, its a nice bit of kit!


----------



## nunim (Jan 8, 2014)

Unrelated to the Vesta discussion, however it's still working rock solid for me, if you're looking to setup a BIND cluster why couldn't you just rsync the changed zone files every 5 minutes?


----------



## wlanboy (Jan 11, 2014)

nehafarzana80 said:


> @wlanboy
> 
> Is there any option to automate this process? I mean when I will add an addon domain, slave servers will sync the zone info automatically?


Not for new domains. Only for existing ones.



nunim said:


> Unrelated to the Vesta discussion, however it's still working rock solid for me, if you're looking to setup a BIND cluster why couldn't you just rsync the changed zone files every 5 minutes?


He can use dns master-slave configuration or your rsync way.

But what he was asking for is a way to tell the slave dns that a new domain was created.


----------



## matt[scrdspd] (Jan 14, 2014)

I have been playing with Vesta lately and I must say that I like it a lot. Very nice panel with a simple clean interface.

How would one go about modifying the domain name for an existing Vesta domain?


----------



## wlanboy (Jan 16, 2014)

matt_securedspeed said:


> How would one go about modifying the domain name for an existing Vesta domain?


Create a new one, remove the old one.

The domain name is a key value for a lot of things.


----------



## fartfacepoopypants (Jan 17, 2014)

I seem to be having trouble with my Vesta Install.  The web end of things works great, but the e-mail is a bit touch and go.  I've got it running on a Crissic VPS (2GB RAM, Ubuntu 12.04.03 x64)

In my exim4 mainlog, I am repeatedly getting an error about  the remote host is the local host: (server.domain.com).

2014-01-17 02:42:27 1W444R-000311-8W <= [email protected] U=root P=local S=29302

2014-01-17 02:42:27 1W444R-000311-8W remote host address is the local host: server.domain.com

2014-01-17 02:42:27 1W444R-000313-DF <= [email protected] U=root P=local S=658

2014-01-17 02:42:27 1W444R-000311-8W == [email protected] R=dnslookup defer (-1): remote host address is the local host

2014-01-17 02:42:27 1W444R-000311-8W Frozen

 

 

I've changed my actual FQDN in that little snippet, but the errors are all the same.  I think cron, or some system process is trying to send out mails, but unfortunately I don't know enough about exim to be able to figure out what to do next.  Anyone here have an idea?


----------



## wlanboy (Jan 17, 2014)

fartfacepoopypants said:


> 2014-01-17 02:42:27 1W444R-000313-DF <= [email protected] U=root P=local S=658
> 2014-01-17 02:42:27 1W444R-000311-8W == [email protected] R=dnslookup defer (-1): remote host address is the local host
> 
> 2014-01-17 02:42:27 1W444R-000311-8W Frozen


Please check your DNS settings.

That is a wrong or missing MX record - check if there is a MX record for server.domain.com - and if it is pointing to the right IP.


----------



## fartfacepoopypants (Jan 17, 2014)

So I setup my FQDN as a web directory in VestaCP, which created the MX records and whatnot, as well as tried to setup a "root" account for that FQDN.

Now I'm getting this in my exim logs, and it's still erroring out:

 

2014-01-17 14:24:11 1W4F1P-0001Q4-OU ** [email protected]: Unrouteable address

2014-01-17 14:24:11 1W4F1X-0001kd-Rj <= <> R=1W4F1P-0001Q4-OU U=Debian-exim P=local S=7648

2014-01-17 14:24:11 1W4F1P-0001Q4-OU Completed

2014-01-17 14:24:11 1W4F1X-0001kd-Rj ** [email protected]: Unrouteable address

2014-01-17 14:24:11 1W4F1X-0001kd-Rj Frozen (delivery error message)


----------



## wlanboy (Jan 17, 2014)

fartfacepoopypants said:


> 2014-01-17 14:24:11 1W4F1P-0001Q4-OU ** [email protected]: Unrouteable address


Are you sure that localhost.localdomain is added to /etc/localdomains?


----------



## fartfacepoopypants (Jan 17, 2014)

/etc/localdomains doesn't exist on my machine.


----------



## wlanboy (Jan 18, 2014)

fartfacepoopypants said:


> /etc/localdomains doesn't exist on my machine.


So now we have to try to debug exim4 to see where it fails...


Please run:


exim -bt -d [email protected] 2>&1

My output is:


>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Testing [email protected]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Considering [email protected]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
routing [email protected]
--------> dnslookup router <--------
local_part=root domain=localhost.localdomain
checking domains
search_open: dsearch "/etc/exim4/domains/"
search_find: file="/etc/exim4/domains/"
key="localhost.localdomain" partial=-1 affix=NULL starflags=0
LRU list:
5/etc/exim4/domains/
End
internal_search_find: file="/etc/exim4/domains/"
type=dsearch key="localhost.localdomain"
file lookup required for localhost.localdomain
in /etc/exim4/domains/
lookup failed
localhost.localdomain in "dsearch;/etc/exim4/domains/"? no (end of list)
localhost.localdomain in "!+local_domains"? yes (end of list)
calling dnslookup router
dnslookup router called for [email protected]
domain = localhost.localdomain
DNS lookup of localhost.localdomain (MX) gave HOST_NOT_FOUND
returning DNS_NOMATCH
dnslookup router declined for [email protected]
"more" is false: skipping remaining routers
no more routers
[email protected] is undeliverable: Unrouteable address


So if we look at /etc/exim4/exim4.conf.template:


domainlist local_domains = dsearch;/etc/exim4/domains/

So look at this dir:


/etc/exim4/domains# ls -al
total 8
drwxr-xr-x 2 root root 4096 Dec 7 16:12 .
drwxr-xr-x 4 root root 4096 Nov 23 04:58 ..
lrwxrwxrwx 1 root root 39 Dec 7 16:12 devboxindallas.ml -> /home/*/conf/mail/devboxindallas.ml

So I added a new mail domain to my VestCP:



And it is running:


2014-01-18 04:01:23 1W4RmN-00005q-Cn => root <[email protected]> R=localuser T=local_delivery
2014-01-18 04:01:23 1W4RmN-00005q-Cn Completed


I know not that perfect solution but at least it is working...

PS:


If you want to remove all frozen mails from the queue just enter:


```
exiqgrep -z -i | xargs exim -Mrm
```


----------



## fartfacepoopypants (Jan 18, 2014)

Thanks!  I'll check to see that this helps move things along.  It seems to (in that the test to [email protected] ran in the terminal didn't panic), but I'll have to check the logs to make sure everything is working right.  Ahh, that's a bit of a load off my mind, thank you so much!


----------



## wlanboy (Jan 24, 2014)

fartfacepoopypants said:


> Ahh, that's a bit of a load off my mind, thank you so much!


Just want to check - everything sorted?


----------



## nehafarzana80 (Jan 29, 2014)

I have just installed VestaCP on my another VPS (my 2nd installation). But, somehow my website is opening when I am entering the VPS IP on my browser (i.e; http://mydomain.com

I didn't have such problem on my other installation. How can I fix this issue?


----------



## peterw (Jan 30, 2014)

nehafarzana80 said:


> I have just installed VestaCP on my another VPS (my 2nd installation). But, somehow my website is opening when I am entering the VPS IP on my browser (i.e; http://mydomain.com I didn't have such problem on my other installation. How can I fix this issue?


Default domain deleted?


----------



## NodeBytes (Feb 1, 2014)

I'm actually thinking about deploying some paid web hosting using Vesta. It's actually really amazing, and stable!


----------



## mehargags (Feb 12, 2015)

Hi,

I have a Server running 2 web domains, I'm facing Mail delivery issues with them, typically php generated mails are either not generating sometimes, and sometimes they are landing in spam on Gmail/Hotmail.

Both hosted domains are _using *Google Apps for incoming mails*_

and this server just shoots out system (PHP) generated email only.

Primaririly I setup my hostaname as "domain1.com" & created local mail domains on VestaCP too. but thought this was leading to some local mail devliery confusions, so I changed my hostname to *"cloud.domain1com*"  while the rDNS record is still pointing as *domain1.com to my IP 168.x.x.xx2*

I'm still not assured if I m doing it alright, and want to be absolutely sure that mails are being delivered properly as these sites do a lot of order processing online.

Kinldy Help me a solution


----------



## mojeda (Feb 19, 2015)

mehargags said:


> Hi,
> 
> I have a Server running 2 web domains, I'm facing Mail delivery issues with them, typically php generated mails are either not generating sometimes, and sometimes they are landing in spam on Gmail/Hotmail.
> 
> ...


Make sure your server is not blacklisted http://mxtoolbox.com/blacklists.aspx

If you're just having the server send email and not receive email then you probably don't want to have mail boxes setup for the domains in Vesta CP.

I'm confused what you mean when you say "php generated mails are either not generating sometimes,"  do you mean to say they aren't being sent at all (or sometimes it doesn't send).

If you're sending php mail using one of the Google apps hosted domains you may need to modify your SPF record on the domain to include your server's IP to make sure the mail doesn't go to spam.


----------



## agentmishra (Oct 19, 2015)

what about ipv6 support...


----------



## wlanboy (Oct 20, 2015)

agentmishra said:


> what about ipv6 support...



If you look at the roadmap of vestacp it is part of the next release.


----------



## DMMediaLtd (Jan 27, 2016)

Vesta is great for people who need a control panel without needing the proprietory versions and is great for lower end containers too


----------

