We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
config files conflict
config files conflict
I'm using Debian
The documentation states that bind config file is here
/home/$user/conf/dns/$domain.db
and it is, but if I edit this file manually to set proper order and TTL values that UI is not supporting
vesta does not recognize it, in fact keeps it's own file that is not listed in documentation
/usr/local/vesta/data/users/$user/dns/$domain.conf
Now if I delete the /usr/local/vesta/data/users/$user/dns/$domain.conf web interface then sees that, and I have 0 records, if I add one the UI is overriding /home/$user/conf/dns/$domain.db
It's hard to edit 2 files and keep them in sync, and again web interface is a little bit too basic
Any advice on manual DNS record editing?
CentOS Web Panel is too heavy, but when I was testing it DNS was working like a charm. Don't get me wrong I want to go with VestaCP but something is not right, I was hoping to grab values created by CWP and add to Vesta installation but the two location approach is to hard to maintain
/home/$user/conf/dns/$domain.db
/usr/local/vesta/data/users/$user/dns/$domain.conf
Please help
The documentation states that bind config file is here
/home/$user/conf/dns/$domain.db
and it is, but if I edit this file manually to set proper order and TTL values that UI is not supporting
vesta does not recognize it, in fact keeps it's own file that is not listed in documentation
/usr/local/vesta/data/users/$user/dns/$domain.conf
Now if I delete the /usr/local/vesta/data/users/$user/dns/$domain.conf web interface then sees that, and I have 0 records, if I add one the UI is overriding /home/$user/conf/dns/$domain.db
It's hard to edit 2 files and keep them in sync, and again web interface is a little bit too basic
Any advice on manual DNS record editing?
CentOS Web Panel is too heavy, but when I was testing it DNS was working like a charm. Don't get me wrong I want to go with VestaCP but something is not right, I was hoping to grab values created by CWP and add to Vesta installation but the two location approach is to hard to maintain
/home/$user/conf/dns/$domain.db
/usr/local/vesta/data/users/$user/dns/$domain.conf
Please help
Re: config files conflict
/home/$user/conf/dns/$domain.db
This one is what BIND uses.
/usr/local/vesta/data/users/$user/dns/$domain.conf
This one is what VestaCP uses (in the admin panel).
You have to update both in order for them to work. What was you trying to do because I have done this before and it worked for me?
This one is what BIND uses.
/usr/local/vesta/data/users/$user/dns/$domain.conf
This one is what VestaCP uses (in the admin panel).
You have to update both in order for them to work. What was you trying to do because I have done this before and it worked for me?
Re: config files conflict
1. What bash command would that be?Here, you simply need to execute a bash command to rebuild DNS for that domain.
2. Would that rebuild update the Vesta specific file? /usr/local/vesta/data/users/$user/dns/$domain.conf
Re: config files conflict
No I don't want to create any connector. The thing is that in all panels except VestaCP DNS works fine, tested CWP, Sentora, IspConfig, some others. VestaCP DNS works only just after installation only one for one domain, once added second domain with "DNS support" the whole thing breaks, and even when deleted 2nd domain, and restarted bind/named DNS does not work and I talk to it directly via nslookup subdomain.domain.com ns1.domain.com
So because it's advised to use TTL 24h for self hosted DNS, I was hoping to go to bind config directly and just modify the file manually, but if added more records Vesta keeps it's own records, would have to update those too (such a pain). Since Vesta user interface does not support setting TTL, going to terminal was natural try.
Now forget CWP, I was just using it as configuration reference for the DNS, since in CWP everything was working including email serwer MX, rDNS, SOA and the like. I don't want to use CWP for 2 reasons must use CentOS (php seems to be slow) prefer ubuntu. The CWP is heavy and 1GHZ 1GB RAM VPS is just consumed by CWP. Vesta is nice overall.
Sentora is another CP that makes sense and works but too immature, no firewall, no TLS for email.
Another reason I want to use VESTA is great Nginx integration/configuration, all the static pass-thru, and Apache for just PHP, it's easy to add NodeJs and Git behind Nginx without affecting Vesta (yet there are some bugs with overlapping or missing Nginx configuration files generated by Vesta, found it after reviewing all of them )
If Vesta could just parse directly /home/$user/conf/dns/$domain.db to the User interface and write back, and not use flat config at /usr/local/vesta/data/users/$user/dns/$domain.conf that would be great
So because it's advised to use TTL 24h for self hosted DNS, I was hoping to go to bind config directly and just modify the file manually, but if added more records Vesta keeps it's own records, would have to update those too (such a pain). Since Vesta user interface does not support setting TTL, going to terminal was natural try.
Now forget CWP, I was just using it as configuration reference for the DNS, since in CWP everything was working including email serwer MX, rDNS, SOA and the like. I don't want to use CWP for 2 reasons must use CentOS (php seems to be slow) prefer ubuntu. The CWP is heavy and 1GHZ 1GB RAM VPS is just consumed by CWP. Vesta is nice overall.
Sentora is another CP that makes sense and works but too immature, no firewall, no TLS for email.
Another reason I want to use VESTA is great Nginx integration/configuration, all the static pass-thru, and Apache for just PHP, it's easy to add NodeJs and Git behind Nginx without affecting Vesta (yet there are some bugs with overlapping or missing Nginx configuration files generated by Vesta, found it after reviewing all of them )
If Vesta could just parse directly /home/$user/conf/dns/$domain.db to the User interface and write back, and not use flat config at /usr/local/vesta/data/users/$user/dns/$domain.conf that would be great
Re: config files conflict
Thank you for your replay and patience.
So I edited vesta flat file /usr/local/vesta/data/users/$user/dns/$domain.conf manually
and run the command v-rebuild-user worked as advised. Reoredered records and bind config was build in order given
---------
Let me explain "yet there are some bugs with overlapping or missing Nginx configuration files generated by Vesta, found it after reviewing all of them"
If you go to /etc/nginx/conf.d/vesta.conf you'll find a line there
So I go view that file and at the very bottom I can find
but there is no nginx.yourdomain.com.conf present at /home/admin/conf/web/
I'm assuming now it's a user configuration place holder that vesta would not touch, and maybe additional configuration could/should be placed there?
Again thanks a lot for help!
So I edited vesta flat file /usr/local/vesta/data/users/$user/dns/$domain.conf manually
and run the command v-rebuild-user worked as advised. Reoredered records and bind config was build in order given
Would be nice if the vesta dns flat file had TTL as well, it may be necessary to have different subdomains set at different TTLHint for newbies like me. The CLI command are located at /usr/local/vesta/bin so must navigate there first or use full path, and execute using bash
so being root user
$: bash /usr/local/vesta/bin/v-rebuild-user $userName
---------
Let me explain "yet there are some bugs with overlapping or missing Nginx configuration files generated by Vesta, found it after reviewing all of them"
If you go to /etc/nginx/conf.d/vesta.conf you'll find a line there
Code: Select all
include /home/admin/conf/web/nginx.conf;
Code: Select all
include /home/admin/conf/web/nginx.yourdomain.com.conf*;
I'm assuming now it's a user configuration place holder that vesta would not touch, and maybe additional configuration could/should be placed there?
Again thanks a lot for help!
Re: config files conflict
I'll go now off topic "config files conflict" should probably a new forum thread, but this is somehow relevant to the whole conversation.
I'm going to put docker container behind nginx (already tested and it works), question
is it safe to put a config file under /etc/nginx/conf.g/ I assume it is since it contain vesta.config
The more I dive in into Vesta details to more it makes sense, but I noticed that Vesta shows fail2ban as running service but when I go to terminal and run service --status-all I see fail2ban not running
Now going back to docker, so I mapped a container (doesn't matter whats inside) to localhost:8066 and exposed via nginx as some.domain.com and it works, but when I go to serverIP:8066 same content is shown, which means now that vesta firewall is not right because it supposed to let only 8083 for vestaCP and 80,443 for web traffic. I'll check if docker is opening any ports, and post back what I found.
The fail2ban issue was noticed before even installing docker. I get lots of brute force from china, but not even one log in fail2ban also confirms something is not right. Any idea?
I'm going to put docker container behind nginx (already tested and it works), question
is it safe to put a config file under /etc/nginx/conf.g/ I assume it is since it contain vesta.config
The more I dive in into Vesta details to more it makes sense, but I noticed that Vesta shows fail2ban as running service but when I go to terminal and run service --status-all I see fail2ban not running
Now going back to docker, so I mapped a container (doesn't matter whats inside) to localhost:8066 and exposed via nginx as some.domain.com and it works, but when I go to serverIP:8066 same content is shown, which means now that vesta firewall is not right because it supposed to let only 8083 for vestaCP and 80,443 for web traffic. I'll check if docker is opening any ports, and post back what I found.
The fail2ban issue was noticed before even installing docker. I get lots of brute force from china, but not even one log in fail2ban also confirms something is not right. Any idea?
Re: config files conflict
Re Firewall: yes docker added own stuff to iptables :(
Is there any vesta CLI command to rebuild firewall according to vesta settings?
Re: Fail2ban: the service is running previously I've stated it's not because I was checking under user with limited access (I don't understand linux why to show not running for one user and running for root :))
Still why no fail2ban logs
Anyhow probably nobody would get that far reading my forum, but in case someone does and wants to run docker with vestaCP this is to read a must https://fralef.me/docker-and-iptables.html
Is there any vesta CLI command to rebuild firewall according to vesta settings?
Re: Fail2ban: the service is running previously I've stated it's not because I was checking under user with limited access (I don't understand linux why to show not running for one user and running for root :))
Still why no fail2ban logs
Anyhow probably nobody would get that far reading my forum, but in case someone does and wants to run docker with vestaCP this is to read a must https://fralef.me/docker-and-iptables.html