Vesta Control Panel - Forum

Community Forum

Skip to content

Advanced search
  • Quick links
    • Main site
    • Github repo
    • Google Search
  • FAQ
  • Login
  • Register
  • Board index Main Section General Discussion
  • Search

Not to change config when updating Lets Encrypt SSL

General questions about VestaCP
Post Reply
  • Print view
Advanced search
4 posts • Page 1 of 1
Messiah
Posts: 74
Joined: Sun Apr 06, 2014 8:47 pm

Not to change config when updating Lets Encrypt SSL
  • Quote

Post by Messiah » Sat Apr 06, 2019 11:32 am

Hi,

I have standart VPS with nginx+apache2.
domain.apache2.ssl.conf is always reset to it's default state when the system perform a scheduled update of SSL certificate (Let's Encrypt).
I have custom php_admin_value open_basedir there and everything stop working every 3 months.
How to prevent VestaCP from changing this config? Everything what is necessary for SSL update is to replace certificate files and restart web server.

Also I don't truely understand why apache2 shuld be configured to use SSL, nginx works as a frontend proxy both for static and for php, so apache2 should not take care of SSL connection process.
Top

mehargags
Support team
Posts: 1096
Joined: Sat Sep 06, 2014 9:58 pm
Contact:
Contact mehargags
Website Skype

Os: Debian 8x
Web: apache + nginx
Re: Not to change config when updating Lets Encrypt SSL
  • Quote

Post by mehargags » Sun Apr 07, 2019 7:03 pm

You need to make your own custom templates and then apply the template to your website. This way your config will remain as per your own template when SSL is renewed.

Make a copy of template from /usr/local/vesta/data/templates/web, rename the 3 files appropriately and customise parameters in them. Isn't that hard if you check it properly.
Top

dreiggy
Posts: 154
Joined: Thu May 17, 2018 8:05 pm
Contact:
Contact dreiggy
Skype

Os: CentOS 6x
Web: apache + nginx
Re: Not to change config when updating Lets Encrypt SSL
  • Quote

Post by dreiggy » Thu Apr 18, 2019 7:36 pm

You can overwrite custom settings to website config include:

Code: Select all

/home/$USER/conf/web/$domain.httpd.conf-custom
/home/$USER/conf/web/$domain.httpd.ssl.conf-custom
Top

Messiah
Posts: 74
Joined: Sun Apr 06, 2014 8:47 pm

Re: Not to change config when updating Lets Encrypt SSL
  • Quote

Post by Messiah » Sat Apr 20, 2019 1:50 pm

Thank you, it works.

One more bug. Clean server, latest VestaCP installed.
Users and websites imported from backups moved from the old server.
Website has Let's Encrypt certificate and it's stated in the website list in the panel.
But, there is no cron to update expiring certificates.

Code: Select all

sudo /usr/local/vesta/bin/v-update-letsencrypt-ssl
To force this cron task to appear you need to remove SSL and activate it again manually at least for 1 domain. Maybe necessary to add it not only when SSL is activated manually, but also when restoring user from backup. IMHO.
Top


Post Reply
  • Print view

4 posts • Page 1 of 1

Return to “General Discussion”



  • Board index
  • All times are UTC
  • Delete all board cookies
  • The team
Powered by phpBB® Forum Software © phpBB Limited
*Original Author: Brad Veryard
*Updated to 3.2 by MannixMD
 

 

Login  •  Register

I forgot my password