Not to change config when updating Lets Encrypt SSL

[Messiah]

Hi,

I have standart VPS with nginx+apache2.
domain.apache2.ssl.conf is always reset to it's default state when the system perform a scheduled update of SSL certificate (Let's Encrypt).
I have custom php_admin_value open_basedir there and everything stop working every 3 months.
How to prevent VestaCP from changing this config? Everything what is necessary for SSL update is to replace certificate files and restart web server.

Also I don't truely understand why apache2 shuld be configured to use SSL, nginx works as a frontend proxy both for static and for php, so apache2 should not take care of SSL connection process.

[mehargags]

You need to make your own custom templates and then apply the template to your website. This way your config will remain as per your own template when SSL is renewed.

Make a copy of template from /usr/local/vesta/data/templates/web, rename the 3 files appropriately and customise parameters in them. Isn't that hard if you check it properly.

[dreiggy]

You can overwrite custom settings to website config include:

Code: Select all

/home/$USER/conf/web/$domain.httpd.conf-custom
/home/$USER/conf/web/$domain.httpd.ssl.conf-custom

[Messiah]

Thank you, it works.

One more bug. Clean server, latest VestaCP installed.
Users and websites imported from backups moved from the old server.
Website has Let's Encrypt certificate and it's stated in the website list in the panel.
But, there is no cron to update expiring certificates.

Code: Select all

sudo /usr/local/vesta/bin/v-update-letsencrypt-ssl

To force this cron task to appear you need to remove SSL and activate it again manually at least for 1 domain. Maybe necessary to add it not only when SSL is activated manually, but also when restoring user from backup. IMHO.