Vesta Control Panel - Forum

Hi:

1. Currently when you create a reseller(i.e. a <user> who can create more than one domains and related services under a package), it creates conf files in /home/<user>/conf/ directory. And if the reseller <user> creates multiple domains, all point to the same web directories.

I meant if a reseller creates.

domainA.tld for customer A
domainB.tld for cutomer B

both point to the domainA.tld, thus disallowing the domainB.tld to customize his/her own site (see 2 below about separation of power).

/home/<RESELLER_USER>/conf# ls web/
apache2.conf nginx.conf snginx.conf ssl.domainA.tld.key ssl.domainB.tld.crt ssl.domainB.tld.pem
awstats.domainA.tld.conf sapache2.conf ssl.domainA.tld.crt ssl.domainA.tld.pem ssl.domainB.tld.key webalizer.domainB.tld.conf

This can be avoided if admin creates a separate users for all domainN.tld, but that is not how it works in real life as the multitenacity is admin>>resellers>>customers.

2. This may also create permission mess to files uploaded to public_html files by those two users as their permissions are not separated. ISPConfig uses a different topology which is worth a suit. They give different ownerships and permissions to each client and domain (clientID and webID), meaning separation of powers among different players (ACL). Else vestacp shall become unmanageable in the long run.

The above (ACL based on resellerID and domainID) is a must for any *nix.

/gtzen

Hi again:

There is a glitch:

1) If admin creates his own site by deleting default.domain (say hosting.tld), all child domains of users defaults to hosting.tld.

2) The webserver configs does not reload on it's own.

3) In order to test, I created a minimal package capable of creating single domain and other minimal utilties. Then created two users subscribing to the minimal package created earlier. Then separate domains are created for each users. And lo and behold, both domains lead to the first domain I created under first user. This is a serious glitch.

It seems like the first domain becomes default pointing to all other domains created whether under admin or other users.

Does it work if you manually restart the apache and nginx? If no then check domain ip address it should match the setup in control panel.

You always need to host the child domain in the Web guide.

Also, if it redirects all pages to the child domain, suspend it and unsuspend, it will gonna work correcly, for me worked so, just give it a try ;)

1. I suspended and unsuspended both domains as admin. After this operation the browser shows "Suspend" in both domains.

2. When I logged in as a user who owns the domain and tried to suspend, it gives "Error Code: 12"

3. Thereafter, I tried to restart the servers and it failed to do so with error:

Syntax error on line 1 of /home/domainB.tld/conf/web/apache2.conf:
The address or port is invalid
Action 'configtest' failed.
The Apache error log may have more information.
failed!

The first line is address listening to port 8080. I guess that is alright as nginx is listening to port 80 as a proxy to apache.

4. Restarting nginx also failed:

nginx: [emerg] no host in ":80" of the "listen" directive in /home/domainB.tld/conf/web/nginx.conf:2
nginx: configuration file /etc/nginx/nginx.conf test failed
Restarting nginx: nginxnginx: [emerg] no host in ":80" of the "listen" directive in /home/domainB.tld/conf/web/nginx.conf:2
nginx: configuration file /etc/nginx/nginx.conf test failed

This does not sound normal.

In any case whatsoever, I do not plan to use vestacp for production until the permission and user domain allocation issues are addressed. Does not sound *nixy to me.

skid wrote:Does it work if you manually restart the apache and nginx? If no then check domain ip address it should match the setup in control panel.

ipaddress matches perfect. Even when I removed the NAT part as I am testing it on a test machine. Yet no go.

However, until the permission issues are not addressed, I do not feel comfortable to go for production, fyi.

skid wrote:Does it work if you manually restart the apache and nginx? If no then check domain ip address it should match the setup in control panel.

Since it is an experimental machine, I removed the NAT from IP section of the admin user. When I try to change the IP of the domainB.tld in the domainB.tld user panel, it reports "Parsting Error".

In the next step, I tried to remove all domains under all users and tried to recreate with the internal IPs, but it statest that deleted "Error: domainB.tld exists". Hmmm.

Eventhough no domains exists, but it shows on top under "WEB" that 1 domain exists under user control panel. See http://i.imgur.com/xF8JG81.png

gtzen wrote:1. I suspended and unsuspended both domains as admin. After this operation the browser shows "Suspend" in both domains.

2. When I logged in as a user who owns the domain and tried to suspend, it gives "Error Code: 12"

3. Thereafter, I tried to restart the servers and it failed to do so with error:

Syntax error on line 1 of /home/domainB.tld/conf/web/apache2.conf:
The address or port is invalid
Action 'configtest' failed.
The Apache error log may have more information.
failed!

The first line is address listening to port 8080. I guess that is alright as nginx is listening to port 80 as a proxy to apache.

4. Restarting nginx also failed:

nginx: [emerg] no host in ":80" of the "listen" directive in /home/domainB.tld/conf/web/nginx.conf:2
nginx: configuration file /etc/nginx/nginx.conf test failed
Restarting nginx: nginxnginx: [emerg] no host in ":80" of the "listen" directive in /home/domainB.tld/conf/web/nginx.conf:2
nginx: configuration file /etc/nginx/nginx.conf test failed

This does not sound normal.

In any case whatsoever, I do not plan to use vestacp for production until the permission and user domain allocation issues are addressed. Does not sound *nixy to me.

no host in ":80" is easily fixed by editing that to: *:80

I had this issue the other day and quicklyt raced it down to port 8080. When I actually looked at the config, I facepalmed because the * not being there in the config was preventing Apache from working, so I imagine this should fix nginx as well.

Eventhough no domains exists, but it shows on top under "WEB" that 1 domain exists under user control panel. See http://i.imgur.com/xF8JG81.png

It looks like counter stalled at some point. You can update user counters on USER page. There is a select box for bulk operations, one of the available actions is to recacl counters.

I did have to manually delete all configs, and rebuild all, recreated all domains.

Still the domains lands at the first domain that was created under any user.