bayrepo/hestiacp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: bayrepo:5610859f17695c319a29e6000b4b5ab06ed385be
Branches Tags
bayrepo:master bayrepo:devel
bayrepo:1.9.5.rpm
..
compare: bayrepo:master
Branches Tags
bayrepo:devel bayrepo:master
bayrepo:1.9.5.rpm

10 Commits
5610859f17 ... master

Author SHA1 Message Date
alexey
27b237a3c7 Added support ansible instead of puppet 2026-03-29 12:21:10 +03:00
alexey
5349d46d71 Fixed resore proxy_fcgi 2026-03-29 11:07:01 +03:00
alexey
75df7a2554 Fixes for php remi 2026-03-28 20:16:08 +03:00
alexey
479a65e0dd Added remi php install fixes 2026-03-28 18:55:38 +03:00
alexey
aae561716c Fixes remi instllation 2026-03-28 18:31:39 +03:00
alexey
8a2ec261f5 Added fixes for non php-fpm installation 2026-03-28 01:29:23 +03:00
alexey
ec4bb73609 Fixed database size usage and disk usage output on the info pages 2026-03-26 22:52:45 +03:00
alexey
e37e8a0d1e Fixed nginx mod_rewrite templates 2026-03-21 23:17:24 +03:00
alexey
f398decba9 Added nginx+mod_rewrite support 2026-03-19 22:46:46 +03:00
Alexey Berezhok
ae8b90d66e Rename default rpm repository 2026-01-16 12:33:14 +03:00
36 changed files with 923 additions and 202 deletions
Expand all files Collapse all files

10
CHANGELOG.md
View File

@@ -2,6 +2,16 @@
All notable changes to this project will be documented in this file.
## [1.9.6.rpm] - Release
- Fix error on all web and mail domains after Apache 2.4.64 update
- Fix error on local php installation and extension activation
- Added templates for nginx mod_rewrite activation
- Added nginx with mod_rewrite
- Fixed database size usage and disk usage output on the info pages
- Fixed installation of panel without PHP-FPM
- Fixed mod_php, fcgid, fcgi mode
## [1.9.5.rpm] - Release
- Added support installation of alternative php not only remi

32
bin/v-add-web-php
View File

@@ -84,10 +84,10 @@ if [ "$LOCAL_PHP" == "yes" ]; then
fi
else
# Packages in Remi repo have names with php$version-php- prefixes
mph="php$version-php-fpm php$version-php-cgi php$version-php-mysqlnd php$version-php-pgsql
php$version-php-pdo php$version-php-common php$version-php-pecl-imagick php$version-php-imap
php$version-php-ldap php$version-php-pecl-apcu php$version-php-pecl-zip php$version-php-cli
php$version-php-opcache php$version-php-xml php$version-php-gd php$version-php-intl
mph="php$version-php-fpm php$version-php-cgi php$version-php-mysqlnd php$version-php-pgsql
php$version-php-pdo php$version-php-common php$version-php-pecl-imagick php$version-php-imap
php$version-php-ldap php$version-php-pecl-apcu php$version-php-pecl-zip php$version-php-cli
php$version-php-opcache php$version-php-xml php$version-php-gd php$version-php-intl
php$version-php-mbstring php$version-php-pspell php$version-php-readline"
if [ "$version" = "56" ]; then
mph=$(sed -e "s/php$version-php-pecl-apcu//")
@@ -156,23 +156,15 @@ else
fi
# Check if required modules for apache2 are enabled
if [ "$WEB_SYSTEM" = "apache2" ]; then
if [ -f /etc/redhat-release ]; then
if ! httpd -M | grep 'proxy_fcgi_module' ; then
sed 's/#LoadModule proxy_fcgi_module/LoadModule proxy_fcgi_module/' -i /etc/httpd/conf.modules.d/00-proxy.conf
sed 's/#LoadModule proxy_module/LoadModule proxy_module/' -i /etc/httpd/conf.modules.d/00-proxy.conf
fi
if ! httpd -M | grep 'setenvif_module' ; then
sed 's/#LoadModule setenvif_module/LoadModule setenvif_module/' -i /etc/httpd/conf.modules.d/00-base.conf
fi
else
if ! a2query -q -m proxy_fcgi; then
a2enmod -q proxy_fcgi
fi
if ! a2query -q -m setenvif; then
a2enmod -q setenvif
fi
if [ "$WEB_SYSTEM" = "httpd" ]; then
if ! httpd -M | grep 'proxy_fcgi_module' ; then
sed 's/#LoadModule proxy_fcgi_module/LoadModule proxy_fcgi_module/' -i /etc/httpd/conf.modules.d/00-proxy.conf
sed 's/#LoadModule proxy_module/LoadModule proxy_module/' -i /etc/httpd/conf.modules.d/00-proxy.conf
fi
if ! httpd -M | grep 'setenvif_module' ; then
sed 's/#LoadModule setenvif_module/LoadModule setenvif_module/' -i /etc/httpd/conf.modules.d/00-base.conf
fi
$BIN/v-restart-web "yes"
fi

346
docs/.vitepress/config.js
View File

@@ -1,158 +1,224 @@
import { defineConfig } from 'vitepress';
import { version } from '../../package.json';
import { defineConfig } from "vitepress";
import { version } from "../../package.json";
export default defineConfig({
lang: 'en-US',
title: 'Hestia Control Panel',
description: 'Open-source web server control panel.',
lang: "en-US",
title: "Hestia Control Panel",
description: "Open-source web server control panel.",
lastUpdated: true,
cleanUrls: false,
lastUpdated: true,
cleanUrls: false,
head: [
['link', { rel: 'icon', sizes: 'any', href: '/favicon.ico' }],
['link', { rel: 'icon', type: 'image/svg+xml', sizes: '16x16', href: '/logo.svg' }],
['link', { rel: 'apple-touch-icon', sizes: '180x180', href: '/apple-touch-icon.png' }],
['link', { rel: 'manifest', href: '/site.webmanifest' }],
['meta', { name: 'theme-color', content: '#b7236a' }],
],
head: [
["link", { rel: "icon", sizes: "any", href: "/favicon.ico" }],
[
"link",
{ rel: "icon", type: "image/svg+xml", sizes: "16x16", href: "/logo.svg" },
],
[
"link",
{
rel: "apple-touch-icon",
sizes: "180x180",
href: "/apple-touch-icon.png",
},
],
["link", { rel: "manifest", href: "/site.webmanifest" }],
["meta", { name: "theme-color", content: "#b7236a" }],
],
themeConfig: {
logo: '/logo.svg',
themeConfig: {
logo: "/logo.svg",
nav: nav(),
nav: nav(),
socialLinks: [
{ icon: 'github', link: 'https://dev.brepo.ru/bayrepo/hestiacp' },
{ icon: 'github', link: 'https://github.com/bayrepo/hestiacp-rpm' },
{ icon: 'github', link: 'https://github.com/hestiacp/hestiacp' },
],
socialLinks: [
{ icon: "github", link: "https://dev.brepo.ru/bayrepo/hestiacp" },
{ icon: "github", link: "https://github.com/bayrepo/hestiacp-rpm" },
{ icon: "github", link: "https://github.com/hestiacp/hestiacp" },
],
sidebar: { '/docs/': sidebarDocs() },
sidebar: { "/docs/": sidebarDocs() },
outline: [2, 3],
outline: [2, 3],
footer: {
message: 'Выпущена под лицензией GPLv3.',
copyright: 'Copyright © 2019-present Hestia Control Panel и некоторые RPM based компоненты принадлежат bayrepo',
},
},
footer: {
message: "Выпущена под лицензией GPLv3.",
copyright:
"Copyright © 2019-present Hestia Control Panel и некоторые RPM based компоненты принадлежат bayrepo",
},
},
});
/** @returns {import("vitepress").DefaultTheme.NavItem[]} */
function nav() {
return [
{ text: 'Характеристики', link: '/features.md' },
{ text: 'Установка', link: '/install.md' },
{ text: 'Документация', link: '/docs/introduction/getting-started.md', activeMatch: '/docs/' },
{
text: `v${version}`,
items: [
{
text: 'Changelog',
link: 'https://dev.brepo.ru/bayrepo/hestiacp/src/branch/master/CHANGELOG.md',
},
{
text: 'Содействие в разработке',
link: 'https://dev.brepo.ru/bayrepo/hestiacp/src/branch/master/CONTRIBUTING.md',
},
{
text: 'Политика безопасности',
link: 'https://dev.brepo.ru/bayrepo/hestiacp/src/branch/master/SECURITY.md',
},
],
},
];
return [
{ text: "Характеристики", link: "/features.md" },
{ text: "Установка", link: "/install.md" },
{
text: "Документация",
link: "/docs/introduction/getting-started.md",
activeMatch: "/docs/",
},
{
text: `v${version}`,
items: [
{
text: "Changelog",
link: "https://dev.brepo.ru/bayrepo/hestiacp/src/branch/master/CHANGELOG.md",
},
{
text: "Содействие в разработке",
link: "https://dev.brepo.ru/bayrepo/hestiacp/src/branch/master/CONTRIBUTING.md",
},
{
text: "Политика безопасности",
link: "https://dev.brepo.ru/bayrepo/hestiacp/src/branch/master/SECURITY.md",
},
],
},
];
}
/** @returns {import("vitepress").DefaultTheme.SidebarItem[]} */
function sidebarDocs() {
return [
{
text: 'Знакомство',
collapsed: false,
items: [
{ text: 'С чего начать', link: '/docs/introduction/getting-started.md' },
{ text: 'Рекомендации', link: '/docs/introduction/best-practices.md' },
],
},
{
text: 'Инструкция пользователя',
collapsed: false,
items: [
{ text: 'Аккаунт', link: '/docs/user-guide/account.md' },
{ text: 'Резервные копии', link: '/docs/user-guide/backups.md' },
{ text: 'Cron задачи', link: '/docs/user-guide/cron-jobs.md' },
{ text: 'Базы данных', link: '/docs/user-guide/databases.md' },
{ text: 'DNS', link: '/docs/user-guide/dns.md' },
{ text: 'Менеджер файлов', link: '/docs/user-guide/file-manager.md' },
{ text: 'Почтовые домены', link: '/docs/user-guide/mail-domains.md' },
{ text: 'Оповещения', link: '/docs/user-guide/notifications.md' },
{ text: 'Пакеты', link: '/docs/user-guide/packages.md' },
{ text: 'Статистика', link: '/docs/user-guide/statistics.md' },
{ text: 'Пользователи', link: '/docs/user-guide/users.md' },
{ text: 'Веб домены', link: '/docs/user-guide/web-domains.md' },
],
},
{
text: 'Администрирование сервера',
collapsed: false,
items: [
{ text: 'Создание резервных копий и восстановление', link: '/docs/server-administration/backup-restore.md' },
{ text: 'Конфигурация', link: '/docs/server-administration/configuration.md' },
{ text: 'Персональная настройка', link: '/docs/server-administration/customisation.md' },
{ text: 'Базы данных и phpMyAdmin', link: '/docs/server-administration/databases.md' },
{ text: 'DNS кластера & DNSSEC', link: '/docs/server-administration/dns.md' },
{ text: 'Email', link: '/docs/server-administration/email.md' },
{ text: 'Менеджер файлов', link: '/docs/server-administration/file-manager.md' },
{ text: 'Firewall', link: '/docs/server-administration/firewall.md' },
{ text: 'Обновления ОС', link: '/docs/server-administration/os-upgrades.md' },
{ text: 'Rest API', link: '/docs/server-administration/rest-api.md' },
{ text: 'SSL сертификаты', link: '/docs/server-administration/ssl-certificates.md' },
{ text: 'Веб шаблоны и кэширование', link: '/docs/server-administration/web-templates.md' },
{ text: 'Troubleshooting', link: '/docs/server-administration/troubleshooting.md' },
],
},
{
text: 'Содейтсвие в разработке',
collapsed: false,
items: [
{ text: 'Сборка пакетов', link: '/docs/contributing/building.md' },
{ text: 'Разработка', link: '/docs/contributing/development.md' },
{ text: 'Документация', link: '/docs/contributing/documentation.md' },
{ text: 'Установка приложений', link: '/docs/contributing/quick-install-app.md' },
{ text: 'Тестирование', link: '/docs/contributing/testing.md' },
{ text: 'Переводы', link: '/docs/contributing/translations.md' },
],
},
{
text: 'Сообщество',
collapsed: false,
items: [
{ text: 'Hestia Nginx Cache', link: '/docs/community/hestia-nginx-cache.md' },
{
text: 'Ioncube installer for Hestia',
link: '/docs/community/ioncube-hestia-installer.md',
},
{ text: 'Генератор установочной команды', link: '/docs/community/install-script-generator.md' },
],
},
{
text: 'Ссылки',
collapsed: false,
items: [
{ text: 'API', link: '/docs/reference/api.md' },
{ text: 'CLI', link: '/docs/reference/cli.md' },
],
},
{
text: 'Дополнения',
collapsed: false,
items: [
{ text: 'PHP cli селектор', link: '/docs/extensions/php-cli-selector.md' },
{ text: 'Расширенные модули', link: '/docs/extensions/extended-modules.md' },
{ text: 'Настройка Local PHP', link: '/docs/extensions/local-php.md' },
],
},
];
return [
{
text: "Знакомство",
collapsed: false,
items: [
{
text: "С чего начать",
link: "/docs/introduction/getting-started.md",
},
{ text: "Рекомендации", link: "/docs/introduction/best-practices.md" },
],
},
{
text: "Инструкция пользователя",
collapsed: false,
items: [
{ text: "Аккаунт", link: "/docs/user-guide/account.md" },
{ text: "Резервные копии", link: "/docs/user-guide/backups.md" },
{ text: "Cron задачи", link: "/docs/user-guide/cron-jobs.md" },
{ text: "Базы данных", link: "/docs/user-guide/databases.md" },
{ text: "DNS", link: "/docs/user-guide/dns.md" },
{ text: "Менеджер файлов", link: "/docs/user-guide/file-manager.md" },
{ text: "Почтовые домены", link: "/docs/user-guide/mail-domains.md" },
{ text: "Оповещения", link: "/docs/user-guide/notifications.md" },
{ text: "Пакеты", link: "/docs/user-guide/packages.md" },
{ text: "Статистика", link: "/docs/user-guide/statistics.md" },
{ text: "Пользователи", link: "/docs/user-guide/users.md" },
{ text: "Веб домены", link: "/docs/user-guide/web-domains.md" },
],
},
{
text: "Администрирование сервера",
collapsed: false,
items: [
{
text: "Создание резервных копий и восстановление",
link: "/docs/server-administration/backup-restore.md",
},
{
text: "Конфигурация",
link: "/docs/server-administration/configuration.md",
},
{
text: "Персональная настройка",
link: "/docs/server-administration/customisation.md",
},
{
text: "Базы данных и phpMyAdmin",
link: "/docs/server-administration/databases.md",
},
{
text: "DNS кластера & DNSSEC",
link: "/docs/server-administration/dns.md",
},
{ text: "Email", link: "/docs/server-administration/email.md" },
{
text: "Менеджер файлов",
link: "/docs/server-administration/file-manager.md",
},
{ text: "Firewall", link: "/docs/server-administration/firewall.md" },
{
text: "Обновления ОС",
link: "/docs/server-administration/os-upgrades.md",
},
{ text: "Rest API", link: "/docs/server-administration/rest-api.md" },
{
text: "SSL сертификаты",
link: "/docs/server-administration/ssl-certificates.md",
},
{
text: "Веб шаблоны и кэширование",
link: "/docs/server-administration/web-templates.md",
},
{
text: "Troubleshooting",
link: "/docs/server-administration/troubleshooting.md",
},
],
},
{
text: "Содейтсвие в разработке",
collapsed: false,
items: [
{ text: "Сборка пакетов", link: "/docs/contributing/building.md" },
{ text: "Разработка", link: "/docs/contributing/development.md" },
{ text: "Документация", link: "/docs/contributing/documentation.md" },
{
text: "Установка приложений",
link: "/docs/contributing/quick-install-app.md",
},
{ text: "Тестирование", link: "/docs/contributing/testing.md" },
{ text: "Переводы", link: "/docs/contributing/translations.md" },
],
},
{
text: "Сообщество",
collapsed: false,
items: [
{
text: "Hestia Nginx Cache",
link: "/docs/community/hestia-nginx-cache.md",
},
{
text: "Ioncube installer for Hestia",
link: "/docs/community/ioncube-hestia-installer.md",
},
{
text: "Генератор установочной команды",
link: "/docs/community/install-script-generator.md",
},
],
},
{
text: "Ссылки",
collapsed: false,
items: [
{ text: "API", link: "/docs/reference/api.md" },
{ text: "CLI", link: "/docs/reference/cli.md" },
],
},
{
text: "Дополнения",
collapsed: false,
items: [
{
text: "PHP cli селектор",
link: "/docs/extensions/php-cli-selector.md",
},
{
text: "Расширенные модули",
link: "/docs/extensions/extended-modules.md",
},
{ text: "Настройка Local PHP", link: "/docs/extensions/local-php.md" },
{
text: "nginx+mod_rewrite",
link: "/docs/extensions/nginx-mod-rewrite.md",
},
],
},
];
}

2
docs/docs/extensions/extended-modules.md
View File

@@ -148,4 +148,4 @@ bundle install
bundle install --path=vendor
```
для установки пользователю необходимых гемов локально.
для установки пользователю необходимых гемов локально.

15
docs/docs/extensions/nginx-mod-rewrite.md Normal file
View File

@@ -0,0 +1,15 @@
# nginx с поддержкой mdo_rewrite
HestiaCP RPM edition поддерживает установку приложений для доменов, таких как Wordpress, Joomla, Drupal и т.д.
Данные приложения написаны на PHP и требуют особого режима доступа к файлам, который реализуется с помощью .htaccess файла, в котором опианы эти правила преобразования URL.
Но .htaccess файл доступен только для Apache, для реализации работоспособнсти приложений в контрольной панели организованы шаблоны конфигурации nginx, которые по сути являются аналогами конфигурации из .htaccess.
Эти шаблоны размещены в каталоге `/usr/local/hestia/data/templates/web/nginx/php-fpm`.
# nginx + mod_rewrite
Но с версии 1.28.2 nginx добавлен экспериментальный модуль mod_rewrite для nginx, который позволяет понимать конфигурации из .htaccess и для nginx.
Для активации данной конфигурации, необходимо в настройках домена в `Расширенных настройках` выбрать в поле `Шаблон прокси` шаблон `nginx-php-rewrite`. Данный шаблон автоматически определит версию PHP-FPM для домена и активирует работу модуля mod_rewrite для nginx. Для данного домена Apache больше не будет принимать участие в обработке запроса, все будет обрабатываться в связке nginx-PHP-FPM.

1
docs/docs/index.md
View File

@@ -61,3 +61,4 @@
- [PHP cli селектор](/docs/extensions/php-cli-selector.md)
- [Расширенные модули](/docs/extensions/extended-modules.md)
- [Настройка Local PHP](/docs/extensions/local-php.md)
- [nginx + mod_rewrite](/docs/extensions/nginx-mod-rewrite.md)

36
func/domain.sh
View File

@@ -102,7 +102,7 @@ prepare_web_backend() {
# Accept first function argument as backend template otherwise fallback to $template global variable
local backend_template=${1:-$template}
php_type=$(cat "$HESTIA/conf/hestia.conf" | grep "LOCAL_PHP" | grep "yes")
if [ -n "$php_type" ]; then
pool=$(find -L /opt/brepo/ -name "$domain.conf" -exec dirname {} \; 2>/dev/null)
else
@@ -359,7 +359,7 @@ add_web_config() {
-e "s|%ssl_ca%|$ssl_ca|g" \
-e "s|%docrtpriv%|$docrtpriv|g" \
> $conf
if [ "$TPLNM" == "srvproxy.tpl" -o "$TPLNM" == "srvproxy.stpl" ];then
proxy_backend_port_internal=$(convert_proxy_ngix_internal_redirect "$3")
cat "$conf" \
@@ -419,11 +419,41 @@ add_web_config() {
done
fi
#----
php_type=$(cat "$HESTIA/conf/hestia.conf" | grep "LOCAL_PHP" | grep "yes")
MOD_CONF="/etc/httpd/conf.modules.d/09-mod-php.conf"
PHP_DEFAULT="/usr/bin/php-cgi"
if [ -e $MOD_CONF ]; then
php_ver=$(grep -m1 '^LoadModule php_module ' "$MOD_CONF" | grep -oP 'php\d{2}')
else
php_ver=$(find /etc/httpd/conf.modules.d -maxdepth 1 -type f -name '*-php*-php.conf' -print -quit | sed -n 's/.*-\(php[0-9]\+\)-php\.conf$/\1/p')
fi
php_cgi_path=$PHP_DEFAULT
if [ -n "$php_ver" ]; then
if [ -n "$php_type" ]; then
php_cgi_path="/opt/brepo/${php_ver}/bin/php-cgi"
else
php_cgi_path="/opt/remi/${php_ver}/root/bin/php-cgi"
fi
fi
if [[ -x "$php_cgi_path" ]]; then
:
else
php_cgi_path=$PHP_DEFAULT
fi
#----
trigger="${TPLNM/.*pl/.sh}"
if [ -x "${WEBTPL_LOCATION}/$trigger" ]; then
$WEBTPL_LOCATION/$trigger \
$user $domain $local_ip $HOMEDIR \
$HOMEDIR/$user/web/$domain/public_html
$HOMEDIR/$user/web/$domain/public_html \
$php_cgi_path
fi
}

20
func_ruby/ext-modules/passenger_manager.mod
View File

@@ -20,15 +20,15 @@ class PassengerWorker < Kernel::ModuleCoreWorker
ID: 2,
NAME: MODULE_ID,
DESCR: "Added passenger support for nginx",
REQ: "puppet_installer",
REQ: "",
CONF: "yes",
}
end
def enable
log_file = get_log
f_inst_pp = get_module_paydata("passenger_installer.pp")
f_uninst_pp = get_module_paydata("passenger_uninstaller.pp")
f_inst_pp = get_module_paydata("passenger_installer.yml")
f_uninst_pp = get_module_paydata("passenger_uninstaller.yml")
if !check
inf = info
log("Req error, needed #{inf[:REQ]}")
@@ -36,16 +36,16 @@ class PassengerWorker < Kernel::ModuleCoreWorker
else
begin
prepare_default_ruby_conf
log("install packages for passenger + nginx support: /usr/bin/puppet apply --detailed-exitcodes #{f_inst_pp}")
result_action = `/usr/bin/puppet apply --detailed-exitcodes "#{f_inst_pp}" 2>&1`
log("install packages for passenger + nginx support: /usr/bin/ansible-playbook -vv #{f_inst_pp}")
result_action = `LC_ALL=C.UTF-8 /usr/bin/ansible-playbook -vv "#{f_inst_pp}" 2>&1`
ex_status = $?.exitstatus
if ex_status.to_i == 0 || ex_status.to_i == 2
log(result_action)
super
else
log(result_action)
log("Try to disable action: /usr/bin/puppet apply --detailed-exitcodes #{f_uninst_pp}")
result_action = `/usr/bin/puppet apply --detailed-exitcodes "#{f_uninst_pp}" 2>&1`
log("Try to disable action: /usr/bin/ansible-playbook -vv #{f_uninst_pp}")
result_action = `LC_ALL=C.UTF-8 /usr/bin/ansible-playbook -vv "#{f_uninst_pp}" 2>&1`
"module installation error. See log #{log_file}"
end
rescue => e
@@ -57,14 +57,14 @@ class PassengerWorker < Kernel::ModuleCoreWorker
def disable
log_file = get_log
f_uninst_pp = get_module_paydata("passenger_uninstaller.pp")
f_uninst_pp = get_module_paydata("passenger_uninstaller.yml")
if !check_domains_with_passenger
return log_return("Presents domains with passenger support disable it first")
end
begin
log("uninstall packages for passenger + nginx support")
log("Try to disable action: /usr/bin/puppet apply --detailed-exitcodes #{f_uninst_pp}")
result_action = `/usr/bin/puppet apply --detailed-exitcodes "#{f_uninst_pp}" 2>&1`
log("Try to disable action: /usr/bin/ansible-playbook -vv #{f_uninst_pp}")
result_action = `LC_ALL=C.UTF-8 /usr/bin/ansible-playbook -vv "#{f_uninst_pp}" 2>&1`
ex_status = $?.exitstatus
if ex_status.to_i == 0 || ex_status.to_i == 2
log(result_action)

69
func_ruby/ext-modules/payload/passenger_manager/passenger_installer.yml Normal file
View File

@@ -0,0 +1,69 @@
---
- name: Install Passenger and configure Nginx on localhost
hosts: localhost
connection: local
become: true
gather_facts: false
environment:
LANG: en_US.UTF-8
LC_ALL: en_US.UTF-8
tasks:
# Устанавливаем Ruby и зависимости
- name: Install rubygems-devel
ansible.builtin.dnf:
name: rubygems-devel
state: present
- name: Install rubygem-rake
ansible.builtin.dnf:
name: rubygem-rake
state: present
- name: Install ruby-devel
ansible.builtin.dnf:
name: ruby-devel
state: present
- name: Install rubygem-rack
ansible.builtin.dnf:
name: rubygem-rack
state: present
- name: Install alt-brepo-ruby33-devel
ansible.builtin.dnf:
name: alt-brepo-ruby33-devel
state: present
- name: Install alt-brepo-ruby33-rubygem-rake
ansible.builtin.dnf:
name: alt-brepo-ruby33-rubygem-rake
state: present
# Устанавливаем Passenger и модуль Nginx
- name: Install passenger-devel
ansible.builtin.dnf:
name: passenger-devel
state: present
- name: Install passenger
ansible.builtin.dnf:
name: passenger
state: present
- name: Install nginx-mod-http-passenger
ansible.builtin.dnf:
name: nginx-mod-http-passenger
state: present
# Конфигурируем Nginx для Passenger
- name: Create passenger.conf
ansible.builtin.copy:
dest: /etc/nginx/conf.d/passenger.conf
content: |
passenger_root /usr/share/ruby/vendor_ruby/phusion_passenger/locations.ini;
passenger_ruby /usr/bin/ruby;
passenger_instance_registry_dir /var/run/passenger-instreg;
passenger_user_switching on;
passenger_env_var PASSENGER_COMPILE_NATIVE_SUPPORT_BINARY 0;
passenger_env_var PASSENGER_DOWNLOAD_NATIVE_SUPPORT_BINARY 0;
- name: Create passenger_includer.conf
ansible.builtin.copy:
dest: /etc/nginx/conf.d/main/passenger.conf
content: |
load_module modules/ngx_http_passenger_module.so;
# Перезапускаем Nginx
- name: Restart nginx service
ansible.builtin.service:
name: nginx
state: restarted

38
func_ruby/ext-modules/payload/passenger_manager/passenger_uninstaller.yml Normal file
View File

@@ -0,0 +1,38 @@
---
- name: Uninstall Passenger and configure Nginx on localhost
hosts: localhost
connection: local
become: true
gather_facts: false
environment:
LANG: en_US.UTF-8
LC_ALL: en_US.UTF-8
tasks:
# Удалаем модуль nginx-passenger
- name: Remove nginx-mod-http-passenger package
ansible.builtin.dnf:
name: nginx-mod-http-passenger
state: absent
# Удалаем passenger и зависимости
- name: Remove passenger-devel package
ansible.builtin.dnf:
name: passenger-devel
state: absent
- name: Remove passenger package
ansible.builtin.dnf:
name: passenger
state: absent
# Удаляем конфигурационные файлы Nginx
- name: Remove passenger.conf
ansible.builtin.file:
path: /etc/nginx/conf.d/passenger.conf
state: absent
- name: Remove passenger_includer.conf
ansible.builtin.file:
path: /etc/nginx/conf.d/main/passenger.conf
state: absent
# Перезапускаем Nginx (необязательно, но полезно)
- name: Restart nginx service
ansible.builtin.service:
name: nginx
state: restarted

47
install/hst-install.sh
View File

@@ -753,7 +753,7 @@ if [ "$uselocalphp" == "yes" ]; then
php_pkgs_lst="brepo-php${php_v} brepo-php${php_v}-mod-apache"
else
write_config_value "LOCAL_PHP" "no"
php_pkgs_lst="php${php_v}-php.${arch} php${php_v}-php-cgi.${arch} php${php_v}-php-mysqlnd.${arch} php${php_v}-php-pgsql.${arch}
php_pkgs_lst="php${php_v}-php php${php_v}-php-cgi php${php_v}-php-mysqlnd php${php_v}-php-pgsql
php${php_v}-php-pdo php${php_v}-php-common php${php_v}-php-pecl-imagick php${php_v}-php-imap php${php_v}-php-ldap
php${php_v}-php-pecl-apcu php${php_v}-php-pecl-zip php${php_v}-php-cli php${php_v}-php-opcache php${php_v}-php-xml
php${php_v}-php-gd php${php_v}-php-intl php${php_v}-php-mbstring php${php_v}-php-pspell php${php_v}-php-readline"
@@ -911,7 +911,7 @@ if [ "$apache" = 'no' ]; then
software=$(echo "$software" | sed -e "s/mod_suphp//")
software=$(echo "$software" | sed -e "s/mod_fcgid//")
software=$(echo "$software" | sed -e "s/mod_ssl//")
software=$(echo "$software" | sed -e "s/php${php_v}-php.${arch}//")
software=$(echo "$software" | sed -e "s/php${php_v}-php//")
software=$(echo "$software" | sed -e "s/brepo-php${php_v}-mod-apache//")
mod_php="disable"
fi
@@ -956,11 +956,11 @@ if [ "$mysql8" = 'no' ]; then
software=$(echo "$software" | sed -e "s/mysql-common//")
fi
if [ "$mysql" = 'no' ] && [ "$mysql8" = 'no' ]; then
software=$(echo "$software" | sed -e "s/php${php_v}-php-mysql.${arch}//")
software=$(echo "$software" | sed -e "s/php${php_v}-php-mysql//")
fi
if [ "$postgresql" = 'no' ]; then
software=$(echo "$software" | sed -e "s/postgresql-server//")
software=$(echo "$software" | sed -e "s/php${php_v}-php-pgsql.${arch}//")
software=$(echo "$software" | sed -e "s/php${php_v}-php-pgsql//")
software=$(echo "$software" | sed -e "s/phppgadmin//")
php_modules_install=$(echo "$php_modules_install" | sed -e "s/pgsql//")
php_modules_install=$(echo "$php_modules_install" | sed -e "s/pdo_pgsql//")
@@ -974,12 +974,12 @@ if [ "$iptables" = 'no' ]; then
software=$(echo "$software" | sed -e "s/fail2ban//")
fi
if [ "$phpfpm" = 'yes' ]; then
software=$(echo "$software" | sed -e "s/php${php_v}-php-cgi.${arch}//")
software=$(echo "$software" | sed -e "s/php${php_v}-php-cgi//")
software=$(echo "$software" | sed -e "s/httpd-itk//")
software=$(echo "$software" | sed -e "s/mod_ruid2 //")
software=$(echo "$software" | sed -e "s/mod_suphp//")
software=$(echo "$software" | sed -e "s/mod_fcgid//")
software=$(echo "$software" | sed -e "s/php${php_v}-php.${arch}//")
software=$(echo "$software" | sed -e "s/php${php_v}-php//")
software=$(echo "$software" | sed -e "s/brepo-php${php_v}-mod-apache//")
mod_php="disable"
fi
@@ -1456,11 +1456,32 @@ if [ "$apache" = 'yes' ]; then
# IDK why those modules still here, but ok. if they are disabled by default
if [ -e /etc/httpd/conf.modules.d/01-suexec.conf ]; then
sed 's/^LoadModule suexec_module/#LoadModule suexec_module/' -i /etc/httpd/conf.modules.d/01-suexec.conf
fi
if [ -e /etc/httpd/conf.modules.d/10-fcgid.conf ]; then
sed 's/^LoadModule fcgid_module/#LoadModule fcgid_module/' -i /etc/httpd/conf.modules.d/10-fcgid.conf
if [ "$phpfpm" = 'yes' ]; then
if [ -e /etc/httpd/conf.modules.d/01-suexec.conf ]; then
sed 's/^LoadModule suexec_module/#LoadModule suexec_module/' -i /etc/httpd/conf.modules.d/01-suexec.conf
fi
if [ -e /etc/httpd/conf.modules.d/10-fcgid.conf ]; then
sed 's/^LoadModule fcgid_module/#LoadModule fcgid_module/' -i /etc/httpd/conf.modules.d/10-fcgid.conf
fi
else
cp -f $HESTIA_INSTALL_DIR/httpd/01-mpm-itk.conf /etc/httpd/conf.modules.d/
if [ -e /etc/httpd/conf.modules.d/01-suexec.conf ]; then
sed 's/#LoadModule suexec_module/LoadModule suexec_module/' -i /etc/httpd/conf.modules.d/01-suexec.conf
fi
echo "LoadModule suphp_module modules/mod_suphp.so" > /etc/httpd/conf.modules.d/10-suphp.conf
if [ -e /etc/httpd/conf.modules.d/10-fcgid.conf ]; then
sed 's/#LoadModule fcgid_module/LoadModule fcgid_module/' -i /etc/httpd/conf.modules.d/10-fcgid.conf
fi
if [ -e /etc/httpd/conf.d/fcgid.conf ]; then
cp /etc/httpd/conf.d/fcgid.conf /etc/httpd/conf.h.d/fcgid.conf
fi
if [ -e /etc/httpd/conf.dmod_suphp.conf ]; then
cp /etc/httpd/conf.d/mod_suphp.conf /etc/httpd/conf.h.d/mod_suphp.conf
fi
if [ -e "/etc/httpd/conf.d.prep/php${php_v}.conf" ]; then
ln -s "/etc/httpd/conf.d.prep/php${php_v}.conf" /etc/httpd/conf.modules.d/09-mod-php.conf
fi
fi
# Switch status loader to custom one
@@ -1474,6 +1495,10 @@ if [ "$apache" = 'yes' ]; then
sed 's/LoadModule mpm_prefork_module/#LoadModule mpm_prefork_module/' -i /etc/httpd/conf.modules.d/00-mpm.conf
sed 's/#LoadModule mpm_event_module/LoadModule mpm_event_module/' -i /etc/httpd/conf.modules.d/00-mpm.conf
cp -f $HESTIA_INSTALL_DIR/httpd/hestia-event.conf /etc/httpd/conf.h.d/
else
sed 's/LoadModule mpm_worker_module/#LoadModule mpm_worker_module/' -i /etc/httpd/conf.modules.d/00-mpm.conf
sed 's/LoadModule mpm_event_module/#LoadModule mpm_event_module/' -i /etc/httpd/conf.modules.d/00-mpm.conf
sed 's/#LoadModule mpm_prefork_module/LoadModule mpm_prefork_module/' -i /etc/httpd/conf.modules.d/00-mpm.conf
fi
if [ ! -d /etc/httpd/sites-available ]; then

2
install/rpm/hestia/hestia.repo
View File

@@ -1,5 +1,5 @@
[hectiacp]
name=msvsphere9 hestia repo on repo.brepo.ru
name=RPM Alma Rocky 9 hestia repo on repo.brepo.ru
baseurl=https://repo.brepo.ru/hestia/
enabled=1
gpgkey=https://repo.brepo.ru/hestia/brepo_projects-gpg-key

3
install/rpm/httpd/01-mpm-itk.conf Normal file
View File

@@ -0,0 +1,3 @@
<IfModule mpm_prefork_module>
LoadModule mpm_itk_module modules/mod_mpm_itk.so
</IfModule>

7
install/rpm/templates/web/httpd/default.stpl
View File

@@ -18,6 +18,13 @@
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %sdocroot%>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch ".+\.phps$">
SetHandler application/x-httpd-php-source
Require all denied
</FilesMatch>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI

7
install/rpm/templates/web/httpd/default.tpl
View File

@@ -21,6 +21,13 @@
IncludeOptional %home%/%user%/conf/web/%domain%/forcessl.apache2.conf*
<Directory %docroot%>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch ".+\.phps$">
SetHandler application/x-httpd-php-source
Require all denied
</FilesMatch>
AllowOverride All
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp

41
install/rpm/templates/web/httpd/forbidden.stpl Normal file
View File

@@ -0,0 +1,41 @@
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
<VirtualHost %ip%:%web_ssl_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %sdocroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Location />
Require all denied
</Location>
SSLEngine on
SSLVerifyClient none
SSLCertificateFile %ssl_crt%
SSLCertificateKeyFile %ssl_key%
%ssl_ca_str%SSLCertificateChainFile %ssl_ca%
<IfModule mod_ruid2.c>
RMode config
RUidGid %user% %group%
RGroups apache
</IfModule>
<IfModule mpm_itk.c>
AssignUserID %user% %group%
</IfModule>
IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.ssl.conf_*
IncludeOptional /etc/httpd/conf.h.d/*.inc
</VirtualHost>

38
install/rpm/templates/web/httpd/forbidden.tpl Normal file
View File

@@ -0,0 +1,38 @@
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
<VirtualHost %ip%:%web_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %docroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
IncludeOptional %home%/%user%/conf/web/%domain%/forcessl.apache2.conf*
<Location />
Require all denied
</Location>
<IfModule mod_ruid2.c>
RMode config
RUidGid %user% %group%
RGroups apache
</IfModule>
<IfModule mpm_itk.c>
AssignUserID %user% %group%
</IfModule>
IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.conf_*
IncludeOptional /etc/httpd/conf.h.d/*.inc
</VirtualHost>

7
install/rpm/templates/web/httpd/hosting.stpl
View File

@@ -18,6 +18,13 @@
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %sdocroot%>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch ".+\.phps$">
SetHandler application/x-httpd-php-source
Require all denied
</FilesMatch>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI

7
install/rpm/templates/web/httpd/hosting.tpl
View File

@@ -21,6 +21,13 @@
IncludeOptional %home%/%user%/conf/web/%domain%/forcessl.apache2.conf*
<Directory %docroot%>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch ".+\.phps$">
SetHandler application/x-httpd-php-source
Require all denied
</FilesMatch>
AllowOverride All
Options +Includes -Indexes +ExecCGI
php_admin_value upload_max_filesize 10M

32
install/rpm/templates/web/httpd/php-fpm/forbidden.stpl Normal file
View File

@@ -0,0 +1,32 @@
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
<VirtualHost %ip%:%web_ssl_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %sdocroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Location />
Require all denied
</Location>
SSLEngine on
SSLVerifyClient none
SSLCertificateFile %ssl_crt%
SSLCertificateKeyFile %ssl_key%
%ssl_ca_str%SSLCertificateChainFile %ssl_ca%
IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.ssl.conf_*
IncludeOptional /etc/httpd/conf.h.d/*.inc
</VirtualHost>

30
install/rpm/templates/web/httpd/php-fpm/forbidden.tpl Normal file
View File

@@ -0,0 +1,30 @@
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
<VirtualHost %ip%:%web_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %docroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
IncludeOptional %home%/%user%/conf/web/%domain%/apache2.forcessl.conf*
<Location />
Require all denied
</Location>
IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.conf_*
IncludeOptional /etc/httpd/conf.h.d/*.inc
</VirtualHost>

14
install/rpm/templates/web/httpd/phpcgi.sh
View File

@@ -1,16 +1,26 @@
#!/bin/bash
#!/usr/bin/bash
# Adding php wrapper
user="$1"
domain="$2"
ip="$3"
home_dir="$4"
docroot="$5"
php_path="$6"
wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini'
wrapper_script="#!$php_path -cphp5-cgi.ini"
wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php"
wrapper_dir="/var/www/$user/$domain/cgi-bin"
wrapper_file2="$wrapper_dir/php"
echo "$wrapper_script" > $wrapper_file
chown $user:$user $wrapper_file
chmod -f 751 $wrapper_file
mkdir -p $wrapper_dir
echo "$wrapper_script" > $wrapper_file2
chown $user:$user $wrapper_file2
chown $user:$user $wrapper_dir
chmod -f 751 $wrapper_file2
exit 0

3
install/rpm/templates/web/httpd/phpcgi.stpl
View File

@@ -10,7 +10,8 @@
%alias_string%
ServerAdmin %email%
DocumentRoot %sdocroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
#ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
ScriptAlias /cgi-bin/ /var/www/%user%/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
SuexecUserGroup %user% %group%

3
install/rpm/templates/web/httpd/phpcgi.tpl
View File

@@ -10,7 +10,8 @@
%alias_string%
ServerAdmin %email%
DocumentRoot %docroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
#ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
ScriptAlias /cgi-bin/ /var/www/%user%/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
SuexecUserGroup %user% %group%

14
install/rpm/templates/web/httpd/phpfcgid.sh
View File

@@ -1,22 +1,32 @@
#!/bin/bash
#!/usr/bin/bash
# Adding php wrapper
user="$1"
domain="$2"
ip="$3"
home_dir="$4"
docroot="$5"
php_path="$6"
wrapper_script="#!/bin/sh
PHPRC=/usr/local/lib
export PHPRC
export PHP_FCGI_MAX_REQUESTS=1000
export PHP_FCGI_CHILDREN=20
exec /usr/bin/php-cgi
exec $php_path
"
wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter"
wrapper_dir="/var/www/$user/$domain/cgi-bin"
wrapper_file2="$wrapper_dir/fcgi-starter"
echo "$wrapper_script" > $wrapper_file
chown $user:$user $wrapper_file
chmod -f 751 $wrapper_file
mkdir -p $wrapper_dir
echo "$wrapper_script" > $wrapper_file2
chown $user:$user $wrapper_file2
chown $user:$user $wrapper_dir
chmod -f 751 $wrapper_file2
exit 0

4
install/rpm/templates/web/httpd/phpfcgid.stpl
View File

@@ -28,7 +28,8 @@
<Files *.php>
SetHandler fcgid-script
</Files>
FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
#FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
FCGIWrapper /var/www/%user%/%domain%/cgi-bin/fcgi-starter .php
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
@@ -42,4 +43,5 @@
IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.ssl.conf_*
IncludeOptional /etc/httpd/conf.h.d/*.inc
</VirtualHost>

4
install/rpm/templates/web/httpd/phpfcgid.tpl
View File

@@ -30,11 +30,13 @@
<Files *.php>
SetHandler fcgid-script
</Files>
FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
#FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
FCGIWrapper /var/www/%user%/%domain%/cgi-bin/fcgi-starter .php
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.conf_*
IncludeOptional /etc/httpd/conf.h.d/*.inc
</VirtualHost>

7
install/rpm/templates/web/httpd/www-data.stpl
View File

@@ -19,6 +19,13 @@
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %sdocroot%>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch ".+\.phps$">
SetHandler application/x-httpd-php-source
Require all denied
</FilesMatch>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI

7
install/rpm/templates/web/httpd/www-data.tpl
View File

@@ -22,6 +22,13 @@
IncludeOptional %home%/%user%/conf/web/%domain%/forcessl.apache2.conf*
<Directory %docroot%>
<FilesMatch ".+\.ph(ar|p|tml)$">
SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch ".+\.phps$">
SetHandler application/x-httpd-php-source
Require all denied
</FilesMatch>
AllowOverride All
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp

66
install/rpm/templates/web/nginx/nginx-php-rewrite.stpl Executable file
View File

@@ -0,0 +1,66 @@
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
server {
listen %ip%:%proxy_ssl_port% ssl;
server_name %domain_idn% %alias_idn%;
root %sdocroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
ssl_stapling on;
ssl_stapling_verify on;
# TLS 1.3 0-RTT anti-replay
if ($anti_replay = 307) { return 307 https://$host$request_uri; }
if ($anti_replay = 425) { return 425; }
include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
HtaccessEnable on;
location ~ /\.(?!well-known\/) {
deny all;
return 404;
}
location ~* ^.+\.(jpeg|jpg|png|webp|gif|bmp|ico|svg|css|js|txt)$ {
expires max;
fastcgi_hide_header "Set-Cookie";
}
location / {
RewriteEngine On;
location ~ [^/]\.php(/|$) {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param HTTP_EARLY_DATA $rfc_early_data if_not_empty;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
}
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
}
proxy_hide_header Upgrade;
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
}

53
install/rpm/templates/web/nginx/nginx-php-rewrite.tpl Executable file
View File

@@ -0,0 +1,53 @@
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
server {
listen %ip%:%proxy_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
HtaccessEnable on;
location ~ /\.(?!well-known\/) {
deny all;
return 404;
}
location ~* ^.+\.(jpeg|jpg|png|webp|gif|bmp|ico|svg|css|js|txt)$ {
expires max;
fastcgi_hide_header "Set-Cookie";
}
location / {
RewriteEngine On;
location ~ [^/]\.php(/|$) {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
}
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include %home%/%user%/conf/web/%domain%/nginx.conf_*;
}

64
install/rpm/templates/web/nginx/nginx-php.stpl Executable file
View File

@@ -0,0 +1,64 @@
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
server {
listen %ip%:%proxy_ssl_port% ssl;
server_name %domain_idn% %alias_idn%;
root %sdocroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
ssl_stapling on;
ssl_stapling_verify on;
# TLS 1.3 0-RTT anti-replay
if ($anti_replay = 307) { return 307 https://$host$request_uri; }
if ($anti_replay = 425) { return 425; }
include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
location ~ /\.(?!well-known\/) {
deny all;
return 404;
}
location / {
try_files $uri $uri/ /index.php?$args;
location ~* ^.+\.(jpeg|jpg|png|webp|gif|bmp|ico|svg|css|js)$ {
expires max;
fastcgi_hide_header "Set-Cookie";
}
location ~ [^/]\.php(/|$) {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param HTTP_EARLY_DATA $rfc_early_data if_not_empty;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
}
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
}
proxy_hide_header Upgrade;
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
}

51
install/rpm/templates/web/nginx/nginx-php.tpl Executable file
View File

@@ -0,0 +1,51 @@
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
server {
listen %ip%:%proxy_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
location ~ /\.(?!well-known\/) {
deny all;
return 404;
}
location / {
try_files $uri $uri/ /index.php?$args;
location ~* ^.+\.(jpeg|jpg|png|webp|gif|bmp|ico|svg|css|js)$ {
expires max;
fastcgi_hide_header "Set-Cookie";
}
location ~ [^/]\.php(/|$) {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
}
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include %home%/%user%/conf/web/%domain%/nginx.conf_*;
}

19
src/rpm/hestia/hestia.spec
View File

@@ -3,7 +3,7 @@
Name: hestia
Version: 1.9.6
Release: 3%{dist}
Release: 9%{dist}
Summary: Hestia Control Panel
Group: System Environment/Base
License: GPLv3
@@ -36,8 +36,7 @@ Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
Requires: ruby
Requires: puppet
Requires: puppet-stdlib
Requires: ansible-core
Provides: hestia = %{version}-%{release}
Conflicts: redhat-release < 8
@@ -184,6 +183,20 @@ fi
%{_tmpfilesdir}/%{name}.conf
%changelog
* Sun Mar 29 2026 Alexey Berezhok <a@bayrepo.ru> - 1.9.6-9
- Added support ansible instead of puppet
* Fri Mar 27 2026 Alexey Berezhok <a@bayrepo.ru> - 1.9.6-8
- Fixed installation of panel without PHP-FPM
- Fixed mod_php, fcgid, fcgi mode
* Thu Mar 26 2026 Alexey Berezhok <a@bayrepo.ru> - 1.9.6-6
- Fixed database size usage and disk usage output on the info pages
* Thu Mar 19 2026 Alexey Berezhok <a@bayrepo.ru> - 1.9.6-5
- Added nginx with mod_rewrite
- Added templates for nginx mod_rewrite activation
* Thu Jan 15 2026 Alexey Berezhok <a@bayrepo.ru> - 1.9.6-3
- Fix error on local php installation and extension activation

8
web/list/db/index.php
View File

@@ -4,13 +4,17 @@ $TAB = "DB";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
//Update data before $output
exec(HESTIA_CMD . "v-update-databases-disk $user", $output, $return_var);
unset($output);
// Data
exec(HESTIA_CMD . "v-list-databases $user json", $output, $return_var);
$data = json_decode(implode("", $output), true);
if ($_SESSION["userSortOrder"] == "name") {
ksort($data);
ksort($data);
} else {
$data = array_reverse($data, true);
$data = array_reverse($data, true);
}
unset($output);

18
web/list/web/index.php
View File

@@ -4,13 +4,25 @@ $TAB = "WEB";
// Main include
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
//Update data before output
exec(HESTIA_CMD . "v-update-web-domains-disk " . $user, $output, $return_var);
unset($output);
exec(HESTIA_CMD . "v-update-web-domains-stat " . $user, $output, $return_var);
unset($output);
exec(HESTIA_CMD . "v-update-web-domains-traff " . $user, $output, $return_var);
unset($output);
// Data
exec(HESTIA_CMD . "v-list-web-domains " . $user . " 'json'", $output, $return_var);
exec(
HESTIA_CMD . "v-list-web-domains " . $user . " 'json'",
$output,
$return_var,
);
$data = json_decode(implode("", $output), true);
if ($_SESSION["userSortOrder"] == "name") {
ksort($data);
ksort($data);
} else {
$data = array_reverse($data, true);
$data = array_reverse($data, true);
}
$ips = json_decode(shell_exec(HESTIA_CMD . "v-list-sys-ips json"), true);