Any ideas about the best way to delegate only the management of email users (creation, password change, deletion etc) of a particular domain?
AFAIK HestiaCP doesn’t support fine-grained ACLs like e.g. Virtalmin (see features), so how would you allow another person to manage a domain’s emails without also granting full access to all the rest of HestiaCP services (Web, DBs etc) ?
Would you choose to create a custom web-app hosted on the same HestiaCP server that performs those changes over HestiaCP’s API (or even directly, by changing the flat files on disk)?
Currently I don’t use HestiaCP’s firewall + blacklist.sh nor fail2ban, because I still prefer my own iptables setup with several ipsets. I just hope that HestiaCP won’t ever change my iptables ruleset by accident