Clarification for Hestia Custom Install on Debian 10

I am researching doing a custom install of Hestia on Debian 10. This page shows an option of adding “debs” at the end of the installation.
https://gabizz.github.io/hestiacp-scriptline-generator/

I have not been able to find any explanation of the advantages or drawbacks of adding “debs” to a custom Hestia install on Debian 10. What is “debs”??? Any advice or clarification would be greatly appreciated.

There are three particular issues I am concerned about. First, is it mandatory to install the DEBS file with a Debian 10 server? What would the drawback be if I did not install debs? What would the benefit be if I did install debs?

My second concern is that Debian 10 Buster changed from iptables to nftables. Does this mean I should not install iptables? Does fail2ban support the new Debian nftables? I did find this link which seems to indicate that fail2ban does support nftables:
https://serverfault.com/questions/873068/fail2ban-with-nftables-and-ipv6
But do I need to add the Hestia deb package to make this work?
If I use this option, is it safe to not install ip tables?
Will fail2ban still work if I do not install iptables?

Finally, I read the Hestia install Debian script at this page:
https://raw.githubusercontent.com/hestiacp/hestiacp/release/install/hst-install-debian.sh

Under the Section “Packages Excluded” is the following code. It seems to indicate some exclusions with Nginx on the special Debian install script. Is this install script what is meant by the term “debs’?
But if I am just using Apache server and not installing Nginx, do I still need the Deb package? Or is the Hestia “deb” package only needed if you install Nginx?

Here is some of the Debian install script for this Packages Excluded section:

if [ -z $(ls $withdebs/hestia-nginx_*.deb 2>/dev/null) ]; then
    echo "    - hestia-nginx backend package (from apt)"
    apt-get -y install hestia-nginx > /dev/null 2>&1
else
    echo "    - hestia-nginx backend package"
    dpkg -i $withdebs/hestia-nginx_*.deb > /dev/null 2>&1
fi

if [ -d “$withdebs” ]; then
software=$(echo “$software” | sed -e “s/hestia-nginx//”)
software=$(echo “$software” | sed -e “s/hestia-php//”)
software=$(echo “$software” | sed -e “s/hestia=${HESTIA_INSTALL_VER}//”)
dpkg -i $withdebs/hestia_*.deb > /dev/null 2>&1

if [ -z $(ls $withdebs/hestia-php_*.deb 2>/dev/null) ]; then
    echo "    - hestia-php backend package (from apt)"
    apt-get -y install hestia-php > /dev/null 2>&1
else
    echo "    - hestia-php backend package"
    dpkg -i $withdebs/hestia-php_*.deb > /dev/null 2>&1
fi
if [ -z $(ls $withdebs/hestia-nginx_*.deb 2>/dev/null) ]; 

I know that you recommend Nginx to sit in front of Apache. But in my case, I really do not need it or want Nginx. I am also not installing ClamAV or Spam Assassin. Just doing a bare bones minimal Debian server install and I want to use Hestia for my control panel.

Thank you for helping to clarify what “debs” is and how to install Hestia on a Debian 10 buster server.

I have no idea what debs is. I didn’t install it.

You may add / remove anything you feel like.

I use debian 10 too.

I am not sure that Hestia will work without nginx and exim4.

But you may uninstall dovecot, spamassasin, clamav, bind9, sftp servers without problem.

Fail2ban will work with iptables. Leave those alone and don’t overcomplicate. Hestia works out of the box.

If you really need to set up a different firewall then do it. If you don’t really mind or care, then use Hestia’s suggestion.

Thank you for your feedback. It is reassuring to know that Hestia will work with Debian 10 even without the mysterious “deb” package. For now, I will not install the “deb” package until someone can explain exactly what it is and what it does. As for working without Nginx, I am pretty certain Hestia will work with just Apache alone. I have been using Apache for more than 20 years. I will keep exim4 and bind and vsftpd and dovecot as I see a purpose for all of these. I will also add Iptables to use with Fail2ban until I get more assurance that nf-tables are supported by Hestia and Fail2Ban. I really like Debian 10 as it is hundreds of MB smaller than Ubuntu. And I like nftables better than iptables. But there is no need for me to be on the cutting edge of things. Keep up the great work with Hestia. I am really amazed at what a great tool it is becoming. I am a teacher and I plan on writing Hestia documentation for my students. Do you have a Documentation team and if so, how do I contact them?

I want to correct myself. While most of Hestia will work with just Apache and not Nginx, there are some functions that require Nginx. One of these functions is the one click Quick Installer. If you download the Hestia source code from their Github page and open install/deb/templates/web/nginx/php-fpm folder, you will see the current list of one click quick install templates. These include drupal, joomla, wordpress, moodle, owncloud, odoo and several others. In looking at the template code, it does appear to require nginx in order for the one click quick installers to work. I will therefore be installing nginx along with apache. I am going to try the custom install without spam assassin or clamav. Hopefully, these are not needed. I will report back here if I have any problems.

Upon further review of this document it appears that there might be support for one click quick templates with either Apache2 or Nginx.
https://docs.hestiacp.com/admin_docs/server_management.html#how-do-web-templates-work

I have decided to try a test installation of Hestia with only Apache 2 to see if the quick installer works with just Apache 2. I will report back here in a few days with the results.

By Apache 2, I mean Apache 2 with php-fpm.

For 1 and 3

We build our own packages (.deb) for hestia, hestia-nginx, hestia-php. For development purposes it often needed to test a certain version that has not been released yet. We don’t want to update 7k servers to an unstable version… We can load our own packages that we have build. See

For an stable install (Last version that has been released) we always suggest to install the packages from apt. And not the packages generated by your self (and loaded with the script)

For this reason hestia, hestia-nginx and hestia-php should not been installed from atp and remove from list.

As hestia-nginx / hestia-php are not always updated every hestia version we can tell the command to only build the “hestia” package as it goes way faster (30 sec instead of 5 min). How ever Hestia still require those packages and will install those from atp.

Hestia needs also modifications to work with nftables and nftables is build on iptables but only “simpler” So why not iptables?

  1. Nginx + Apache + PHP-FPM or Nginx + PHP-FPM
    Standalone Apache I advice against it.

Quickinstaller apps are also working on Apache2 how ever Apache2 does support .htaccess and Nginx doesn’t and require an separate template file

The simplest explanation is to think of a .deb as a .exe for any Debian based GNU/Linux operating system(OS). Many other OSes are built on top of Debian such as Ubuntu and Linux Mint but, with customizations to suit their needs/the needs of their users.

When you have a few spare evenings, it would behoove you to read through this book of books:
https://www.debian.org/doc/

1 Like

Thank you for the link, I am always interested in learning more about the Debian project - and I am already familiar with deb packages. However, my question was not about deb packages in general. It was about a very specific file shown on the link above. That file is called debs. But there is no information anywhere on the Internet about what that file is or what that file does. Ideally, I would like a link to the source code of that file so I can read it myself. Surely someone in the Hestia project knows what this file is, why it was created and what it does. I am hoping they will kindly share this information with the rest of us so we can make an informed decision as to whether we should install it.

The “generator” has been created by an third party and there for no control over it… (Unless make our own)

It is also short for dependencies…

  1. Check if “withdebs” folder is supplied
  2. Install hestia.x.x.x.deb
  3. Check if hestia-php.x.x.x.deb is availble
    4 If not install via apt if you install from local
  4. Check if hestia-nginx.x.x.x.deb is availble
    6 If not install via apt if you install from local

Nothing special…

If you create you own debs and base it on the release branch you will end up with exactly the same version. Again nothing special