Hestia 1.2.0 RC - WE NEED YOU!

To follow up my previous post, I had left the freshly installed Debian 10 CT with HestiaCP 1.2.0 running unattended for about a day, and I just checked it only to find out a huge mail queue with tens of thousands of mails!

root@vm05:~# mailq | wc -l
27126
root@vm05:~#
root@vm05:/var/mail# mailq|tail

 0m   772 1jnQld-0001rU-UT <[email protected]>
          [email protected]

 0m  1.7K 1jnQle-0001rY-2i <> *** frozen ***
          [email protected]

 0m  1.7K 1jnQle-0001rd-38 <> *** frozen ***
          [email protected]

root@vm05:/var/mail# 

Apparently the 1000s of e-mails are generated by cron taks, due to DNS config issues:

root@vm05:/var/spool/exim4# more /var/spool/exim4/input/1jma2b-0007xP-Uu-D
1jma2b-0007xP-Uu-D
sudo: unable to resolve host vm05.mydomain.tld: Name or service not known
root@vm05:/var/spool/exim4# 

The /etc/hosts file has no FQDN entry for vm05

root@vm05:~# more /etc/hosts
127.0.1.1	vm05
127.0.0.1	localhost
::1		localhost ip6-localhost ip6-loopback
ff02::1		ip6-allnodes
ff02::2		ip6-allrouters

Any ideas if this huge flood of e-mails is normal for a HestiaCP system with DNS problems or if something else might is going on here?

You didnt have set your hostname properly, add vm05.domain.tld after vm05 with a space between - so the messages will stop. You can also clear the freezed messages, a short google search will lead you to the right command. To prevent this in future, we currently discuss a valdiation check during installation.

Sure, I know how to manually configure DNS ( /etc/hosts and ISC Bind or dnsmasq), but I assumed HestiaCP would configure everything automagically.

Btw a good idea would be to add a header “Don’t edit this file manually … blah blah” to any config files that would be over-written by HestiaCP’s scripts.

Basicly this would be “only” the content of /home/user/conf, but we will discuss this aswell :slight_smile:.

Since DNS is so critical for the operation of any Internet server, please suggest some “best practices” when setting up a reliable HestiaCP server e.g.

  1. manually add the FQDN and real IP into /etc/hosts (assuming it won’t get overwritten automatically by some HestiaCP script later)
  2. add HestiaCP hostname to our external DNS servers
  3. add HestiaCP hostname in BIND (if running locally on)

I just checked an Debian 9 & 10 and Ubuntu 18.04 server all consult files then dns, according to /etc/nsswitch.conf

hosts: files dns

A decent summary of what /etc/hosts should look like can be found at

PS: I don’t mind at all configuring the HestiaCP server MANUALLY, as long as I know that HestiaCP won’t touch the same files. Btw let’s suppose that you wanted to RENAME the server, how would you do it ?

2 posts were split to a new topic: How to increase max upload size in filemanager?

Looking trough the debian installer, /etc/hosts is updated with the hostname in some cases, so I think we can improve that process a little bit.

2 Likes

I use Proxmox and chose to use ubuntu 20.04 LXC template. When I attempted to install the latest hestiaCP it failed, this was due to curl missing. I was able to fix it by running apt install curl. A check to see if curl is installed and auto install it if needed should correct it.

There is by default a check for curl

How ever if curl and wget does not exists the file will refuse to download of course

1 Like

3 posts were split to a new topic: Some problems with 1.2.0 RC installation

Today there was a flurry of commits to the Vesta CP github by dpeca, and some seem to be applicable to Hestia CP e.g. https://github.com/serghey-rodin/vesta/commit/d9e9c643699309594e8769a44ea8dd6e1e22e245

I have been fighting this for hours… more and more errors. Never ending it seems.

Debian 10
after trying to enable ipset in GUI
had an error
went to terminal

root@hestia:/usr/local/vesta/bin# apt install ipset
Reading package lists... Done
Building dependency tree
Reading state information... Done
ipset is already the newest version (6.38-1.2).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n]
Setting up apache2 (2.4.43-1+0~20200511.11+debian10~1.gbpdc0c89) ...
ERROR: Config file status.conf not properly enabled: /etc/apache2/mods-enabled/status.conf is a real file, not touching it
dpkg: error processing package apache2 (--configure):
 installed apache2 package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
 apache2
E: Sub-process /usr/bin/dpkg returned an error code (1)

root@hestia:/usr/local/vesta/bin# apt -f install
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Setting up apache2 (2.4.43-1+0~20200511.11+debian10~1.gbpdc0c89) ...
ERROR: Config file status.conf not properly enabled: /etc/apache2/mods-enabled/status.conf is a real file, not touching it
dpkg: error processing package apache2 (--configure):
 installed apache2 package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
 apache2
E: Sub-process /usr/bin/dpkg returned an error code (1)
root@hestia:/etc/apache2/mods-available# apache2 --configure
[Tue Jun 23 17:32:56.207230 2020] [core:warn] [pid 2760] AH00111: Config variable ${APACHE_PID_FILE} is not defined
[Tue Jun 23 17:32:56.207761 2020] [core:warn] [pid 2760] AH00111: Config variable ${APACHE_RUN_USER} is not defined
[Tue Jun 23 17:32:56.207981 2020] [core:warn] [pid 2760] AH00111: Config variable ${APACHE_RUN_GROUP} is not defined
[Tue Jun 23 17:32:56.208221 2020] [core:warn] [pid 2760] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
[Tue Jun 23 17:32:56.289736 2020] [core:warn] [pid 2760:tid 139852141139072] AH00111: Config variable ${APACHE_RUN_DIR} is not defined
root@hestia:/usr/local/hestia/bin# netstat -antp | grep -i apache
tcp        0      0 192.3.x.x:8443       0.0.0.0:*               LISTEN      1293/apache2
tcp        0      0 192.3.x.x:8080       0.0.0.0:*               LISTEN      1293/apache2
tcp        0      0 127.0.0.1:8081          0.0.0.0:*               LISTEN      1293/apache2
root@hestia:/usr/local/hestia/bin# apt install ipset
Reading package lists... Done
Building dependency tree
Reading state information... Done
ipset is already the newest version (6.38-1.2).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] y
Setting up apache2 (2.4.43-1+0~20200511.11+debian10~1.gbpdc0c89) ...
info: Executing deferred 'a2enconf javascript-common' for package javascript-common
ERROR: Conf javascript-common does not exist!
dpkg: error processing package apache2 (--configure):
 installed apache2 package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
 apache2
E: Sub-process /usr/bin/dpkg returned an error code (1)
root@hestia:/usr/local/hestia/bin# apt install javascript-common
Reading package lists... Done
Building dependency tree
Reading state information... Done
javascript-common is already the newest version (11).
javascript-common set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n]
Setting up apache2 (2.4.43-1+0~20200511.11+debian10~1.gbpdc0c89) ...
info: Executing deferred 'a2enconf javascript-common' for package javascript-common
ERROR: Conf javascript-common does not exist!
dpkg: error processing package apache2 (--configure):
 installed apache2 package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
 apache2
E: Sub-process /usr/bin/dpkg returned an error code (1)
root@hestia:/usr/local/hestia/bin# apt install javascript-common^C
root@hestia:/usr/local/hestia/bin# apache2 --configure
[Tue Jun 23 17:47:01.901054 2020] [core:warn] [pid 5197] AH00111: Config variable ${APACHE_PID_FILE} is not defined
[Tue Jun 23 17:47:01.901625 2020] [core:warn] [pid 5197] AH00111: Config variable ${APACHE_RUN_USER} is not defined
[Tue Jun 23 17:47:01.901880 2020] [core:warn] [pid 5197] AH00111: Config variable ${APACHE_RUN_GROUP} is not defined
[Tue Jun 23 17:47:01.902153 2020] [core:warn] [pid 5197] AH00111: Config variable ${APACHE_LOG_DIR} is not defined
[Tue Jun 23 17:47:01.955640 2020] [core:warn] [pid 5197:tid 139939131389056] AH00111: Config variable ${APACHE_RUN_DIR} is not defined
AH00543: apache2: bad user name ${APACHE_RUN_USER}
root@hestia:/usr/local/hestia/bin# journalctl -xe
Jun 23 17:46:19 hestia.example.com dbus-daemon[332]: [system] Activating via systemd: service name='org.freedesktop.PackageKit' unit='packagekit.servi
Jun 23 17:46:19 hestia.example.com systemd[1]: Starting PackageKit Daemon...
-- Subject: A start job for unit packagekit.service has begun execution
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit packagekit.service has begun execution.
--
-- The job identifier is 2506.
Jun 23 17:46:19 hestia.example.com PackageKit[5030]: daemon start
Jun 23 17:46:19 hestia.example.com dbus-daemon[332]: [system] Successfully activated service 'org.freedesktop.PackageKit'
Jun 23 17:46:19 hestia.example.com systemd[1]: Started PackageKit Daemon.
-- Subject: A start job for unit packagekit.service has finished successfully
-- Defined-By: systemd
-- Support: https://www.debian.org/support
--
-- A start job for unit packagekit.service has finished successfully.
--
-- The job identifier is 2506.
Jun 23 17:46:54 hestia.example.com apache2.postinst[5145]: Executing deferred 'a2enconf javascript-common' for package javascript-common

Again Vesta to Hestia without a clean install is not possible.

I hope that’s not a production server @arktex54

Not really… just a play server with public IP.

This is hestia v1.1 to v1.2. I don’t see any type of ipset in GUI or bin for myvesta. Two separate servers.

root@hestia:/usr/local/vesta/bin# apt install ipset

And

root@hestia:/usr/local/vesta/bin# apt -f install

Don’t see vesta folders on a clean install Hestia setup…

It’s a symlink I use for keyboarding. Typing /usr/local/vesta/bin/ for years is natural.putty_2020-06-23_18-26-19

Btw the “ipset” pkg should probably be added to the installer (as should the user-space “apparmor” pkg).

I find the combination of ipsets and certain iptables modules (e.g. hashlimit) to be invaluable in production Internet servers for taking “preventive” measures (since 60-80% of malicious traffic comes from specific countries).

1 Like

Ipset and apparmor are allready in the new installer…