Hestia CP under subdomain

NewGuy · November 23, 2021, 6:45pm

How can i setup hestia panel under subdomain
I want have panel under hestia.domain_com
and also i want host my page under domain_com

Now i have installed hestia but access to it is using ip:port but i want make access using hestia.domain_com
It is possible and how?

eris · November 23, 2021, 9:27pm

Setup Hestia with hestia.domain.com

Login after install → Create new user → Add webdomain → domain.com

NewGuy · November 24, 2021, 12:11pm

I think I misspelled my problem.

When I install hestia I set hesta.domain.com during installation.

But that subdomain dont work: I see “Success! Your new web server is ready to use.” but not hestia dashboard

SSL work somehow when i access to panel using ip:8083 i geting ssl connection and that cert is created for hestia.domain.com

NewGuy · November 24, 2021, 3:36pm

I find something (but i don’t know it is correct)

In /etc/nginx/conf.d/ I create hestia.conf

server {
    listen       [ip]:443 ssl http2;
    server_name  hestia.domain.com;

    location / {
        proxy_pass  https://[ip]:8083;
   }
}

and things start works but when I try login I see error about CSRF
i run

v-change-sys-config-value 'POLICY_CSRF_STRICTNESS' '0'

and now all works!

But still, I have a question, How dangerous is that command what I run

eris · November 24, 2021, 3:48pm

It prevent some small CSRF abuse if it still possible it is currently almost impossible to abuse this behaviour.

The config you posted will disable Let encrypt from working and https://domain.com/phpmyadmin/ will not be working any more…

I will create later on a template that keeps phpmyadmin and letsencrypt working how ever I have other things to attend first

NewGuy · November 26, 2021, 4:14pm

I take a while and create that config

server {
    listen       IP;
    server_name  hestia.DOMAIN.COM;
	
	return 301 https://$host$request_uri;
}

server {
    listen       IP:443 ssl http2;
    server_name  hestia.DOMAIN.COM;

    location / {
        proxy_pass  https://127.0.0.1:8083;
	}
  
	location /phpmyadmin/ {
		alias /usr/share/phpmyadmin/;
		index index.html index.php;
		
		location ~ /(libraries|setup|templates|locale|sql)/ {
			deny all;
			return 404;
		}
		location ~ /(.+\.(json|lock|md)) {
			deny all;
			return 404;
		}

		location ~ ^/phpmyadmin/(.*\.php)$ {
			alias /usr/share/phpmyadmin/$1;
			fastcgi_pass 127.0.0.1:9000;
			fastcgi_index index.php;
			include fastcgi_params;
			fastcgi_param SCRIPT_FILENAME $request_filename;
		}
		location /phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
			root /usr/share/phpmyadmin/;
		}
	}

}

Works for me (but if you have any ideas what I can do better I waiting. I don’t feel super experienced)

Erekyu · December 9, 2021, 12:55pm

I am going to give this a shot for my subdomain wish me luck!