HI.
I have docker on Hestia. I’ve created containers like portainer. The main page of portainer isn’t SSL. I’d like to create a secure site and redirect the IP 80.80.80.80:3000 of portainer to a subdomain of my DNS of my server test.myserver.com How can I do it?
Could I access to the nginx server with a desktop graphical support by do it?
You need to create a template for the webserver and create a new (sub)domain and assign that new template to it.
See p.e. Template for NGINX reverse proxy for Docker app and Web Templates and FastCGI/Proxy Cache | Hestia Control Panel
Hi
Thanks for the answer Maurice
I don’t undertand it
I’ve that modify some of the files .tpl y .stpl that there’s already on the route /usr/local/hestia/data/templates/web/nginx/ other I’ve that insert a new file .tpl y .stpl, with any name?
I’ve that modify something in the template IPS o port?? where?
Create new templates as described in the documentation (link in my previous message). Examples of templates are all over this forum, also in the first link of my previous message. Change the port to your situation. Save the new templates, choose a name you like, as described in the documentation. Create a new site and select the new template, as described in the documentation.
1 Like
HI Maurice
I’m sorry but I don’t understand the documentation.
The documentation says: 1. Using .user.ini in the home directory /home/user/web/domain.tld/public_html.
in my direction /home/admin/web/portainer.myserver.com/public_html/ there is no file called .user.ini I have to create it? and what do I put in it?
I have read everything that I found in this forum of .user.ini and do not know how to do it.
Please
.user.ini is used for specific php values. You don’t need that in your situation. You just need to create and use a template for your proxy. In your case php (if needed) is handled in your container.
Hi Maurice
My file portainer.stpl
#=======================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
#=======================================================================#
server {
listen %ip%:%proxy_ssl_port% ssl http2;
server_name %domain_idn% %alias_idn%;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
location / {
proxy_pass https://%ip%:3001;
}
}
My file portainer.tpl
#=======================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
#=======================================================================#
server {
listen %ip%:%proxy_port%;
server_name %domain_idn% %alias_idn%;
include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
location / {
proxy_pass http://%ip%:3000;
}
}
I’ve put both in the follow route /usr/local/hestia/data/templates/web/nginx/
I’ve created a subdomain with hestia panel called portainer.mydomain.com
What else do I have to do?
gracias
Quoting the docs: When you are done editing your template, enable it for the desired domain from the control panel.
I Maurice
I’ve wrote v-rebuild-web-domains by SSH and when I write the subdomain portainer.mydomain.com. It apperars the page (We’re working on it.) The index page in the route /home/admin/web/portainer.mydomain.com/public_html/index.html.
Could you be more specific, please?
thanks
Double check you are using portainer template on your site:
v-list-web-domain admin portainer.mydomain.com json | jq -r '.[]|.TPL'
You don’t say whether you executed this v-rebuild-web-domains with no options but it should look like this:
v-rebuild-web-domains admin yes
Once rebuilt is done, check that your web conf is using the right template:
cat /home/admin/conf/web/portainer.mydomain.com/nginx.conf
cat /home/admin/conf/web/portainer.mydomain.com/nginx.ssl.conf
1 Like
Hi sahsanu
Thansk for the answer
I put
v-list-web-domain admin portainer.mydomain.com json | jq -r '.[]|.TPL'
It appears (default)
I just put before v-rebuild-web-domains now I’ve put
v-rebuild-web-domains admin yes
it doen’t appear anything
I put cat /home/admin/conf/web/portainer.mydomain.com/nginx.conf
It appears
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
server {
listen 88.888.888.888:80;
server_name portainer.mydomain.com www.portainer.mydomain.com;
error_log /var/log/apache2/domains/portainer.mydomain.com.error.log error;
include /home/admin/conf/web/portainer.mydomain.com/nginx.forcessl.conf*;
location ~ /\.(?!well-known\/|file) {
deny all;
return 404;
}
location / {
proxy_pass http://88.888.888.888:8080;
location ~* ^.+\.(css|htm|html|js|json|xml|apng|avif|bmp|cur|gif|ico|jfif|jpg|jpeg|pjp|pjpeg|png|svg|tif|tiff|webp|aac|caf|flac|m4a|midi|mp3|ogg|opus|wav|3gp|av1|avi|m4v|mkv|mov|mpg|mpeg|mp4|mp4v|webm|otf|ttf|woff|woff2|doc|docx|odf|odp|ods|odt|pdf|ppt|pptx|rtf|txt|xls|xlsx|7z|bz2|gz|rar|tar|tgz|zip|apk|appx|bin|dmg|exe|img|iso|jar|msi|webmanifest)$ {
try_files $uri @fallback;
root /home/admin/web/portainer.mydomain.com/public_html;
access_log /var/log/apache2/domains/portainer.mydomain.com.log combined;
access_log /var/log/apache2/domains/portainer.mydomain.com.bytes bytes;
expires max;
}
}
location @fallback {
proxy_pass http://88.888.888.888:8080;
}
location /error/ {
alias /home/admin/web/portainer.mydomain.com/document_errors/;
}
include /home/admin/conf/web/portainer.mydomain.com/nginx.conf_*;
I put cat /home/admin/conf/web/portainer.mydomain.com/nginx.ssl.conf
it appears:
#=========================================================================#
# Default Web Domain Template #
# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
# https://hestiacp.com/docs/server-administration/web-templates.html #
#=========================================================================#
server {
listen 88.888.888.888:443 ssl;
server_name portainer.mydomain.com www.portainer.mydomain.com;
error_log /var/log/apache2/domains/portainer.mydomain.com.error.log error;
ssl_certificate /home/admin/conf/web/portainer.mydomain.com/ssl/portainer.mydomain.com.pem;
ssl_certificate_key /home/admin/conf/web/portainer.mydomain.com/ssl/portainer.mydomain.com.key;
ssl_stapling on;
ssl_stapling_verify on;
# TLS 1.3 0-RTT anti-replay
if ($anti_replay = 307) { return 307 https://$host$request_uri; }
if ($anti_replay = 425) { return 425; }
include /home/admin/conf/web/portainer.mydomain.com/nginx.hsts.conf*;
location ~ /\.(?!well-known\/|file) {
deny all;
return 404;
}
location / {
proxy_pass https://88.888.888.888:8443;
location ~* ^.+\.(css|htm|html|js|json|xml|apng|avif|bmp|cur|gif|ico|jfif|jpg|jpeg|pjp|pjpeg|png|svg|tif|tiff|webp|aac|caf|flac|m4a|midi|mp3|ogg|opus|wav|3gp|av1|avi|m4v|mkv|mov|mpg|mpeg|mp4|mp4v|webm|otf|ttf|woff|woff2|doc|docx|odf|odp|ods|odt|pdf|ppt|pptx|rtf|txt|xls|xlsx|7z|bz2|gz|rar|tar|tgz|zip|apk|appx|bin|dmg|exe|img|iso|jar|msi|webmanifest)$ {
try_files $uri @fallback;
root /home/admin/web/portainer.mydomain.com/public_html;
access_log /var/log/apache2/domains/portainer.mydomain.com.log combined;
access_log /var/log/apache2/domains/portainer.mydomain.com.bytes bytes;
expires max;
}
}
location @fallback {
proxy_pass https://88.888.888.888:8443;
}
location /error/ {
alias /home/admin/web/portainer.mydomain.com/document_errors/;
}
proxy_hide_header Upgrade;
include /home/admin/conf/web/portainer.mydomain.com/nginx.ssl.conf_*;
and when I put portainer.mydomain.com , it continuos appear the index page We’re working on it.
Thanks for the answer
That means that your web domain is not using the new template portainer.
You must edit your web domain, select the template portainer and Save the new conf.
It’s ok to see nothing.
1 Like
Hi sahsanu
I’ve chosen in Hestia panel the template portainer in template Proxy.
But in template Web APACHE2 only appear default.
But in template Backen PHP-FPM appears : default, no-php, PHP-8_2 and socket.
greetings
Sorry, I thought you weren’t using Nginx as a proxy.
Use this command instead:
v-list-web-domain admin portainer.mydomain.com json | jq -r '.[]|.PROXY'
But as per your screenshot it is configured correctly… also, as you shared the domain, I can see the portainer login page:
Maybe you should clear your browser’s cache, try the private/incognito mode or try another browser.
2 Likes
Hi sahsanu
Yes, it’s working properly.
I’ve cleaned the browser’s cache and it’s working
Thanks so much sahsanu and maurice
2 Likes