Hello @Exhaust,
Regarding this question, as @el_dibu said, you should create your own template to pass the requests to hestia nginx server started in port 8083 and use that template in cp.domain.com web domain options. @m3core already have posted a link to a template that should work for your needs.
As far as I know, there isn’t an easy way to do it in HestiaCP, you should modify nginx.conf used by HestiaCP but the changes could be overriden in next update so, use it at your own risk.
Backup nginx.conf file… just in case:
cp /usr/local/hestia/nginx/conf/nginx.conf /root/hestia-nginx.conf.backup
Edit file /usr/local/hestia/nginx/conf/nginx.conf :
You should search for this part:
# Vhost
server {
listen 8083 ssl;
server_name _;
root /usr/local/hestia/web;
# Fix error "The plain HTTP request was sent to HTTPS port"
[...] here the rests of the options
And modify server_name _; by server_name cp.domain.com;
You should also add a new server block before current server block, like this:
server {
listen 8083 ssl;
server_name _;
ssl_certificate /usr/local/hestia/ssl/certificate.crt;
ssl_certificate_key /usr/local/hestia/ssl/certificate.key;
return 403;
}
So finally you should get something like this:
# Vhost
server {
listen 8083 ssl;
server_name _;
ssl_certificate /usr/local/hestia/ssl/certificate.crt;
ssl_certificate_key /usr/local/hestia/ssl/certificate.key;
return 403;
}
server {
listen 8083 ssl;
server_name cp.domain.com;
root /usr/local/hestia/web;
# Fix error "The plain HTTP request was sent to HTTPS port"
[...] here the rests of the options
Save the file.
Restart nginx server used by HestiaCP.
systemctl restart hestia.service
Now, only cp.domain.com will be able to connect on port 8083 over TLS, the rest of the domains will get an error (403 Forbidden).
Good luck,
sahsanu