{"id":28196931,"url":"https://github.com/markc/hcp_bs5","last_synced_at":"2025-05-16T16:14:14.091Z","repository":{"id":137831999,"uuid":"51200564","full_name":"markc/hcp_bs5","owner":"markc","description":"A super lightweight Hosting Control Panel for Ubuntu and Debian Mail, Web and DNS servers","archived":false,"fork":false,"pushed_at":"2025-01-18T05:39:22.000Z","size":1525,"stargazers_count":21,"open_issues_count":0,"forks_count":18,"subscribers_count":7,"default_branch":"main","last_synced_at":"2025-01-18T06:24:48.979Z","etag":null,"topics":["bash-scripting","control-panel","debian","dns-server","dovecot","hcp","mailserver","nginx-php-fpm","nginx-server","php8-features","postfix","powerdns","ubuntu","ubuntu-server","web"],"latest_commit_sha":null,"homepage":"https://netserva.org","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/markc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-02-06T11:50:52.000Z","updated_at":"2025-01-18T05:39:23.000Z","dependencies_parsed_at":null,"dependency_job_id":"a963897c-fef2-4bd8-94a0-e31a4b37b5d5","html_url":"https://github.com/markc/hcp_bs5","commit_stats":null,"previous_names":["markc/hcp_bs5"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markc%2Fhcp_bs5","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markc%2Fhcp_bs5/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markc%2Fhcp_bs5/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/markc%2Fhcp_bs5/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/markc","download_url":"https://codeload.github.com/markc/hcp_bs5/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254564073,"owners_count":22092124,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bash-scripting","control-panel","debian","dns-server","dovecot","hcp","mailserver","nginx-php-fpm","nginx-server","php8-features","postfix","powerdns","ubuntu","ubuntu-server","web"],"created_at":"2025-05-16T16:14:13.227Z","updated_at":"2025-05-16T16:14:14.084Z","avatar_url":"https://github.com/markc.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# NetServa HCP (WIP, being rewritten for PHP 8.3)\nCopyright (C) 2015-2024 Netserva HCP (AGPL-3.0)\n\nNetServa HCP is a lightweight Web, Mail, and DNS server with a PHP-based Hosting Control Panel for managing multiple virtually hosted domains. It's designed to run on the latest Debian or Ubuntu systems and supports both SQLite and MySQL as backend databases.\n\n## Key Features\n\n- Minimal resource requirements: runs in as little as 256 MB RAM\n- Ideal for LXD containers, Proxmox virtual machines, and small VPS instances\n- Built on [NetServa SH] shell scripts\n\n## Components\n\n- Web Server: nginx with PHP FPM 8+\n- Mail Server: Fully functional IMAP/SMTP with personalized spam filtering\n- SSL: LetsEncrypt integration\n- DNS: Optional PowerDNS for local or public DNS services\n- Database: Choice of SQLite or MySQL\n- Interface: Built with Bootstrap 5 and DataTables\n\n## Hosting Control Panel\n\nThis project is ideal for small VMs, CTs (containers) or VPS plans.\n\n- [NetServa HCP] does not reqire Python or Ruby, just PHP and Bash\n- Fully functional IMAP/SMTP mailserver with personalised Spam filtering\n- [LetsEncrypt] SSL enabled [nginx] web server with [PHP FPM 7+]\n- Optional [PowerDNS] installation for local LAN or real-world DNS service\n- Always based and tested on the latest release of [Ubuntu Server]\n- It can use either [SQLite] or [MySQL] as database backends\n- A fresh SQLite based install uses about 70MB ram (without Wordpress)\n- An optional \"compiled\" single file PHP script is less than 200KB in size\n\n## Usage\n\nThe PHP web interface relies on the [NetServa SH] scripts being installed on the\nprimary and target hosts so the first thing to do, as root...\n\n    cd # as root\n    git clone https://github.com/markc/sh .sh\n    .sh/bin/shm install\n    . .shrc\n\nThis installs the `SH` (Shell Helper) aliases and scripts into a `/root/.sh`\ndirectory and activates the environment variables and special aliases. See the\n[NetServa SH] repo for more information about how to use these aliases and\nscripts directly. This `HCP` project is just a web based frontend for the `SH`\nsystem which does all the real provisioning and management work.\n\nThe next step, after installing the `SH` scripts, is to make sure the current\nhost has a hostname and a domainname. The domainname needs to be valid if using\na publically accessible server and that needs the assistence of a real DNS\nservice. Otherwise, if using a local LAN with private IPs (like 192.168.\\*,\n10.\\* or 172.\\*) then you can make up any domainname as long as your are\nconsistent within your local LAN. Using something like `netserva.lan` is a good\ncandidate unless you prefer something else. The hostname of your current host\ncomputer is usually determined when the OS is installed but can be changed by\nediting `/etc/hostname` and making sure `/etc/resolv.conf` has a reference like\n`search netserva.lan`. Once you get results like this...\n\n    ~ hostname\n    myhost\n    ~ hostname -d\n    netserva.lan\n    ~ hostname -f\n    myhost.netserva.lan\n\n(where `myhost` and `netserva.lan` are your real or made up names) then continue\non with the next step.\n\nNow we \"normalize\" the host by using `setup-host` which updates the primary\nhosting **Desktop** or **Server** system to Noble 24.04 (unless `os release` is\ndefined.) using the current `hostname -f` unless a **hostname.domainname** is\npassed in as the first `[domain]` argument...\n\n    Usage: setup-host [fqdn] [(mysql)|sqlite]\n\nWe can now setup the actual NetServa SH/HCP system for testing so, for example,\nif we use something like `c1.netserva.lan`, where `c1` will be the container\nlabel and `netserva.lan` can either be a real domainname (if the server has a\npublic IP) or whatever internal LAN-wide domainname you care to use...\n\nIf the installation procedure can detect an externally available public IP then\nit will attempt to install a LetsEncrypt SSL certificate so that the web server\ncan be accessed via `https` and the mail server will be SSL enabled and ready\nfor real-world deployment. Otherwise a self-signed certificate will be installed\nThe mail, web, sftp and HCP login credentials will be available in\n`cat ~/.vhosts/$(hostname -f).conf`.\n\nThe essential configuration settings for the default server will be inside the\ncontainer (example only for a local LAN domain called `netserva.lan`)...\n\n    lxc exec c1 bash\n    cat ~/.vhosts/$(hostname -f)\n\nOr, if you already have a containter or remote server ready to use after a fresh\nUbuntu or Debian install then you could install the entire NetServa SH and HCP\nsystem by ssh'ing into the target system and...\n\n    wget https://raw.githubusercontent.com/markc/sh/main/bin/setup-sh\n    # cat setup-sh\n    . setup-sh\n    setup-all\n\nThis may take 5 to 15 mintes to complete depending on the bandwidth available to\nthe target server. Once finished you should be able to go to\n`https://c1.netserva.lan/hcp` and login to the HCP web interface using the\nsimple sitewide HTTP `sysadm/1234` authentication first then the real admin\nusername and password available with `cat ~/.vhosts/$(hostname -f).conf`.\n\n## Config Override\n\nThe main `index.php` file is actually the configuration for the entire program\nso that the rest of the PHP files could actually be included from anywhere else\non the system (not just from `lib/php`) if the `INC` const is changed. To\noverride the default settings (so sensitive information is not committed to some\nGit repo) a config override file can be put anywhere (the default being\n`lib/.ht_conf.php`) in which an array is returned where any of the top level\nproperty array values can be overridden. First review the main [index.php] file\ntop level properties then compare below as an example of how to override these\nproperty values...\n\n    \u003c?php\n    return [\n        'cfg' =\u003e ['email' =\u003e 'YOUR@EMAIL_ADDRESS'],\n        'db' =\u003e ['type' =\u003e 'mysql', 'pass' =\u003e 'YOUR_MYSQL_PW'],\n        'out' =\u003e [\n            'doc'   =\u003e 'YOUR_SITE_LABEL',\n            'head'  =\u003e 'YOUR_SITE_LABEL',\n            'foot'  =\u003e 'Copyright (C) 2018 YOUR_SITE_LABEL',\n        ],\n    ];\n\nwhich would change the default email address (for forgotten password etc) to\nyour email address, set the database to use MySQL with it's password and change\nthe site titles and footer copyright notice. The SH/HCP system will use MySQL by\ndefault so if you use...\n\n    setup-all $(hostname -f) sqlite\n\nfor an extremely lightweight system (minus Wordpress) then use a\n`lib/.ht_conf.php` override file like...\n\n    \u003c?php\n    return [\n        'cfg' =\u003e ['email' =\u003e 'YOUR@EMAIL_ADDRESS'],\n        'db' =\u003e ['type' =\u003e 'sqlite'],\n        'out' =\u003e [\n            'doc'   =\u003e 'YOUR_SITE_LABEL',\n            'head'  =\u003e 'YOUR_SITE_LABEL',\n            'foot'  =\u003e 'Copyright (C) 2018 YOUR_SITE_LABEL',\n        ],\n    ];\n\nAnother alternate option for a MySQL password is to create a simple plain text\nfile called `lib/.ht_pw` and put ONLY the MySQL password in that file but of\ncourse using `lib/.ht_conf.php` instead allows you to modify or extend any of\nthe top level properties in `index.php`.\n\nThe point of the config override is so you can keep doing a `git pull`and update\nthe HCP web area (either from the NetServa repo or your own fork) without\ninterference from locally updated files, and `git push` (to your own git repo)\nwill not upload passwords to a possible public git repo.\n\n## Athentication\n\nDuring installation five random passwords will be auto-created in\n`/root/.vhosts/$(hostname -f)` along with a `/root/.my.cnf` with `DPASS` if\nMySQL is being used. Example...\n\n    ~ grep PASS ~/.vhosts/$(hostname -f)\n    APASS='LheTZOT8eYCrlAk8'  # Admin HCP password\n    DPASS='axVps7OIXb7VY4uT'  # Database password, if using MySQL\n    EPASS='a5cBBxXL59uAyJkc'  # SMTP/IMAP password for admin@$VHOST\n    UPASS='D8G3RgpBgSetyG4o'  # SFTP password\n    WPASS='LheTZOT8eYCrlAk8'  # Wordpress admin password, if using MySQL\n\nThe initial `sysadm` user has access to most of the server with SUDO permissions\nto the provisioning scripts in `/root/.sh/bin/*`. This user also \"owns\" the\ndefault `YOUR_DOMAIN/adm` web area with the NetServa HCP web interface. All\nextra virtual hosts will be owned by `u1000 u1001 u1002 etc` system users which\nwill be chrooted, or locked into, their respective VHOST web area. For\ninstance...\n\n    ~ shhost\n    sysadm  c1.netserva.org                          /home/u/c1.netserva.org\n    u1001   netserva.org                             /home/u/netserva.org\n    u1002   netserva.com                             /home/u/netserva.com\n    u1003   netserva.net                             /home/u/netserva.net\n\nwhere the above resulted from...\n\n    ~ newlxd c1.netserva.org\n    # then SSH/exec into the container and...\n    ~ addvhost netserva.org\n    ~ addvhost netserva.com\n    ~ addvhost netserva.net\n\nThe authentication point being that using SSH or SFTP (ie; from Dolphin) to this\nserver as...\n\n    ~ ssh -p9 sysadm@netserva.org\n    # or for KDE kio\n    sftp://sysadm@netserva.org:9/\n\nwould result in access to the whole (non-root) file system whereas...\n\n    ~ ssh -p9 u1001@netserva.org\n    # or for KDE kio\n    sftp://u1001@netserva.org:9/\n\nwould chroot or lock access to the `/home/u/netserva.org` area with no\npossibility of using SUDO so folks only interested in working on a web site have\nreasonably safe access to only that web area.\n\n`sshm` can be used on the host to manage local SSH keys making logging in\nto a container or remote server much easier...\n\n    ~ sshm h c\n    Create a new SSH Host file in ~/.ssh/config.d/\n    Usage: sshm create \u003cName\u003e \u003cHost\u003e [Port] [User] [Skey]\n\n_All scripts and documentation are Copyright (C) 2015-2024 Netserva HCP and\nLicensed [AGPL-3.0]. See [Copyright Notice](docs/02_Copyright.md) for full details._\n\n[NetServa SH]: https://github.com/markc/sh/\n[NetServa HCP]: https://github.com/markc/hcp/\n[AGPL-3.0]: http://www.gnu.org/licenses/agpl-3.0.html\n[Bootstrap 5]: https://getbootstrap.com/\n[DataTables]: https://datatables.net/examples/styling/bootstrap4/\n[index.php]: https://github.com/netserva/www/blob/master/index.php\n[nginx]: http://nginx.org/\n[PHP FPM 8+]: http://www.php.net/manual/en/install.fpm.php\n[Plasma Desktop]: https://kde.org/plasma-desktop/\n[Proxmox]: https://proxmox.com/\n[LetsEncrypt]: https://letsencrypt.org/\n[PowerDNS]: https://powerdns.com/\n[SQLite]: https://sqlite.org/features.html\n[MySQL]: https://mariadb.org/\n[Ubuntu Server]: https://ubuntu.com/download/server/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarkc%2Fhcp_bs5","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmarkc%2Fhcp_bs5","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmarkc%2Fhcp_bs5/lists"}