The new software stack for SolusVM is compatible with v1.x and will allow you to use a maintained NGINX version instead of the standard lighttpd version shipped with v1.x
This documentation is for Master (UI) servers and Slave servers
The following port changes have been made:
- Port 5353 has been disabled
- Port 443 is now standard and active
- Port 5656 is still active and must remain active
- Port 80 has been disabled and is only used for certificate validation
Installing the Repositories
If /etc/yum.repos.d/solusvm.repo already exists it means it's already installed and you can skip this step
Refer to the following docs SolusVM 2 Enterprise Linux Yum Repository
Installing the NGINX Stack
You will need to shutdown the current lighttpd service:
Next install NGINX and the legacy configs:
Master (UI) Server
Start the new service:
You can install our letsencrypt stack component to issue a certificate with automatic renewal:
Once installed run the following to setup the correct domain. Please note the domain must already resolve to your master server:
You will be asked two questions:
- Enter domain name: Enter the domain name you wish to use. Don't include the www. prefix. i.e: mycp.vpscontrol.com
- Include the www prefix in the certificate? (y/n): Do you also want to include the www. prefix in the certificate. Generally it's not needed but if you want to use this feature www.mycp.vpscontrol.com must also resolve
Once you have answered the 2 questions a certificate will be generated and if successful will be updated in the nginx config and reloaded.
When you have completed these steps, you don't need to do this again unless you change the domain name. The certificate will be automatically updated to keep it valid.
In most cases you will already have a valid certificate for your master which lighttpd would have been using. You can use this certificate with the new stack by copying the existing certificate to the following locations:
/usr/local/svmstack/nginx/ssl/ssl.crt should contain the certificate.
/usr/local/svmstack/nginx/ssl/ssl.key should contain the private key.
It is advised you use the default locations specified above when copying the certificates. This is an experimental feature so the configuration files may change on updates. Keeping the default locations will ensure the service continues to run and extra modules can automatically use the certificates without further intervention.
Now restart the service:
A slave can usually function on a self-signed certificate. If you require a valid certificate you can use the same process as the master certificate setup.