VestaCP and Virtualmin Review
I've used cpanel as a user, reseller, and admin. In a weird way I enjoy all of its arcane, poor design, but lately I've been just manually admining nginx + php-fpm. For my friends and family "hey I hear you know about computers" box, I've been considering throwing up a panel so people could self-service...and I don't want to pay $15/mo for cpanel.
After a related thread, I decided to experiment.
Linode helpfully offered $5 1G VPSes today, so why not try a pair: one for virtualmin/webmin and one for vesta. Never used either product previously and I figured I'd just dive right in rather than read docs. Deb 8 for both.
Setup was fine. It made me install/purge exim4, which Linode puts there in its image.
With just the stock config, about 729MB free on a 1G VPS.
Kudos to VestaCP for setting up MySQL correctly. They created a cnf for root with a secure password.
Big negative when I went to look at the graphs. Vesta is telling me there's only 25MB RAM free because 962MB is used. Really guys? We haven't learned how to read free -m yet? Disappointing.
Vesta seems to have a lot of pretty UI things...that don't add a lot of usability. e.g., to configure, instead of a "Settings" tab there's a little gear icon. And once you click it, everything is click-to-drop-down, etc. It seemed like a lot of fanciness for little purpose. Their design is also very white-space heavy...I mean, I'm on a 5K monitor and I'm scrolling past a ton of white.
Vesta's "Log" tab shows me "added cron job 8", "added cron job 7", "added cron job 6", etc. which is not helpful.
Vesta comes with nginx + php-fpm out of the box - I like that. They use exim4...not a fan, but it's their headache. There's a custom install command builder on their site that's kind of neat.
Major hangup on setup: Virtualmin got into a tizzy about mysql root. During in the post-install setup on the web, it said it didn't know what the mysql root password was...and guess what, neither do I, since Virtualmin installed it. I had to do a manual root mysql password reset. Maybe I missed a step, but I see this is a FAQ.
On the other hand, it handled removal of exim4 on its own.
Post-install, Virtualmin asked me a lot of questions and I liked that. I really liked the "pick a size for MySQL" etc. which I imagine is very helpful for non pros.
735MB free after, so the same as Vesta.
One negative was that there was no firewall setup automatically. Really!? No fail2ban? Ugh. I did find and add the fail2ban module, which was easy to setup. Not so for firewall...looks like Virtualmin expects me to create my own rules. But...but...that's the panel's job. For example, if I enable FTP, the firewall should adjust its rules...do I really need to hand-create firewall rules? This seems like a huge miss but it could be pilot error.
So I reinstalled on CentOS, figuring that perhaps using firewalld would make fireall config easier. Alas, I first had a new problem enabling ClamAV (figured I'd turn everything on this time):
ERROR: Could not lookup : Servname not supported for ai_socktype ----------- SCAN SUMMARY ----------- Infected files: 0 Time: 0.002 sec (0 m 0 s)
The install doc says "We don't know why this happens." At least they're candid. OK, they say ClamAV has become fragile so we'll let that go. But when I went to the firewalld config:
Failed to list zones : [91mFirewallD is not running[00m
Yeah with escape codes. BTW the Linux firewall module says:
No iptables bootup action was found, indicating that the IPtables package is not installed on your system
[root@webvmin ~]# rpm -q -a | grep -i iptab iptables-1.4.21-17.el7.x86_64
And of course once I went into Virtualmin and specifically turned on firewalld in the bootup...yep, locked virtualmin out because it hadn't configured port 1000.
Now I know how to fix this. But then what's the point of a panel...?
BTW, php 5.4? Aw, I've got to run my own yum commands? https://www.virtualmin.com/documentation/web/multiplephp Boo. Configuring php and such is really the panel's job, no?
I like the Virtualmin interface a lot better than Vesta's. For one thing, it shows memory correctly. The interface is actually quite nice...granted, that's based on an hour's playing. So much of it just seems more polished - favorites, themes, etc. Oh and that "click this icon and you have a terminal session from within your browser" is the bomb! I know there are other web consoles out there but that was an unexpected plus.
Virtualmin uses postfix out of the box - I prefer that over exim4 though I suppose the point is to let the panel worry about that.
Virtualmin uses traditional apache, though the docs say you can setup nginx/php-fpm.
I can't imagine using Vesta...just hate the interface. The "all your memory is in use" graphs made me sad.
OTOH, Virtualmin seems to be uninterested in firewalls. It's not even a section in the install docs (fail2ban is, but not firewalls). It seemed very nice...but buggy and the lack of firewall out of the box seems a big miss.