Setting Up Domain Aliases in CloudPanel with Independent SSL

• Tested on Ubuntu 22.04 (Jammy Jellyfish) Only on which CloudPanel is installed.

Use it at your own risk on a production server.

It doesn’t alter any imp system files.

Overview

CloudPanel doesn’t natively support adding domain aliases or parked domains without manual configuration. While you can modify the vhost server_name with an addon domain, it shares the SSL certificate with the main domain. This guide provides a solution to create completely independent domain aliases with their own SSL certificates while sharing the main domain’s directory.

Prerequisites

Required Components

• CloudPanel installed and configured
• Main website already set up and running
• SSH access with sudo privileges
• Secondary domain name ready to be configured

Main Site Example Structure

Main Site Path: /home/mainsite/htdocs/mainsite.com
Main Site User: mainuser
Main Site URL: mainsite.com

Manual Setup Steps

1. Create New Site in CloudPanel

   • Log into CloudPanel
   • Create a new website for your secondary domain
   • Choose any template except reverse proxy (PHP recommended)

2. Generate SSL Certificate

   • Use CloudPanel’s interface to generate Let’s Encrypt SSL
   • Ensure the certificate is properly issued for the secondary domain

3. Configure Vhost File

   • Location: /etc/nginx/sites-enabled/secondarysite.com.conf
   • Copy configuration from main site’s vhost
   • Update server_name to secondary domain
   • Change {{root}} path to main site’s path
   • Example: /home/mainsite/htdocs/mainsite.com

4. Update PHP-FPM Pool

   • Navigate to: /etc/php/8.2/fpm/pool.d/
   • Modify: secondarysite.com.conf
   • Update user and group to main site’s user
   • Example: user = mainuser and group = mainuser

5. Restart Services

   • Restart PHP-FPM: systemctl restart php8.2-fpm
   • Restart NGINX: systemctl restart nginx

Automated Setup Using Script

Script Installation

# Download the script
wget https://your-script-url/setup-domain-alias.sh

# Make it executable
chmod +x setup-domain-alias.sh

Script Usage

sudo ./setup-domain-alias.sh -m mainsite.com -s secondarysite.com [-p php_version]

Script Parameters

• -m: Main domain name (required)
• -s: Secondary domain name (required)
• -p: PHP version (optional, defaults to 8.2)

What the Script Does

1. Validates input parameters and requirements
2. Creates backups of existing configurations
3. Updates NGINX vhost configuration
4. Modifies PHP-FPM pool settings
5. Tests configurations
6. Restarts necessary services

Important Notes

PHP Version

• Default version is 8.2
• Change version number in paths if using different PHP version
• Script allows specifying version with -p parameter

Alternative Approach

• You can use reverse proxy with internal IP (127.0.0.1:port)
• Port number found in pool.d folder
• Not recommended for WordPress installations due to potential issues

Security Considerations

• Always backup configurations before making changes
• Verify SSL certificate generation
• Check file permissions after setup
• Test website functionality after changes

Troubleshooting

1. Verify SSL certificate status
2. Check NGINX configuration syntax
3. Examine PHP-FPM pool status
4. Review log files for errors:
   • /var/log/nginx/error.log
   • /var/log/php8.2-fpm.log

Maintenance

• Monitor SSL certificate renewals
• Keep PHP version updated
• Regular backup of configurations
• Check log files periodically

This setup provides a clean solution for domain aliases while maintaining independent SSL certificates and configuration files, all while sharing the main domain’s document root.

#!/bin/bash

# CloudPanel Domain Alias Setup Script
# This script automates the process of setting up a domain alias with independent SSL in CloudPanel

# Function to display script usage
usage() {
    echo "Usage: $0 -m main_domain -s secondary_domain [-p php_version]"
    echo "Example: $0 -m mainsite.com -s alias.com -p 8.2"
    exit 1
}

# Function to check if running with sudo privileges
check_sudo() {
    if [ "$EUID" -ne 0 ]; then
        echo "Please run this script with sudo privileges"
        exit 1
    fi
}

# Function to validate domain name format
validate_domain() {
    if [[ ! $1 =~ ^[a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9]\.[a-zA-Z]{2,}$ ]]; then
        echo "Invalid domain format: $1"
        exit 1
    fi
}

# Parse command line arguments
while getopts ":m:s:p:" opt; do
    case $opt in
        m) MAIN_DOMAIN="$OPTARG";;
        s) SECONDARY_DOMAIN="$OPTARG";;
        p) PHP_VERSION="$OPTARG";;
        \?) echo "Invalid option -$OPTARG"
            usage;;
        :) echo "Option -$OPTARG requires an argument"
            usage;;
    esac
done

# Check if required arguments are provided
if [ -z "$MAIN_DOMAIN" ] || [ -z "$SECONDARY_DOMAIN" ]; then
    usage
fi

# Set default PHP version if not provided
PHP_VERSION=${PHP_VERSION:-8.2}

# Validate inputs
check_sudo
validate_domain "$MAIN_DOMAIN"
validate_domain "$SECONDARY_DOMAIN"

# Configuration variables
MAIN_USER=$(stat -c '%U' /home/*/htdocs/"$MAIN_DOMAIN" 2>/dev/null)
if [ -z "$MAIN_USER" ]; then
    echo "Error: Could not find main domain's user"
    exit 1
fi

MAIN_PATH="/home/$MAIN_USER/htdocs/$MAIN_DOMAIN"
VHOST_PATH="/etc/nginx/sites-enabled"
PHP_POOL_PATH="/etc/php/$PHP_VERSION/fpm/pool.d"

echo "Starting domain alias setup..."
echo "Main Domain: $MAIN_DOMAIN"
echo "Secondary Domain: $SECONDARY_DOMAIN"
echo "PHP Version: $PHP_VERSION"
echo "Main User: $MAIN_USER"

# Step 1: Verify that the main site exists
if [ ! -d "$MAIN_PATH" ]; then
    echo "Error: Main site directory not found at $MAIN_PATH"
    exit 1
fi

# Step 2: Backup original configuration files
timestamp=$(date +%Y%m%d_%H%M%S)
echo "Creating backup of configuration files..."

if [ -f "$VHOST_PATH/$SECONDARY_DOMAIN.conf" ]; then
    cp "$VHOST_PATH/$SECONDARY_DOMAIN.conf" "$VHOST_PATH/$SECONDARY_DOMAIN.conf.backup_$timestamp"
fi

if [ -f "$PHP_POOL_PATH/$SECONDARY_DOMAIN.conf" ]; then
    cp "$PHP_POOL_PATH/$SECONDARY_DOMAIN.conf" "$PHP_POOL_PATH/$SECONDARY_DOMAIN.conf.backup_$timestamp"
fi

# Step 3: Update the vhost configuration
echo "Updating NGINX vhost configuration..."
sed -i "s|{{root}}|$MAIN_PATH|g" "$VHOST_PATH/$SECONDARY_DOMAIN.conf"
sed -i "s|server_name .*;|server_name $SECONDARY_DOMAIN;|g" "$VHOST_PATH/$SECONDARY_DOMAIN.conf"

# Step 4: Update PHP-FPM pool configuration
echo "Updating PHP-FPM pool configuration..."
sed -i "s|user = .*|user = $MAIN_USER|g" "$PHP_POOL_PATH/$SECONDARY_DOMAIN.conf"
sed -i "s|group = .*|group = $MAIN_USER|g" "$PHP_POOL_PATH/$SECONDARY_DOMAIN.conf"

# Step 5: Test configurations
echo "Testing NGINX configuration..."
nginx -t
if [ $? -ne 0 ]; then
    echo "Error: NGINX configuration test failed"
    exit 1
fi

# Step 6: Restart services
echo "Restarting services..."
systemctl restart php$PHP_VERSION-fpm
systemctl restart nginx

echo "Setup completed successfully!"
echo "Please verify that:"
echo "1. The SSL certificate has been generated for $SECONDARY_DOMAIN"
echo "2. The website is accessible at https://$SECONDARY_DOMAIN"
echo "3. All file permissions are correct"
echo ""
echo "Backup files were created with timestamp: $timestamp"