From b33ea7357764d600a8c392d81d43efb24766f7f5 Mon Sep 17 00:00:00 2001
From: myvesta <info@mycity-hosting.com>
Date: Fri, 12 Jul 2019 16:02:33 +0200
Subject: [PATCH] deb10 configs

---
 install/debian/10/apache2/apache2.conf        |  94 ++
 install/debian/10/apache2/status.conf         |   8 +
 install/debian/10/bind/named.conf             |  12 +
 install/debian/10/clamav/clamd.conf           |  60 ++
 install/debian/10/deb_signing.key             |  30 +
 install/debian/10/dovecot/conf.d/10-auth.conf |   4 +
 .../debian/10/dovecot/conf.d/10-logging.conf  |   1 +
 install/debian/10/dovecot/conf.d/10-mail.conf |   4 +
 .../debian/10/dovecot/conf.d/10-master.conf   |  29 +
 install/debian/10/dovecot/conf.d/10-ssl.conf  |   3 +
 install/debian/10/dovecot/conf.d/20-imap.conf |  58 ++
 install/debian/10/dovecot/conf.d/20-pop3.conf |  91 ++
 .../dovecot/conf.d/auth-passwdfile.conf.ext   |   9 +
 install/debian/10/dovecot/dovecot.conf        |   4 +
 install/debian/10/exim/dnsbl.conf             |   2 +
 install/debian/10/exim/exim4.conf.template    | 382 ++++++++
 install/debian/10/exim/spam-blocks.conf       |   0
 .../debian/10/fail2ban/action.d/vesta.conf    |   9 +
 .../debian/10/fail2ban/filter.d/vesta.conf    |  10 +
 install/debian/10/fail2ban/jail.local         |  39 +
 install/debian/10/firewall/ports.conf         |  17 +
 install/debian/10/firewall/rules.conf         |  11 +
 install/debian/10/logrotate/apache2           |  19 +
 install/debian/10/logrotate/dovecot           |  12 +
 install/debian/10/logrotate/nginx             |  13 +
 install/debian/10/logrotate/vesta             |   7 +
 install/debian/10/mysql/my-large.cnf          |  42 +
 install/debian/10/mysql/my-medium.cnf         |  40 +
 install/debian/10/mysql/my-small.cnf          |  40 +
 install/debian/10/nginx/nginx.conf            | 137 +++
 install/debian/10/nginx/phpmyadmin.inc        |  18 +
 install/debian/10/nginx/phppgadmin.inc        |  11 +
 install/debian/10/nginx/status.conf           |   9 +
 install/debian/10/nginx/webmail.inc           |  15 +
 install/debian/10/packages/default.pkg        |  18 +
 install/debian/10/pga/config.inc.php          | 159 ++++
 install/debian/10/pga/phppgadmin.conf         |  31 +
 install/debian/10/php-fpm/www.conf            |  11 +
 install/debian/10/pma/apache.conf             |  42 +
 install/debian/10/pma/config.inc.php          | 146 +++
 install/debian/10/pma/create_tables.sql       | 385 ++++++++
 install/debian/10/pma/pma.sh                  | 146 +++
 install/debian/10/postgresql/pg_hba.conf      |  11 +
 install/debian/10/proftpd/proftpd.conf        |  32 +
 install/debian/10/roundcube/apache.conf       |  40 +
 install/debian/10/roundcube/config.inc.php    |  33 +
 install/debian/10/roundcube/db.inc.php        |  66 ++
 install/debian/10/roundcube/main.inc.php      | 850 ++++++++++++++++++
 install/debian/10/roundcube/vesta.php         |  73 ++
 install/debian/10/sudo/admin                  |   8 +
 install/debian/10/templates/dns/child-ns.tpl  |  14 +
 install/debian/10/templates/dns/default.tpl   |  18 +
 install/debian/10/templates/dns/gmail.tpl     |  12 +
 .../web/apache2/PHP-FPM-73-public.sh          |  87 ++
 .../web/apache2/PHP-FPM-73-public.stpl        |  44 +
 .../web/apache2/PHP-FPM-73-public.tpl         |  38 +
 .../10/templates/web/apache2/PHP-FPM-73.sh    |  86 ++
 .../10/templates/web/apache2/PHP-FPM-73.stpl  |  44 +
 .../10/templates/web/apache2/PHP-FPM-73.tpl   |  38 +
 .../10/templates/web/awstats/awstats.tpl      | 133 +++
 .../debian/10/templates/web/awstats/index.tpl |  10 +
 .../debian/10/templates/web/awstats/nav.tpl   |  23 +
 .../web/nginx/force-https-legacy.stpl         |  38 +
 .../web/nginx/force-https-legacy.tpl          |   8 +
 .../web/nginx/force-https-public.stpl         |  38 +
 .../web/nginx/force-https-public.tpl          |   8 +
 .../10/templates/web/nginx/force-https.stpl   |  38 +
 .../10/templates/web/nginx/force-https.tpl    |   8 +
 .../templates/web/nginx/hosting-public.stpl   |  38 +
 .../10/templates/web/nginx/hosting-public.tpl |  35 +
 .../web/nginx/hosting-webmail-phpmyadmin.stpl |  62 ++
 .../web/nginx/hosting-webmail-phpmyadmin.tpl  |  59 ++
 .../templates/web/nginx/hosting-webmail.stpl  |  50 ++
 .../templates/web/nginx/hosting-webmail.tpl   |  47 +
 .../debian/10/templates/web/nginx/hosting.sh  |  11 +
 .../10/templates/web/nginx/hosting.stpl       |  38 +
 .../debian/10/templates/web/nginx/hosting.tpl |  35 +
 .../web/nginx/php-fpm/cms_made_simple.stpl    |  56 ++
 .../web/nginx/php-fpm/cms_made_simple.tpl     |  52 ++
 .../web/nginx/php-fpm/codeigniter2.stpl       |  61 ++
 .../web/nginx/php-fpm/codeigniter2.tpl        |  57 ++
 .../web/nginx/php-fpm/codeigniter3.stpl       |  56 ++
 .../web/nginx/php-fpm/codeigniter3.tpl        |  52 ++
 .../web/nginx/php-fpm/datalife_engine.stpl    | 127 +++
 .../web/nginx/php-fpm/datalife_engine.tpl     | 123 +++
 .../templates/web/nginx/php-fpm/default.stpl  |  55 ++
 .../templates/web/nginx/php-fpm/default.tpl   |  51 ++
 .../templates/web/nginx/php-fpm/dokuwiki.stpl |  72 ++
 .../templates/web/nginx/php-fpm/dokuwiki.tpl  |  67 ++
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  95 ++
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  91 ++
 .../templates/web/nginx/php-fpm/drupal7.stpl  |  95 ++
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  91 ++
 .../templates/web/nginx/php-fpm/drupal8.stpl  |  95 ++
 .../templates/web/nginx/php-fpm/drupal8.tpl   |  91 ++
 .../templates/web/nginx/php-fpm/joomla.stpl   |  63 ++
 .../10/templates/web/nginx/php-fpm/joomla.tpl |  59 ++
 .../templates/web/nginx/php-fpm/laravel.stpl  |  56 ++
 .../templates/web/nginx/php-fpm/laravel.tpl   |  50 ++
 .../templates/web/nginx/php-fpm/magento.stpl  | 198 ++++
 .../templates/web/nginx/php-fpm/magento.tpl   | 194 ++++
 .../10/templates/web/nginx/php-fpm/modx.stpl  |  69 ++
 .../10/templates/web/nginx/php-fpm/modx.tpl   |  65 ++
 .../templates/web/nginx/php-fpm/moodle.stpl   |  90 ++
 .../10/templates/web/nginx/php-fpm/moodle.tpl |  87 ++
 .../templates/web/nginx/php-fpm/no-php.stpl   |  47 +
 .../10/templates/web/nginx/php-fpm/no-php.tpl |  43 +
 .../10/templates/web/nginx/php-fpm/odoo.stpl  |  70 ++
 .../10/templates/web/nginx/php-fpm/odoo.tpl   |  66 ++
 .../templates/web/nginx/php-fpm/opencart.stpl |  59 ++
 .../templates/web/nginx/php-fpm/opencart.tpl  |  54 ++
 .../templates/web/nginx/php-fpm/owncloud.stpl |  85 ++
 .../templates/web/nginx/php-fpm/owncloud.tpl  |  81 ++
 .../10/templates/web/nginx/php-fpm/piwik.stpl |  73 ++
 .../10/templates/web/nginx/php-fpm/piwik.tpl  |  69 ++
 .../templates/web/nginx/php-fpm/pyrocms.stpl  |  66 ++
 .../templates/web/nginx/php-fpm/pyrocms.tpl   |  62 ++
 .../10/templates/web/nginx/php-fpm/sendy.stpl |  88 ++
 .../10/templates/web/nginx/php-fpm/sendy.tpl  |  86 ++
 .../web/nginx/php-fpm/wordpress.stpl          |  55 ++
 .../templates/web/nginx/php-fpm/wordpress.tpl |  51 ++
 .../web/nginx/php-fpm/wordpress2.stpl         |  67 ++
 .../web/nginx/php-fpm/wordpress2.tpl          |  63 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.stpl |  72 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.tpl  |  67 ++
 .../web/nginx/private-force-https.stpl        |  38 +
 .../web/nginx/private-force-https.tpl         |   8 +
 .../10/templates/web/nginx/private-hosting.sh |  11 +
 .../templates/web/nginx/private-hosting.stpl  |  40 +
 .../templates/web/nginx/private-hosting.tpl   |  37 +
 .../web/nginx/vesta-webmail-phpmyadmin.stpl   |  52 ++
 .../web/nginx/vesta-webmail-phpmyadmin.tpl    |   8 +
 .../debian/10/templates/web/nginx/vesta.stpl  |  32 +
 .../debian/10/templates/web/nginx/vesta.tpl   |   8 +
 .../10/templates/web/php-fpm/default.tpl      |  21 +
 .../10/templates/web/php-fpm/no-php.tpl       |  20 +
 .../10/templates/web/php-fpm/socket.tpl       |  24 +
 .../web/skel/document_errors/403.html         |  29 +
 .../web/skel/document_errors/404.html         |  28 +
 .../web/skel/document_errors/50x.html         |  29 +
 .../templates/web/skel/public_html/index.html |  26 +
 .../templates/web/skel/public_html/robots.txt |   3 +
 .../web/skel/public_shtml/index.html          |  26 +
 .../web/skel/public_shtml/robots.txt          |   3 +
 .../debian/10/templates/web/suspend/.htaccess |   2 +
 .../10/templates/web/suspend/index.html       |  25 +
 .../10/templates/web/webalizer/webalizer.tpl  | 110 +++
 install/debian/10/vsftpd/vsftpd.conf          |  26 +
 148 files changed, 8599 insertions(+)
 create mode 100644 install/debian/10/apache2/apache2.conf
 create mode 100644 install/debian/10/apache2/status.conf
 create mode 100644 install/debian/10/bind/named.conf
 create mode 100644 install/debian/10/clamav/clamd.conf
 create mode 100644 install/debian/10/deb_signing.key
 create mode 100644 install/debian/10/dovecot/conf.d/10-auth.conf
 create mode 100644 install/debian/10/dovecot/conf.d/10-logging.conf
 create mode 100644 install/debian/10/dovecot/conf.d/10-mail.conf
 create mode 100644 install/debian/10/dovecot/conf.d/10-master.conf
 create mode 100644 install/debian/10/dovecot/conf.d/10-ssl.conf
 create mode 100644 install/debian/10/dovecot/conf.d/20-imap.conf
 create mode 100644 install/debian/10/dovecot/conf.d/20-pop3.conf
 create mode 100644 install/debian/10/dovecot/conf.d/auth-passwdfile.conf.ext
 create mode 100644 install/debian/10/dovecot/dovecot.conf
 create mode 100644 install/debian/10/exim/dnsbl.conf
 create mode 100644 install/debian/10/exim/exim4.conf.template
 create mode 100644 install/debian/10/exim/spam-blocks.conf
 create mode 100644 install/debian/10/fail2ban/action.d/vesta.conf
 create mode 100644 install/debian/10/fail2ban/filter.d/vesta.conf
 create mode 100644 install/debian/10/fail2ban/jail.local
 create mode 100644 install/debian/10/firewall/ports.conf
 create mode 100644 install/debian/10/firewall/rules.conf
 create mode 100644 install/debian/10/logrotate/apache2
 create mode 100644 install/debian/10/logrotate/dovecot
 create mode 100644 install/debian/10/logrotate/nginx
 create mode 100644 install/debian/10/logrotate/vesta
 create mode 100644 install/debian/10/mysql/my-large.cnf
 create mode 100644 install/debian/10/mysql/my-medium.cnf
 create mode 100644 install/debian/10/mysql/my-small.cnf
 create mode 100644 install/debian/10/nginx/nginx.conf
 create mode 100644 install/debian/10/nginx/phpmyadmin.inc
 create mode 100644 install/debian/10/nginx/phppgadmin.inc
 create mode 100644 install/debian/10/nginx/status.conf
 create mode 100644 install/debian/10/nginx/webmail.inc
 create mode 100644 install/debian/10/packages/default.pkg
 create mode 100644 install/debian/10/pga/config.inc.php
 create mode 100644 install/debian/10/pga/phppgadmin.conf
 create mode 100644 install/debian/10/php-fpm/www.conf
 create mode 100644 install/debian/10/pma/apache.conf
 create mode 100644 install/debian/10/pma/config.inc.php
 create mode 100644 install/debian/10/pma/create_tables.sql
 create mode 100644 install/debian/10/pma/pma.sh
 create mode 100644 install/debian/10/postgresql/pg_hba.conf
 create mode 100644 install/debian/10/proftpd/proftpd.conf
 create mode 100644 install/debian/10/roundcube/apache.conf
 create mode 100644 install/debian/10/roundcube/config.inc.php
 create mode 100644 install/debian/10/roundcube/db.inc.php
 create mode 100644 install/debian/10/roundcube/main.inc.php
 create mode 100644 install/debian/10/roundcube/vesta.php
 create mode 100644 install/debian/10/sudo/admin
 create mode 100755 install/debian/10/templates/dns/child-ns.tpl
 create mode 100755 install/debian/10/templates/dns/default.tpl
 create mode 100755 install/debian/10/templates/dns/gmail.tpl
 create mode 100755 install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
 create mode 100644 install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl
 create mode 100644 install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl
 create mode 100755 install/debian/10/templates/web/apache2/PHP-FPM-73.sh
 create mode 100644 install/debian/10/templates/web/apache2/PHP-FPM-73.stpl
 create mode 100644 install/debian/10/templates/web/apache2/PHP-FPM-73.tpl
 create mode 100755 install/debian/10/templates/web/awstats/awstats.tpl
 create mode 100755 install/debian/10/templates/web/awstats/index.tpl
 create mode 100755 install/debian/10/templates/web/awstats/nav.tpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https-legacy.stpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https-legacy.tpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https-public.stpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https-public.tpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https.stpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https.tpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-public.stpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-public.tpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail.stpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail.tpl
 create mode 100755 install/debian/10/templates/web/nginx/hosting.sh
 create mode 100755 install/debian/10/templates/web/nginx/hosting.stpl
 create mode 100755 install/debian/10/templates/web/nginx/hosting.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/codeigniter2.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/codeigniter2.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/codeigniter3.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/codeigniter3.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/datalife_engine.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/datalife_engine.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/default.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/default.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/dokuwiki.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/dokuwiki.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal6.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal6.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal7.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal7.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal8.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal8.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/joomla.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/joomla.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/laravel.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/laravel.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/magento.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/magento.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/modx.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/modx.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/moodle.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/moodle.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/no-php.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/no-php.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/odoo.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/odoo.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/opencart.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/opencart.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/owncloud.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/owncloud.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/piwik.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/piwik.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/sendy.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/sendy.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress2.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress2.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
 create mode 100644 install/debian/10/templates/web/nginx/private-force-https.stpl
 create mode 100644 install/debian/10/templates/web/nginx/private-force-https.tpl
 create mode 100755 install/debian/10/templates/web/nginx/private-hosting.sh
 create mode 100644 install/debian/10/templates/web/nginx/private-hosting.stpl
 create mode 100644 install/debian/10/templates/web/nginx/private-hosting.tpl
 create mode 100644 install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl
 create mode 100644 install/debian/10/templates/web/nginx/vesta.stpl
 create mode 100644 install/debian/10/templates/web/nginx/vesta.tpl
 create mode 100644 install/debian/10/templates/web/php-fpm/default.tpl
 create mode 100644 install/debian/10/templates/web/php-fpm/no-php.tpl
 create mode 100644 install/debian/10/templates/web/php-fpm/socket.tpl
 create mode 100755 install/debian/10/templates/web/skel/document_errors/403.html
 create mode 100755 install/debian/10/templates/web/skel/document_errors/404.html
 create mode 100755 install/debian/10/templates/web/skel/document_errors/50x.html
 create mode 100755 install/debian/10/templates/web/skel/public_html/index.html
 create mode 100755 install/debian/10/templates/web/skel/public_html/robots.txt
 create mode 100755 install/debian/10/templates/web/skel/public_shtml/index.html
 create mode 100755 install/debian/10/templates/web/skel/public_shtml/robots.txt
 create mode 100755 install/debian/10/templates/web/suspend/.htaccess
 create mode 100755 install/debian/10/templates/web/suspend/index.html
 create mode 100755 install/debian/10/templates/web/webalizer/webalizer.tpl
 create mode 100644 install/debian/10/vsftpd/vsftpd.conf

diff --git a/install/debian/10/apache2/apache2.conf b/install/debian/10/apache2/apache2.conf
new file mode 100644
index 00000000..2756132a
--- /dev/null
+++ b/install/debian/10/apache2/apache2.conf
@@ -0,0 +1,94 @@
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+#	/etc/apache2/
+#	|-- apache2.conf
+#	|	`--  ports.conf
+#	|-- mods-enabled
+#	|	|-- *.load
+#	|	`-- *.conf
+#	|-- conf.d
+#	|	`-- *
+
+# Global configuration
+PidFile ${APACHE_PID_FILE}
+Timeout 30
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 10
+
+<IfModule mpm_prefork_module>
+    StartServers          8
+    MinSpareServers       5
+    MaxSpareServers      20
+    ServerLimit         256
+    MaxClients          200
+    MaxRequestsPerChild 4000
+</IfModule>
+
+<IfModule mpm_worker_module>
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+</IfModule>
+
+<IfModule mpm_event_module>
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+</IfModule>
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+#User www-data
+#Group www-data
+
+AccessFileName .htaccess
+
+<Files ~ "^\.ht">
+    Order allow,deny
+    Deny from all
+    Satisfy all
+</Files>
+
+DefaultType None
+HostnameLookups Off
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+LogFormat "%b" bytes
+
+Include conf.d/
+
+# Include the virtual host configurations:
+#Include sites-enabled/
+
+ErrorDocument 403 /error/403.html
+ErrorDocument 404 /error/404.html
+ErrorDocument 500 /error/50x.html
+ErrorDocument 501 /error/50x.html
+ErrorDocument 502 /error/50x.html
+ErrorDocument 503 /error/50x.html
+ErrorDocument 506 /error/50x.html
diff --git a/install/debian/10/apache2/status.conf b/install/debian/10/apache2/status.conf
new file mode 100644
index 00000000..da9d9633
--- /dev/null
+++ b/install/debian/10/apache2/status.conf
@@ -0,0 +1,8 @@
+Listen 127.0.0.1:8081
+<Location /server-status>
+    SetHandler server-status
+    Order deny,allow
+    Deny from all
+    Allow from 127.0.0.1
+    Allow from all
+</Location>
diff --git a/install/debian/10/bind/named.conf b/install/debian/10/bind/named.conf
new file mode 100644
index 00000000..ed6ece88
--- /dev/null
+++ b/install/debian/10/bind/named.conf
@@ -0,0 +1,12 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
+// structure of BIND configuration files in Debian, *BEFORE* you customize 
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
+
diff --git a/install/debian/10/clamav/clamd.conf b/install/debian/10/clamav/clamd.conf
new file mode 100644
index 00000000..504cf8f3
--- /dev/null
+++ b/install/debian/10/clamav/clamd.conf
@@ -0,0 +1,60 @@
+#Automatically Generated by clamav-base postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-base
+#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+# AllowSupplementaryGroups true
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose true
+PidFile /var/run/clamav/clamd.pid
+DatabaseDirectory /var/lib/clamav
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+ScanOLE2 true
+ScanHTML true
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+StreamMaxLength 25M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
+OfficialDatabaseOnly false
+CrossFilesystems true
diff --git a/install/debian/10/deb_signing.key b/install/debian/10/deb_signing.key
new file mode 100644
index 00000000..2ad2db8b
--- /dev/null
+++ b/install/debian/10/deb_signing.key
@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
+G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
+QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
+fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
+oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
+2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
+PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
+VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
+QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
+IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
+Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
+WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
+BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
+QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
+k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
+YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
+i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
+ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
+CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
+XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
+CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
+qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
+ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
+=J2HJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/install/debian/10/dovecot/conf.d/10-auth.conf b/install/debian/10/dovecot/conf.d/10-auth.conf
new file mode 100644
index 00000000..dfcc8311
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,4 @@
+disable_plaintext_auth = no
+auth_verbose = yes
+auth_mechanisms = plain login
+!include auth-passwdfile.conf.ext
diff --git a/install/debian/10/dovecot/conf.d/10-logging.conf b/install/debian/10/dovecot/conf.d/10-logging.conf
new file mode 100644
index 00000000..a5f207d5
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-logging.conf
@@ -0,0 +1 @@
+log_path = /var/log/dovecot.log
diff --git a/install/debian/10/dovecot/conf.d/10-mail.conf b/install/debian/10/dovecot/conf.d/10-mail.conf
new file mode 100644
index 00000000..55313419
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,4 @@
+mail_privileged_group = mail
+mail_access_groups = mail
+mail_location = maildir:%h/mail/%d/%n
+pop3_uidl_format = %08Xu%08Xv
diff --git a/install/debian/10/dovecot/conf.d/10-master.conf b/install/debian/10/dovecot/conf.d/10-master.conf
new file mode 100644
index 00000000..a75a9aaa
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-master.conf
@@ -0,0 +1,29 @@
+service imap-login {
+  inet_listener imap {
+  }
+  inet_listener imaps {
+  }
+}
+
+service pop3-login {
+  inet_listener pop3 {
+  }
+  inet_listener pop3s {
+  }
+}
+
+
+service imap {
+}
+
+service pop3 {
+}
+
+service auth {
+  unix_listener auth-client {
+    group = mail
+    mode = 0660
+    user = dovecot
+  }
+  user = dovecot
+}
diff --git a/install/debian/10/dovecot/conf.d/10-ssl.conf b/install/debian/10/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 00000000..3aaff6ee
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,3 @@
+ssl = yes
+ssl_cert = </usr/local/vesta/ssl/certificate.crt
+ssl_key = </usr/local/vesta/ssl/certificate.key
diff --git a/install/debian/10/dovecot/conf.d/20-imap.conf b/install/debian/10/dovecot/conf.d/20-imap.conf
new file mode 100644
index 00000000..1a459f8e
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/20-imap.conf
@@ -0,0 +1,58 @@
+##
+## IMAP specific settings
+##
+
+protocol imap {
+  # Maximum IMAP command line length. Some clients generate very long command
+  # lines with huge mailboxes, so you may need to raise this if you get
+  # "Too long argument" or "IMAP command line too large" errors often.
+  #imap_max_line_length = 64k
+
+  # Maximum number of IMAP connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  #mail_max_userip_connections = 10
+
+  # Space separated list of plugins to load (default is global mail_plugins).
+  #mail_plugins = $mail_plugins
+
+  # IMAP logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #imap_logout_format = bytes=%i/%o
+
+  # Override the IMAP CAPABILITY response. If the value begins with '+',
+  # add the given capabilities on top of the defaults (e.g. +XFOO XBAR).
+  #imap_capability = 
+
+  # How long to wait between "OK Still here" notifications when client is
+  # IDLEing.
+  #imap_idle_notify_interval = 2 mins
+
+  # ID field names and values to send to clients. Using * as the value makes
+  # Dovecot use the default value. The following fields have default values
+  # currently: name, version, os, os-version, support-url, support-email.
+  #imap_id_send = 
+
+  # ID fields sent by client to log. * means everything.
+  #imap_id_log =
+
+  # Workarounds for various client bugs:
+  #   delay-newmail:
+  #     Send EXISTS/RECENT new mail notifications only when replying to NOOP
+  #     and CHECK commands. Some clients ignore them otherwise, for example OSX
+  #     Mail (<v2.1). Outlook Express breaks more badly though, without this it
+  #     may show user "Message no longer in server" errors. Note that OE6 still
+  #     breaks even with this workaround if synchronization is set to
+  #     "Headers Only".
+  #   tb-extra-mailbox-sep:
+  #     Thunderbird gets somehow confused with LAYOUT=fs (mbox and dbox) and
+  #     adds extra '/' suffixes to mailbox names. This option causes Dovecot to
+  #     ignore the extra '/' instead of treating it as invalid mailbox name.
+  #   tb-lsub-flags:
+  #     Show \Noselect flags for LSUB replies with LAYOUT=fs (e.g. mbox).
+  #     This makes Thunderbird realize they aren't selectable and show them
+  #     greyed out, instead of only later giving "not selectable" popup error.
+  #
+  # The list is space-separated.
+  #imap_client_workarounds = 
+}
diff --git a/install/debian/10/dovecot/conf.d/20-pop3.conf b/install/debian/10/dovecot/conf.d/20-pop3.conf
new file mode 100644
index 00000000..a3a43b88
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/20-pop3.conf
@@ -0,0 +1,91 @@
+##
+## POP3 specific settings
+##
+
+protocol pop3 {
+  # Don't try to set mails non-recent or seen with POP3 sessions. This is
+  # mostly intended to reduce disk I/O. With maildir it doesn't move files
+  # from new/ to cur/, with mbox it doesn't write Status-header.
+  #pop3_no_flag_updates = no
+
+  # Support LAST command which exists in old POP3 specs, but has been removed
+  # from new ones. Some clients still wish to use this though. Enabling this
+  # makes RSET command clear all \Seen flags from messages.
+  #pop3_enable_last = no
+
+  # If mail has X-UIDL header, use it as the mail's UIDL.
+  #pop3_reuse_xuidl = no
+
+  # Keep the mailbox locked for the entire POP3 session.
+  #pop3_lock_session = no
+
+  # POP3 requires message sizes to be listed as if they had CR+LF linefeeds.
+  # Many POP3 servers violate this by returning the sizes with LF linefeeds,
+  # because it's faster to get. When this setting is enabled, Dovecot still
+  # tries to do the right thing first, but if that requires opening the
+  # message, it fallbacks to the easier (but incorrect) size.
+  #pop3_fast_size_lookups = no
+
+  # POP3 UIDL (unique mail identifier) format to use. You can use following
+  # variables, along with the variable modifiers described in
+  # doc/wiki/Variables.txt (e.g. %Uf for the filename in uppercase)
+  #
+  #  %v - Mailbox's IMAP UIDVALIDITY
+  #  %u - Mail's IMAP UID
+  #  %m - MD5 sum of the mailbox headers in hex (mbox only)
+  #  %f - filename (maildir only)
+  #  %g - Mail's GUID
+  #
+  # If you want UIDL compatibility with other POP3 servers, use:
+  #  UW's ipop3d         : %08Xv%08Xu
+  #  Courier             : %f or %v-%u (both might be used simultaneosly)
+  #  Cyrus (<= 2.1.3)    : %u
+  #  Cyrus (>= 2.1.4)    : %v.%u
+  #  Dovecot v0.99.x     : %v.%u
+  #  tpop3d              : %Mf
+  #
+  # Note that Outlook 2003 seems to have problems with %v.%u format which was
+  # Dovecot's default, so if you're building a new server it would be a good
+  # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+  #
+  #pop3_uidl_format = %08Xu%08Xv
+
+  # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+  # won't change those UIDLs. Currently this works only with Maildir.
+  #pop3_save_uidl = no
+
+  # What to do about duplicate UIDLs if they exist?
+  #   allow: Show duplicates to clients.
+  #   rename: Append a temporary -2, -3, etc. counter after the UIDL.
+  #pop3_uidl_duplicates = allow
+
+  # POP3 logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #  %t - number of TOP commands
+  #  %p - number of bytes sent to client as a result of TOP command
+  #  %r - number of RETR commands
+  #  %b - number of bytes sent to client as a result of RETR command
+  #  %d - number of deleted messages
+  #  %m - number of messages (before deletion)
+  #  %s - mailbox size in bytes (before deletion)
+  #  %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+  #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+  # Maximum number of POP3 connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  #mail_max_userip_connections = 10
+
+  # Space separated list of plugins to load (default is global mail_plugins).
+  #mail_plugins = $mail_plugins
+
+  # Workarounds for various client bugs:
+  #   outlook-no-nuls:
+  #     Outlook and Outlook Express hang if mails contain NUL characters.
+  #     This setting replaces them with 0x80 character.
+  #   oe-ns-eoh:
+  #     Outlook Express and Netscape Mail breaks if end of headers-line is
+  #     missing. This option simply sends it if it's missing.
+  # The list is space-separated.
+  #pop3_client_workarounds = 
+}
diff --git a/install/debian/10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/debian/10/dovecot/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..75e6e115
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,9 @@
+passdb {
+  driver = passwd-file
+  args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd
+}
+
+userdb {
+  driver = passwd-file
+  args = username_format=%n /etc/exim4/domains/%d/passwd
+}
diff --git a/install/debian/10/dovecot/dovecot.conf b/install/debian/10/dovecot/dovecot.conf
new file mode 100644
index 00000000..0a855351
--- /dev/null
+++ b/install/debian/10/dovecot/dovecot.conf
@@ -0,0 +1,4 @@
+protocols = imap pop3
+listen = *, ::
+base_dir = /var/run/dovecot/
+!include conf.d/*.conf
diff --git a/install/debian/10/exim/dnsbl.conf b/install/debian/10/exim/dnsbl.conf
new file mode 100644
index 00000000..5166b255
--- /dev/null
+++ b/install/debian/10/exim/dnsbl.conf
@@ -0,0 +1,2 @@
+bl.spamcop.net
+zen.spamhaus.org
diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
new file mode 100644
index 00000000..bfb98e0b
--- /dev/null
+++ b/install/debian/10/exim/exim4.conf.template
@@ -0,0 +1,382 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
+
+disable_ipv6=true
+add_environment=<; PATH=/bin:/usr/bin
+keep_environment=
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+begin acl
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth requried
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = *
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{100K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = nobody:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #helo_data = $sender_address_domain
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  from = "${local_part}@${domain}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/debian/10/exim/spam-blocks.conf b/install/debian/10/exim/spam-blocks.conf
new file mode 100644
index 00000000..e69de29b
diff --git a/install/debian/10/fail2ban/action.d/vesta.conf b/install/debian/10/fail2ban/action.d/vesta.conf
new file mode 100644
index 00000000..0edfc349
--- /dev/null
+++ b/install/debian/10/fail2ban/action.d/vesta.conf
@@ -0,0 +1,9 @@
+# Fail2Ban configuration file for vesta
+
+[Definition]
+
+actionstart = /usr/local/vesta/bin/v-add-firewall-chain <name>
+actionstop = /usr/local/vesta/bin/v-delete-firewall-chain <name>
+actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-<name>[ \t]'
+actionban = /usr/local/vesta/bin/v-add-firewall-ban <ip> <name>
+actionunban = /usr/local/vesta/bin/v-delete-firewall-ban <ip> <name>
diff --git a/install/debian/10/fail2ban/filter.d/vesta.conf b/install/debian/10/fail2ban/filter.d/vesta.conf
new file mode 100644
index 00000000..36ec1001
--- /dev/null
+++ b/install/debian/10/fail2ban/filter.d/vesta.conf
@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccessful Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex =  .* <HOST> failed to login
+ignoreregex =
+
diff --git a/install/debian/10/fail2ban/jail.local b/install/debian/10/fail2ban/jail.local
new file mode 100644
index 00000000..eccea068
--- /dev/null
+++ b/install/debian/10/fail2ban/jail.local
@@ -0,0 +1,39 @@
+[ssh-iptables]
+enabled  = true
+filter   = sshd
+action   = vesta[name=SSH]
+logpath  = /var/log/auth.log
+maxretry = 5
+
+[vsftpd-iptables]
+enabled  = false
+filter   = vsftpd
+action   = vesta[name=FTP]
+logpath  = /var/log/vsftpd.log
+maxretry = 5
+
+[exim-iptables]
+enabled = true
+filter  = exim
+action  = vesta[name=MAIL]
+logpath = /var/log/exim4/mainlog
+
+[dovecot-iptables]
+enabled = true
+filter  = dovecot
+action  = vesta[name=MAIL]
+logpath = /var/log/dovecot.log
+
+[mysqld-iptables]
+enabled  = false
+filter   = mysqld-auth
+action   = vesta[name=DB]
+logpath  = /var/log/mysql.log
+maxretry = 5
+
+[vesta-iptables]
+enabled = true
+filter  = vesta
+action  = vesta[name=VESTA]
+logpath = /var/log/vesta/auth.log
+maxretry = 5
diff --git a/install/debian/10/firewall/ports.conf b/install/debian/10/firewall/ports.conf
new file mode 100644
index 00000000..b730d012
--- /dev/null
+++ b/install/debian/10/firewall/ports.conf
@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'
diff --git a/install/debian/10/firewall/rules.conf b/install/debian/10/firewall/rules.conf
new file mode 100644
index 00000000..fba98e1e
--- /dev/null
+++ b/install/debian/10/firewall/rules.conf
@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
diff --git a/install/debian/10/logrotate/apache2 b/install/debian/10/logrotate/apache2
new file mode 100644
index 00000000..27629d0d
--- /dev/null
+++ b/install/debian/10/logrotate/apache2
@@ -0,0 +1,19 @@
+/var/log/apache2/*.log /var/log/apache2/domains/*log {
+        weekly
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 root adm
+        sharedscripts
+        postrotate
+                /etc/init.d/apache2 reload > /dev/null || true
+                [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+        prerotate
+                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+                        run-parts /etc/logrotate.d/httpd-prerotate; \
+                fi; \
+        endscript
+}
diff --git a/install/debian/10/logrotate/dovecot b/install/debian/10/logrotate/dovecot
new file mode 100644
index 00000000..ac4fd6e9
--- /dev/null
+++ b/install/debian/10/logrotate/dovecot
@@ -0,0 +1,12 @@
+/var/log/dovecot*.log {
+  weekly
+  rotate 4
+  missingok
+  notifempty
+  compress
+  delaycompress
+  sharedscripts
+  postrotate
+    doveadm log reopen
+  endscript
+}
diff --git a/install/debian/10/logrotate/nginx b/install/debian/10/logrotate/nginx
new file mode 100644
index 00000000..d667f213
--- /dev/null
+++ b/install/debian/10/logrotate/nginx
@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+        daily
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 nginx adm
+        sharedscripts
+        postrotate
+                [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+}
diff --git a/install/debian/10/logrotate/vesta b/install/debian/10/logrotate/vesta
new file mode 100644
index 00000000..027a3439
--- /dev/null
+++ b/install/debian/10/logrotate/vesta
@@ -0,0 +1,7 @@
+/usr/local/vesta/log/*.log {
+    missingok
+    notifempty
+    size 30k
+    yearly
+    create 0600 root root
+}
diff --git a/install/debian/10/mysql/my-large.cnf b/install/debian/10/mysql/my-large.cnf
new file mode 100644
index 00000000..d0bab390
--- /dev/null
+++ b/install/debian/10/mysql/my-large.cnf
@@ -0,0 +1,42 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+thread_concurrency = 8
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/debian/10/mysql/my-medium.cnf b/install/debian/10/mysql/my-medium.cnf
new file mode 100644
index 00000000..1c10ab9a
--- /dev/null
+++ b/install/debian/10/mysql/my-medium.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+  
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/debian/10/mysql/my-small.cnf b/install/debian/10/mysql/my-small.cnf
new file mode 100644
index 00000000..26a80478
--- /dev/null
+++ b/install/debian/10/mysql/my-small.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/debian/10/nginx/nginx.conf b/install/debian/10/nginx/nginx.conf
new file mode 100644
index 00000000..1eef1672
--- /dev/null
+++ b/install/debian/10/nginx/nginx.conf
@@ -0,0 +1,137 @@
+# Server globals
+user                    www-data;
+worker_processes        auto;
+worker_rlimit_nofile    65535;
+timer_resolution         50ms; #In order to free some CPU cycles
+error_log               /var/log/nginx/error.log crit;
+pid                     /var/run/nginx.pid;
+
+
+# Worker config
+events {
+        worker_connections  1024;
+        use                 epoll;
+        multi_accept        on;
+}
+
+
+http {
+    # Main settings
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           1m;
+    client_body_timeout             1m;
+    client_header_buffer_size       2k;
+    client_body_buffer_size         256k;
+    client_max_body_size            256m;
+    large_client_header_buffers     4   8k;
+    send_timeout                    30;
+    keepalive_timeout               60 60;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+
+    # Log format
+    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
+                        '"$status" $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format  bytes   '$body_bytes_sent';
+    #access_log          /var/log/nginx/access.log main;
+    access_log off;
+
+
+    # Mime settings
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+
+    # Compression
+    gzip                on;
+    gzip_comp_level     9;
+    gzip_min_length     512;
+    gzip_buffers        8 64k;
+    gzip_types          text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
+    gzip_proxied        any;
+    gzip_disable        "MSIE [1-6]\.";
+
+    # Proxy settings
+    proxy_redirect      off;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass_header   Set-Cookie;
+    proxy_connect_timeout   90;
+    proxy_send_timeout  90;
+    proxy_read_timeout  90;
+    proxy_buffers       32 4k;
+
+
+    # Cloudflare https://www.cloudflare.com/ips
+    set_real_ip_from 103.21.244.0/22;
+    set_real_ip_from 103.22.200.0/22;
+    set_real_ip_from 103.31.4.0/22;
+    set_real_ip_from 104.16.0.0/12;
+    set_real_ip_from 108.162.192.0/18;
+    set_real_ip_from 131.0.72.0/22;
+    set_real_ip_from 141.101.64.0/18;
+    set_real_ip_from 162.158.0.0/15;
+    set_real_ip_from 172.64.0.0/13;
+    set_real_ip_from 173.245.48.0/20;
+    set_real_ip_from 188.114.96.0/20;
+    set_real_ip_from 190.93.240.0/20;
+    set_real_ip_from 197.234.240.0/22;
+    set_real_ip_from 198.41.128.0/17;
+    set_real_ip_from 2400:cb00::/32;
+    set_real_ip_from 2606:4700::/32;
+    set_real_ip_from 2803:f800::/32;
+    set_real_ip_from 2405:b500::/32;
+    set_real_ip_from 2405:8100::/32;
+    set_real_ip_from 2c0f:f248::/32;
+    set_real_ip_from 2a06:98c0::/29;
+    real_ip_header     CF-Connecting-IP;
+
+
+    # SSL PCI Compliance
+    ssl_session_cache   shared:SSL:10m;
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+
+    # Error pages
+    error_page          403          /error/403.html;
+    error_page          404          /error/404.html;
+    error_page          502 503 504  /error/50x.html;
+
+
+    # Cache settings
+    proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
+    proxy_cache_key "$host$request_uri $cookie_user";
+    proxy_temp_path  /var/cache/nginx/temp;
+    proxy_ignore_headers Expires Cache-Control;
+    proxy_cache_use_stale error timeout invalid_header http_502;
+    proxy_cache_valid any 1d;
+
+
+    # Cache bypass
+    map $http_cookie $no_cache {
+        default 0;
+        ~SESS 1;
+        ~wordpress_logged_in 1;
+    }
+
+
+    # File cache settings
+    open_file_cache          max=10000 inactive=30s;
+    open_file_cache_valid    60s;
+    open_file_cache_min_uses 2;
+    open_file_cache_errors   off;
+
+
+    # Wildcard include
+    include             /etc/nginx/conf.d/*.conf;
+}
diff --git a/install/debian/10/nginx/phpmyadmin.inc b/install/debian/10/nginx/phpmyadmin.inc
new file mode 100644
index 00000000..1feb8546
--- /dev/null
+++ b/install/debian/10/nginx/phpmyadmin.inc
@@ -0,0 +1,18 @@
+location /phpmyadmin {
+    alias /usr/share/phpmyadmin/;
+
+    location ~ /(libraries|setup) {
+        return 404;
+    }
+
+    location ~ ^/phpmyadmin/(.*\.php)$ {
+        alias /usr/share/phpmyadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+    location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+        root /usr/share/;
+    }
+}
diff --git a/install/debian/10/nginx/phppgadmin.inc b/install/debian/10/nginx/phppgadmin.inc
new file mode 100644
index 00000000..cd1e5806
--- /dev/null
+++ b/install/debian/10/nginx/phppgadmin.inc
@@ -0,0 +1,11 @@
+location /phppgadmin {
+    alias /usr/share/phppgadmin/;
+
+    location ~ ^/phppgadmin/(.*\.php)$ {
+        alias /usr/share/phppgadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/debian/10/nginx/status.conf b/install/debian/10/nginx/status.conf
new file mode 100644
index 00000000..c0bcd069
--- /dev/null
+++ b/install/debian/10/nginx/status.conf
@@ -0,0 +1,9 @@
+server {
+    listen       127.0.0.1:8084 default;
+    server_name  _;
+    server_name_in_redirect  off;
+    location / {
+        stub_status on;
+        access_log   off;
+   }
+}
diff --git a/install/debian/10/nginx/webmail.inc b/install/debian/10/nginx/webmail.inc
new file mode 100644
index 00000000..ad66895b
--- /dev/null
+++ b/install/debian/10/nginx/webmail.inc
@@ -0,0 +1,15 @@
+location /webmail {
+    alias /var/lib/roundcube/;
+
+    location ~ /(config|temp|logs) {
+        return 404;
+    }
+
+    location ~ ^/webmail/(.*\.php)$ {
+        alias /var/lib/roundcube/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/debian/10/packages/default.pkg b/install/debian/10/packages/default.pkg
new file mode 100644
index 00000000..de293236
--- /dev/null
+++ b/install/debian/10/packages/default.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='PHP-FPM-73'
+PROXY_TEMPLATE='hosting'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='unlimited'
+WEB_ALIASES='unlimited'
+DNS_DOMAINS='unlimited'
+DNS_RECORDS='unlimited'
+MAIL_DOMAINS='unlimited'
+MAIL_ACCOUNTS='unlimited'
+DATABASES='unlimited'
+CRON_JOBS='unlimited'
+DISK_QUOTA='unlimited'
+BANDWIDTH='unlimited'
+NS='YOURHOSTNAME1,YOURHOSTNAME2'
+SHELL='nologin'
+BACKUPS='2'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/debian/10/pga/config.inc.php b/install/debian/10/pga/config.inc.php
new file mode 100644
index 00000000..1eec9776
--- /dev/null
+++ b/install/debian/10/pga/config.inc.php
@@ -0,0 +1,159 @@
+<?php
+
+    /**
+     * Central phpPgAdmin configuration.  As a user you may modify the
+     * settings here for your particular configuration.
+     *
+     * $Id: config.inc.php-dist,v 1.55 2008/02/18 21:10:31 xzilla Exp $
+     */
+
+    // An example server.  Create as many of these as you wish,
+    // indexed from zero upwards.
+
+    // Display name for the server on the login screen
+    $conf['servers'][0]['desc'] = 'PostgreSQL';
+
+    // Hostname or IP address for server.  Use '' for UNIX domain socket.
+    // use 'localhost' for TCP/IP connection on this computer
+    $conf['servers'][0]['host'] = 'localhost';
+
+    // Database port on server (5432 is the PostgreSQL default)
+    $conf['servers'][0]['port'] = 5432;
+
+    // Database SSL mode
+    // Possible options: disable, allow, prefer, require
+    // To require SSL on older servers use option: legacy
+    // To ignore the SSL mode, use option: unspecified
+    $conf['servers'][0]['sslmode'] = 'allow';
+
+    // Change the default database only if you cannot connect to template1.
+    // For a PostgreSQL 8.1+ server, you can set this to 'postgres'.
+    $conf['servers'][0]['defaultdb'] = 'template1';
+
+    // Specify the path to the database dump utilities for this server.
+    // You can set these to '' if no dumper is available.
+    $conf['servers'][0]['pg_dump_path'] = '/usr/bin/pg_dump';
+    $conf['servers'][0]['pg_dumpall_path'] = '/usr/bin/pg_dumpall';
+
+    // Slony (www.slony.info) support?
+    $conf['servers'][0]['slony_support'] = false;
+    // Specify the path to the Slony SQL scripts (where slony1_base.sql is located, etc.)
+    // No trailing slash.
+    $conf['servers'][0]['slony_sql'] = '/usr/share/pgsql';
+
+    // Example for a second server (PostgreSQL for Windows)
+    //$conf['servers'][1]['desc'] = 'Test Server';
+    //$conf['servers'][1]['host'] = '127.0.0.1';
+    //$conf['servers'][1]['port'] = 5432;
+    //$conf['servers'][1]['sslmode'] = 'allow';
+    //$conf['servers'][1]['defaultdb'] = 'template1';
+    //$conf['servers'][1]['pg_dump_path'] = 'C:\\Program Files\\PostgreSQL\\8.0\\bin\\pg_dump.exe';
+    //$conf['servers'][1]['pg_dumpall_path'] = 'C:\\Program Files\\PostgreSQL\\8.0\\bin\\pg_dumpall.exe';
+    //$conf['servers'][1]['slony_support'] = false;
+    //$conf['servers'][1]['slony_sql'] = 'C:\\Program Files\\PostgreSQL\\8.0\\share';
+
+
+    // Example of groups definition.
+    // Groups allow administrators to logicaly group servers together under group nodes in the left browser tree
+    //
+    // The group '0' description
+    //$conf['srv_groups'][0]['desc'] = 'group one';
+    //
+    // Add here servers indexes belonging to the group '0' seperated by comma
+    //$conf['srv_groups'][0]['servers'] = '0,1,2'; 
+    //
+    // A server can belong to multi groups
+    //$conf['srv_groups'][1]['desc'] = 'group two';
+    //$conf['srv_groups'][1]['servers'] = '3,1';
+
+
+    // Default language. E.g.: 'english', 'polish', etc.  See lang/ directory
+    // for all possibilities. If you specify 'auto' (the default) it will use 
+    // your browser preference.
+    $conf['default_lang'] = 'auto';
+
+    // AutoComplete uses AJAX interaction to list foreign key values 
+    // on insert fields. It currently only works on single column 
+    // foreign keys. You can choose one of the following values:
+    // 'default on' enables AutoComplete and turns it on by default.
+    // 'default off' enables AutoComplete but turns it off by default.
+    // 'disable' disables AutoComplete.
+    $conf['autocomplete'] = 'default on';
+
+    // If extra login security is true, then logins via phpPgAdmin with no
+    // password or certain usernames (pgsql, postgres, root, administrator)
+    // will be denied. Only set this false once you have read the FAQ and
+    // understand how to change PostgreSQL's pg_hba.conf to enable
+    // passworded local connections.
+    $conf['extra_login_security'] = true;
+
+    // Only show owned databases?
+    // Note: This will simply hide other databases in the list - this does
+    // not in any way prevent your users from seeing other database by
+    // other means. (e.g. Run 'SELECT * FROM pg_database' in the SQL area.)
+    $conf['owned_only'] = false;
+
+    // Display comments on objects?  Comments are a good way of documenting
+    // a database, but they do take up space in the interface.
+    $conf['show_comments'] = true;
+
+    // Display "advanced" objects? Setting this to true will show 
+    // aggregates, types, operators, operator classes, conversions, 
+    // languages and casts in phpPgAdmin. These objects are rarely 
+    // administered and can clutter the interface.
+    $conf['show_advanced'] = false;
+
+    // Display "system" objects?
+    $conf['show_system'] = false;
+
+    // Display reports feature?  For this feature to work, you must
+    // install the reports database as explained in the INSTALL file.
+    $conf['show_reports'] = true;
+
+    // Database and table for reports
+    $conf['reports_db'] = 'phppgadmin';
+    $conf['reports_schema'] = 'public';
+    $conf['reports_table'] = 'ppa_reports';
+
+    // Only show owned reports?
+    // Note: This does not prevent people from accessing other reports by
+    // other means.
+    $conf['owned_reports_only'] = false;
+
+    // Minimum length users can set their password to.
+    $conf['min_password_length'] = 1;
+
+    // Width of the left frame in pixels (object browser)
+    $conf['left_width'] = 200;
+
+    // Which look & feel theme to use
+    $conf['theme'] = 'default';
+
+    // Show OIDs when browsing tables?
+    $conf['show_oids'] = false;
+
+    // Max rows to show on a page when browsing record sets
+    $conf['max_rows'] = 30;
+
+    // Max chars of each field to display by default in browse mode
+    $conf['max_chars'] = 50;
+
+    // Send XHTML strict headers?
+    $conf['use_xhtml_strict'] = false;
+
+    // Base URL for PostgreSQL documentation.
+    // '%s', if present, will be replaced with the PostgreSQL version
+    // (e.g. 8.4 )
+    $conf['help_base'] = 'http://www.postgresql.org/docs/%s/interactive/';
+
+    // Configuration for ajax scripts
+    // Time in seconds. If set to 0, refreshing data using ajax will be disabled (locks and activity pages)
+    $conf['ajax_refresh'] = 3;
+
+    /*****************************************
+     * Don't modify anything below this line *
+     *****************************************/
+
+    $conf['version'] = 19;
+
+?>
diff --git a/install/debian/10/pga/phppgadmin.conf b/install/debian/10/pga/phppgadmin.conf
new file mode 100644
index 00000000..f39247d6
--- /dev/null
+++ b/install/debian/10/pga/phppgadmin.conf
@@ -0,0 +1,31 @@
+Alias /phppgadmin /usr/share/phppgadmin
+
+<Directory /usr/share/phppgadmin>
+
+DirectoryIndex index.php
+AllowOverride None
+
+order deny,allow
+deny from all
+allow from 127.0.0.0/255.0.0.0 ::1/128
+allow from all
+
+<IfModule mod_php5.c>
+  php_flag magic_quotes_gpc Off
+  php_flag track_vars On
+  php_value include_path .
+</IfModule>
+<IfModule !mod_php5.c>
+  <IfModule mod_actions.c>
+    <IfModule mod_cgi.c>
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    </IfModule>
+    <IfModule mod_cgid.c>
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    </IfModule>
+  </IfModule>
+</IfModule>
+
+</Directory>
diff --git a/install/debian/10/php-fpm/www.conf b/install/debian/10/php-fpm/www.conf
new file mode 100644
index 00000000..3c87f33c
--- /dev/null
+++ b/install/debian/10/php-fpm/www.conf
@@ -0,0 +1,11 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+
+user = www-data
+group = www-data
+
+pm = ondemand
+pm.max_children = 2
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
diff --git a/install/debian/10/pma/apache.conf b/install/debian/10/pma/apache.conf
new file mode 100644
index 00000000..2a8f69e2
--- /dev/null
+++ b/install/debian/10/pma/apache.conf
@@ -0,0 +1,42 @@
+# phpMyAdmin default Apache configuration
+
+Alias /phpmyadmin /usr/share/phpmyadmin
+
+<Directory /usr/share/phpmyadmin>
+	Options FollowSymLinks
+	DirectoryIndex index.php
+
+	<IfModule mod_php5.c>
+		AddType application/x-httpd-php .php
+
+		php_flag magic_quotes_gpc Off
+		php_flag track_vars On
+		php_flag register_globals Off
+		php_admin_flag allow_url_fopen Off
+		php_value include_path .
+		php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
+		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
+	</IfModule>
+
+</Directory>
+
+# Authorize for setup
+<Directory /usr/share/phpmyadmin/setup>
+    <IfModule mod_authn_file.c>
+    AuthType Basic
+    AuthName "phpMyAdmin Setup"
+    AuthUserFile /etc/phpmyadmin/htpasswd.setup
+    </IfModule>
+    Require valid-user
+</Directory>
+
+# Disallow web access to directories that don't need it
+<Directory /usr/share/phpmyadmin/libraries>
+    Order Deny,Allow
+    Deny from All
+</Directory>
+<Directory /usr/share/phpmyadmin/setup/lib>
+    Order Deny,Allow
+    Deny from All
+</Directory>
+
diff --git a/install/debian/10/pma/config.inc.php b/install/debian/10/pma/config.inc.php
new file mode 100644
index 00000000..eafc6d67
--- /dev/null
+++ b/install/debian/10/pma/config.inc.php
@@ -0,0 +1,146 @@
+<?php
+/**
+ * Debian local configuration file
+ *
+ * This file overrides the settings made by phpMyAdmin interactive setup
+ * utility.
+ *
+ * For example configuration see
+ *   /usr/share/doc/phpmyadmin/examples/config.sample.inc.php
+ * or
+ *   /usr/share/doc/phpmyadmin/examples/config.manyhosts.inc.php
+ *
+ * NOTE: do not add security sensitive data to this file (like passwords)
+ * unless you really know what you're doing. If you do, any user that can
+ * run PHP or CGI on your webserver will be able to read them. If you still
+ * want to do this, make sure to properly secure the access to this file
+ * (also on the filesystem level).
+ */
+
+function check_file_access($path)
+{
+    if (is_readable($path)) {
+        return true;
+    } else {
+        error_log(
+            'phpmyadmin: Failed to load ' . $path
+            . ' Check group www-data has read access and open_basedir restrictions.'
+        );
+        return false;
+    }
+}
+
+// Load secret generated on postinst
+if (check_file_access('/var/lib/phpmyadmin/blowfish_secret.inc.php')) {
+    require('/var/lib/phpmyadmin/blowfish_secret.inc.php');
+}
+
+// Load autoconf local config
+if (check_file_access('/var/lib/phpmyadmin/config.inc.php')) {
+    require('/var/lib/phpmyadmin/config.inc.php');
+}
+
+/**
+ * Server(s) configuration
+ */
+$i = 0;
+// The $cfg['Servers'] array starts with $cfg['Servers'][1].  Do not use $cfg['Servers'][0].
+// You can disable a server config entry by setting host to ''.
+$i++;
+
+/**
+ * Read configuration from dbconfig-common
+ * You can regenerate it using: dpkg-reconfigure -plow phpmyadmin
+ */
+if (check_file_access('/etc/phpmyadmin/config-db.php')) {
+    require('/etc/phpmyadmin/config-db.php');
+}
+
+/* Configure according to dbconfig-common if enabled */
+if (!empty($dbname)) {
+    /* Authentication type */
+    $cfg['Servers'][$i]['auth_type'] = 'cookie';
+    /* Server parameters */
+    if (empty($dbserver)) $dbserver = 'localhost';
+    $cfg['Servers'][$i]['host'] = $dbserver;
+
+    if (!empty($dbport) || $dbserver != 'localhost') {
+        $cfg['Servers'][$i]['connect_type'] = 'tcp';
+        $cfg['Servers'][$i]['port'] = $dbport;
+    }
+    //$cfg['Servers'][$i]['compress'] = false;
+    /* Select mysqli if your server has it */
+    $cfg['Servers'][$i]['extension'] = 'mysqli';
+    /* Optional: User for advanced features */
+    $cfg['Servers'][$i]['controluser'] = $dbuser;
+    $cfg['Servers'][$i]['controlpass'] = $dbpass;
+    /* Optional: Advanced phpMyAdmin features */
+    $cfg['Servers'][$i]['pmadb'] = $dbname;
+    $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
+    $cfg['Servers'][$i]['relation'] = 'pma__relation';
+    $cfg['Servers'][$i]['table_info'] = 'pma__table_info';
+    $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
+    $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
+    $cfg['Servers'][$i]['column_info'] = 'pma__column_info';
+    $cfg['Servers'][$i]['history'] = 'pma__history';
+    $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
+    $cfg['Servers'][$i]['designer_coords'] = 'pma__designer_coords';
+    $cfg['Servers'][$i]['tracking'] = 'pma__tracking';
+    $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
+    $cfg['Servers'][$i]['recent'] = 'pma__recent';
+
+    /* Uncomment the following to enable logging in to passwordless accounts,
+     * after taking note of the associated security risks. */
+    // $cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
+
+    /* Advance to next server for rest of config */
+    $i++;
+}
+
+/* Authentication type */
+//$cfg['Servers'][$i]['auth_type'] = 'cookie';
+/* Server parameters */
+//$cfg['Servers'][$i]['host'] = 'localhost';
+//$cfg['Servers'][$i]['connect_type'] = 'tcp';
+//$cfg['Servers'][$i]['compress'] = false;
+/* Select mysqli if your server has it */
+//$cfg['Servers'][$i]['extension'] = 'mysql';
+/* Optional: User for advanced features */
+// $cfg['Servers'][$i]['controluser'] = 'pma';
+// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
+
+/* Storage database and tables */
+// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
+// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
+// $cfg['Servers'][$i]['relation'] = 'pma_relation';
+// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';
+// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
+// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
+// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';
+// $cfg['Servers'][$i]['history'] = 'pma_history';
+// $cfg['Servers'][$i]['table_uiprefs'] = 'pma_table_uiprefs';
+// $cfg['Servers'][$i]['tracking'] = 'pma_tracking';
+// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
+// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig';
+// $cfg['Servers'][$i]['recent'] = 'pma_recent';
+/* Uncomment the following to enable logging in to passwordless accounts,
+ * after taking note of the associated security risks. */
+// $cfg['Servers'][$i]['AllowNoPassword'] = TRUE;
+
+/*
+ * End of servers configuration
+ */
+
+/*
+ * Directories for saving/loading files from server
+ */
+$cfg['UploadDir'] = '';
+$cfg['SaveDir'] = '';
+
+/* Support additional configurations */
+foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
+{
+    include($filename);
+}
+
+
diff --git a/install/debian/10/pma/create_tables.sql b/install/debian/10/pma/create_tables.sql
new file mode 100644
index 00000000..3583a6ed
--- /dev/null
+++ b/install/debian/10/pma/create_tables.sql
@@ -0,0 +1,385 @@
+-- --------------------------------------------------------
+-- SQL Commands to set up the pmadb as described in the documentation.
+--
+-- This file is meant for use with MySQL 5 and above!
+--
+-- This script expects the user pma to already be existing. If we would put a
+-- line here to create him too many users might just use this script and end
+-- up with having the same password for the controluser.
+--
+-- This user "pma" must be defined in config.inc.php (controluser/controlpass)
+--
+-- Please don't forget to set up the tablenames in config.inc.php
+--
+
+-- --------------------------------------------------------
+
+--
+-- Database : `phpmyadmin`
+--
+CREATE DATABASE IF NOT EXISTS `phpmyadmin`
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+USE phpmyadmin;
+
+-- --------------------------------------------------------
+
+--
+-- Privileges
+--
+-- (activate this statement if necessary)
+-- GRANT SELECT, INSERT, DELETE, UPDATE, ALTER ON `phpmyadmin`.* TO
+--    'pma'@localhost;
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__usergroups`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__usergroups` (
+  `usergroup` varchar(64) NOT NULL,
+  `tab` varchar(64) NOT NULL,
+  `allowed` enum('Y','N') NOT NULL DEFAULT 'N',
+  PRIMARY KEY (`usergroup`,`tab`,`allowed`)
+)
+  COMMENT='User groups with configured menu items'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__designer_coords`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__designer_coords` (
+  `db_name` varchar(64) COLLATE utf8_bin NOT NULL DEFAULT '',
+  `table_name` varchar(64) COLLATE utf8_bin NOT NULL DEFAULT '',
+  `x` int(11) DEFAULT NULL,
+  `y` int(11) DEFAULT NULL,
+  `v` tinyint(4) DEFAULT NULL,
+  `h` tinyint(4) DEFAULT NULL,
+  PRIMARY KEY (`db_name`,`table_name`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='Table coordinates for Designer';
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__bookmark`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__bookmark` (
+  `id` int(11) NOT NULL auto_increment,
+  `dbase` varchar(255) NOT NULL default '',
+  `user` varchar(255) NOT NULL default '',
+  `label` varchar(255) COLLATE utf8_general_ci NOT NULL default '',
+  `query` text NOT NULL,
+  PRIMARY KEY  (`id`)
+)
+  COMMENT='Bookmarks'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__column_info`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__column_info` (
+  `id` int(5) unsigned NOT NULL auto_increment,
+  `db_name` varchar(64) NOT NULL default '',
+  `table_name` varchar(64) NOT NULL default '',
+  `column_name` varchar(64) NOT NULL default '',
+  `comment` varchar(255) COLLATE utf8_general_ci NOT NULL default '',
+  `mimetype` varchar(255) COLLATE utf8_general_ci NOT NULL default '',
+  `transformation` varchar(255) NOT NULL default '',
+  `transformation_options` varchar(255) NOT NULL default '',
+  `input_transformation` varchar(255) NOT NULL default '',
+  `input_transformation_options` varchar(255) NOT NULL default '',
+  PRIMARY KEY  (`id`),
+  UNIQUE KEY `db_name` (`db_name`,`table_name`,`column_name`)
+)
+  COMMENT='Column information for phpMyAdmin'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__history`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__history` (
+  `id` bigint(20) unsigned NOT NULL auto_increment,
+  `username` varchar(64) NOT NULL default '',
+  `db` varchar(64) NOT NULL default '',
+  `table` varchar(64) NOT NULL default '',
+  `timevalue` timestamp NOT NULL default CURRENT_TIMESTAMP,
+  `sqlquery` text NOT NULL,
+  PRIMARY KEY  (`id`),
+  KEY `username` (`username`,`db`,`table`,`timevalue`)
+)
+  COMMENT='SQL history for phpMyAdmin'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__pdf_pages`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__pdf_pages` (
+  `db_name` varchar(64) NOT NULL default '',
+  `page_nr` int(10) unsigned NOT NULL auto_increment,
+  `page_descr` varchar(50) COLLATE utf8_general_ci NOT NULL default '',
+  PRIMARY KEY  (`page_nr`),
+  KEY `db_name` (`db_name`)
+)
+  COMMENT='PDF relation pages for phpMyAdmin'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__recent`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__recent` (
+  `username` varchar(64) NOT NULL,
+  `tables` text NOT NULL,
+  PRIMARY KEY (`username`)
+)
+  COMMENT='Recently accessed tables'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__favorite`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__favorite` (
+  `username` varchar(64) NOT NULL,
+  `tables` text NOT NULL,
+  PRIMARY KEY (`username`)
+)
+  COMMENT='Favorite tables'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__table_uiprefs`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__table_uiprefs` (
+  `username` varchar(64) NOT NULL,
+  `db_name` varchar(64) NOT NULL,
+  `table_name` varchar(64) NOT NULL,
+  `prefs` text NOT NULL,
+  `last_update` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  PRIMARY KEY (`username`,`db_name`,`table_name`)
+)
+  COMMENT='Tables'' UI preferences'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__relation`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__relation` (
+  `master_db` varchar(64) NOT NULL default '',
+  `master_table` varchar(64) NOT NULL default '',
+  `master_field` varchar(64) NOT NULL default '',
+  `foreign_db` varchar(64) NOT NULL default '',
+  `foreign_table` varchar(64) NOT NULL default '',
+  `foreign_field` varchar(64) NOT NULL default '',
+  PRIMARY KEY  (`master_db`,`master_table`,`master_field`),
+  KEY `foreign_field` (`foreign_db`,`foreign_table`)
+)
+  COMMENT='Relation table'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__table_coords`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__table_coords` (
+  `db_name` varchar(64) NOT NULL default '',
+  `table_name` varchar(64) NOT NULL default '',
+  `pdf_page_number` int(11) NOT NULL default '0',
+  `x` float unsigned NOT NULL default '0',
+  `y` float unsigned NOT NULL default '0',
+  PRIMARY KEY  (`db_name`,`table_name`,`pdf_page_number`)
+)
+  COMMENT='Table coordinates for phpMyAdmin PDF output'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__table_info`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__table_info` (
+  `db_name` varchar(64) NOT NULL default '',
+  `table_name` varchar(64) NOT NULL default '',
+  `display_field` varchar(64) NOT NULL default '',
+  PRIMARY KEY  (`db_name`,`table_name`)
+)
+  COMMENT='Table information for phpMyAdmin'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__tracking`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__tracking` (
+  `db_name` varchar(64) NOT NULL,
+  `table_name` varchar(64) NOT NULL,
+  `version` int(10) unsigned NOT NULL,
+  `date_created` datetime NOT NULL,
+  `date_updated` datetime NOT NULL,
+  `schema_snapshot` text NOT NULL,
+  `schema_sql` text,
+  `data_sql` longtext,
+  `tracking` set('UPDATE','REPLACE','INSERT','DELETE','TRUNCATE','CREATE DATABASE','ALTER DATABASE','DROP DATABASE','CREATE TABLE','ALTER TABLE','RENAME TABLE','DROP TABLE','CREATE INDEX','DROP INDEX','CREATE VIEW','ALTER VIEW','DROP VIEW') default NULL,
+  `tracking_active` int(1) unsigned NOT NULL default '1',
+  PRIMARY KEY  (`db_name`,`table_name`,`version`)
+)
+  COMMENT='Database changes tracking for phpMyAdmin'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__userconfig`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__userconfig` (
+  `username` varchar(64) NOT NULL,
+  `timevalue` timestamp NOT NULL default CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+  `config_data` text NOT NULL,
+  PRIMARY KEY  (`username`)
+)
+  COMMENT='User preferences storage for phpMyAdmin'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__users`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__users` (
+  `username` varchar(64) NOT NULL,
+  `usergroup` varchar(64) NOT NULL,
+  PRIMARY KEY (`username`,`usergroup`)
+)
+  COMMENT='Users and their assignments to user groups'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__usergroups`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__usergroups` (
+  `usergroup` varchar(64) NOT NULL,
+  `tab` varchar(64) NOT NULL,
+  `allowed` enum('Y','N') NOT NULL DEFAULT 'N',
+  PRIMARY KEY (`usergroup`,`tab`,`allowed`)
+)
+  COMMENT='User groups with configured menu items'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__navigationhiding`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__navigationhiding` (
+  `username` varchar(64) NOT NULL,
+  `item_name` varchar(64) NOT NULL,
+  `item_type` varchar(64) NOT NULL,
+  `db_name` varchar(64) NOT NULL,
+  `table_name` varchar(64) NOT NULL,
+  PRIMARY KEY (`username`,`item_name`,`item_type`,`db_name`,`table_name`)
+)
+  COMMENT='Hidden items of navigation tree'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__savedsearches`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__savedsearches` (
+  `id` int(5) unsigned NOT NULL auto_increment,
+  `username` varchar(64) NOT NULL default '',
+  `db_name` varchar(64) NOT NULL default '',
+  `search_name` varchar(64) NOT NULL default '',
+  `search_data` text NOT NULL,
+  PRIMARY KEY  (`id`),
+  UNIQUE KEY `u_savedsearches_username_dbname` (`username`,`db_name`,`search_name`)
+)
+  COMMENT='Saved searches'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__central_columns`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__central_columns` (
+  `db_name` varchar(64) NOT NULL,
+  `col_name` varchar(64) NOT NULL,
+  `col_type` varchar(64) NOT NULL,
+  `col_length` text,
+  `col_collation` varchar(64) NOT NULL,
+  `col_isNull` boolean NOT NULL,
+  `col_extra` varchar(255) default '',
+  `col_default` text,
+  PRIMARY KEY (`db_name`,`col_name`)
+)
+  COMMENT='Central list of columns'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__designer_settings`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__designer_settings` (
+  `username` varchar(64) NOT NULL,
+  `settings_data` text NOT NULL,
+  PRIMARY KEY (`username`)
+)
+  COMMENT='Settings related to Designer'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `pma__export_templates`
+--
+
+CREATE TABLE IF NOT EXISTS `pma__export_templates` (
+  `id` int(5) unsigned NOT NULL AUTO_INCREMENT,
+  `username` varchar(64) NOT NULL,
+  `export_type` varchar(10) NOT NULL,
+  `template_name` varchar(64) NOT NULL,
+  `template_data` text NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `u_user_type_template` (`username`,`export_type`,`template_name`)
+)
+  COMMENT='Saved export templates'
+  DEFAULT CHARACTER SET utf8 COLLATE utf8_bin;
\ No newline at end of file
diff --git a/install/debian/10/pma/pma.sh b/install/debian/10/pma/pma.sh
new file mode 100644
index 00000000..81878b02
--- /dev/null
+++ b/install/debian/10/pma/pma.sh
@@ -0,0 +1,146 @@
+#!/bin/bash
+# 
+# phpmyadmin-fixer
+#
+# Fixes for phpmyadmin (configuration storage and some extended features)
+#
+# Original Version by Pavel Galkin (https://skurudo.ru)
+# https://github.com/skurudo/phpmyadmin-fixer
+#
+# Changed some lines to fit to Hestia Configuration.
+#
+
+PASS=$(gen_pass)
+
+#ubuntu phpmyadmin path
+pmapath1="/etc/phpmyadmin/config.inc.php"
+pmapath2="/usr/share/phpmyadmin/config.sample.inc.php"
+
+#delete old and paste new value 
+sed -i '/pmadb/d' $pmapath1
+sed -i '/controluser/d' $pmapath1
+sed -i '/bookmarktable/d' $pmapath1
+sed -i '/relation/d' $pmapath1
+sed -i '/userconfig/d' $pmapath1
+sed -i '/table_info/d' $pmapath1
+sed -i '/column_info/d' $pmapath1
+sed -i '/history/d' $pmapath1
+sed -i '/recent/d' $pmapath1
+sed -i '/table_uiprefs/d' $pmapath1
+sed -i '/tracking/d' $pmapath1
+sed -i '/table_coords/d' $pmapath1
+sed -i '/pdf_pages/d' $pmapath1
+sed -i '/designer_coords/d' $pmapath1
+sed -i '/controlpass/d' $pmapath1
+sed -i '/\$i = 1; /d' $pmapath1
+echo "\$i = 1;" >> $pmapath1
+sed -i '/savedsearches/d' $pmapath1
+sed -i '/navigationhiding/d' $pmapath1
+sed -i '/users/d' $pmapath1
+sed -i '/controlpass/d' $pmapath1
+sed -i '/favorite/d' $pmapath1
+sed -i '/usergroups/d' $pmapath1
+sed -i '/central_columns/d' $pmapath1
+sed -i '/designer_settings/d' $pmapath1
+sed -i '/export_templates/d' $pmapath1
+echo "\$cfg['Servers'][\$i]['favorite'] = 'pma__favorite';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['central_columns'] = 'pma__central_columns';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['designer_settings'] = 'pma__designer_settings';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['export_templates'] = 'pma__export_templates';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['savedsearches'] = 'pma__savedsearches';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['navigationhiding'] = 'pma__navigationhiding';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['users'] = 'pma__users';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['pmadb'] = 'phpmyadmin';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['controluser'] = 'pma';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['controlpass'] = '$PASS';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['bookmarktable'] = 'pma__bookmark';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['relation'] = 'pma__relation';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['userconfig'] = 'pma__userconfig';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['table_info'] = 'pma__table_info';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['column_info'] = 'pma__column_info';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['history'] = 'pma__history';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['recent'] = 'pma__recent';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['table_uiprefs'] = 'pma__table_uiprefs';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['tracking'] = 'pma__tracking';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['table_coords'] = 'pma__table_coords';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['pdf_pages'] = 'pma__pdf_pages';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['designer_coords'] = 'pma__designer_coords';" >> $pmapath1
+
+sed -i '/pmadb/d' $pmapath2
+sed -i '/controluser/d' $pmapath2
+sed -i '/bookmarktable/d' $pmapath2
+sed -i '/relation/d' $pmapath2
+sed -i '/userconfig/d' $pmapath2
+sed -i '/table_info/d' $pmapath2
+sed -i '/column_info/d' $pmapath2
+sed -i '/history/d' $pmapath2
+sed -i '/recent/d' $pmapath2
+sed -i '/table_uiprefs/d' $pmapath2
+sed -i '/tracking/d' $pmapath2
+sed -i '/table_coords/d' $pmapath2
+sed -i '/pdf_pages/d' $pmapath2
+sed -i '/designer_coords/d' $pmapath2
+sed -i '/controlpass/d' $pmapath2
+sed -i '/savedsearches/d' $pmapath2
+sed -i '/navigationhiding/d' $pmapath2
+sed -i '/users/d' $pmapath2
+sed -i '/controlpass/d' $pmapath2
+sed -i '/favorite/d' $pmapath2
+sed -i '/usergroups/d' $pmapath2
+sed -i '/central_columns/d' $pmapath2
+sed -i '/designer_settings/d' $pmapath2
+sed -i '/export_templates/d' $pmapath2
+echo "\$cfg['Servers'][\$i]['favorite'] = 'pma__favorite';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['central_columns'] = 'pma__central_columns';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['designer_settings'] = 'pma__designer_settings';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['export_templates'] = 'pma__export_templates';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['savedsearches'] = 'pma__savedsearches';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['navigationhiding'] = 'pma__navigationhiding';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['users'] = 'pma__users';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['pmadb'] = 'phpmyadmin';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['controluser'] = 'pma';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['controlpass'] = '$PASS';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['bookmarktable'] = 'pma__bookmark';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['relation'] = 'pma__relation';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['userconfig'] = 'pma__userconfig';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['table_info'] = 'pma__table_info';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['column_info'] = 'pma__column_info';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['history'] = 'pma__history';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['recent'] = 'pma__recent';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['table_uiprefs'] = 'pma__table_uiprefs';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['tracking'] = 'pma__tracking';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['table_coords'] = 'pma__table_coords';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['pdf_pages'] = 'pma__pdf_pages';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['designer_coords'] = 'pma__designer_coords';" >> $pmapath2
+
+#SOME WORK with DATABASE (table / user)
+PMADB=phpmyadmin
+PMAUSER=pma
+
+#DROP USER and TABLE
+mysql -uroot <<MYSQL_PMA1
+DROP USER '$PMAUSER'@'localhost';
+DROP DATABASE $PMADB;
+FLUSH PRIVILEGES;
+MYSQL_PMA1
+
+#CREATE PMA USER
+mysql -uroot <<MYSQL_PMA2
+CREATE USER '$PMAUSER'@'localhost' IDENTIFIED BY '$PASS';
+CREATE DATABASE $PMADB;
+MYSQL_PMA2
+
+#GRANT PMA USE SOME RIGHTS
+mysql -uroot <<MYSQL_PMA3
+USE $PMADB;
+GRANT USAGE ON $PMADB.* TO '$PMAUSER'@'localhost' IDENTIFIED BY '$PASS';
+GRANT ALL PRIVILEGES ON $PMADB.* TO '$PMAUSER'@'localhost';
+FLUSH PRIVILEGES;
+MYSQL_PMA3
+
+#MYSQL DB and TABLES ADDITION
+mysql -uroot < /root/phpmyadmin/create_tables.sql
\ No newline at end of file
diff --git a/install/debian/10/postgresql/pg_hba.conf b/install/debian/10/postgresql/pg_hba.conf
new file mode 100644
index 00000000..1ba43941
--- /dev/null
+++ b/install/debian/10/postgresql/pg_hba.conf
@@ -0,0 +1,11 @@
+# "local" is for Unix domain socket connections only
+local   all         all                               ident
+
+# IPv4 local connections:
+host    all         all         127.0.0.1/32          md5
+
+# IPv6 local connections:
+host    all         all         ::1/128               md5
+
+# Others
+host    all         all         0.0.0.0/0             md5
diff --git a/install/debian/10/proftpd/proftpd.conf b/install/debian/10/proftpd/proftpd.conf
new file mode 100644
index 00000000..69ec6b2e
--- /dev/null
+++ b/install/debian/10/proftpd/proftpd.conf
@@ -0,0 +1,32 @@
+ServerName                      "FTP"
+ServerIdent                     on "FTP Server ready."
+ServerAdmin                     root@localhost
+DefaultServer                   on
+DefaultRoot                  ~ !adm
+
+<IfModule mod_vroot.c>
+    VRootEngine                 on
+    VRootAlias                  /etc/security/pam_env.conf etc/security/pam_env.conf
+</IfModule>
+
+AuthPAMConfig                   proftpd
+AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
+UseReverseDNS                   off
+User                            proftpd
+Group                           nogroup
+MaxInstances                    20
+UseSendfile                     off
+LogFormat                       default "%h %l %u %t \"%r\" %s %b"
+LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
+ListOptions                     -a
+RequireValidShell               off
+PassivePorts                    12000 12100
+
+<Global>
+  Umask                         002
+  IdentLookups                  off
+  AllowOverwrite                yes
+  <Limit ALL SITE_CHMOD>
+    AllowAll
+  </Limit>
+</Global>
diff --git a/install/debian/10/roundcube/apache.conf b/install/debian/10/roundcube/apache.conf
new file mode 100644
index 00000000..a0c87bcc
--- /dev/null
+++ b/install/debian/10/roundcube/apache.conf
@@ -0,0 +1,40 @@
+Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
+Alias /roundcube /var/lib/roundcube
+Alias /webmail /var/lib/roundcube
+
+# Access to tinymce files
+<Directory "/usr/share/tinymce/www/">
+      Options Indexes MultiViews FollowSymLinks
+      AllowOverride None
+      Order allow,deny
+      allow from all
+</Directory>
+
+<Directory /var/lib/roundcube/>
+  Options +FollowSymLinks
+  # This is needed to parse /var/lib/roundcube/.htaccess. See its
+  # content before setting AllowOverride to None.
+  AllowOverride All
+  order allow,deny
+  allow from all
+</Directory>
+
+# Protecting basic directories:
+<Directory /var/lib/roundcube/config>
+        Options -FollowSymLinks
+        AllowOverride None
+</Directory>
+
+<Directory /var/lib/roundcube/temp>
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+</Directory>
+
+<Directory /var/lib/roundcube/logs>
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+</Directory>
diff --git a/install/debian/10/roundcube/config.inc.php b/install/debian/10/roundcube/config.inc.php
new file mode 100644
index 00000000..0c82b1bc
--- /dev/null
+++ b/install/debian/10/roundcube/config.inc.php
@@ -0,0 +1,33 @@
+<?php
+
+// Password Plugin options
+// -----------------------
+// A driver to use for password change. Default: "sql".
+// See README file for list of supported driver names.
+$rcmail_config['password_driver'] = 'vesta';
+
+// Require the new password to be a certain length.
+// set to blank to allow passwords of any length
+$rcmail_config['password_minimum_length'] = 6;
+
+// Require the new password to contain a letter and punctuation character
+// Change to false to remove this check.
+$rcmail_config['password_require_nonalpha'] = false;
+
+// Enables logging of password changes into logs/password
+$rcmail_config['password_log'] = false;
+
+// Comma-separated list of login exceptions for which password change
+// will be not available (no Password tab in Settings)
+$rcmail_config['password_login_exceptions'] = null;
+
+
+// By default domains in variables are using unicode.
+// Enable this option to use punycoded names
+$rcmail_config['password_idn_ascii'] = false;
+
+// Vesta Driver options
+// -----------------------
+// Control Panel host
+$rcmail_config['password_vesta_host'] = 'localhost';
+$rcmail_config['password_vesta_port'] = '8083';
diff --git a/install/debian/10/roundcube/db.inc.php b/install/debian/10/roundcube/db.inc.php
new file mode 100644
index 00000000..5268a309
--- /dev/null
+++ b/install/debian/10/roundcube/db.inc.php
@@ -0,0 +1,66 @@
+<?php
+
+/*
+ +-----------------------------------------------------------------------+
+ | Configuration file for database access                                |
+ |                                                                       |
+ | This file is part of the RoundCube Webmail client                     |
+ | Copyright (C) 2005-2008, RoundCube Dev. - Switzerland                 |
+ | Licensed under the GNU GPL                                            |
+ |                                                                       |
+ +-----------------------------------------------------------------------+
+
+*/
+
+$rcmail_config = array();
+
+// PEAR database DSN for read/write operations
+// format is db_provider://user:password@host/database 
+
+$rcmail_config['db_dsnw'] = 'mysql://roundcube:%password%@localhost/roundcube';
+// postgres example: 'pgsql://roundcube:pass@localhost/roundcubemail';
+
+// PEAR database DSN for read only operations (if empty write database will be used)
+// useful for database replication
+$rcmail_config['db_dsnr'] = '';
+
+// database backend to use (only db or mdb2 are supported)
+//$rcmail_config['db_backend'] = 'mdb2';
+
+// maximum length of a query in bytes
+$rcmail_config['db_max_length'] = 512000;  // 500K
+
+// use persistent db-connections
+// beware this will not "always" work as expected
+// see: http://www.php.net/manual/en/features.persistent-connections.php
+$rcmail_config['db_persistent'] = FALSE;
+
+
+// you can define specific table names used to store webmail data
+$rcmail_config['db_table_users'] = 'users';
+
+$rcmail_config['db_table_identities'] = 'identities';
+
+$rcmail_config['db_table_contacts'] = 'contacts';
+
+$rcmail_config['db_table_session'] = 'session';
+
+$rcmail_config['db_table_cache'] = 'cache';
+
+$rcmail_config['db_table_messages'] = 'messages';
+
+
+// you can define specific sequence names used in PostgreSQL
+$rcmail_config['db_sequence_users'] = 'user_ids';
+
+$rcmail_config['db_sequence_identities'] = 'identity_ids';
+
+$rcmail_config['db_sequence_contacts'] = 'contact_ids';
+
+$rcmail_config['db_sequence_cache'] = 'cache_ids';
+
+$rcmail_config['db_sequence_messages'] = 'message_ids';
+
+
+// end db config file
+?>
diff --git a/install/debian/10/roundcube/main.inc.php b/install/debian/10/roundcube/main.inc.php
new file mode 100644
index 00000000..97cdbf2d
--- /dev/null
+++ b/install/debian/10/roundcube/main.inc.php
@@ -0,0 +1,850 @@
+<?php
+
+/*
+ +-----------------------------------------------------------------------+
+ | Main configuration file                                               |
+ |                                                                       |
+ | This file is part of the Roundcube Webmail client                     |
+ | Copyright (C) 2005-2011, The Roundcube Dev Team                       |
+ |                                                                       |
+ | Licensed under the GNU General Public License version 3 or            |
+ | any later version with exceptions for skins & plugins.                |
+ | See the README file for a full license statement.                     |
+ |                                                                       |
+ +-----------------------------------------------------------------------+
+
+*/
+
+$rcmail_config = array();
+
+// ----------------------------------
+// LOGGING/DEBUGGING
+// ----------------------------------
+
+// system error reporting: 1 = log; 2 = report (not implemented yet), 4 = show, 8 = trace
+$rcmail_config['debug_level'] = 1;
+
+// log driver:  'syslog' or 'file'.
+$rcmail_config['log_driver'] = 'file';
+
+// date format for log entries
+// (read http://php.net/manual/en/function.date.php for all format characters)  
+$rcmail_config['log_date_format'] = 'd-M-Y H:i:s O';
+
+// Syslog ident string to use, if using the 'syslog' log driver.
+$rcmail_config['syslog_id'] = 'roundcube';
+
+// Syslog facility to use, if using the 'syslog' log driver.
+// For possible values see installer or http://php.net/manual/en/function.openlog.php
+$rcmail_config['syslog_facility'] = LOG_USER;
+
+// Log sent messages to <log_dir>/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to <log_dir>/userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to <log_dir>/session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to <log_dir>/sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to <log_dir>/imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to <log_dir>/ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to <log_dir>/smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other']    = null;
+$rcmail_config['imap_ns_shared']   = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host 
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages 
+// Leave this blank and you will get the server variable 'server_name' or 
+// localhost if that isn't defined. 
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = false;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0; 
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0; 
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null;  # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting, 
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true 
+$rcmail_config['quota_zero_as_unlimited'] = false;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to 
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+//  o=root
+//   ou=people
+//    uid=user@domain
+//  mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/* 
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+  'name'          => 'Verisign.com',
+  // Replacement variables supported in host names:
+  // %h - user's IMAP hostname
+  // %n - http hostname ($_SERVER['SERVER_NAME'])
+  // %d - domain (http hostname without the first part)
+  // %z - IMAP domain (IMAP hostname without the first part)
+  // For example %n = mail.domain.tld, %d = domain.tld
+  'hosts'         => array('directory.verisign.com'),
+  'port'          => 389,
+  'use_tls'	      => false,
+  'ldap_version'  => 3,       // using LDAPv3
+  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+  // %fu - The full username provided, assumes the username is an email
+  //       address, uses the username_domain value if not an email address.
+  // %u  - The username prior to the '@'.
+  // %d  - The domain name after the '@'.
+  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+  // %dn - DN found by ldap search when search_filter/search_base_dn are used
+  'base_dn'       => '',
+  'bind_dn'       => '',
+  'bind_pass'     => '',
+  // It's possible to bind for an individual address book
+  // The login name is used to search for the DN to bind with
+  'search_base_dn' => '',
+  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
+  // Default for %dn variable if search doesn't return DN value
+  'search_dn_default' => '',
+  // Optional authentication identifier to be used as SASL authorization proxy
+  // bind_dn need to be empty
+  'auth_cid'       => '',
+  // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+  'auth_method'    => '',
+  // Indicates if the addressbook shall be hidden from the list.
+  // With this option enabled you can still search/view contacts.
+  'hidden'        => false,
+  // Indicates if the addressbook shall not list contacts but only allows searching.
+  'searchonly'    => false,
+  // Indicates if we can write to the LDAP directory or not.
+  // If writable is true then these fields need to be populated:
+  // LDAP_Object_Classes, required_fields, LDAP_rdn
+  'writable'       => false,
+  // To create a new contact these are the object classes to specify
+  // (or any other classes you wish to use).
+  'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+  // The RDN field that is used for new entries, this field needs
+  // to be one of the search_fields, the base of base_dn is appended
+  // to the RDN to insert into the LDAP directory.
+  'LDAP_rdn'       => 'cn',
+  // The required fields needed to build a new contact as required by
+  // the object classes (can include additional fields not required by the object classes).
+  'required_fields' => array('cn', 'sn', 'mail'),
+  'search_fields'   => array('mail', 'cn'),  // fields to search in
+  // mapping of contact fields to directory attributes
+  //   for every attribute one can specify the number of values (limit) allowed.
+  //   default is 1, a wildcard * means unlimited
+  'fieldmap' => array(
+    // Roundcube  => LDAP:limit
+    'name'        => 'cn',
+    'surname'     => 'sn',
+    'firstname'   => 'givenName',
+    'title'       => 'title',
+    'email'       => 'mail:*',
+    'phone:home'  => 'homePhone',
+    'phone:work'  => 'telephoneNumber',
+    'phone:mobile' => 'mobile',
+    'phone:pager' => 'pager',
+    'street'      => 'street',
+    'zipcode'     => 'postalCode',
+    'region'      => 'st',
+    'locality'    => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+//    'country'     => 'c',
+    'department'  => 'departmentNumber',
+    'notes'       => 'description',
+// these currently don't work:
+//    'phone:workfax' => 'facsimileTelephoneNumber',
+//    'photo'        => 'jpegPhoto',
+//    'organization' => 'o',
+//    'manager'      => 'manager',
+//    'assistant'    => 'secretary',
+  ),
+  // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+  'sub_fields' => array(),
+  'sort'          => 'cn',    // The field to sort the listing by.
+  'scope'         => 'sub',   // search mode: sub|base|list
+  'filter'        => '(objectClass=inetOrgPerson)',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+  'fuzzy_search'  => true,    // server allows wildcard search
+  'vlv'           => false,   // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+  'numsub_filter' => '(objectClass=organizationalUnit)',   // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+  'referrals'     => true|false,  // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+  // definition for contact groups (uncomment if no groups are supported)
+  // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+  // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+  // -> in this case, assure that groups and contacts are separated due to the concernig filters! 
+  'groups'        => array(
+    'base_dn'     => '',
+    'scope'       => 'sub',   // search mode: sub|base|list
+    'filter'      => '(objectClass=groupOfNames)',
+    'object_classes' => array("top", "groupOfNames"),
+    'member_attr'  => 'member',   // name of the member attribute, e.g. uniqueMember
+    'name_attr'    => 'cn',       // attribute to be used as group name
+  ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}<br/>{locality} {zipcode}<br/>{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'larry';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only 
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 300 seconds (5min)
+$rcmail_config['draft_autosave'] = 300;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body 
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads 
+// 1 - Expand all threads automatically 
+// 2 - Expand only threads with unread messages 
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null;  // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/debian/10/roundcube/vesta.php b/install/debian/10/roundcube/vesta.php
new file mode 100644
index 00000000..b3dd167f
--- /dev/null
+++ b/install/debian/10/roundcube/vesta.php
@@ -0,0 +1,73 @@
+<?php
+
+/**
+ * Vesta Control Panel Password Driver
+ *
+ * @version 1.0
+ * @author Serghey Rodin <skid@vestacp.com>
+ */
+class rcube_vesta_password {
+    function save($curpass, $passwd)
+    {
+        $rcmail = rcmail::get_instance();
+        $vesta_host = $rcmail->config->get('password_vesta_host');
+
+        if (empty($vesta_host))
+        {
+            $vesta_host = 'localhost';
+        }
+
+        $vesta_port = $rcmail->config->get('password_vesta_port');
+        if (empty($vesta_port))
+        {
+            $vesta_port = '8083';
+        }
+
+        $postvars = array(
+          'email' => $_SESSION['username'],
+          'password' => $curpass,
+          'new' => $passwd
+        );
+
+        $postdata = http_build_query($postvars);
+
+        $send  = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+        $send .= 'Host: ' . $vesta_host . PHP_EOL;
+        $send .= 'User-Agent: PHP Script' . PHP_EOL;
+        $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+        $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+        $send .= 'Connection: close' . PHP_EOL;
+        $send .= PHP_EOL;
+        $send .= $postdata . PHP_EOL . PHP_EOL;
+
+        //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+        $errno = "";
+        $errstr = "";
+        $context = stream_context_create();
+
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+        $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+        $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+        fputs($fp, $send);
+        $result = fread($fp, 2048);
+        fclose($fp);
+
+        $fp = fopen("/tmp/roundcube.log", 'w');
+        fwrite($fp, "test ok");
+        fwrite($fp, "\n");
+        fclose($fp);
+
+
+        if(strpos($result, 'ok') && !strpos($result, 'error'))
+        {
+            return PASSWORD_SUCCESS;
+        }
+        else {
+            return PASSWORD_ERROR;
+        }
+
+    }
+}
diff --git a/install/debian/10/sudo/admin b/install/debian/10/sudo/admin
new file mode 100644
index 00000000..4226bdd4
--- /dev/null
+++ b/install/debian/10/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+admin   ALL=(ALL)       ALL
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/debian/10/templates/dns/child-ns.tpl b/install/debian/10/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/debian/10/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/10/templates/dns/default.tpl b/install/debian/10/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/debian/10/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/10/templates/dns/gmail.tpl b/install/debian/10/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/debian/10/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
new file mode 100755
index 00000000..ce8ce02b
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
@@ -0,0 +1,87 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.3-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_73" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_73)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.3/fpm/pool.d/www.conf
+fi
+
+exit 0
\ No newline at end of file
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl
new file mode 100644
index 00000000..9660c234
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl
@@ -0,0 +1,44 @@
+<VirtualHost %ip%:%web_ssl_port%>
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    <Directory %home%/%user%/web/%domain%/stats>
+        AllowOverride All
+    </Directory>
+    <Directory %sdocroot%>
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	</Directory>
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    <IfModule mod_ruid2.c>
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    </IfModule>
+#    <IfModule itk.c>
+#        AssignUserID %user% %group%
+#    </IfModule>
+
+    <FilesMatch \.php$>
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    </FilesMatch>
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+</VirtualHost>
+
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl
new file mode 100644
index 00000000..892c0d1f
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl
@@ -0,0 +1,38 @@
+<VirtualHost %ip%:%web_port%>
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    <Directory %home%/%user%/web/%domain%/stats>
+        AllowOverride All
+    </Directory>
+    <Directory %sdocroot%>
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    </Directory>
+#    <IfModule mod_ruid2.c>
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    </IfModule>
+#    <IfModule itk.c>
+#        AssignUserID %user% %group%
+#    </IfModule>
+
+    <FilesMatch \.php$>
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    </FilesMatch>
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+</VirtualHost>
+
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
new file mode 100755
index 00000000..aa7b6dbe
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
@@ -0,0 +1,86 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.3-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_73" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_73)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.3/fpm/pool.d/www.conf
+fi
+
+exit 0
\ No newline at end of file
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl b/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl
new file mode 100644
index 00000000..28224413
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl
@@ -0,0 +1,44 @@
+<VirtualHost %ip%:%web_ssl_port%>
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    <Directory %home%/%user%/web/%domain%/stats>
+        AllowOverride All
+    </Directory>
+    <Directory %sdocroot%>
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	</Directory>
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    <IfModule mod_ruid2.c>
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    </IfModule>
+#    <IfModule itk.c>
+#        AssignUserID %user% %group%
+#    </IfModule>
+
+    <FilesMatch \.php$>
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    </FilesMatch>
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+</VirtualHost>
+
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl b/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl
new file mode 100644
index 00000000..7bec5e73
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl
@@ -0,0 +1,38 @@
+<VirtualHost %ip%:%web_port%>
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    <Directory %home%/%user%/web/%domain%/stats>
+        AllowOverride All
+    </Directory>
+    <Directory %sdocroot%>
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    </Directory>
+#    <IfModule mod_ruid2.c>
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    </IfModule>
+#    <IfModule itk.c>
+#        AssignUserID %user% %group%
+#    </IfModule>
+
+    <FilesMatch \.php$>
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    </FilesMatch>
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+</VirtualHost>
+
diff --git a/install/debian/10/templates/web/awstats/awstats.tpl b/install/debian/10/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/debian/10/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain  = 1
+MaxNbOfHostsShown = 10
+MinHitHost    = 1
+MaxNbOfLoginShown = 10
+MinHitLogin   = 1
+MaxNbOfRobotShown = 10
+MinHitRobot   = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile    = 1
+MaxNbOfOsShown = 10
+MinHitOs      = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer   = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail   = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth   = 260
+BarHeight  = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/debian/10/templates/web/awstats/index.tpl b/install/debian/10/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/debian/10/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+<html>
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+    <title>Awstats log analyzer </title>
+</head>
+<frameset rows="60,*" cols="*">
+    <frame src="nav.html" name="nav" scrolling="no" noresize>
+    <frame src="%month%/index.html" name="stats">
+</frameset>
+</html>
diff --git a/install/debian/10/templates/web/awstats/nav.tpl b/install/debian/10/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/debian/10/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+<html>
+<head>
+    <title>Awstats navigation</title>
+    <script language="javascript">
+        function change() {
+            top.stats.location= document.period.select.value + '/';
+        }
+    </script>
+</head>
+<body>
+<table width="100%" border="0" cellspacing="0" cellpadding="0">
+<tr>
+    <td><img src="logo.png" alt="vesta"></td>
+    <td><form name="period" action="" method="get">
+        <select name="select" ONCHANGE="change()">
+%select_month%
+        </select>
+    </form>
+    </td>
+</tr>
+</table>
+</body>
+</html>
diff --git a/install/debian/10/templates/web/nginx/force-https-legacy.stpl b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
new file mode 100644
index 00000000..e2bf9061
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/force-https-legacy.tpl b/install/debian/10/templates/web/nginx/force-https-legacy.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-legacy.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/force-https-public.stpl b/install/debian/10/templates/web/nginx/force-https-public.stpl
new file mode 100644
index 00000000..86828f5e
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-public.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/force-https-public.tpl b/install/debian/10/templates/web/nginx/force-https-public.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-public.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/force-https.stpl b/install/debian/10/templates/web/nginx/force-https.stpl
new file mode 100644
index 00000000..d8da2530
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/force-https.tpl b/install/debian/10/templates/web/nginx/force-https.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/hosting-public.stpl b/install/debian/10/templates/web/nginx/hosting-public.stpl
new file mode 100644
index 00000000..86828f5e
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-public.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-public.tpl b/install/debian/10/templates/web/nginx/hosting-public.tpl
new file mode 100644
index 00000000..9ff417ba
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-public.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..706c705b
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..7085e047
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail.stpl b/install/debian/10/templates/web/nginx/hosting-webmail.stpl
new file mode 100644
index 00000000..95c1571c
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail.stpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail.tpl b/install/debian/10/templates/web/nginx/hosting-webmail.tpl
new file mode 100644
index 00000000..976737c7
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail.tpl
@@ -0,0 +1,47 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting.sh b/install/debian/10/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/10/templates/web/nginx/hosting.stpl b/install/debian/10/templates/web/nginx/hosting.stpl
new file mode 100755
index 00000000..e4de8c81
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting.tpl b/install/debian/10/templates/web/nginx/hosting.tpl
new file mode 100755
index 00000000..15961c95
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..d85bcce3
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..9c24c3ea
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,61 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..d7186314
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..4f0b9ec7
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,127 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/default.stpl b/install/debian/10/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/default.tpl b/install/debian/10/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..f85032ba
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/10/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..0af7ce84
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,95 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/10/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..d1096bff
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/10/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..030ea952
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,95 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/10/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/10/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..030ea952
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,95 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/10/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/joomla.stpl b/install/debian/10/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..704405f3
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/joomla.tpl b/install/debian/10/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/laravel.stpl b/install/debian/10/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..477f6f01
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/laravel.tpl b/install/debian/10/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/magento.stpl b/install/debian/10/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..fdab43aa
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,198 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %sdocroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %sdocroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %sdocroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %sdocroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/magento.tpl b/install/debian/10/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %docroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %docroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %docroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %docroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/modx.stpl b/install/debian/10/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..f410ab77
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  https://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/modx.tpl b/install/debian/10/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  http://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/moodle.stpl b/install/debian/10/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..f15a68c5
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,90 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/moodle.tpl b/install/debian/10/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/no-php.stpl b/install/debian/10/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..bc8b53a3
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,47 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/no-php.tpl b/install/debian/10/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/odoo.stpl b/install/debian/10/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..d6697d7a
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,70 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+    
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/odoo.tpl b/install/debian/10/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/opencart.stpl b/install/debian/10/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..908b9aeb
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/opencart.tpl b/install/debian/10/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/owncloud.stpl b/install/debian/10/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..891566b9
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/owncloud.tpl b/install/debian/10/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/piwik.stpl b/install/debian/10/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..78c1bb78
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,73 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/piwik.tpl b/install/debian/10/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+            return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..5ffc9ed5
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+        }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/sendy.stpl b/install/debian/10/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+     location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/sendy.tpl b/install/debian/10/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress.stpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress.tpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..e0aeb524
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..0d933b30
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+} 
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/private-force-https.stpl b/install/debian/10/templates/web/nginx/private-force-https.stpl
new file mode 100644
index 00000000..7296bd71
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-force-https.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/private-force-https.tpl b/install/debian/10/templates/web/nginx/private-force-https.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/private-hosting.sh b/install/debian/10/templates/web/nginx/private-hosting.sh
new file mode 100755
index 00000000..abc9155d
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/10/templates/web/nginx/private-hosting.stpl b/install/debian/10/templates/web/nginx/private-hosting.stpl
new file mode 100644
index 00000000..6ac66cbf
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-hosting.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/private-hosting.tpl b/install/debian/10/templates/web/nginx/private-hosting.tpl
new file mode 100644
index 00000000..aa483ec9
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-hosting.tpl
@@ -0,0 +1,37 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..3f5e8fa6
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+    access_log     /var/log/%web_system%/domains/%domain%.log combined;
+
+    location / {
+        proxy_pass      https://%ip%:12383;
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin/ {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/vesta.stpl b/install/debian/10/templates/web/nginx/vesta.stpl
new file mode 100644
index 00000000..4bf7d854
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/vesta.stpl
@@ -0,0 +1,32 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+    access_log     /var/log/%web_system%/domains/%domain%.log combined;
+
+    location / {
+        proxy_pass      https://%ip%:8083;
+    }
+
+    location /webmail/ {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location /phpmyadmin/ {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/vesta.tpl b/install/debian/10/templates/web/nginx/vesta.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/vesta.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/php-fpm/default.tpl b/install/debian/10/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/debian/10/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/10/templates/web/php-fpm/no-php.tpl b/install/debian/10/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/debian/10/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/10/templates/web/php-fpm/socket.tpl b/install/debian/10/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/debian/10/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/10/templates/web/skel/document_errors/403.html b/install/debian/10/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/debian/10/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
+    <title>403 &mdash; Forbidden</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+    <meta name="description" content="You do not have permission to view this"/>
+    <style type="text/css">
+        body {font-size:14px; color:#777777; font-family:arial; text-align:center;}
+        h1 {font-size:180px; color:#99A7AF; margin: 70px 0 0 0;}
+        h2 {color: #DE6C5D; font-family: arial; font-size: 20px; font-weight: bold; letter-spacing: -1px; margin: -3px 0 39px;}
+        p {width:320px; text-align:center; margin-left:auto;margin-right:auto; margin-top: 30px }
+        div {width:320px; text-align:center; margin-left:auto;margin-right:auto;}
+        a:link {color: #34536A;}
+        a:visited {color: #34536A;}
+        a:active {color: #34536A;}
+        a:hover {color: #34536A;}
+    </style>
+</head>
+
+<body>
+    <p><a href="http://%domain%/">%domain%</a></p>
+
+    <h1>403</h1>
+    <h2>Forbidden</h2>
+    <div>
+        Unfortunately, you do not have permission to view this
+    </div>
+</body>
+
+</html>
diff --git a/install/debian/10/templates/web/skel/document_errors/404.html b/install/debian/10/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/debian/10/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
+    <title>404 &mdash; Not Found</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+    <meta name="description" content="Sorry, page not found"/>
+    <style type="text/css">
+        body {font-size:14px; color:#777777; font-family:arial; text-align:center;}
+        h1 {font-size:180px; color:#99A7AF; margin: 70px 0 0 0;}
+        h2 {color: #DE6C5D; font-family: arial; font-size: 20px; font-weight: bold; letter-spacing: -1px; margin: -3px 0 39px;}
+        p {width:320px; text-align:center; margin-left:auto;margin-right:auto; margin-top: 30px }
+        div {width:320px; text-align:center; margin-left:auto;margin-right:auto;}
+        a:link {color: #34536A;}
+        a:visited {color: #34536A;}
+        a:active {color: #34536A;}
+        a:hover {color: #34536A;}
+    </style>
+</head>
+
+<body>
+    <p><a href="http://%domain%/">%domain%</a></p>
+    <h1>404</h1>
+    <h2>Page Not Found</h2>
+    <div>
+        It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+        You can start again from the <a href="http://%domain%/">home</a> or go back to <a href="javascript:%20history.go(-1)">previous page</a>.
+    </div>
+</body>
+</html>
diff --git a/install/debian/10/templates/web/skel/document_errors/50x.html b/install/debian/10/templates/web/skel/document_errors/50x.html
new file mode 100755
index 00000000..85ba648b
--- /dev/null
+++ b/install/debian/10/templates/web/skel/document_errors/50x.html
@@ -0,0 +1,29 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
+    <title>500 &mdash; Internal Sever Error</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+    <meta name="description" content="Sorry, something went wrong. Internal Server Error"/>
+    <style type="text/css">
+        body {font-size:14px; color:#777777; font-family:arial; text-align:center;}
+        h1 {font-size:180px; color:#99A7AF; margin: 70px 0 0 0;}
+        h2 {color: #DE6C5D; font-family: arial; font-size: 20px; font-weight: bold; letter-spacing: -1px; margin: -3px 0 39px;}
+        p {width:320px; text-align:center; margin-left:auto;margin-right:auto; margin-top: 30px }
+        div {width:320px; text-align:center; margin-left:auto;margin-right:auto;}
+        a:link {color: #34536A;}
+        a:visited {color: #34536A;}
+        a:active {color: #34536A;}
+        a:hover {color: #34536A;}
+    </style>
+</head>
+
+<body>
+    <p><a href="http://%domain%/">%domain%</a></p>
+
+    <h1>500</h1>
+    <h2>Internal Server Error</h2>
+    <div>
+        Sorry, something went wrong :(
+    </div>
+</body>
+
+</html>
diff --git a/install/debian/10/templates/web/skel/public_html/index.html b/install/debian/10/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/debian/10/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
+    <title>%domain% &mdash; Coming Soon</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+    <meta name="description" content="This is a default index page for a new domain."/>
+    <style type="text/css">
+        body {font-size:10px; color:#777777; font-family:arial; text-align:center;}
+        h1 {font-size:64px; color:#555555; margin: 70px 0 50px 0;}
+        p {width:320px; text-align:center; margin-left:auto;margin-right:auto; margin-top: 30px }
+        div {width:320px; text-align:center; margin-left:auto;margin-right:auto;}
+        a:link {color: #34536A;}
+        a:visited {color: #34536A;}
+        a:active {color: #34536A;}
+        a:hover {color: #34536A;}
+    </style>
+</head>
+
+<body>
+    <h1>%domain%</h1>
+    <div>
+        <a href="http://vestacp.com/">Powered by VESTA</a>
+    </div>
+</body>
+
+</html>
+
diff --git a/install/debian/10/templates/web/skel/public_html/robots.txt b/install/debian/10/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/10/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/10/templates/web/skel/public_shtml/index.html b/install/debian/10/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/debian/10/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
+    <title>%domain% &mdash; Coming Soon</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+    <meta name="description" content="This is a default index page for a new domain."/>
+    <style type="text/css">
+        body {font-size:10px; color:#777777; font-family:arial; text-align:center;}
+        h1 {font-size:64px; color:#555555; margin: 70px 0 50px 0;}
+        p {width:320px; text-align:center; margin-left:auto;margin-right:auto; margin-top: 30px }
+        div {width:320px; text-align:center; margin-left:auto;margin-right:auto;}
+        a:link {color: #34536A;}
+        a:visited {color: #34536A;}
+        a:active {color: #34536A;}
+        a:hover {color: #34536A;}
+    </style>
+</head>
+
+<body>
+    <h1>%domain%</h1>
+    <div>
+        <a href="http://vestacp.com/">Powered by VESTA</a>
+    </div>
+</body>
+
+</html>
+
diff --git a/install/debian/10/templates/web/skel/public_shtml/robots.txt b/install/debian/10/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/10/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/10/templates/web/suspend/.htaccess b/install/debian/10/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/debian/10/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/debian/10/templates/web/suspend/index.html b/install/debian/10/templates/web/suspend/index.html
new file mode 100755
index 00000000..f2d04e1f
--- /dev/null
+++ b/install/debian/10/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
+    <title>Website Suspended</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+    <meta name="description" content="This website has been suspended."/>
+    <style type="text/css">
+        body {font-size:14px; color:#777777; font-family:arial; text-align:center;}
+        h1 {font-size:84px; color:#99A7AF; margin: 70px 0 0 0;}
+        h2 {color: #DE6C5D; font-family: arial; font-size: 20px; font-weight: bold; letter-spacing: -1px; margin: 15px 0 25px;}
+        p {width:320px; text-align:center; margin-left:auto;margin-right:auto; margin-top: 30px }
+        div {width:320px; text-align:center; margin-left:auto;margin-right:auto;}
+        a:link {color: #34536A;}
+        a:visited {color: #34536A;}
+        a:active {color: #34536A;}
+        a:hover {color: #34536A;}
+    </style>
+</head>
+<body>
+    <h1>SUSPENDED</h1>
+    <h2>This website has been suspended.</h2>
+    <div>
+        Please contact the technical support department.
+    </div>
+</body>
+</html>
diff --git a/install/debian/10/templates/web/webalizer/webalizer.tpl b/install/debian/10/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/debian/10/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName         %domain_idn%
+LogFile          /var/log/%web_system%/domains/%domain%.log
+OutputDir        %home%/%user%/web/%domain%/stats
+HistoryName      %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental      yes
+IncrementalName  %home%/%user%/web/%domain%/stats/%domain%.current
+PageType         htm*
+PageType         cgi
+PageType         php
+PageType         shtml
+DNSCache         /var/lib/webalizer/dns_cache.db
+DNSChildren      10
+Quiet            yes
+FoldSeqErr       yes
+IndexAlias       index.php
+HideURL          *.gif
+HideURL          *.GIF
+HideURL          *.jpg
+HideURL          *.JPG
+HideURL          *.png
+HideURL          *.PNG
+HideURL          *.ra
+SearchEngine     abcsearch.          terms=
+SearchEngine     alexa.              q=
+SearchEngine     alltheweb.          q=
+SearchEngine     alltheweb.          query=
+SearchEngine     alot.               q=
+SearchEngine     altavista.          q=
+SearchEngine     aolsearch.          query=
+SearchEngine     aport.ru            r=
+SearchEngine     ask.                q=
+SearchEngine     atlas.cz            q=
+SearchEngine     bbc.                q=
+SearchEngine     bing.               q=
+SearchEngine     blingo.             q=
+SearchEngine     blogs.yandex.ru     text=
+SearchEngine     btopenworld         query=
+SearchEngine     buscador.ya.com     q=
+SearchEngine     busca.              q=
+SearchEngine     business.           query=
+SearchEngine     centrum.cz          q=
+SearchEngine     chiff.              q=
+SearchEngine     clusty.             query=
+SearchEngine     comcast.            q=
+SearchEngine     crawler.            q=
+SearchEngine     cuil.               q=
+SearchEngine     dmoz.               search=
+SearchEngine     dogpile.com         q=
+SearchEngine     dpxml               qkw=
+SearchEngine     eureka.             searchword=
+SearchEngine     euroseek.           string=
+SearchEngine     exalead.            q=
+SearchEngine     excite              search=
+SearchEngine     ezilon.             q=
+SearchEngine     fastbrowsersearch.  q=
+SearchEngine     feedster.com        q=
+SearchEngine     fireball.de         q=
+SearchEngine     fireball.           keyword=
+SearchEngine     freeserve.          q=
+SearchEngine     gigablast.          q=
+SearchEngine     gogo.ru             q=
+SearchEngine     go.mail.ru          q=
+SearchEngine     google.             q=
+SearchEngine     hakia.              q=
+SearchEngine     hotbot.             query=
+SearchEngine     infoseek.           qt=
+SearchEngine     iwon                searchfor=
+SearchEngine     ixquick.com         query=
+SearchEngine     joeant.             keywords=
+SearchEngine     jyxo.cz             s=
+SearchEngine     looksmart.          key=
+SearchEngine     lycos.              query=
+SearchEngine     mamma.              q=
+SearchEngine     metacrawler         q=
+SearchEngine     msn.                MT=
+SearchEngine     msxml               qkw=
+SearchEngine     mysearch.           searchfor=
+SearchEngine     mywebsearch.        searchfor=
+SearchEngine     netscape.           q=
+SearchEngine     nigma.ru            q=
+SearchEngine     northernlight.      qr=
+SearchEngine     ntlworld.           q=
+SearchEngine     orange.             q=
+SearchEngine     overture.           Keywords=
+SearchEngine     punto.ru            text=
+SearchEngine     rambler.            keyword=
+SearchEngine     search.aol.         q=
+SearchEngine     search.babylon.     q=
+SearchEngine     search.centrum.     phrase=
+SearchEngine     search.conduit.     q=
+SearchEngine     search.earthlink    q=
+SearchEngine     search.icq.         q=
+SearchEngine     search.live.com     q=
+SearchEngine     search.rambler.ru   words=
+SearchEngine     search.winamp.      q=
+SearchEngine     searchy.            q=
+SearchEngine     seznam.cz           w=
+SearchEngine     snap.               query=
+SearchEngine     teoma.              q=
+SearchEngine     teradex.com         q=
+SearchEngine     ukplus              key=
+SearchEngine     verizon.            q=
+SearchEngine     virginmedia.        q=
+SearchEngine     voila.              rdata=
+SearchEngine     webcrawler          searchText=
+SearchEngine     web.search.naver.   query=
+SearchEngine     wisenut             q=
+SearchEngine     yahoo.              p=
+SearchEngine     yandex.             text=
+SearchEngine     yodao.              q=
diff --git a/install/debian/10/vsftpd/vsftpd.conf b/install/debian/10/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..1ca1a992
--- /dev/null
+++ b/install/debian/10/vsftpd/vsftpd.conf
@@ -0,0 +1,26 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+#allow_writable_chroot=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_max_port=12100
+pasv_min_port=12000
+use_localtime=YES