Client Area Configuration
The Client Area is the front-end interface dedicated to your end users. It allows clients to manage their services, access IPMI consoles and perform other account-related actions.
By default, the Client Area is installed locally, as an integrated part of the EasyDCIM platform. However, it can also be installed on a separate remote server — for example, in distributed or high-availability environments.
The Client Area runs inside a dedicated Docker container, providing an isolated and consistent runtime environment. It uses Nginx as the web server and is built from a lightweight Debian 13 image. This containerized setup ensures easy deployment, simplified updates, and compatibility across different environments.
Requirements
Before installing the Client Area, make sure that the target environment meets the following system and network requirements.
System Requirements:
- A server running Debian 12 (Bookworm)
- Root or sudo access to perform the installation
- At least 4 GB RAM and 4 vCPU (recommended minimum)
Network Requirements:
-
The Client Area server must be able to communicate with your EasyDCIM instance via:
80/TCPor443/TCP– for API communication6081–6200/TCP– for noVNC console (Websockify sessions)
Ensure that outbound connections to these ports are allowed in your firewall configuration.
Access and Configuration
The Client Area is fully powered by the EasyDCIM APIv3, which provides real-time communication between the client interface and your EasyDCIM backend. All data displayed in the Client Area — such as services, devices or user actions — is fetched and managed directly through secure API calls.
If the Client Area is installed locally together with EasyDCIM:
- It runs on ports 8444 (HTTP) and 8443 (HTTPS).
- All traffic is automatically redirected to
https://YOUR-EASYDCIM-URL/client.
When the Client Area is installed on an external server:
- It uses the standard web ports 80 (HTTP) and 443 (HTTPS).
- It can operate on a separate domain or IP address, and the
/clientsuffix is not added — the Client Area is then available directly under the chosen domain or subdomain.
Installation
To install or manage the Client Area, navigate to: Settings → Basic → Client Area. On this screen, you will find the installation and update commands tailored for your environment.
Below is a sample installation command:
apt-get install -y sudo curl && sudo curl -o /opt/client_installer.sh https://www.easydcim.com/download/live/client_installer.sh &&
bash /opt/client_installer.sh --backend-url "<YOUR_BACKEND_URL>" --app-token "<YOUR_APP_TOKEN>"
This command will download the latest Client Area installer script, automatically set up the environment and connect it to your EasyDCIM backend instance, and configure a secure Nginx-based environment with SSL support.
Important:
Replace the placeholders <YOUR_BACKEND_URL> and <YOUR_APP_TOKEN> with the actual values displayed in your EasyDCIM panel under Settings → Basic → Client Area.
Example:
--backend-url "https://demo.easydcim.com"
--app-token "34|aVsfnLAjLHaMrFP6xlq8OJPacRVsU3gz3HIvCtSb701d64d1"
Updating the Client Area
To update an existing Client Area installation, run the following command:
apt-get install -y sudo curl &&
sudo curl -o /opt/client_updater.sh https://www.easydcim.com/download/live/client_updater.sh &&
bash /opt/client_updater.sh
The updater will download the latest Client Area build, automatically perform system checks, and update all required components while preserving your configuration and SSL certificates.
SSL Configuration
The Client Area includes full SSL support, ensuring that all connections are secure and encrypted. You can choose from several SSL configuration methods depending on your needs and environment setup.
These options are available only when the Client Area is installed on a separate server and domain. If you use the local Client Area integrated on the same server as EasyDCIM, the system automatically uses the same SSL certificate that secures your EasyDCIM installation.
Free SSL (Let’s Encrypt)
If your Client Area is accessible from the internet and has a registered domain name, you can secure it using a free SSL certificate from Let’s Encrypt.
To issue a Let’s Encrypt certificate:
- Connect to the server where the Client Area is installed.
- Run the following command, replacing
<your-domain>with your actual domain name:
bash /opt/easydcim_client/scripts/letsencrypt/install.sh <your-domain>
To renew the certificate, simply run:
bash /opt/easydcim_client/scripts/letsencrypt/renew.sh
The renewal process is quick, automatic, and does not require any reconfiguration. You can also automate it by adding the command to cron so it runs twice a day, for example:
0 3,15 * * * bash /opt/easydcim_client/scripts/letsencrypt/renew.sh >/dev/null 2>&1
This example runs the renewal every day at 3:00 AM and 3:00 PM, keeping your SSL certificate always up to date.
This method is recommended for public production environments where the Client Area is accessible under a valid domain.
Paid or Custom SSL Certificates
If you use your own SSL certificates (for example, from a commercial provider), you can easily install them as well.
- Prepare the full paths to your certificate (
fullchain.pem) and private key (privkey.pem) files. - Run the following command, replacing the paths with your own:
bash /opt/easydcim_client/scripts/ssl/install.sh /etc/ssl/mydomain/fullchain.pem /etc/ssl/mydomain/privkey.pem
This option is recommended for users who already have a paid or organization-validated SSL certificate and prefer to use it instead of Let’s Encrypt.
noVNC Console Sessions
The Client Area also provides built-in support for noVNC console sessions, allowing users to remotely access their devices directly through the browser. These sessions are securely proxied through Nginx to the EasyDCIM backend using a WebSocket connection.
The proxy configuration ensures a stable and encrypted tunnel between the user’s browser and the remote machine.
When a session is started, the Client Area automatically forwards traffic through the /websockify/<port> endpoint, maintaining compatibility with EasyDCIM’s native VNC service.
This approach allows users to access their virtual or dedicated servers in real time without exposing internal ports, keeping all communication secured under the same SSL layer as the Client Area itself.
