commit | author | age
|
d58e21
|
1 |
|
T |
2 |
|
|
3 |
Setting up a chrooted ispconfig 3 installation |
|
4 |
-------------------------------------------------------------------- |
|
5 |
|
|
6 |
# Follow the steps 1 - 8 of the INSTALL_DEBIAN_5.0 Guide, then proceed |
|
7 |
# with the steps below. |
|
8 |
# |
787032
|
9 |
# This guide is experimental as there are a few changes necessary in |
J |
10 |
# ispconfig to get it working. These changes will be part of ISPConfig 3.0.2 |
d58e21
|
11 |
|
T |
12 |
# Install packages |
|
13 |
|
|
14 |
apt-get install debootstrap libapache2-mod-chroot |
|
15 |
|
787032
|
16 |
# Create the chroot environment |
d58e21
|
17 |
|
T |
18 |
debootstrap lenny /var/www/ ftp://ftp.fr.debian.org/debian/ |
|
19 |
|
787032
|
20 |
# Add mountpoints for the chroot env into the fstab file |
d58e21
|
21 |
|
T |
22 |
echo "/proc /var/www/proc proc defaults 0 0">>/etc/fstab |
|
23 |
echo "devpts /var/www/dev/pts devpts defaults 0 0">>/etc/fstab |
|
24 |
|
787032
|
25 |
# mount all the filesystems |
d58e21
|
26 |
|
T |
27 |
mount -a |
|
28 |
|
787032
|
29 |
# add a default chroot dir for all users of the sshusers group |
d58e21
|
30 |
|
T |
31 |
echo "@sshusers - chroot /var/www/">>/etc/security/limits.conf |
|
32 |
|
787032
|
33 |
# copy passwd and group files to the chroot env |
d58e21
|
34 |
|
787032
|
35 |
cp -rf /etc/apt /etc/passwd /etc/group /var/www/etc/ # Cleaning unnecessary users and groups |
d58e21
|
36 |
|
787032
|
37 |
# Create symlinks |
d58e21
|
38 |
|
T |
39 |
cd /var/www/var/ |
|
40 |
rm -rf /var/www/var/www |
|
41 |
ln -s / www |
|
42 |
|
|
43 |
# Enter the chroot |
|
44 |
|
|
45 |
chroot /var/www |
|
46 |
|
d7ef36
|
47 |
# Update files in the chroot environment and install some packages. |
d58e21
|
48 |
# You can ignore warnings about locales, we will fix them in the next step. |
T |
49 |
|
|
50 |
apt-get update |
|
51 |
apt-get install fakeroot --force-yes -y |
|
52 |
apt-get install locales |
|
53 |
|
|
54 |
# Reconfigure locales. Select e.g the en_US* locales. |
|
55 |
|
|
56 |
dpkg-reconfigure locales |
|
57 |
|
787032
|
58 |
# run a dist-upgrade |
d58e21
|
59 |
|
T |
60 |
fakeroot apt-get dist-upgrade |
|
61 |
|
787032
|
62 |
# Install Apache and PHP in the chroot environment |
d58e21
|
63 |
|
T |
64 |
apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby |
|
65 |
/etc/init.d/apache2 stop |
|
66 |
|
|
67 |
# Exit the chroot |
|
68 |
|
|
69 |
exit |
|
70 |
|
787032
|
71 |
# Moving the apache configuration is not necessary, as Apache reads |
d58e21
|
72 |
# the config files before it moves into the chroot |
T |
73 |
# rm -rf /var/www/etc/apache2 |
|
74 |
# mv -f /etc/apache2 /var/www/etc/ |
|
75 |
# ln -s /var/www/etc/apache2 /etc/apache2 |
|
76 |
|
|
77 |
rm -rf /var/www/etc/php5/cgi/ |
|
78 |
mv -f /etc/php5/cgi/ /var/www/etc/php5/ |
|
79 |
ln -s /var/www/etc/php5/cgi /etc/php5/ |
|
80 |
|
|
81 |
rm -rf /var/www/etc/php5/apache2/ |
|
82 |
mv -f /etc/php5/apache2/ /var/www/etc/php5/ |
|
83 |
ln -s /var/www/etc/php5/apache2 /etc/php5/ |
|
84 |
|
|
85 |
ln -s /var/www/var/run/apache2.pid /var/run/apache2.pid |
|
86 |
|
|
87 |
# enable mod_chroot |
|
88 |
|
|
89 |
a2enmod mod_chroot |
|
90 |
echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf |
|
91 |
|
|
92 |
# Start apache |
|
93 |
|
|
94 |
/etc/init.d/apache2 start |
|
95 |
|
|
96 |
# Install ISPConfig |
|
97 |
|
|
98 |
cd /tmp |
|
99 |
wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz |
|
100 |
tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz |
|
101 |
cd ispconfig3_install/install/ |
|
102 |
php -q install.php |
|
103 |
cd /tmp/ |
|
104 |
rm -rf ispconfig3_install |
|
105 |
rm -f ISPConfig-3.0.1.4-beta-2.tar.gz |
|
106 |
|
d7ef36
|
107 |
# Move the ispconfig interface part to the chroot environment and create a symlink |
d58e21
|
108 |
|
T |
109 |
mkdir /var/www/usr/local/ispconfig |
|
110 |
chown ispconfig:ispconfig /var/www/usr/local/ispconfig |
|
111 |
chmod 750 /var/www/usr/local/ispconfig |
|
112 |
mv /usr/local/ispconfig/interface /var/www/usr/local/ispconfig/ |
|
113 |
ln -s /var/www/usr/local/ispconfig/interface /usr/local/ispconfig/interface |
|
114 |
chroot /var/www adduser www-data ispconfig |
|
115 |
|
787032
|
116 |
# Create a link for the MySQL socket |
d58e21
|
117 |
|
T |
118 |
ln /var/run/mysqld/mysqld.sock /var/www/var/run/mysqld/mysqld.sock |
|
119 |
|
787032
|
120 |
# As an alternative to making a hardlink to the MySQL socket, |
J |
121 |
# change the my.cnf file in the chroot to use TCP sockets. |
|
122 |
# This is more secure but a bit slower than using the mysqld.sock file. |
d58e21
|
123 |
|
787032
|
124 |
# Restart Apache |
d58e21
|
125 |
|
T |
126 |
/etc/init.d/apache2 restart |
|
127 |
|
|
128 |
|
|
129 |
|