| commit | author | age | ||
| d58e21 | 1 | |
| T | 2 | |
| 3 | Setting up a chrooted ispconfig 3 installation | |
| 4 | -------------------------------------------------------------------- | |
| 5 | ||
| 6 | # Follow the steps 1 - 8 of the INSTALL_DEBIAN_5.0 Guide, then proceed | |
| 7 | # with the steps below. | |
| 8 | # | |
| 787032 | 9 | # This guide is experimental as there are a few changes necessary in |
| J | 10 | # ispconfig to get it working. These changes will be part of ISPConfig 3.0.2 |
| d58e21 | 11 | |
| T | 12 | # Install packages |
| 13 | ||
| 14 | apt-get install debootstrap libapache2-mod-chroot | |
| 15 | ||
| 787032 | 16 | # Create the chroot environment |
| d58e21 | 17 | |
| T | 18 | debootstrap lenny /var/www/ ftp://ftp.fr.debian.org/debian/ |
| 19 | ||
| 787032 | 20 | # Add mountpoints for the chroot env into the fstab file |
| d58e21 | 21 | |
| T | 22 | echo "/proc /var/www/proc proc defaults 0 0">>/etc/fstab |
| 23 | echo "devpts /var/www/dev/pts devpts defaults 0 0">>/etc/fstab | |
| 24 | ||
| 787032 | 25 | # mount all the filesystems |
| d58e21 | 26 | |
| T | 27 | mount -a |
| 28 | ||
| 787032 | 29 | # add a default chroot dir for all users of the sshusers group |
| d58e21 | 30 | |
| T | 31 | echo "@sshusers - chroot /var/www/">>/etc/security/limits.conf |
| 32 | ||
| 787032 | 33 | # copy passwd and group files to the chroot env |
| d58e21 | 34 | |
| 787032 | 35 | cp -rf /etc/apt /etc/passwd /etc/group /var/www/etc/ # Cleaning unnecessary users and groups |
| d58e21 | 36 | |
| 787032 | 37 | # Create symlinks |
| d58e21 | 38 | |
| T | 39 | cd /var/www/var/ |
| 40 | rm -rf /var/www/var/www | |
| 41 | ln -s / www | |
| 42 | ||
| 43 | # Enter the chroot | |
| 44 | ||
| 45 | chroot /var/www | |
| 46 | ||
| d7ef36 | 47 | # Update files in the chroot environment and install some packages. |
| d58e21 | 48 | # You can ignore warnings about locales, we will fix them in the next step. |
| T | 49 | |
| 50 | apt-get update | |
| 51 | apt-get install fakeroot --force-yes -y | |
| 52 | apt-get install locales | |
| 53 | ||
| 54 | # Reconfigure locales. Select e.g the en_US* locales. | |
| 55 | ||
| 56 | dpkg-reconfigure locales | |
| 57 | ||
| 787032 | 58 | # run a dist-upgrade |
| d58e21 | 59 | |
| T | 60 | fakeroot apt-get dist-upgrade |
| 61 | ||
| 787032 | 62 | # Install Apache and PHP in the chroot environment |
| d58e21 | 63 | |
| T | 64 | apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby |
| 65 | /etc/init.d/apache2 stop | |
| 66 | ||
| 67 | # Exit the chroot | |
| 68 | ||
| 69 | exit | |
| 70 | ||
| 787032 | 71 | # Moving the apache configuration is not necessary, as Apache reads |
| d58e21 | 72 | # the config files before it moves into the chroot |
| T | 73 | # rm -rf /var/www/etc/apache2 |
| 74 | # mv -f /etc/apache2 /var/www/etc/ | |
| 75 | # ln -s /var/www/etc/apache2 /etc/apache2 | |
| 76 | ||
| 77 | rm -rf /var/www/etc/php5/cgi/ | |
| 78 | mv -f /etc/php5/cgi/ /var/www/etc/php5/ | |
| 79 | ln -s /var/www/etc/php5/cgi /etc/php5/ | |
| 80 | ||
| 81 | rm -rf /var/www/etc/php5/apache2/ | |
| 82 | mv -f /etc/php5/apache2/ /var/www/etc/php5/ | |
| 83 | ln -s /var/www/etc/php5/apache2 /etc/php5/ | |
| 84 | ||
| 85 | ln -s /var/www/var/run/apache2.pid /var/run/apache2.pid | |
| 86 | ||
| 87 | # enable mod_chroot | |
| 88 | ||
| 89 | a2enmod mod_chroot | |
| 90 | echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf | |
| 91 | ||
| 92 | # Start apache | |
| 93 | ||
| 94 | /etc/init.d/apache2 start | |
| 95 | ||
| 96 | # Install ISPConfig | |
| 97 | ||
| 98 | cd /tmp | |
| 99 | wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz | |
| 100 | tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz | |
| 101 | cd ispconfig3_install/install/ | |
| 102 | php -q install.php | |
| 103 | cd /tmp/ | |
| 104 | rm -rf ispconfig3_install | |
| 105 | rm -f ISPConfig-3.0.1.4-beta-2.tar.gz | |
| 106 | ||
| d7ef36 | 107 | # Move the ispconfig interface part to the chroot environment and create a symlink |
| d58e21 | 108 | |
| T | 109 | mkdir /var/www/usr/local/ispconfig |
| 110 | chown ispconfig:ispconfig /var/www/usr/local/ispconfig | |
| 111 | chmod 750 /var/www/usr/local/ispconfig | |
| 112 | mv /usr/local/ispconfig/interface /var/www/usr/local/ispconfig/ | |
| 113 | ln -s /var/www/usr/local/ispconfig/interface /usr/local/ispconfig/interface | |
| 114 | chroot /var/www adduser www-data ispconfig | |
| 115 | ||
| 787032 | 116 | # Create a link for the MySQL socket |
| d58e21 | 117 | |
| T | 118 | ln /var/run/mysqld/mysqld.sock /var/www/var/run/mysqld/mysqld.sock |
| 119 | ||
| 787032 | 120 | # As an alternative to making a hardlink to the MySQL socket, |
| J | 121 | # change the my.cnf file in the chroot to use TCP sockets. |
| 122 | # This is more secure but a bit slower than using the mysqld.sock file. | |
| d58e21 | 123 | |
| 787032 | 124 | # Restart Apache |
| d58e21 | 125 | |
| T | 126 | /etc/init.d/apache2 restart |
| 127 | ||
| 128 | ||
| 129 | ||
