|
|
Setting up a chrooted ispconfig 3 installation
|
--------------------------------------------------------------------
|
|
# Follow the steps 1 - 8 of the INSTALL_DEBIAN_5.0 Guide, then proceed
|
# with the steps below.
|
#
|
# This guide is experimental as there are a few cahnges nescessary in
|
# ispconfig to get it workin. These changes will be part of ISPConfig 3.0.2
|
|
# Install packages
|
|
apt-get install debootstrap libapache2-mod-chroot
|
|
# Create the chroot enviroment
|
|
debootstrap lenny /var/www/ ftp://ftp.fr.debian.org/debian/
|
|
# Add mountpoints for the chroot env into the fstab file.
|
|
echo "/proc /var/www/proc proc defaults 0 0">>/etc/fstab
|
echo "devpts /var/www/dev/pts devpts defaults 0 0">>/etc/fstab
|
|
# mount the filesystems
|
|
mount -a
|
|
# add a default chroot dir for all users of the sshusers group.
|
|
echo "@sshusers - chroot /var/www/">>/etc/security/limits.conf
|
|
# copy passwd and group files to the chroot env.
|
|
cp -rf /etc/apt /etc/passwd /etc/group /var/www/etc/ # Cleaning unecesary users and groups
|
|
# Create symlinks.
|
|
cd /var/www/var/
|
rm -rf /var/www/var/www
|
ln -s / www
|
|
# Enter the chroot
|
|
chroot /var/www
|
|
# Update files in the chroot enviroment and install some packages.
|
# You can ignore warnings about locales, we will fix them in the next step.
|
|
apt-get update
|
apt-get install fakeroot --force-yes -y
|
apt-get install locales
|
|
# Reconfigure locales. Select e.g the en_US* locales.
|
|
dpkg-reconfigure locales
|
|
# run a dist upgarde.
|
|
fakeroot apt-get dist-upgrade
|
|
# Install apache and php in the chroot enviroment
|
|
apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
|
/etc/init.d/apache2 stop
|
|
# Exit the chroot
|
|
exit
|
|
# Moving the apache configuration is not nescessary, as apache reads
|
# the config files before it moves into the chroot
|
# rm -rf /var/www/etc/apache2
|
# mv -f /etc/apache2 /var/www/etc/
|
# ln -s /var/www/etc/apache2 /etc/apache2
|
|
rm -rf /var/www/etc/php5/cgi/
|
mv -f /etc/php5/cgi/ /var/www/etc/php5/
|
ln -s /var/www/etc/php5/cgi /etc/php5/
|
|
rm -rf /var/www/etc/php5/apache2/
|
mv -f /etc/php5/apache2/ /var/www/etc/php5/
|
ln -s /var/www/etc/php5/apache2 /etc/php5/
|
|
ln -s /var/www/var/run/apache2.pid /var/run/apache2.pid
|
|
# enable mod_chroot
|
|
a2enmod mod_chroot
|
echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf
|
|
# Start apache
|
|
/etc/init.d/apache2 start
|
|
# Install ISPConfig
|
|
cd /tmp
|
wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz
|
tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz
|
cd ispconfig3_install/install/
|
php -q install.php
|
cd /tmp/
|
rm -rf ispconfig3_install
|
rm -f ISPConfig-3.0.1.4-beta-2.tar.gz
|
|
# Move the ispconfig interface part to the chroot enviroment and create a symlink
|
|
mkdir /var/www/usr/local/ispconfig
|
chown ispconfig:ispconfig /var/www/usr/local/ispconfig
|
chmod 750 /var/www/usr/local/ispconfig
|
mv /usr/local/ispconfig/interface /var/www/usr/local/ispconfig/
|
ln -s /var/www/usr/local/ispconfig/interface /usr/local/ispconfig/interface
|
chroot /var/www adduser www-data ispconfig
|
|
# Create a link for the mysql socket.
|
|
ln /var/run/mysqld/mysqld.sock /var/www/var/run/mysqld/mysqld.sock
|
|
# As an alternative to making a hardlink to the mysql socket,
|
# change the my.cnf file in the chroot to use tcp sockets.
|
# This is more secure but a bit slower then using the mysqld.sock file.
|
|
# Restart apache
|
|
/etc/init.d/apache2 restart
|