| | |
| | | Installation
|
| | | -----------
|
| | |
|
| | | # It is recommended to use a clean (fresh) Debian lenny install where you just selected "Standard System" as the package selection during
|
| | | # setup. Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as texteditor, but you ofcourse
|
| | | # you can use whatever you prefer. You should be root for doing all of this.
|
| | |
|
| | |
|
| | | # Check we have Fully Qualified Domain Name
|
| | |
|
| | | /bin/hostname
|
| | |
|
| | | # it should return something like "ispconfig.example.com"
|
| | | # if not, then we assign a hostname (for example ispconfig):
|
| | |
|
| | | echo ispconfig.example.com > /etc/hostname
|
| | |
|
| | | vi /etc/hosts
|
| | |
|
| | | # and add lines similar but appropriate:
|
| | |
|
| | | 127.0.0.1 localhost.localdomain localhost
|
| | | 192.168.0.100 ispconfig.example.com ispconfig
|
| | |
|
| | |
|
| | |
|
| | | # Some optional choices
|
| | |
|
| | | opt0.1) Optionally install SSH-server to get remote shell
|
| | |
|
| | | apt-get install ssh openssh-server
|
| | |
|
| | | opt0.2) Optionally if you are not running in virtual machine you can set server clocksync via NTP. Virtual quests get this from the host.
|
| | |
|
| | | apt-get install ntp ntpdate
|
| | |
|
| | |
|
| | |
|
| | | # Next is the real deal
|
| | |
|
| | | 1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils with the following command line (on one line!):
|
| | |
|
| | | apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4 rkhunter binutils
|
| | |
|
| | | # Answer the questions from the package manager as follows.
|
| | |
|
| | | Create directories for web-based administration ? <-- No
|
| | | General type of configuration? <-- Internet site
|
| | | Mail name? <-- server1.mydomain.tld
|
| | | SSL certificate required <-- Ok
|
| | |
|
| | | # ...use your own domain name of course ;)
|
| | |
|
| | |
|
| | |
|
| | | # Edit the file /etc/mysql/my.cnf
|
| | |
|
| | | vi /etc/mysql/my.cnf
|
| | |
|
| | | # and comment out the line
|
| | |
|
| | | bind-address = 127.0.0.1
|
| | |
|
| | | # then restart mysql
|
| | |
|
| | | /etc/init.d/mysql restart
|
| | |
|
| | | 2) Install Amavisd-new, Spamassassin and Clamav (1 line!):
|
| | |
|
| | | apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl
|
| | |
|
| | |
|
| | |
|
| | | 3) Install apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
|
| | |
|
| | | apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
|
| | |
|
| | |
|
| | | # When phpMyAdmin is asking weather to configure itself automatically, select "Apache2"
|
| | |
|
| | | # Then run the following to enable the Apache modules suexec, rewrite and ssl:
|
| | |
|
| | | a2enmod suexec rewrite ssl actions include
|
| | |
|
| | | # Secure phpMyAdmin by deleting setuppassword-file
|
| | | # and removing/commenting Setup Authorization from apache.conf
|
| | |
|
| | | rm /etc/phpmyadmin/htpasswd.setup
|
| | |
|
| | | vi /etc/phpmyadmin/apache.conf
|
| | |
|
| | | # delete/comment following lines (between the ----- lines):
|
| | | ------------------------------------------------------
|
| | | # Authorize for setup
|
| | | <Files setup.php>
|
| | | # For Apache 1.3 and 2.0
|
| | | <IfModule mod_auth.c>
|
| | | AuthType Basic
|
| | | AuthName "phpMyAdmin Setup"
|
| | | AuthUserFile /etc/phpmyadmin/htpasswd.setup
|
| | | </IfModule>
|
| | | # For Apache 2.2
|
| | | <IfModule mod_authn_file.c>
|
| | | AuthType Basic
|
| | | AuthName "phpMyAdmin Setup"
|
| | | AuthUserFile /etc/phpmyadmin/htpasswd.setup
|
| | | </IfModule>
|
| | | Require valid-user
|
| | | </Files>
|
| | | ------------------------------------------------------
|
| | |
|
| | | # restart apache before continuing
|
| | |
|
| | | /etc/init.d/apache2 restart
|
| | | |
| | |
|
| | | 4) Install pure-ftpd and quota
|
| | |
|
| | | apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool
|
| | |
|
| | | # Edit the file /etc/default/pure-ftpd-common to change the start mode from "inetd" to "standalone"
|
| | | and set VIRTUALCHROOT=true
|
| | |
|
| | | vi /etc/default/pure-ftpd-common
|
| | |
|
| | | # Edit the file /etc/inetd.conf to prevent inetd from trying to start ftp.
|
| | | # To do this, comment line starting like "ftp stream tcp" by adding "#"-sign in front of the line.
|
| | |
|
| | | vi /etc/inetd.conf
|
| | |
|
| | | # Then execute:
|
| | |
|
| | | /etc/init.d/openbsd-inetd restart
|
| | |
|
| | |
|
| | | # Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to the partition with the mount point /):
|
| | |
|
| | | vi /etc/fstab
|
| | |
|
| | | ----------------------------------------------------------------------------------------------
|
| | | # /etc/fstab: static file system information.
|
| | | #
|
| | | # <file system> <mount point> <type> <options> <dump> <pass>
|
| | | proc /proc proc defaults 0 0
|
| | | /dev/sda1 / ext3 errors=remount-ro,usrquota,grpquota 0 1
|
| | | /dev/sda5 none swap sw 0 0
|
| | | /dev/hda /media/cdrom0 udf,iso9660 user,noauto 0 0
|
| | | /dev/fd0 /media/floppy0 auto rw,user,noauto 0 0
|
| | | ----------------------------------------------------------------------------------------------
|
| | |
|
| | | # To enable quota, run these commands:
|
| | |
|
| | | touch /quota.user /quota.group
|
| | | chmod 600 /quota.*
|
| | | mount -o remount /
|
| | | quotacheck -avugm
|
| | | quotaon -avug
|
| | |
|
| | |
|
| | | 5) Install mydns
|
| | |
|
| | | apt-get install g++ libc6 gcc gawk make texinfo libmysqlclient15-dev
|
| | |
|
| | | cd /tmp
|
| | | wget http://heanet.dl.sourceforge.net/sourceforge/mydns-ng/mydns-1.2.8.25.tar.gz
|
| | | tar xvfz mydns-1.2.8.25.tar.gz
|
| | | cd mydns-1.2.8
|
| | | ./configure
|
| | | make
|
| | | make install
|
| | |
|
| | | # Now create the start / stop script for mydns:
|
| | |
|
| | | vi /etc/init.d/mydns
|
| | |
|
| | | # and enter the following lines (between the ----- lines):
|
| | |
|
| | | ------------------------------------------------------
|
| | | #! /bin/sh
|
| | | #
|
| | | # mydns Start the MyDNS server
|
| | | #
|
| | | # Author: Philipp Kern <phil@philkern.de>.
|
| | | # Based upon skeleton 1.9.4 by Miquel van Smoorenburg
|
| | | # <miquels@cistron.nl> and Ian Murdock <imurdock@gnu.ai.mit.edu>.
|
| | | #
|
| | |
|
| | | set -e
|
| | |
|
| | | PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
| | | DAEMON=/usr/local/sbin/mydns
|
| | | NAME=mydns
|
| | | DESC="DNS server"
|
| | |
|
| | | SCRIPTNAME=/etc/init.d/$NAME
|
| | |
|
| | | # Gracefully exit if the package has been removed.
|
| | | test -x $DAEMON || exit 0
|
| | |
|
| | | case "$1" in
|
| | | start)
|
| | | echo -n "Starting $DESC: $NAME"
|
| | | start-stop-daemon --start --quiet \
|
| | | --exec $DAEMON -- -b
|
| | | echo "."
|
| | | ;;
|
| | | stop)
|
| | | echo -n "Stopping $DESC: $NAME"
|
| | | start-stop-daemon --stop --oknodo --quiet \
|
| | | --exec $DAEMON
|
| | | echo "."
|
| | | ;;
|
| | | reload|force-reload)
|
| | | echo -n "Reloading $DESC configuration..."
|
| | | start-stop-daemon --stop --signal HUP --quiet \
|
| | | --exec $DAEMON
|
| | | echo "done."
|
| | | ;;
|
| | | restart)
|
| | | echo -n "Restarting $DESC: $NAME"
|
| | | start-stop-daemon --stop --quiet --oknodo \
|
| | | --exec $DAEMON
|
| | | sleep 1
|
| | | start-stop-daemon --start --quiet \
|
| | | --exec $DAEMON -- -b
|
| | | echo "."
|
| | | ;;
|
| | | *)
|
| | | echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
|
| | | exit 1
|
| | | ;;
|
| | | esac
|
| | |
|
| | | exit 0
|
| | | ---------------------------------------------------------------------------
|
| | |
|
| | | # now execute:
|
| | |
|
| | | chmod +x /etc/init.d/mydns
|
| | | update-rc.d mydns defaults
|
| | |
|
| | | 6) Install vlogger and webalizer
|
| | |
|
| | | apt-get install vlogger webalizer
|
| | |
|
| | | 7) Install Jailkit (optional, only needed if you want to use chrroting for SSH users)
|
| | |
|
| | | apt-get install build-essential autoconf automake1.9 libtool flex bison
|
| | | cd /tmp
|
| | | wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz
|
| | | tar xvfz jailkit-2.5.tar.gz
|
| | | cd jailkit-2.5
|
| | | ./configure
|
| | | make
|
| | | make install
|
| | | cd ..
|
| | | rm -rf jailkit-2.5*
|
| | |
|
| | | 8) Install fail2ban (optional but recomended, because the monitor tries to show the log)
|
| | | More info at: http://www.howtoforge.com/fail2ban_debian_etch
|
| | |
|
| | | apt-get install fail2ban
|
| | |
|
| | | 9) Install ISPConfig 3
|
| | |
|
| | | # There are two possile scenarios, but not both:
|
| | | 9.1) Install the latest released version |
| | | 9.2) Install directly from SVN
|
| | |
|
| | | 9.1) Installation of last version from tar.gz
|
| | |
|
| | | cd /tmp
|
| | | wget http://www.ispconfig.org/downloads/ISPConfig-3.0.0.9-rc2.tar.gz
|
| | | tar xvfz ISPConfig-3.0.0.9-rc2.tar.gz
|
| | | cd ispconfig3_install/install/
|
| | |
|
| | | 9.2) Installation from SVN
|
| | |
|
| | | apt-get install subversion
|
| | | cd /tmp
|
| | | svn export svn://svn.ispconfig.org/ispconfig3/trunk/
|
| | | cd trunk/install
|
| | |
|
| | |
|
| | | 9.1+9.2) Now proceed with the ISPConfig installation.
|
| | |
|
| | | # Now start the installation process by executing:
|
| | |
|
| | | php -q install.php
|
| | |
|
| | | # The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
|
| | |
|
| | | http://192.168.0.100:8080/
|
| | |
|
| | | # the default login is:
|
| | |
|
| | | user: admin
|
| | | password: admin
|
| | |
|
| | | # In case you get a permission denied error from apache, please restart the apache webserver process.
|
| | |
|
| | |
|
| | |
|
| | | ----------------------------------------------------------------------------------------------------------
|
| | | Optional:
|
| | |
|
| | | Install a webbased Email Client
|
| | |
|
| | | apt-get install squirrelmail
|
| | | ln -s /usr/share/squirrelmail/ /var/www/webmail
|
| | |
|
| | | Access squirrelmail:
|
| | |
|
| | | http://192.168.0.100/webmail
|
| | |
|
| | |
|
| | | To configure squirrelmail, run:
|
| | |
|
| | | /usr/sbin/squirrelmail-configure
|
| | |
|
| | | ----------------------------------------------------------------------------------------------------------
|
| | |
|
| | | Hints:
|
| | |
|
| | | debian 5.0 under openvz:
|
| | |
|
| | | VPSID=101
|
| | | for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE
|
| | | do
|
| | | vzctl set $VPSID --capability ${CAP}:on --save
|
| | | done
|
| | |
|
| | | ----------------------------------------------------------------------------------------------------------
|
| | |
|
| | |
|
| | | Optional recommended packages:
|
| | |
|
| | | denyhosts - a utility to help sys admins thwart ssh crackers
|
| | | rsync - fast remote file copy program (for backup)
|
| | |
|
| | | -----------------------------------------------------------------------------------------------------------
|
| | |
|
| | | Possible errors and their solutions
|
| | | ------------------------------------
|
| | |
|
| | | pureftpd login does not work. Take a look at the syslog, if you find an error message like this:
|
| | | Mar 24 16:26:28 ispconfig pure-ftpd: (?@?) [ERROR] Sorry, invalid address given
|
| | |
|
| | | then pureftpd is not able to resolve the hostname. Name resolving can be disabled with these commands:
|
| | |
|
| | | echo 'yes' > /etc/pure-ftpd/conf/DontResolve
|
| | | /etc/init.d/pure-ftpd-mysql restart
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | | Installation |
| | | ----------- |
| | | |
| | | # It is recommended to use a clean (fresh) Debian lenny install where you just selected "Standard System" as the package selection during |
| | | # setup. Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as texteditor, but you ofcourse |
| | | # you can use whatever you prefer. You should be root for doing all of this. |
| | | |
| | | |
| | | # Check we have Fully Qualified Domain Name |
| | | |
| | | /bin/hostname |
| | | |
| | | # it should return something like "ispconfig.example.com" |
| | | # if not, then we assign a hostname (for example ispconfig): |
| | | |
| | | echo ispconfig.example.com > /etc/hostname |
| | | |
| | | vi /etc/hosts |
| | | |
| | | # and add lines similar but appropriate: |
| | | |
| | | 127.0.0.1 localhost.localdomain localhost |
| | | 192.168.0.100 ispconfig.example.com ispconfig |
| | | |
| | | |
| | | |
| | | # Some optional choices |
| | | |
| | | opt0.1) Optionally install SSH-server to get remote shell |
| | | |
| | | apt-get install ssh openssh-server |
| | | |
| | | opt0.2) Optionally if you are not running in virtual machine you can set server clocksync via NTP. Virtual quests get this from the host. |
| | | |
| | | apt-get install ntp ntpdate |
| | | |
| | | |
| | | |
| | | # Next is the real deal |
| | | |
| | | 1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils with the following command line (on one line!): |
| | | |
| | | apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4 rkhunter binutils |
| | | |
| | | # Answer the questions from the package manager as follows. |
| | | |
| | | Create directories for web-based administration ? <-- No |
| | | General type of configuration? <-- Internet site |
| | | Mail name? <-- server1.mydomain.tld |
| | | SSL certificate required <-- Ok |
| | | |
| | | # ...use your own domain name of course ;) |
| | | |
| | | |
| | | |
| | | # Edit the file /etc/mysql/my.cnf |
| | | |
| | | vi /etc/mysql/my.cnf |
| | | |
| | | # and comment out the line |
| | | |
| | | bind-address = 127.0.0.1 |
| | | |
| | | # then restart mysql |
| | | |
| | | /etc/init.d/mysql restart |
| | | |
| | | 2) Install Amavisd-new, Spamassassin and Clamav (1 line!): |
| | | |
| | | apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl |
| | | |
| | | |
| | | |
| | | 3) Install apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!): |
| | | |
| | | apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby |
| | | |
| | | |
| | | # When phpMyAdmin is asking weather to configure itself automatically, select "Apache2" |
| | | |
| | | # Then run the following to enable the Apache modules suexec, rewrite and ssl: |
| | | |
| | | a2enmod suexec rewrite ssl actions include |
| | | |
| | | # Secure phpMyAdmin by deleting setuppassword-file |
| | | # and removing/commenting Setup Authorization from apache.conf |
| | | |
| | | rm /etc/phpmyadmin/htpasswd.setup |
| | | |
| | | vi /etc/phpmyadmin/apache.conf |
| | | |
| | | # delete/comment following lines (between the ----- lines): |
| | | ------------------------------------------------------ |
| | | # Authorize for setup |
| | | <Files setup.php> |
| | | # For Apache 1.3 and 2.0 |
| | | <IfModule mod_auth.c> |
| | | AuthType Basic |
| | | AuthName "phpMyAdmin Setup" |
| | | AuthUserFile /etc/phpmyadmin/htpasswd.setup |
| | | </IfModule> |
| | | # For Apache 2.2 |
| | | <IfModule mod_authn_file.c> |
| | | AuthType Basic |
| | | AuthName "phpMyAdmin Setup" |
| | | AuthUserFile /etc/phpmyadmin/htpasswd.setup |
| | | </IfModule> |
| | | Require valid-user |
| | | </Files> |
| | | ------------------------------------------------------ |
| | | |
| | | # restart apache before continuing |
| | | |
| | | /etc/init.d/apache2 restart |
| | | |
| | | |
| | | 4) Install pure-ftpd and quota |
| | | |
| | | apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool |
| | | |
| | | # Edit the file /etc/default/pure-ftpd-common to change the start mode from "inetd" to "standalone" |
| | | and set VIRTUALCHROOT=true |
| | | |
| | | vi /etc/default/pure-ftpd-common |
| | | |
| | | # Edit the file /etc/inetd.conf to prevent inetd from trying to start ftp. |
| | | # To do this, comment line starting like "ftp stream tcp" by adding "#"-sign in front of the line. |
| | | |
| | | vi /etc/inetd.conf |
| | | |
| | | # Then execute: |
| | | |
| | | /etc/init.d/openbsd-inetd restart |
| | | |
| | | # Some additional settings for pureftpd |
| | | |
| | | echo 'yes' > /etc/pure-ftpd/conf/DontResolve |
| | | |
| | | # Enable TLS in pureftpd |
| | | echo 1 > /etc/pure-ftpd/conf/TLS |
| | | mkdir -p /etc/ssl/private/ |
| | | openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem |
| | | chmod 600 /etc/ssl/private/pure-ftpd.pem |
| | | |
| | | |
| | | # Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to the partition with the mount point /): |
| | | |
| | | vi /etc/fstab |
| | | |
| | | ---------------------------------------------------------------------------------------------- |
| | | # /etc/fstab: static file system information. |
| | | # |
| | | # <file system> <mount point> <type> <options> <dump> <pass> |
| | | proc /proc proc defaults 0 0 |
| | | /dev/sda1 / ext3 errors=remount-ro,usrquota,grpquota 0 1 |
| | | /dev/sda5 none swap sw 0 0 |
| | | /dev/hda /media/cdrom0 udf,iso9660 user,noauto 0 0 |
| | | /dev/fd0 /media/floppy0 auto rw,user,noauto 0 0 |
| | | ---------------------------------------------------------------------------------------------- |
| | | |
| | | # To enable quota, run these commands: |
| | | |
| | | touch /quota.user /quota.group |
| | | chmod 600 /quota.* |
| | | mount -o remount / |
| | | quotacheck -avugm |
| | | quotaon -avug |
| | | |
| | | |
| | | 5) Install mydns |
| | | |
| | | apt-get install g++ libc6 gcc gawk make texinfo libmysqlclient15-dev |
| | | |
| | | cd /tmp |
| | | wget http://heanet.dl.sourceforge.net/sourceforge/mydns-ng/mydns-1.2.8.25.tar.gz |
| | | tar xvfz mydns-1.2.8.25.tar.gz |
| | | cd mydns-1.2.8 |
| | | ./configure |
| | | make |
| | | make install |
| | | |
| | | # Now create the start / stop script for mydns: |
| | | |
| | | vi /etc/init.d/mydns |
| | | |
| | | # and enter the following lines (between the ----- lines): |
| | | |
| | | ------------------------------------------------------ |
| | | #! /bin/sh |
| | | # |
| | | # mydns Start the MyDNS server |
| | | # |
| | | # Author: Philipp Kern <phil@philkern.de>. |
| | | # Based upon skeleton 1.9.4 by Miquel van Smoorenburg |
| | | # <miquels@cistron.nl> and Ian Murdock <imurdock@gnu.ai.mit.edu>. |
| | | # |
| | | |
| | | set -e |
| | | |
| | | PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin |
| | | DAEMON=/usr/local/sbin/mydns |
| | | NAME=mydns |
| | | DESC="DNS server" |
| | | |
| | | SCRIPTNAME=/etc/init.d/$NAME |
| | | |
| | | # Gracefully exit if the package has been removed. |
| | | test -x $DAEMON || exit 0 |
| | | |
| | | case "$1" in |
| | | start) |
| | | echo -n "Starting $DESC: $NAME" |
| | | start-stop-daemon --start --quiet \ |
| | | --exec $DAEMON -- -b |
| | | echo "." |
| | | ;; |
| | | stop) |
| | | echo -n "Stopping $DESC: $NAME" |
| | | start-stop-daemon --stop --oknodo --quiet \ |
| | | --exec $DAEMON |
| | | echo "." |
| | | ;; |
| | | reload|force-reload) |
| | | echo -n "Reloading $DESC configuration..." |
| | | start-stop-daemon --stop --signal HUP --quiet \ |
| | | --exec $DAEMON |
| | | echo "done." |
| | | ;; |
| | | restart) |
| | | echo -n "Restarting $DESC: $NAME" |
| | | start-stop-daemon --stop --quiet --oknodo \ |
| | | --exec $DAEMON |
| | | sleep 1 |
| | | start-stop-daemon --start --quiet \ |
| | | --exec $DAEMON -- -b |
| | | echo "." |
| | | ;; |
| | | *) |
| | | echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 |
| | | exit 1 |
| | | ;; |
| | | esac |
| | | |
| | | exit 0 |
| | | --------------------------------------------------------------------------- |
| | | |
| | | # now execute: |
| | | |
| | | chmod +x /etc/init.d/mydns |
| | | update-rc.d mydns defaults |
| | | |
| | | 6) Install vlogger and webalizer |
| | | |
| | | apt-get install vlogger webalizer |
| | | |
| | | Change the following line in /etc/webalizer.conf from |
| | | |
| | | #Incremental no |
| | | |
| | | to |
| | | |
| | | Incremental yes |
| | | |
| | | 7) Install Jailkit (optional, only needed if you want to use chrroting for SSH users) |
| | | |
| | | apt-get install build-essential autoconf automake1.9 libtool flex bison |
| | | cd /tmp |
| | | wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz |
| | | tar xvfz jailkit-2.5.tar.gz |
| | | cd jailkit-2.5 |
| | | ./configure |
| | | make |
| | | make install |
| | | cd .. |
| | | rm -rf jailkit-2.5* |
| | | |
| | | 8) Install fail2ban (optional but recomended, because the monitor tries to show the log) |
| | | More info at: http://www.howtoforge.com/fail2ban_debian_etch |
| | | |
| | | apt-get install fail2ban |
| | | |
| | | 9) Install ISPConfig 3 |
| | | |
| | | # There are two possile scenarios, but not both: |
| | | 9.1) Install the latest released version |
| | | 9.2) Install directly from SVN |
| | | |
| | | 9.1) Installation of last version from tar.gz |
| | | |
| | | cd /tmp |
| | | wget http://www.ispconfig.org/downloads/ISPConfig-3.0.0.9-rc2.tar.gz |
| | | tar xvfz ISPConfig-3.0.0.9-rc2.tar.gz |
| | | cd ispconfig3_install/install/ |
| | | |
| | | 9.2) Installation from SVN |
| | | |
| | | apt-get install subversion |
| | | cd /tmp |
| | | svn export svn://svn.ispconfig.org/ispconfig3/trunk/ |
| | | cd trunk/install |
| | | |
| | | |
| | | 9.1+9.2) Now proceed with the ISPConfig installation. |
| | | |
| | | # Now start the installation process by executing: |
| | | |
| | | php -q install.php |
| | | |
| | | # The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!): |
| | | |
| | | http://192.168.0.100:8080/ |
| | | |
| | | # the default login is: |
| | | |
| | | user: admin |
| | | password: admin |
| | | |
| | | # In case you get a permission denied error from apache, please restart the apache webserver process. |
| | | |
| | | |
| | | |
| | | ---------------------------------------------------------------------------------------------------------- |
| | | Optional: |
| | | |
| | | Install a webbased Email Client |
| | | |
| | | apt-get install squirrelmail |
| | | ln -s /usr/share/squirrelmail/ /var/www/webmail |
| | | |
| | | Access squirrelmail: |
| | | |
| | | http://192.168.0.100/webmail |
| | | |
| | | |
| | | To configure squirrelmail, run: |
| | | |
| | | /usr/sbin/squirrelmail-configure |
| | | |
| | | ---------------------------------------------------------------------------------------------------------- |
| | | |
| | | Hints: |
| | | |
| | | debian 5.0 under openvz: |
| | | |
| | | VPSID=101 |
| | | for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE |
| | | do |
| | | vzctl set $VPSID --capability ${CAP}:on --save |
| | | done |
| | | |
| | | ---------------------------------------------------------------------------------------------------------- |
| | | |
| | | |
| | | Optional recommended packages: |
| | | |
| | | denyhosts - a utility to help sys admins thwart ssh crackers |
| | | rsync - fast remote file copy program (for backup) |
| | | |
| | | ----------------------------------------------------------------------------------------------------------- |
| | | |
| | | Possible errors and their solutions |
| | | ------------------------------------ |
| | | |
| | | pureftpd login does not work. Take a look at the syslog, if you find an error message like this: |
| | | Mar 24 16:26:28 ispconfig pure-ftpd: (?@?) [ERROR] Sorry, invalid address given |
| | | |
| | | then pureftpd is not able to resolve the hostname. Name resolving can be disabled with these commands: |
| | | |
| | | echo 'yes' > /etc/pure-ftpd/conf/DontResolve |
| | | /etc/init.d/pure-ftpd-mysql restart |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |