Debian Lenny дээр ISPConfig 3.0 суулгах алхамууд
Энэ хичээл нь Debian Lenny дээр IPSConfig3-ийг хэрхэн суулгах талаар бэлдсэн байгаа.ISPConfig бол Webhosting control panel ба таньд хэрхэн web browser-р Apahce web server, Postfix mail server,Mysql,MyDNS nameserver,PureFTPD,SpamAssassin,ClamAV болон өшөө илүү их зүйлийг хийх боломжтой.
Энэ хичээлдээ hostname-ийн нэрийг server1.example.com ба IP хаяг нь 192.168.0.100 ба gateway нь 192.168.0.1.
1. Debian Lenny нь OpenSSH-г default-раа суугаагүй байдаг ба та үүнийг суулгахдаа:
apt-get install ssh openssh-server
Одоо та Putty зэрэг remote access-r хэрэглэн өөрийнхөө компьютороос Debian Lenny Server-лүүгээ SSH client-р хандах боломжтой.
2.Хэрвээ та vi editor хэрэглэдэг бол vim-nox(Optional)-г суулгаарай.
Vi editor нь Default-раа зарим нэгэн алдаатай байдаг учир үүнийг засахын тулд vim-nox суулгах хэрэгтэй.Суулгахдаа:
apt-get install vim-nox
3.Сүлжээгээ тохируулах
Debian Lenny суулгац нь автоматаар DHCP server-с сүлжээний тохиргоогоо авахаар тохируулагдсан байдаг. Бид Server-дээ статик-аар IP хаягаа олгох учир nano /etc/network/interfaces-рүү орон IP хаягаа олгоно.(nano-миний хэрэглэдэг text editor)
nano /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
#allow-hotplug eth0
#iface eth0 inet dhcp
auto eth0
iface eth0 inet static
address 192.168.0.100
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
Харин одоо сүлжээгээ restart хийнэ.
/etc/init.d/networking restart
Мөн /etc/hosts-г засварлах хэрэгтэй.
nano /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.0.100 server1.example.com server1
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
echo server1.example.com > /etc/hostname
/etc/init.d/hostname.sh start
4.Debian суулгацаа update хийнэ.
apt-get update
apt package-ийн өгөдлийн санг мөн update хийнэ.
apt-get upgrade
5. Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils суулгах
Доорх 1 коммандын тусламжтайгаар энэ бүгдийг суулгая:
apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4 rkhunter binutils
Суулгаж байх явцад дараах асуултууд гарч ирнэ.
New password for the MySQL “root” user: <– yourrootsqlpassword
Repeat password for the MySQL “root” user: <– yourrootsqlpassword
Create directories for web-based administration? <– No
General type of mail configuration: <– Internet Site
System mail name: <– server1.example.com
SSL certificate required <– Ok
/etc/mysql/my.cnf дотор mysql-ийн тохиргооны файл байрлана.
nano /etc/mysql/my.cnf дотор bind-address=127.0.0.1 гэсэн мөрний өмнөх # тэмдгийг авна.
Ингэснээр бүх интерфэйс дээрээ MySQL-ийг сонсож байхын тулд localhost биш харин 127.0.0.1-р сонсоно. Тохиргоогоо хийж дууссаны дараа MySQL-ээ Restart хийж өгнө.
/etc/init.d/mysql restart
Харин одоо сүлжээгээ идэвхчсэн гэдгээ шалгахдаа: netstat -tap | grep mysql
server1:~# netstat -tap | grep mysql
tcp 0 0 *:mysql *:* LISTEN 6612/mysqld
server1:~#
Суулгацын үед IMAP-SSL болон POP3-SSL-ийн сертифкатууд нь hostname-ээ localhost-р үүсгэсэн байдаг.(Манай хичээлд hostname нь server1.example.com учираас сертифактуудыг устгана)
cd /etc/courier
rm -f /etc/courier/imapd.pem
rm -f /etc/courier/pop3d.pem
Харин одоо шинээр үүсгэхдээ 2 файлыг тодорхойлж өгнө.
CN=localhost-ийг CN=server1.example.com-р солино.
nano /etc/courier/imapd.cnf
[...]
CN=server1.example.com
[...]
vi /etc/courier/pop3d.cnf
[...]
CN=server1.example.com
[...]
Тэгээд сертифактуудаа дахин үүсгэнэ.
mkimapdcert
mkpop3dcert
Courier-IMAP-SSL болон Courier-POP3-SSL-ээ Restart хийнэ.
/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop-ssl restart
6.Amavisd-new, SpamAssassin, болон Clamav-ийг суулгах
apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl
_7.Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, болон mcrypt-ийг суулгах
Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, and mcrypt can be installed as follows:
apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp
Суулгаж байх үед дараах асуултууд гарч ирнэ.
Web server to reconfigure automatically: <– apache2
Энэ нь Apache-ийн suexec,rewrite,ssl, болон actions зэрэг module-уудыг идэвхжүүлдэг.
/etc/phpmyadmin/htpasswd.setup файл нь phpmyadmin-ний нууцлалыг устгадаг
rm -f /etc/phpmyadmin/htpasswd.setup
..ба тохиргооны файл нь /etc/phpmyadmin/apache.conf-д байрлана.
nano /etc/phpmyadmin/apache.conf
[...]
# # Authorize for setup
# <Files setup.php>
# # For Apache 1.3 and 2.0
# <IfModule mod_auth.c>
# AuthType Basic
# AuthName "phpMyAdmin Setup"
# AuthUserFile /etc/phpmyadmin/htpasswd.setup
# </IfModule>
# # For Apache 2.2
# <IfModule mod_authn_file.c>
# AuthType Basic
# AuthName "phpMyAdmin Setup"
# AuthUserFile /etc/phpmyadmin/htpasswd.setup
# </IfModule>
# Require valid-user
# </Files>
[...]
Ингэсний дараа apache-гаа Restart хийнэ.
8.PureFTPd болон Quota-г суулгах
apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool
/etc/default/pure-ftpd-common файлыг засварлана.
nano /etc/default/pure-ftpd-common
…inetd-с standalone-д start mode-г нь өөрчлөн VIRTUALCHROOT=true: болгоно.
[...]
STANDALONE_OR_INETD=standalone
[...]
VIRTUALCHROOT=true
[...]
Inetd-с ftp-г эхлүүлэхийг болиулах ба nano /etc/inetd.conf файл дотрох ftp stream tcp мөрний өмнө # тэмдэг тавина.
[...]
#:STANDARD: These are standard services.
#ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper
[...]
Үүний дараа inetd-ээ Restart хийнэ.
/etc/init.d/openbsd-inetd restart
Мөн PureFTPd-г Restart хийнэ.
/etc/init.d/pure-ftpd-mysql start
/etc/fstab-ийг мөн засварлана.(Би mount point / байгаа partition дээрээ usrquota,grpquota-ийг нэмсэн)
nano /etc/fstab
# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
/dev/sda1 / ext3 errors=remount-ro,usrquota,grpquota 0 1
/dev/sda5 none swap sw 0 0
/dev/hda /media/cdrom0 udf,iso9660 user,noauto 0 0
/dev/fd0 /media/floppy0 auto rw,user,noauto 0 0
Quoto-г дараах коммандуудаар идэвхжүүлнэ.
touch /quota.user /quota.group
chmod 600 /quota.*
mount -o remount /
quotacheck -avugm
quotaon –avug
9. MyDNS суулгах
MyDNS-ийг суулгахаас өмнө дараа зүйлсийг суулгах шаардлагатай.
apt-get install g++ libc6 gcc gawk make texinfo libmysqlclient15-dev
Debian Lenny-д MyDNS нь хадгалагдах газар байдаггүй ба source-р нь шууд татан суулгана.
cd /tmp
wget http://heanet.dl.sourceforge.net/sourceforge/mydns-ng/mydns-1.2.8.25.tar.gz
tar xvfz mydns-1.2.8.25.tar.gz
cd mydns-1.2.8
./configure
make
make install
Үүний дараа MyDNS-ийн start/stop script-үүдийг үүсгэнэ.
nano /etc/init.d/mydns
#! /bin/sh
#
# mydns Start the MyDNS server
#
# Author: Philipp Kern < Энэ и-мэйл хаягийг спамнаас хамгаалж байгаа бөгөөд үзэхийн тулд JavaScript идэвхтэй байх хэрэгтэй. >.
# Based upon skeleton 1.9.4 by Miquel van Smoorenburg
# < Энэ и-мэйл хаягийг спамнаас хамгаалж байгаа бөгөөд үзэхийн тулд JavaScript идэвхтэй байх хэрэгтэй. > and Ian Murdock < Энэ и-мэйл хаягийг спамнаас хамгаалж байгаа бөгөөд үзэхийн тулд JavaScript идэвхтэй байх хэрэгтэй. >.
#
set -e
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/local/sbin/mydns
NAME=mydns
DESC="DNS server"
SCRIPTNAME=/etc/init.d/$NAME
# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
start-stop-daemon --start --quiet \
--exec $DAEMON -- -b
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
start-stop-daemon --stop --oknodo --quiet \
--exec $DAEMON
echo "."
;;
reload|force-reload)
echo -n "Reloading $DESC configuration..."
start-stop-daemon --stop --signal HUP --quiet \
--exec $DAEMON
echo "done."
;;
restart)
echo -n "Restarting $DESC: $NAME"
start-stop-daemon --stop --quiet --oknodo \
--exec $DAEMON
sleep 1
start-stop-daemon --start --quiet \
--exec $DAEMON -- -b
echo "."
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
exit 1
;;
esac
exit 0
chmod +x /etc/init.d/mydns
update-rc.d mydns defaults
10.Vlogger болон Webalizer-г суулгах
apt-get install vlogger webalizer
11.Jailkit суулгах
apt-get install build-essential autoconf automake1.9 libtool flex bison
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz
tar xvfz jailkit-2.5.tar.gz
cd jailkit-2.5
./configure
make
make install
cd ..
rm -rf jailkit-2.5*
12. fail2ban суулгах
apt-get install fail2ban
13. SquirrelMail суулгах
SquirrelMail webmail client-г суулгахдаа
apt-get install squirrelmail
Мөн дараах ижил холбоосуудыг үүсгэнэ.
ln -s /usr/share/squirrelmail/ /var/www/webmail
...squirrelmail-г тохируулая (Courier-IMAP/-POP3-г хэрэглэж байгаа үед дараах байдлаар тохируулж өгнө): squirrelmail-configure
SquirrelMail Configuration : Read: config.php (1.4.0)
———————————————————
Main Menu –
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages
D. Set pre-defined settings for specific IMAP servers
C Turn color on
S Save data
Q Quit
Command >> <– D
SquirrelMail Configuration : Read: config.php
———————————————————
Please select your IMAP server:
bincimap = Binc IMAP server
courier = Courier IMAP server
cyrus = Cyrus IMAP server
dovecot = Dovecot Secure IMAP server
exchange = Microsoft Exchange IMAP server
hmailserver = hMailServer
macosx = Mac OS X Mailserver
mercury32 = Mercury/32
uw = University of Washington’s IMAP server
quit = Do not change anything
Command >> <– courier
Please select your IMAP server:
bincimap = Binc IMAP server
courier = Courier IMAP server
cyrus = Cyrus IMAP server
dovecot = Dovecot Secure IMAP server
exchange = Microsoft Exchange IMAP server
hmailserver = hMailServer
macosx = Mac OS X Mailserver
mercury32 = Mercury/32
uw = University of Washington’s IMAP server
quit = Do not change anything
Command >> courier
imap_server_type = courier
default_folder_prefix = INBOX.
trash_folder = Trash
sent_folder = Sent
draft_folder = Drafts
show_prefix_option = false
default_sub_of_inbox = false
show_contain_subfolders_option = false
optional_delimiter = .
delete_folder = true
Press any key to continue… <– press a key
SquirrelMail Configuration : Read: config.php (1.4.0)
———————————————————
Main Menu –
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages
D. Set pre-defined settings for specific IMAP servers
C Turn color on
S Save data
Q Quit
Command >> <– S
SquirrelMail Configuration : Read: config.php (1.4.0)
———————————————————
Main Menu –
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages
D. Set pre-defined settings for specific IMAP servers
C Turn color on
S Save data
Q Quit
Command >> <– Q
Дараа нь SquirrelMail-рүүгээ хандахдаа http://server1.example.com/webmail эсвэл http://192.168.0.100/webmail:
14.ISPConfig3-г суулгах
cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3.0.0.9-rc2.tar.gz
tar xvfz ISPConfig-3.0.0.9-rc2.tar.gz
cd ispconfig3_install/install/
apt-get install subversion
cd /tmp
svn export svn://svn.ispconfig.org/ispconfig3/trunk/
cd trunk/install
php -q install.php
Ингээд ISPConfig3 installer эхлэнэ.
server1:/tmp/ispconfig3_install/install# php -q install.php
——————————————————————————–
_____ ___________ _____ __ _
|_ _/ ___| ___ \ / __ \ / _(_)
| | \ `–.| |_/ / | / \/ ___ _ __ | |_ _ __ _
| | `–. \ __/ | | / _ \| ’_ \| _| |/ _` |
_| |_/\__/ / | | \__/\ (_) | | | | | | | (_| |
\___/\____/\_| \____/\___/|_| |_|_| |_|\__, |
__/ |
|___/
——————————————————————————–
>> Initial configuration
Operating System: Debian Lenny/Sid or compatible
Following will be a few questions for primary configuration so be careful.
Default values are in [brackets] and can be accepted with <ENTER>.
Tap in ”quit” (without the quotes) to stop the installer.
Select language (en,de) [en]: <– ENTER
Installation mode (standard,expert) [standard]: <– ENTER
Full qualified hostname (FQDN) of the server, eg server1.domain.tld [server1.example.com]: <– ENTER
MySQL server hostname [localhost]: <– ENTER
MySQL root username [root]: <– ENTER
MySQL root password []: <– yourrootsqlpassword
MySQL database to create [dbispconfig]: <– ENTER
MySQL charset [utf8]: <– ENTER
Generating a 2048 bit RSA private key
……………………………………………………………………………………………………+++
……………………………………………………………………………………………+++
writing new private key to ’smtpd.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ’.', the field will be left blank.
—–
Country Name (2 letter code) [AU]: <– ENTER
State or Province Name (full name) [Some-State]: <– ENTER
Locality Name (eg, city) []: <– ENTER
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <– ENTER
Organizational Unit Name (eg, section) []: <– ENTER
Common Name (eg, YOUR name) []: <– ENTER
Email Address []: <– ENTER
Configuring Jailkit
Configuring SASL
Configuring PAM
Configuring Courier
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring Pureftpd
Configuring MyDNS
Configuring Apache
Configuring Firewall
Installing ISPConfig
ISPConfig Port [8080]: <– ENTER
Configuring DBServer
Installing Crontab
no crontab for root
no crontab for getmail
Restarting services …
Stopping MySQL database server: mysqld.
Starting MySQL database server: mysqld.
Checking for corrupt, not cleanly closed and upgrade needing tables..
Stopping Postfix Mail Transport Agent: postfix.
Starting Postfix Mail Transport Agent: postfix.
Stopping SASL Authentication Daemon: saslauthd.
Starting SASL Authentication Daemon: saslauthd.
Stopping amavisd: amavisd-new.
Starting amavisd: amavisd-new.
Stopping ClamAV daemon: clamd.
Starting ClamAV daemon: clamd .
Stopping Courier authentication services: authdaemond.
Starting Courier authentication services: authdaemond.
Stopping Courier IMAP server: imapd.
Starting Courier IMAP server: imapd.
Stopping Courier IMAP-SSL server: imapd-ssl.
Starting Courier IMAP-SSL server: imapd-ssl.
Stopping Courier POP3 server: pop3d.
Starting Courier POP3 server: pop3d.
Stopping Courier POP3-SSL server: pop3d-ssl.
Starting Courier POP3-SSL server: pop3d-ssl.
Restarting web server: apache2 … waiting .
Restarting ftp server: Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql:/etc/pure-ftpd/db/mysql.conf -l pam -E -A -u 1000 -O clf:/var/log/pure-ftpd/transfer.log -b -B
Installation completed.
server1:/tmp/ispconfig3_install/install#
The installer automatically configures all underlying services, so no manual configuration is needed.
Afterwards you can access ISPConfig 3 under http://server1.example.com:8080/ or http://192.168.0.100:8080/. Log in with the username admin and the password admin (you should change the default password after your first login):
The system is now ready to be used.
