This gonna be a long post and my english isnt so good, so i hope you guys can understand me...
I need say too i`m totally noob on linux world, so if you see something wrong / dangerous on my post, please correct me...
I did this on an new single fresh server runing Debian 6 x64.
Yeah, finally i finish my long journey testing many stuff as enduser!! (more then 20 days working on those tests, researching on google about right packages, security, etc...)
Because i wanna start sell host services for some friends, and if my pc handle, for more people too
Then i was thinking with myself:
If i try sell host services i will need provide some kind of support, and since i`m noob, this could be an problem... This would make me spend many days searching the solutions and sometimes without can test in the real server (there real clients).
So before start sell something i tried test as enduser, i have installed all php stuff from those lists:
But, only for see the web behavior, i need learn how e-mails work for get the right paramenters on my tests (dindt setup any program to send / receive e-mail), but one thing per time...
So while i was installing the stuff, i see lot of warnings about extensions not avaliable, about configs on php variables, permissions, etc...
I changed some of those settings after research on google, my researchs probaly arent good since i`m noob on linux, so, be free to point any error on the stuff i did.
There some situations where one software requires one thing enable, and other requires samething disable, on this scenario i keep disabled if my researchs point to me it would be hacked if i turn on, in other side, if is safe keep on or off, i wrote how many softwares requires the stuff on and off, then i seted for more compatibility, i mean for get more softwares up.
Moslty of the listed packages are default from debian repository, i think the reason for debian have so many software outdate is be sure the stuff is safe, so thinking this way, i dont see any problem on install all defaults packages i will list.
Maybe except for the stuff requerid for Horde Groupware for example, or in other words, the stuff using pear / pecl comand, you guys will noticed many of those stuff arent stable, intead this are release candidate version or beta, if you use horde you have all this stuff already installed...
Install all the listed packages will let your clients use photologs for example, and this can use may resources from your server, so, if you dont wanna enable the options for all your users have everything already enable, ignore this post.
By the way, if you think like me, enable all this stuff would save a lot of time from support requests to enable this stuff by all client requests, this post is for you (once more time, do an research for see if safe)
I need ask for apoligies for dont list in an step-by-step with details (for what software the package is being installed, for what software the .ini are be made, etc...), but i wrote the stuff in an paper while i was testing ISPConfig using VMWare, doing snapshots and restoring in last 2 months, so i can write here some packages names wrong also, if u see something like this please, say the correct name.
Before continue, i would love know if would be better install all this stuff before run ISPConfig install script, or after, or doesnt matter.
Jailkit error (i hate warns on log then i try set all)
echo "" > /home/dev/log
Remove some # from the example and set like this:
base = 0124
peak = 10240
interval = 2.0
Add in the end this:
$cfg['SuhosinDisableWarning'] = 'true';
Now Suhosin Settings
Uncomment lines and Set this values:
suhosin.sql.bailout_on_error = off
suhosin.session.encrypt = off
suhosin.get.max_value_length = 1024
suhosin.post.max_array_index_length = 256
suhosin.post.max_totalname_length = 8192
suhosin.post.max_vars = 2048
suhosin.request.max_array_index_length = 256
suhosin.request.max_totalname_length = 8192
suhosin.request.max_vars = 2048
Note: If i remember right, suhosin settings listed are for phpmyadmin and roundcube mail... The phpmyadmin manuals have lot of stuff explaining how to increase the server security, worth read and do the settings...
Now the long list of install:
Note: I dindt installed all in one time, installed one pack, setted stuff, then did lot of tests, installed other pack and repeat...
I`m wroting all list in one comand for easy ctrl-c ctrl-v, but if you get any problem with conflicts, please let me know.
Many packages from this step are dependencies for other step, or setup, if you skip something, gonna get errors...
Answer NO to JACK02 Question.
apt-get -y install php5-curl zip php5-xmlrpc curl libcurl3 php5-xsl gawk openjdk-6-jre php5-intl php5-memcache imagemagick libjpeg-progs librmagick-ruby libgraphicsmagick3 libgraphicsmagick++3 perlmagick diffutils php5-dev php-pear apache2-prefork-dev php5-sasl php5-ldap libssh2-php libssh2-1-dev libidn11-dev php5-memcached php-http php5-tidy php5-geoip ploticus highlight libtiff-dev libjpeg-dev libjpeg62-dev libxml2-dev libmhash-dev libxft2 libxft-dev dcraw hp2xx gnuplot graphviz html2ps mpeg2dec radiance libtiff4 libtiff-tools libwmf0.2-7 libwmf-bin zlib1g zlib-bin graphicsmagick libmagickwand-dev libmagickcore-dev moreutils composite libpam0g-dev libreadline6-dev libreadline-dev libxslt1.1 docbook-xml docbook-xsl w3m-el fop cracklib-runtime libtirpc1 locales-all exif ffmpeg flvtool2 antiword popplerutils php5-sqlite libytnef0 tnef libphp-jpgraph libwbxml2-dev libwbxml2-utils libwbxml2-0 php5-pspell libpspell-dev libdjvulibre-dev libwmf-dev
Those 2 are special:
(For non-brazilian you can ignore the second aspell, in fact dunno why there an -br and pt-br)
apt-get -y install aspell-br aspell-pt-br fortunes-br
Exchange -br for your country, i have used aspell-br and fortunes-br because i`m Brazilian...
Now the pear / pecl installs
Note: If i remember right those are for groupoffice and horde.
pear upgrade -all
pear install -a MySQL
pear install -a MySQLi
pear install -a PHPUnit
pear install -a HTTP_WebDAV_Server-1.0.0RC7
pear install -a Net_IMAP
pear install -a Net_Sieve
pear install -a Auth_SASL2-0.1.0
pear install -a XML_Feed_Parser-1.0.5
pear install -a channel://pear.php.net/HTTP_Request2
pear install -a channel://pear.php.net/SOAP-0.13.0
pear install -a channel://pear.php.net/Text_CAPTCHA-0.4.3
pear install -a channel://pear.php.net/Numbers_Words-0.16.4
pear install -a channel://pear.php.net/XML_Serializer-0.20.2
pear install -a channel://pear.php.net/Console_Color2-0.1.1
pear install -a channel://pear.php.net/File_Fstab-2.0.3
pear install -a channel://pear.php.net/Date_Holidays-0.21.6
pear upgrade -all
On those i just hit enter for default values
Note: There an bug with lzf so we gonna fix it:
pecl uninstall lzf
pecl install lzf
pecl install -a channel://pecl.php.net/idn-0.2.0
pecl install -a channel://pecl.php.net/ssh2-0.11.3
pecl install -a imagick
pecl install -a pam
pecl install -a apc
echo extension=imagick.so > /etc/php5/conf.d/imagick.ini
echo extension=lzf.so > /etc/php5/conf.d/lzf.ini
echo extension=pam.so > /etc/php5/conf.d/pam.ini
echo extension=apc.so > /etc/php5/conf.d/apc.ini
Setting php.ini on /etc/php5/apache2 /etc/php5/cgi /etc/php5/cli
session.gc_probality = 1
session.gc_divisor = 10000
max_execution_time = 60
post_max_size = 64M
upload_max_filesize = 64
register_globals = OFF
allow_url_fopen = ON
expose_php = 0
output_buffering = 4096
Next two, you need set for you country, the example is for my country Brazil:
intl.default_locale = (LC_ALL, 'pt_BR')
date.timezone = "America/Sao_Paulo"
This value is special, you ONLY can set it on /etc/php5/apache2/php.ini and /etc/php5/cgi/php.ini.
Be sure /etc/php5/cli/php.ini have the value -1, or you gonna bug your pear / pecl commands...
This big line you need enter in ISPConfig Control pannel
Click Server Configuration
Click on your server
Click on Web
On Websites symlinks add this:
Install Zend Framework and Ioncube also
And dont forget set APC or all your runings domains will become VERY SLOW (default is 32M of cache shared for all domains) , check php site for the paramenters...
This is all i can find on my notes.
I hope this in somehow would help people save they time, i spend more then 20 days testing all stuff, researching dependencies, learning how to configure, etc...
But i`m just beginner, now i gonna focus on other things to get my server up and working nice
Once more time, i`m noob, probaly something here would compromisse your server, i`m testing this in an new fresh install, this cant work for your runing server...
And I`m using Debian 6 x64
Some wierd behaviors:
Typo3 you need edit the /tlib/config_default.php and set im_combine_filname => 'composite'
phpbb is the only one which cant detect imagemagick on this setup (my guess is wrong name for composite like typo3 above, but i dindt found where to edit)... All others detected and worked fine... If you know why please tell us...
Resource Space dindt work, i set 12 GB RAM for the VPS and Resource Space still not loading, in my oppinion the software is made for be so heavy for noone try host and pay for then...
My next tests gonna be get the mail system working without any error / warn and try understand how webdav works