Installing A Multiserver Setup With Dedicated Web, Email, DNS And MySQL Database Servers On Debian 5.0 With ISPConfig 3

Want to support HowtoForge? Become a subscriber!
 
Submitted by till (Contact Author) (Forums) on Tue, 2010-08-17 17:11. :: Debian | ISPConfig

Installing A Multiserver Setup With Dedicated Web, Email, DNS And MySQL Database Servers On Debian 5.0 With ISPConfig 3

Version 1.0
Author: Till Brehm <t [dot] brehm [at] projektfarm [dot] com>
Last edited 08/10/2010

This tutorial describes the installation of an ISPConfig 3 multiserver setup with dedicated web, email, database and two DNS servers all managed trough a single ISPConfig 3 control panel. The setup described below uses five servers and can be extended easily to to a higher number of servers by just adding more servers. E.g. if you want to have two mailservers, do the setup steps from chapter 2 on both of these servers. If you want to set up more web servers, then install ISPConfig on all other web servers in expert mode except of the first one.

 

1 Installing The Five Debian Base Systems

In this setup there will be one master server (which runs the web server and ISPConfig control panel interface) and four slave servers for database, email and DNS.

To install the clustered setup, we need five servers (or virtual servers) with a Debian 5.0 minimal install. The base setup is described in the following tutorial in the steps 1 - 6:

http://www.howtoforge.com/perfect-server-debian-lenny-ispconfig3

Install only steps 1 - 6 of the perfect server tutorial and not the other steps as they differ for a clustered setup!

In my example I use the following hostnames and IP addresses for the five servers:

Web Server

Hostname: web.example.tld
IP address: 192.168.0.105

Mail Server

Hostname: mail.example.tld
IP address: 192.168.0.106

DB Server

Hostname: db.example.tld
IP address: 192.168.0.107

DNS Server (primary)

Hostname: ns1.example.tld
IP address: 192.168.0.108

DNS Server (secondary)

Hostname: ns2.example.tld
IP address: 192.168.0.109

Whereever these hostnames or IP addresses occur in the next installation steps you will have to change them to match the IP's and hostnames of your servers.

 

2 Installing The Web Server

Edit the hosts file and add the IP addresses and hostnames for all servers. The hostnames and IP addresses have to be adjusted to match your setup.

vi /etc/hosts

127.0.0.1       localhost
192.168.0.105   web.example.tld
192.168.0.106   mail.example.tld
192.168.0.107   db.example.tld
192.168.0.108   ns1.example.tld
192.168.0.109   ns2.example.tld
 
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

Set the hostname of the server:

echo web.example.tld > /etc/hostname
/etc/init.d/hostname.sh start

Edit the sources.list file...

vi /etc/apt/sources.list

... and ensure that it contains the following line to enable the volatile repository.

deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free

Run...

apt-get update

... to update the apt package database; then run...

apt-get upgrade

... to install the latest updates (if there are any).

It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the Internet. Simply run...

apt-get -y install ntp ntpdate

... and your system time will always be in sync.

Install the MySQL server. A MySQL server instance is necessary on every server as ISPConfig uses it to sync the configuration between the servers.

apt-get -y install mysql-client mysql-server

Enter the new password for MySQL when requested by the installer.

We want MySQL to listen on all interfaces on the master server, not just localhost, therefore we edit /etc/mysql/my.cnf and comment out the line bind-address = 127.0.0.1:

vi /etc/mysql/my.cnf

[...]  
# Instead of skip-networking the default is now to listen only on  
# localhost which is more compatible and is not less secure.  
#bind-address           = 127.0.0.1  
[...]

Then restart MySQL:

/etc/init.d/mysql restart

Now install Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, and mcrypt as follows:

apt-get -y install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-ruby sudo

You will see the following question:

Web server to reconfigure automatically: <-- apache2

Then run the following command to enable the Apache modules suexec, rewrite, ssl, actions, and include:

a2enmod suexec rewrite ssl actions include ruby dav_fs dav auth_digest

PureFTPd and quota can be installed with the following command:

apt-get -y install pure-ftpd-common pure-ftpd-mysql quota quotatool

Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to the partition with the mount point /):

vi /etc/fstab

# /etc/fstab: static file system information.  
#  
# <file system> <mount point>   <type>  <options>       <dump>  <pass>  
proc            /proc           proc    defaults        0       0  
/dev/sda1       /               ext3    errors=remount-ro,usrquota,grpquota 0       1  
/dev/sda5       none            swap    sw              0       0  /dev/hda        
/media/cdrom0   udf,iso9660 user,noauto     0       0  
/dev/fd0        /media/floppy0  auto    rw,user,noauto  0       0

To enable quota, run these commands:

touch /quota.user /quota.group
chmod 600 /quota.*
mount -o remount /

quotacheck -avugm
quotaon -avug

Install vlogger, webalizer, and awstats:

apt-get -y install vlogger webalizer awstats

Install Jailkit: Jailkit is needed only if you want to chroot SSH users. It can be installed as follows (important: Jailkit must be installed before ISPConfig - it cannot be installed afterwards!):

apt-get -y install build-essential autoconf automake1.9 libtool flex bison

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
tar xvfz jailkit-2.11.tar.gz
cd jailkit-2.11
./configure
make
make install
cd ..
rm -rf jailkit-2.11*

Install fail2ban: This is optional but recommended, because the ISPConfig monitor tries to show the log:

apt-get install fail2ban

Next we will install ISPConfig 3. To get the download URL of the latest ISPConfig 3 stable release, please visit the ISPConfig website: http://www.ispconfig.org/ispconfig-3/download/

This server is the master server in our setup which runs the ISPConfig control panel interface. To allow the other MySQL instances to connect to the MySQL database on this node during installation, we have to add MySQL root user records in the master database for every slave server hostname and IP address. The easiest way to do this is to use the web based phpmyadmin administration tool that we installed already. Open the URL http://192.168.0.105/phpmyadmin in a web browser, log in as MySQL root user and execute these MySQL queries:

CREATE USER 'root'@'192.168.0.106' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'192.168.0.106' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

CREATE USER 'root'@'192.168.0.107' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'192.168.0.107' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

CREATE USER 'root'@'192.168.0.108' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'192.168.0.108' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

CREATE USER 'root'@'192.168.0.109' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'192.168.0.109' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

CREATE USER 'root'@'mail.example.tld' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'mail.example.tld' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

CREATE USER 'root'@'db.example.tld' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'db.example.tld' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

CREATE USER 'root'@'ns1.example.tld' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'ns1.example.tld' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

CREATE USER 'root'@'ns2.example.tld' IDENTIFIED BY 'myrootpassword';
GRANT ALL PRIVILEGES ON * . * TO 'root'@'ns2.example.tld' IDENTIFIED BY 'myrootpassword' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

In the above sql commands, replace the IP adresses (192.168.0.106 - 192.168.0.109) with the IP addresses of your servers and replace mail.example.tld, db.example.tld, ns1.example.tld and ns2.example.tld with the hostnames of your servers and myrootpassword with the desired root password.

Click on the reload permissions button or restart MySQL. Then close phpmyadmin.

Go back to the shell of server1.example.tld and download the latest ISPConfig 3 stable release:

cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install/

Then start the install script:

php -q install.php

Select language (en,de) [en]: <-- en
Installation mode (standard,expert) [standard]: <-- expert
Full qualified hostname (FQDN) of the server, eg server2.domain.tld [web.example.tld]: <-- web.example.tld
MySQL server hostname [localhost]: <-- localhost
MySQL root username [root]: <-- root
MySQL root password []: <-- Enter your MySQL root password here
MySQL database to create [dbispconfig]: <-- dbispconfig
MySQL charset [utf8]: <-- utf8
Shall this server join an existing ISPConfig multiserver setup (y,n) [n]: <-- n
Configure Mail (y,n) [y]: <-- n
Configure Jailkit (y,n) [y]: <-- y
Configure FTP Server (y,n) [y]: <-- y
Configure DNS Server (y,n) [y]: <-- n
Configure Apache Server (y,n) [y]: <-- y
Configure Firewall Server (y,n) [y]: <--y
Install ISPConfig Web-Interface (y,n) [y]: <--y
ISPConfig Port [8080]: <-- 8080

Clean up the install directories:

rm -rf /tmp/ispconfig3_install/install
rm -f /tmp/ISPConfig-3-stable.tar.gz


Copyright © 2010 Till Brehm
All Rights Reserved.
add comment | view as pdf view as pdf | print: this | all page(s)
Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
apache2-mpm-prefork
Submitted by Pilgrim (not registered) on Tue, 2011-07-26 07:51.

There is a issue with a apache2-mpm-prefork module on application server and sites applications with smarty, sessions and other functions what are need to write data somewhere to the web directory.

ISPConfig create a virtual hosts with 

# add support for apache mpm_itk
<IfModule mpm_itk_module>
 AssignUserId web1 client1
</IfModule>

by default vhost template.

So you need to uninstall apache2-mpm-prefork and install apache2-mpm-itk module to solve this issue.

reply | view as pdf view as pdf
Re: apache2-mpm-prefork
Submitted by till (registered user) on Thu, 2011-10-06 18:36.
It is not nescessary to install apache2-mpm-itk to solve that. apache2-mpm-prefork works absolutely fine, you just missed to enable the suexec checkbox in the website settings in ispconfig so that the scripts run under the user of the website.
reply | view as pdf view as pdf
Howto integrate webmail with ssl on port 443 ?
Submitted by wolfiedk (registered user) on Wed, 2010-11-24 13:04.

Hello

Is it possible to integrate RoundCoube/Squrrielmail on these servers ? If yes, can I use this guide: http://www.howtoforge.com/roundcube_webmail_ispconfig ??

I have made this setup, but I can´t find the RoundCube under ISPConfig -> System -> Apps & Addons -> Packages. How can I install it ? I want to use www.domain.tld/webmail with ssl on port 443.

 

Please help.

Best regards
WolfieDK

reply | view as pdf view as pdf
IspConfig Cluster Ubuntu
Submitted by mooreh04 (registered user) on Tue, 2010-09-28 00:49.

Will this work for Ubuntu? If so what needs to be done differently? I can't find any other tutorial out there...

reply | view as pdf view as pdf
Re: IspConfig Cluster Ubuntu
Submitted by till (registered user) on Thu, 2011-10-06 18:45.
This should work for Ubuntu too.
reply | view as pdf view as pdf
Can this work on ubuntu?
Submitted by Thomas (not registered) on Tue, 2010-09-07 14:52.
Can this work on ubuntu?
reply | view as pdf view as pdf
Great tutorial, the only
Submitted by Jons web based ftp (not registered) on Sun, 2010-08-29 18:50.
Great tutorial, the only part I adapted was adding a handler for RAR files instead of TAR.
reply | view as pdf view as pdf
SQL Sever part
Submitted by adionne (registered user) on Fri, 2010-08-20 14:41.

When I use  http://192.168.0.105/phpmyadmin (my server is located at a different address) i get a broken link message. Is there a step missing?

reply | view as pdf view as pdf
Re: SQL Sever part
Submitted by s2fit (not registered) on Wed, 2011-08-24 02:35.
when I add a DB for a client, I can't connect to it. and when I try the phpmyadmin link next to the DB in the CP it doesn't load
reply | view as pdf view as pdf
Re: SQL Sever part
Submitted by till (registered user) on Sat, 2010-08-21 14:12.
Replace 192.168.0.105 with the IP address of your master server.
reply | view as pdf view as pdf