Comments on The Perfect Server - Debian 10 (Nginx, BIND, Dovecot, ISPConfig 3.2)
This tutorial shows how to prepare a Debian 10 (Buster) server (with Nginx, BIND, Dovecot) for the installation of ISPConfig, and how to install ISPConfig 3.2. ISPConfig 3 is a web hosting control panel.
58 Comment(s)
Comments
Thanks for this tutorial.
Only one thing, I have a "page not found error" when clicking on "page 2" link.
The tutorial has just one page. I've removed the link now.
Why no rspamd?
The tutorial was written before ISPConfig 3.1.15 was released. We will publish tutorials for Rspamd soon.
ISPConfig 3.1.15 Install indeeds proposes rspamd configuration even if not installed, it seems to work (install + admin panel):
... [WARN] autodetect for Rspamd failed Force configure Rspamd (y,n) [n]: y Configuring Rspamd ...However, I've seen on https://www.howtoforge.com/replacing-amavisd-with-rspamd-in-ispconfig/ that redis is needed as well, so I tried also that approach, and it worked as well.
It does not propose Rspamd configuration, it does the exact opposite, it proposes to not configure Rspamd which is the right choice as it's not installed. So you should have chosen 'n' here as suggested by the installer as this setup uses amavisd and not rspamd. That the setup works nonetheless of choosing 'y' here is because it uses amavisd and Rspamd is not in use.
Hey @till,
What about rspamd ? I thought that the new tutorial will have info about rspamd migration/installation.
Thanks
I've tried the Perfect Server Buster build on 2 new servers and all seems well until I get to ISPConfig. I start that and it's OK until I get info messages that the relevant services are not detected:
[INFO] service Apache not detected[INFO] service nginx not detected[INFO] service Postgrey not detected[INFO] service Postfix not detected[ERROR] Postfix not installed - skipping Mail[INFO] service Jailkit not detected[INFO] service pureftpd not detected[INFO] service BIND not detected[INFO] service MyDNS not detected[INFO] service OpenVZ not detected[INFO] service Ubuntu Firewall not detected[INFO] service Bastille Firewall not detected[INFO] service Metronome XMPP Server not detected
but when I check the services it looks like they are there and on.
sudo service --status-all<snip> [ - ] apache2 [ - ] apache-htcacheclean [ + ] apparmor [ + ] avahi-daemon [ + ] bind9<snip> [ + ] dovecot [ + ] fail2ban<snip> [ + ] haveged<snip> [ + ] mysql<snip> [ + ] nginx [ + ] nmbd [ + ] ntp [ + ] openbsd-inetd [ + ] php7.3-fpm<snip> [ + ] postfix [ + ] postgrey<snip> [ + ] pure-ftpd-mysql<snip>
Any ideas?
Either you are not logged in as root user when you start the ISPConfig installer or you used 'su' instead of 'su -' to become root, see first chapter of this guide or the PATH variable settings of your base system are completely messed up so that no binaries can be found by using the which command on your server. If you need further help, please post in the ISPConfig forum here at howtoforge.
thanks for the prompt response.
Thanks for this tut.
I've got some weird behaviour with the webmail settings though:When opening http://fqdn:8081/webmail, the adress changes itself into http://fqdn:8081/squirrelmail and then returns an error that states: "CONFIGURATION ERROR, config.inc.php was not found. Please read the INSTALL instructions!"Even though I installed Roundcube following your tutorial and the browser tab even says "Roundcube Webmail".File /etc/roundcube/config.inc.php exists and is readable...
Any idea what went wrong?
I got the same error.
nginx log error:
file_put_contents(/var/log/roundcube/errors): failed to open stream: Permission denied in /usr/share/roundcube/program/lib/Roundcube/rcube.php on line 1259PHP message: PHP Warning: SQLSTATE[HY000] [1045] Access denied for user 'roundcube'@'localhost' (using password: NO) in /usr/share/roundcube/program/lib/Roundcube/rcube.php on line 1364PHP message: PHP Warning: file_put_contents(/var/log/roundcube/errors): failed to open stream: Permissão negada in /usr/share/roundcube/program/lib/Roundcube/rcube.php on line 1259PHP message: PHP Warning: config.inc.php was not found. in /usr/share/roundcube/program/lib/Roundcube/rcube.php on line 1364"
I checked in mariadb and database, user and pass created successfully.
The /etc/roundcube folder has weird permissions. Reverting them to normal fixes the issue as seen in https://forum.vestacp.com/viewtopic.php?t=16995#p75838: However, I did a more standard chmod: sudo find /etc/roundcube -type f -exec chmod 664 {} \; sudo find /etc/roundcube -type d -exec chmod 775 {} \; sudo find /etc/roundcube -type d -exec chmod g+s {} \;
thanks so much for postfix-sasl changes in fail2ban. It really messes up mail.log with constant spam. Perfect server guides are best <3
There are 2 errors when installing ISPConfig:
PHP Warning: symlink(): No such file or directory in /tmp/ispconfig3_install/install/lib/installer_base.lib.php on line 2395
Installing ISPConfig
AND
PHP Warning: symlink(): No such file or directory in /tmp/ispconfig3_install/install/lib/installer_base.lib.php on line 2840
Configuring DBServer
Installing ISPConfig crontab
Installing ISPConfig crontab
no crontab for root
Detect IP addresses
Restarting services ...
Installation completed.
I have a problem running perl scripts in the cgi-bin folder. In the error log I constantly get:
2019/10/08 15:24:01 [error] 12856#12856: *51 FastCGI sent in stderr: "Cannot get script name, are DOCUMENT_ROOT and SCRIPT_NAME (or SCRIPT_FILENAME) set and is the script executable?" while reading response header from upstream, client: 195.145.170.147, server: otrs.petzsch.eu, request: "GET /cgi-bin/hello_world.cgi HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgiwrap.socket:", host: "otrs.petzsch.eu"
I've definitly set the correct chmod and my vhost file is unmodified and CGI support enabled for the vHost.
Anyone a clue?
Hi Till,
there's a part where some permissions have to be set for roundcube.In the tutorial, the file ownerships are set to a user and/or group ispapps, but neither user nor group are created anywhere in the tutorial. What to do there?BestTom
Thank you for the notice, I fixed the issue now by moving them after the ISPConfig installation step. The commands need to run after you installed ISPConfig as ISPConfig creates the ispapps user and group.
You have a sed replacement near the end of chapter 8 (see below since this editor will not let me write both sides of the code quote) , but the string for replacement does not seem to exist in the file. Has this been superseded by changes?
sed -i -r 's/_dbc_nodb="yes" dbc_mysql_exec/_dbc_nodb="yes"; dbc_mysql_exec/g' /usr/share/dbconfig-common/internal/mysqlCould you add how to configure htaccess for phpmyadmin?
This is the tutorial with Nginx, there is no htaccess thing here.. There is another tutorial with Apache, you should follow that one.
If I try to open htts://myfqdn:8080 I allways get page load timeout after something about 3 minutes or so.The same if I try it with my servers ip adress. Do I have to set dns records maybe? If so which in detail? Best regards and thank you in advance
DNS is not needed. If your server is behind a nat router (at home or in office), then you might have to forward port 8080 from your router to your server. or you run a firewall on the server where port 80n is closed. If you need further help, please post your issue in the ispconfig support forum here at howtoforge.
Hi, thanks for the tutorials.I would like to know if the tutorials of The Perfect Server Debian 10 Nginx and with Apache work on a PC with 1GB of RAM or should be 2GB, to know if it is possible to test on a Raspberry Pi or on a basic 1GB VPS. Thank you very much
First, I appreciate this very complete and useful tutorial.I have several doubts and that's why I would like to ask these four questions.1 - In chapter 8 in the section open the file /etc/postfix/master.cf, the line-o smtpd_client_restrictions = permit_sasl_authenticated, rejectthat does not exist in the file, what I did was add this line, but when I did it I did not receive emails and from gmail it showed the following:554 5.7.1 <mail-lf1-f46.google.com [209.85.167.46]>: Client host rejected: Access deniedThat's why I deleted the line, but my question is whether this affects security?2 - I do not know much about the subject, but MX, A, TXT and other data must be added in the control panel where the Domain is registered or in the VPS service or in the ISPConfig panel or in the 3 at the same weather?3 - These are the services that are working, the question is whether the signed services [-] are completely turned off or only work when they should do so to save resources?# service --status-all [+] amavis [-] amavisd-snmp-subagent [-] amavis-mc [+] apparmor [+] bind9 [+] clamav-daemon [+] clamav-freshclam [+] cloud-config [+] cloud-final [+] cloud-init [+] cloud-init-local [+] cron [+] dbus [+] dovecot [+] fail2ban [-] fcgiwrap [+] haveged [-] hwclock.sh [+] kmod [+] memcached [+] mysql [+] networking [+] nginx [+] ntp [+] openbsd-inetd [+] php7.3-fpm [+] postfix [+] postgrey [+] procps [+] pure-ftpd-mysql [-] quota [-] quotarpc [-] rsync [+] rsyslog [-] screen-cleanup [-] spamassassin [+] ssh [-] sudo [+] udev [+] ufw [+] unscd
4- It will be a PC only for a personal mail, which ports is recommended to leave open with ufw?Thank you very much
How can I add a new domain? (domini2) Try adding the new domain in ISPConfig from Mail / Add domain /:Server: mail.domain1.comDomain: domain2.comThe new email from domain2 works fine, even receiving and sending is almost immediate.But maybe it is so fast is because something is not going well, I would like to know if I should add domain2 in some server configuration from the console, I think that something does not work well, I do not know if I have to do something different or if I have to configure DNS records differently because https://mecsa.jrc.ec.europa.eu/ shows this big differenceIn Phishing and identity theft:[email protected] 5 [email protected] 0 starts
https://i.ibb.co/NxGjzmP/domain.png
Thank you very much for the help
Please use the ISPConfig forum here at howtoforge for support requests.
While Nginx doesn't have global aliases you can still set up wildcard prefix sites for roundcube and phpmyadmin.
Create /etc/nginx/sites-available/roundcube.vhost
[code]
server { listen 80; root /var/lib/roundcube; # Add index.php to the list if you are using PHP index index.php; server_name mail.*; index index.php; location / { try_files $uri $uri/ =404; } location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_index index.php; fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; include fastcgi_params; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; }}[/code]
And symlink this to sites-enabled
[code]
ln -s /etc/nginx/sites-available/roundcube.vhost /etc/nginx/sites-enabled/000-roundcube.vhost
[/code]
You can now open mail.example.com or mail.subdomain.example.com or mail.subdomain2.example.com
This also works for phpmyadmin by changing root=/usr/share/phpmyadmin; and server_name phpmyadmin.*;
Hi
Please, I can recieve email from extern (from gmail for example).
this is my mail log:
[Log Removed]
Please post your support request in the ISPConfig support forum here at howtoforge. https://www.howtoforge.com/community/forums/installation-configuration.27/
Can you use a this server to deploy or give users access to VPS?
Can i offer my users VPS server using this Perfect Server?
if not what setup can i use to offer this services to ~100 developers using my own used-servers (dell poweredge R620 16C/64gRam/4x1TBSSD)?
1. Can you use a this server to deploy or give users access to VPS?
2. Can i offer my users VPS server using this Perfect Server?
3. if not what setup can i use to offer this services to ~100 developers using my own used-servers (dell poweredge R620 16C/64gRam/4x1TBSSD)?
4. Can you do a writeup of the opensource part of https://www.virtuozzo.com/products/virtuozzo-infrastructure-platform.html?
5. Can you add the opensource part of this to your Perfect Server: http://www.virtualizor.com/docs/install/ ?
Please & Thanks.
phpMyaAmin is not accessible at domain.com:8080/phpMyAdmin and domain.com:8080/phpmyadmin as it throws 404 not found error. ISPConfig is accessible via domain.com:8080
You are using the wrong port, the port for phpmyadmin is 8081 on Nginx systems.
Installing this Monday or Tuesday.
I won't be using phpMyAdmin so won't be installing it. (I use adminer) Will there be any problem if I don't install/use phpMyAdmin? I also won't be installing PureFTPd (I use winscp with shell user, so don't see a need, unless I'm missing something?) Quota, Bind, RoundCube.
Are there any dependencies/problems with not having any of those?
at the end of section 8root@server1:~# netstat -tap | grep mysqltcp6 0 0 [::]:mysql [::]:* LISTEN 4027/mysqldMine saysroot@server1:~# netstat -tap | grep mysqltcp6 0 0 [::]:mysql [::]:* LISTEN 17834/mysqldIs 17834 a problem?
php session garbage collector not working. I have to run cron for every user seesion_gc(); to clean expired sessions.
This has been fixed in ISPConfig and is not related to the above tutorial, so no need for a separate cronjob. Just run ispconfig_update.sh command and choose git-stable as update source.
I got "There are no updates available for ISPConfig 3.1.15p3" when run ispconfig_update.sh
Choose git-stable, as I mentioned above, not stable.
Thanks a lot, works.
Hello, and thank you for your tutorial. I'm trying to build a Debian 10 nginx vmware vm to move my websites onto it. My problem is (and it is driving me crazy) that this vm freezes when I'm using wordpress website I installed, or when I use ispconfig. And logs are not telling me anything cause the freezing. For your experience, do you have an idea about what I could check to understand this freezes ? Thank you
Till Brehm
Can you do a setup, so that i can be a VPS provider. like linode.
Please & Thanlks.
ISPConfig
http(s)://192.168.1.100:8080/ ( http or https depends on what you chose during installation). Log in with the username admin and the password admin (you should change the default password after your first login):
It should be http(s)://192.168.0.100:8080/ instead.
Thank you so much for this guide.
excuse me
where is the download link?
The download link is in the page menu on the right side, right below the big red download icon.
Thanks for the tuto, but got problem with steps :
sed -i - r… nothing in output
netstat - tap… nothing in shell output
and step, install phpmyadmin, problem with maria db errors :
systemctl start mysqld
Warning: The unit file, source configuration file or drop-ins of mysqld.service changed on disk. Run 'systemctl daemon-reload' to reload units.
I'm on fresh VPS / Debian Buster
Hallo Till! Wollte dir einen Vorschlag bezüglich der Organisation der Anleitungen machen. Angenommen ich benutze diese Anleitung... Bei beginn der Installation (von ISPConfig) nach dieser Anleitung wird ja die letzte stable Version von ISPConfig heruntergeladen. Das wäre in diesem Fall die 3.2...
Diese Anleitung ist aber für die ISPConfig 3.1.(x.x) Version. Es wäre sicher von Vorteil wenn du auf deinem (Download)Server die stable ISPConfig 3.1 und 3.2 aufbewahrst.
Wenn du nächstes mal die vollständige Anleitung für den perfekten Server (z.B. ISPConfig 3.2, Debian, nginx...) schreibst und es kommt zum nächsten Minor-Update solltest du das im Hinterkopf behalten und nicht vergessen diesen "organisatorischen Denkfehler" zu machen.
Bisher hast du sehr gute Arbeit geleistet... Ich bin dir sehr dankbar dafür...
Grüße
Perica
Is there a problem when i'm installing certbot from the debian repository...?!
And what is with the buster-update repository ala volatile???
Thank you very much for the work done!
Thanks for the tutorial, I've just completed the build and it's fine.I have set up a client, a domain and an email via ISPConfig and I can login to it.Even though my domain info is real I don't need my own email server on the internet hence in my case the server is just really for home use. Thus I have an outbound relay setup with my domain host and this is working fine so I can send emails out from my new virtual user mailbox.My problem is with inbound email.At this point I route all my emails/domains to my ISP email and then collect them from there using getmail, all currently into 1 mailbox.My old email server used a real unix account so the following getmail config worked fine under that account.[retriever]type = SimpleIMAPSSLRetrieverserver = imap.x.x.xport = 993username = xxxxxpassword = yyyyy[destination]type = Maildirpath = /home/zzz/Maildir/user = zzz[options]...For this new build I've copied the retriever section and am trying to get the destination part to work but so far I keep getting authentication errors.i.e. How do I authenticate that virtual email account for my destination?I'm trying variations on the following so if someone can point me in the right direction that would be great.[destination]type = MDA_externalpath = /usr/lib/dovecot/deliverthen combinations of the following:arguments = ("-e", )user = vmailgroup = vmailarguments = ("-e", "--recipient=%(myvirtualmail@homedomain)")user = myvirtualmail@homedomainpassword = zzzzzOr should I just give that up and permission a user unix account to the virtual user email path (/var/vmail/homedomain/myvirtualmail/Maildir) and then go back to using the following?:[destination]type = Maildirpath = /var/vmail/homedomain/myvirtualmail/Maildiruser = zzzThanks in advance Hodge
Hello, I made this tutorial and it works great. But I need php 8. how can i upgrade php 8
You can install additional PHP versions, do not replace the main PHP version as this will break the setup. Please see here: https://www.howtoforge.com/tutorial/how-to-install-php-7-for-ispconfig-3-from-debian-packages-on-debian-8-and-9/
Hy,
does someone know when there will be a setup guide like this for debian 11 ?
regards, Ralph
The ISPConfig installation guide for Debian 11 can be found here: https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/
Very useful tutorial! I got this error after editing the fstab with the options:mount: /etc/fstab: parse error at line 1 -- ignoredA fter command : quotacheck -avugm quotacheck: Cannot find filesystem to check or filesystem not mounted with quota option. Thanks!
phpmyadmin shows an error:
The $cfg['TempDir'] (/var/lib/phpmyadmin/tmp) is not accessible. phpMyAdmin is not able to cache templates and will be slow because of this.
someone knows what the problem is