The Perfect Server - CentOS 6.4 x86_64 (nginx, Dovecot, ISPConfig 3) - Page 7

25 Install ISPConfig 3

Before you start the ISPConfig installation, make sure that Apache is stopped (if it is installed - it is possible that some of your installed packages have installed Apache as a dependency without you knowing). If Apache2 is already installed on the system, stop it now...

/etc/init.d/httpd stop

... and remove Apache's system startup links:

chkconfig --del httpd

Make sure that nginx is running:

/etc/init.d/nginx restart

(If you have both Apache and nginx installed, the installer asks you which one you want to use: Apache and nginx detected. Select server to use for ISPConfig: (apache,nginx) [apache]:

Type nginx. If only Apache or nginx are installed, this is automatically detected by the installer, and no question is asked.)

Download the current ISPConfig 3 version and install it. The ISPConfig installer will configure all services like Postfix, Dovecot, etc. for you. A manual setup as required for ISPConfig 2 is not necessary anymore.

You now also have the possibility to let the installer create an SSL vhost for the ISPConfig control panel, so that ISPConfig can be accessed using https:// instead of http://. To achieve this, just press ENTER when you see this question: Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:.

To install ISPConfig 3 from the latest released version, do this:

cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install/

The next step is to run

php -q install.php

This will start the ISPConfig 3 installer:

[root@server1 install]# php -q install.php


--------------------------------------------------------------------------------
 _____ ___________   _____              __ _         ____
|_   _/  ___| ___ \ /  __ \            / _(_)       /__  \
  | | \ `--.| |_/ / | /  \/ ___  _ __ | |_ _  __ _    _/ /
  | |  `--. \  __/  | |    / _ \| '_ \|  _| |/ _` |  |_ |
 _| |_/\__/ / |     | \__/\ (_) | | | | | | | (_| | ___\ \
 \___/\____/\_|      \____/\___/|_| |_|_| |_|\__, | \____/
                                              __/ |
                                             |___/
--------------------------------------------------------------------------------


>> Initial configuration

Operating System: Redhat or compatible, unknown version.

    Following will be a few questions for primary configuration so be careful.
    Default values are in [brackets] and can be accepted with <ENTER>.
    Tap in "quit" (without the quotes) to stop the installer.


Select language (en,de) [en]:
 <-- ENTER

Installation mode (standard,expert) [standard]: <-- ENTER

Full qualified hostname (FQDN) of the server, eg server1.domain.tld  [server1.example.com]: <-- ENTER

MySQL server hostname [localhost]: <-- ENTER

MySQL root username [root]: <-- ENTER

MySQL root password []: <-- yourrootsqlpassword

MySQL database to create [dbispconfig]: <-- ENTER

MySQL charset [utf8]: <-- ENTER

Apache and nginx detected. Select server to use for ISPConfig: (apache,nginx) [apache]: <-- nginx

Generating a 2048 bit RSA private key
......................................................................+++
...............................................+++
writing new private key to 'smtpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
 <-- ENTER
State or Province Name (full name) []: <-- ENTER
Locality Name (eg, city) [Default City]: <-- ENTER
Organization Name (eg, company) [Default Company Ltd]: <-- ENTER
Organizational Unit Name (eg, section) []: <-- ENTER
Common Name (eg, your name or your server's hostname) []: <-- ENTER
Email Address []: <-- ENTER
Configuring Jailkit
Configuring Dovecot
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring Pureftpd
Configuring BIND
Configuring nginx
Configuring Vlogger
Configuring Apps vhost
Configuring Bastille Firewall
Configuring Fail2ban
Installing ISPConfig
ISPConfig Port [8080]:
 <-- ENTER

Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <-- ENTER

Generating RSA private key, 4096 bit long modulus
...........................................................++
...........................................................................++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
 <-- ENTER
State or Province Name (full name) []: <-- ENTER
Locality Name (eg, city) [Default City]: <-- ENTER
Organization Name (eg, company) [Default Company Ltd]: <-- ENTER
Organizational Unit Name (eg, section) []: <-- ENTER
Common Name (eg, your name or your server's hostname) []: <-- ENTER
Email Address []: <-- ENTER

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
 <-- ENTER
An optional company name []: <-- ENTER
writing RSA key
Configuring DBServer
Installing ISPConfig crontab
no crontab for root
no crontab for getmail
Restarting services ...
Stopping mysqld:                                           [  OK  ]
Starting mysqld:                                           [  OK  ]
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                          [  OK  ]
Stopping saslauthd:                                        [FAILED]
Starting saslauthd:                                        [  OK  ]
Shutting down amavisd: Daemon [1554] terminated by SIGTERM
                                                           [  OK  ]
amavisd stopped
Starting amavisd:                                          [  OK  ]

Stopping clamd.amavisd:                                    [  OK  ]
Starting clamd.amavisd:                                    [  OK  ]
Stopping Dovecot Imap:                                     [  OK  ]
Starting Dovecot Imap:                                     [  OK  ]
Reloading php-fpm:                                         [  OK  ]
Reloading nginx:                                           [  OK  ]
Stopping pure-ftpd:                                        [  OK  ]
Starting pure-ftpd:                                        [  OK  ]
Installation completed.
[root@server1 install]#

To fix the Mailman errors you might get during the ISPConfig installation, open /usr/lib/mailman/Mailman/mm_cfg.py...

vi /usr/lib/mailman/Mailman/mm_cfg.py

... and set DEFAULT_SERVER_LANGUAGE = 'en':

[...]
#-------------------------------------------------------------
# The default language for this server.
DEFAULT_SERVER_LANGUAGE = 'en'
[...]

Restart Mailman:

/etc/init.d/mailman restart

Afterwards you can access ISPConfig 3 under http(s)://server1.example.com:8080/ or http(s)://192.168.0.100:8080/ (http or https depends on what you chose during installation). Log in with the username admin and the password admin (you should change the default password after your first login):

The system is now ready to be used.

If you want to use IPv6 addresses with your nginx vhosts, please do the following before you create IPv6 vhosts in ISPConfig:

Open /etc/sysctl.conf...

vi /etc/sysctl.conf

... and add the line net.ipv6.bindv6only = 1:

[...]
net.ipv6.bindv6only = 1

Run...

sysctl -p

... afterwards for the change to take effect.

 

 

26 Links

 

About The Author

Falko Timme is the owner of Boost Your Site mit Timme Hosting - ultra-schnelles nginx-WebhostingTimme Hosting (ultra-fast nginx web hosting). He is the lead maintainer of HowtoForge (since 2005) and one of the core developers of ISPConfig (since 2000). He has also contributed to the O'Reilly book "Linux System Administration".

Share this page:

21 Comment(s)

Add comment

Comments

From: Coupon Code Swap at: 2013-10-20 16:40:07

 Use the latest rpmforge. Otherwise you will run into dependency errors for some modules while installing PHP-FPM:

cd /tmp
wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
rpm -ivh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

From: Anonymous at: 2013-09-23 13:56:00

Before building fcgiwrap you need to install some tools first:

yum install autoconf automake libtool

 

From: Ivan at: 2013-10-07 20:50:14

Hello, i found i small missing in your great tutorial. Before "cd /usr/local/src/
git clone git://github.com/gnosek/fcgiwrap.git"  you have to mention how git should be installed, because there is not git there and it does not work. thank you. Ivan.
 

 

From: selva at: 2013-10-26 03:24:33

 I can open the directory src. But I can process this possion. PLease help me. THanks

git clone git://github.com/gnosek/fcgiwrap.git

From: at: 2014-07-14 02:48:02

Use 'https' instead of 'git' as below.

git clone https://github.com/gnosek/fcgiwrap.git

From: Coupon Code Swap at: 2013-10-20 16:34:07

If you plan on running Drupal or another CMS, you may want to include this in the html section while configuring the nginx.conf file to avoid getting 502 Bad Gateway errors:

 

vi /etc/nginx/nginx.conf

 

fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;

From: Anonymous at: 2013-12-21 17:55:51

cp /etc/dovecot/dovecot-sql.conf /etc/

From: at: 2013-12-26 01:40:16

Hi,

 Can anyone show me how to enable mod re_write for drupal and joomla site? I've search for a few days and nothing comes up. I have multiple sites running Drupal on LAMP, and now I'm trying to migrate these sites to LEMP with ISPConfig.

From: at: 2014-05-04 22:40:13

You will end up with a very old version of nginx if you install from epel. To get the latest version, do this:

 vi /etc/yum.repos.d/nginx.repo

paste and save:

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/6/$basearch/
gpgcheck=0
enabled=1
priority=10

yum update

chkconfig --levels 235 nginx on

/etc/init.d/nginx start

From: Arkadiusz Zug at: 2014-08-14 08:22:46

If you would like to use newest version of postfix 2.11.* and MariaDB 10.* you can use Axivo repo:

 rpm -ivh --nosignature http://rpm.axivo.com/redhat/axivo-release-6-1.noarch.rpm

 Tested by me and working

From: Fabricio Rabelo at: 2013-09-30 12:48:25

Hi, I followed all the tutorial alright. Almost all functions are running ok, but the server isn't generating statistics both AWStats as Webalizer. Someone can help me? Thanks.

From: Drew at: 2014-04-24 00:54:22

I found webalizer working first, but after switching to awstats, I get a 404.  Then when I switch back to webalizer and wait 35 mins (so I can re-login), nothing changes and I get the same 404 as in awstats.

The 404 gets displayed 'below' the awstats "Jump to previous stats" header.

 

In IspConfig > System > Server Config > Web > Awstats Settings the following are the default settings :-

:- /etc/awstats
awstats data folder:- /var/lib/awstats
awstats.pl script:- /usr/lib/cgi-bin/awstats.pl
awstats_buildstaticpages.pl script:- /usr/share/awstats/tools/awstats_buildstaticpages.pl
 
I checked these locations and I found the following:-
  • /etc/awstats does have the conf files.
  • /var/lib/awstats doesn't exist
  • /usr/lib/cgi-bin doesn't exist
  • /usr/share/awstats/tools/ is empty using ls -la
  • /etc/nginx/sites-available/mydomain.com.vhost contains 'location ^~ /awstats-icon {
                alias /usr/share/awstats/icon;
            }' which is not correct as only the tools directory lives in /usr/share/awstats.  There is an icon directory here '/var/www/awstats/icon', but this too doesn't have a awstats-icon.

 
Awstats was installed as per the guidelines here in this perfect server setup:-
yum install webalizer awstats perl-DateTime-Format-HTTP perl-DateTime-Format-Builder.
 
Hope this helps the powers that be, to be able to remedy this situation atm.
 
Cheers to all
 
 

 

From: admin at: 2014-04-24 07:10:17

Statistics are genarated once every day in the early morning hours. you have to wait until the next day before you can use awstats before Switch the statistics engine.

Switching the stats engine removes all previous statistisc, so when you Switch back, the webalizer stats will not be available until the next day as well.

From: Coupon Code Swap at: 2013-10-20 16:57:18

After installing ISPConfig, the TLS setting for pure-ftpd may be commented out again. If so, redo the setting for TLS:

 

vi /etc/pure-ftpd/pure-ftpd.conf

 TLS                      1

From: Anonymous at: 2013-11-09 01:10:48

This is a very important step to prevent DDoS attacks. While editing the named.conf file, recursion should be turned off and an additional line should be added.

 vi /etc/named.conf

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion no;
        additional-from-cache no;
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};
include "/etc/named.conf.local";

service named restart

For reference and additional configuration options:

http://www.team-cymru.org/Services/Resolvers/

http://www.team-cymru.org/Services/Resolvers/instructions.html

And a useful tool to check your DNS configuration:

http://www.intodns.com

Create the file /etc/named.conf.local that is included at the end of /etc/named.conf (/et

From: Coupon Code Swap at: 2013-10-28 19:26:06

The mail server will not be functioning because a conf file is not linked correctly. Run the following commands to get dovecot up and running:

ln -s /etc/dovecot/dovecot-sql.conf /etc/dovecot-sql.conf
ln -s /etc/dovecot/dovecot.conf /etc/dovecot.conf

From: Anonymous at: 2014-01-12 14:43:58

I have looked everywhere in ispconfig and I can find the options to have /phpmyadmin instead of :8081/phpmyadmin. Any help would be great.

From: at: 2014-03-12 09:01:26

If you would like to use this manual to configure your CentOS 6.5 version (I couldn't find 6.5 manual) probably you stop on named service step:

 While you try to start:

/etc/init.d/named start

 

system prompt you:

Generating /etc/rndc.key

all you need is paste:

rndc-confgen -a -r /dev/urandom

 

then:

/etc/init.d/named restart

 

helped me :)

From: at: 2014-05-04 23:31:56

to install latest version of jailkit, do this:

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz
tar xvfz jailkit-2.17.tar.gz
cd jailkit-2.17
./configure
make
make install
cd ..
rm -rf jailkit-2.17*

From: Dimitris at: 2015-02-25 21:33:33

Can someone explain to me how can i use only https with phpmyadmin and not both http and https?

Trying to make it more secure but still no luck. I read this tutorial but i can't get it to work.. Any ideas?

From: Lefteros at: 2015-04-24 13:23:40

failed to mention that epel is needed for fail2ban and others

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm