The Perfect Server - Fedora 12 x86_64 [ISPConfig 3] - Page 3

4 Adjust /etc/hosts

Next we edit /etc/hosts. Make it look like this:

vi /etc/hosts

# hostname server1.example.com added to /etc/hosts by anaconda
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
192.168.0.100           server1.example.com server1

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6 server1.example.com

It is important that you add a line for server1.example.com and remove server1.example.com and server1 from the 127.0.0.1 line.

 

5 Configure The Firewall

(You can skip this chapter if you have already disabled the firewall at the end of the basic system installation.)

I want to install ISPConfig at the end of this tutorial which comes with its own firewall. That's why I disable the default Fedora firewall now. Of course, you are free to leave it on and configure it to your needs (but then you shouldn't use any other firewall later on as it will most probably interfere with the Fedora firewall).

Run

system-config-firewall

and disable the firewall.

To check that the firewall has really been disabled, you can run

iptables -L

afterwards. The output should look like this:

[root@server1 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@server1 ~]#

 

6 Disable SELinux

SELinux is a security extension of Fedora that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only SELinux was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

Edit /etc/selinux/config and set SELINUX=disabled:

vi /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#       targeted - Targeted processes are protected,
#       mls - Multi Level Security protection.
SELINUXTYPE=targeted

Afterwards we must reboot the system:

reboot

 

7 Install Some Software

Next we update our existing packages on the system:

yum update

Now we install some software packages that are needed later on:

yum groupinstall 'Development Tools'

yum groupinstall 'Development Libraries'

 

8 Journaled Quota

(If you have chosen a different partitioning scheme than I did, you must adjust this chapter so that quota applies to the partitions where you need it.)

To install quota, we run this command:

yum install quota

Edit /etc/fstab and add ,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 to the / partition (/dev/mapper/vg_server1-lv_root):

vi /etc/fstab

#
# /etc/fstab
# Created by anaconda on Fri Nov 20 15:18:09 2009
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/vg_server1-lv_root /                       ext4    defaults,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0        1 1
UUID=1fe0122f-c969-4b2c-9b89-27a0c26115ec /boot                   ext4    defaults        1 2
/dev/mapper/vg_server1-lv_swap swap                    swap    defaults        0 0
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0

Then run

touch /aquota.user /aquota.group
chmod 600 /aquota.*
mount -o remount /

quotacheck -avugm
quotaon -avug

to enable quota.

 

9 Install Apache, MySQL, phpMyAdmin

This can all be installed with one single command (including the packages we need to build Courier-IMAP):

yum install ntp httpd mysql-server php php-mysql php-mbstring rpm-build gcc mysql-devel openssl-devel cyrus-sasl-devel pkgconfig zlib-devel phpMyAdmin pcre-devel openldap-devel postgresql-devel expect libtool-ltdl-devel openldap-servers libtool gdbm-devel pam-devel gamin-devel

Share this page:

7 Comment(s)

Add comment

Comments

From: gimi at: 2009-11-29 17:43:13

followed your how to and web mail is not working

From: adycobra at: 2010-06-30 03:20:06

Yes squiremail doesnt work, after u complete this tutorial, after deep searches into my server i nodest that on postfix virtual  mysql confs u can see that it logs to mysql with user ispconfig which on this entire tutorial wasnt sayd anywhere to create it,  in /etc/dovecot-sql.conf u will see the same user ispconfig, so that is why ur mail doesnt work cause postfix conf have one user who cant connect to mysql and dovecot the same, so go on /etc/postfix and modify the user and pass for mysql on these files:

mysql-virtual_client.cf

mysql-virtual_domains.cf

mysql-virtual_email2email.cf

mysql-virtual_forwardings.cf

mysql-virtual_mailboxes.cf

mysql-virtual_recipient.cf

mysql-virtual_relaydomains.cf

mysql-virtual_relayrecipientmaps.cf

mysql-virtual_sender.cf

mysql-virtual_transports.cf

After this changes go edit /etc/dovecot-sql.conf and change user and password, after that restart postfix and dovecot and should work, or lool the simplest is to way early in instalation steps to add the user ispconfig :)) i hope it work for u...

From: at: 2010-03-13 21:53:24

After following the complete tutorial I noticed that MyDNS service did not start.

So I ran /tmp/ispconfig3_install/install/php -q update.php and I noticed that ISPConfig tries to config BIND.

After reading the complete tutorial again I am sure there is no line with : yum install bind So it is installed from dvd.

There are two solutions

1. on page two you select the packages to be installed,  select dns server, select additional packages, remove the tick from BIND, continue install


2. run ( somewhere in the beginning, but before yum install mydns ) yum erase bind, continue install.



From: at: 2010-03-23 11:34:09

I've created shell scripts to do all of this automatically.  Will be happy to share them.

My scripts also include installing tomcat6, JDK, and setting up the tomcat connector - mod_jk.

BTW ...

This tutorial is not perfect yet ... I did find that I had to make a few tweaks to get squirrelmail to deliver mail.

From: Anonymous at: 2010-09-30 15:13:57

are u able to share?i found out that dovecot has problems too, i've simply compile this tutorial with another one to get the damn thing working, still didn't get the squerill to work properly

 

waiting for a reply, best regards,

V

From: robertlouwen at: 2010-05-13 22:29:28

Make it comfortable ... and install the update - daemon "yum-updatesd" and get notified by e-mail when there are updates for your Fedora 12 server.

1. yum install yum-updatesd

2. vi /etc/yum/yum-updatesd.conf and set the interval for checking, set notification method ( email ), set email recipient and email sender.

All done ( sit back and relax )

From: moodz at: 2010-08-16 10:46:44

The instructions for creating quota are screwy ..... apart from the fact it just does not work.