The Perfect Server - Fedora 9

Version 1.0
Author: Falko Timme
Last edited 05/13/2008

This is a detailed description about how to set up a Fedora 9 server that offers all services needed by ISPs and hosters: Apache web server (SSL-capable) with PHP5 and Ruby, Postfix mail server with SMTP-AUTH and TLS, BIND DNS server, Proftpd FTP server, MySQL server, Dovecot POP3/IMAP, Quota, Firewall, etc. This tutorial is written for the 32-bit version of Fedora 9, but should apply to the 64-bit version with very little modifications as well.

I will use the following software:

  • Web Server: Apache 2.2.8
  • PHP 5.2.5
  • Ruby
  • Database Server: MySQL 5.0.51
  • Mail Server: Postfix
  • DNS Server: BIND9 (chrooted)
  • FTP Server: proftpd
  • POP3/IMAP server: Dovecot
  • Webalizer for web site statistics

In the end you should have a system that works reliably, and if you like you can install the free webhosting control panel ISPConfig (i.e., ISPConfig runs on it out of the box).

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

 

1 Requirements

To install such a system you will need the following:

 

2 Preliminary Note

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 and the gateway 192.168.0.1. These settings might differ for you, so you have to replace them where appropriate.

 

3 Install The Base System

Boot from your Fedora 9 DVD. Select Install or upgrade an existing system:

It can take a long time to test the installation media so we skip this test here:

The welcome screen of the Fedora installer appears. Click on Next:

Choose your language next:

Select your keyboard layout:

I'm installing Fedora 9 on a fresh system, so I answer Yes to the question Would you like to initialize this drive, erasing ALL DATA?:

On to the network settings. The default setting here is to configure the network interfaces with DHCP, but we are installing a server, so static IP addresses are not a bad idea... Click on the Edit button at the top right:

In the window that pops up select Enable IPv4 support > Manual configuration and give your network card a static IP address and netmask (in this tutorial I'm using the IP address 192.168.0.100 and netmask 255.255.255.0 for demonstration purposes; if you are not sure about the right values, http://www.subnetmask.info might help you). Uncheck Enable IPv6 support:

Set the hostname manually, e.g. server1.example.com, and enter a gateway (e.g. 192.168.0.1) and two DNS servers (e.g. 213.191.92.86 and 145.253.2.75):

Share this page:

6 Comment(s)

Add comment

Comments

From: Anonymous at: 2009-01-05 14:30:25

Don't use the media test - it has bug in it and will drive you crazy reporting media errors when there are none. This type of problem gives Fedora a bad name. It's ridiculous. Other instructions tell you to be sure and use the media test, not to skip it. That goes to show you they don't know.

From: at: 2008-07-18 08:49:54

I would strongly recommened enabling SELinux.  SELinux is there for your protetion and comes highly recommneded by the Redhat Security team.  Mark Cox: team lead for the Red Hat Security Response explains why SELinux is beneficial here.

From: at: 2008-08-09 06:01:53

Just wanted to tell everyone as a novice Linux user the guide was very helpful. I installed Fedora 9 on an older system but it was a clean install. I would like to say that during the 'yum update' process depending upon a users setup the 'transaction test' can take a long time and not show any progress, so if you are a new Fedora/Linux user and are using this guide, when coming to this step please wait patiently because of my 451 updates, obviously there is a lot of data there to test, with no progress shown until the test is complete.

 -Thanks Again for the HOW-TO!

Loob

Fedora 9 installed on-

P4 2.2ghz 1 gig PC-3200 DDR

From: NetWebLogic at: 2008-10-02 14:41:45

If you run into the following error with  system-config-firewall.py

File "/usr/share/system-config-firewall/system-config-firewall.py", line 29, in <module>
os.execv(argv[0], argv)
OSError: [Errno 2] No such file or directory

You can solve this by opening  /usr/share/system-config-firewall/system-config-firewall.py

 and editing the following:

argv = [ "/usr/sbin/system-config-firewall-tui" ]
to
argv = [ "/usr/bin/system-config-firewall-tui" ]

And try again. That should work...

 Great Job on this article. Top Notch!

From: Plume at: 2009-03-15 05:53:16

Thanks you for all of your HowTo's, it's very helpfull to me to openup Linux.

I try to connect to my Fedora 9 server by SSH and met some difficulties

to config it. Could you include SSH to this tutorial?

From: Jason Roysdon at: 2008-11-16 04:48:42

I highly suggest adding to this guide rkhunter. It is a "root kit" hunter and is an absolute must for anyone connecting a server that the internet at large can access services on. Even with yum keeping things up to date, there are still vulnerabilities that come up that you might not get a patch for in time. You must have something like rkhunter to constantly check your system for root kits and to check the md5 signatures on key files.