The Perfect Server - OpenSUSE 11.1 [ISPConfig 3] - Page 5

12 MyDNS

Install the MyDNS DNS Server. Run:

cd /tmp
wget http://download.opensuse.org/repositories/home:/bajizs_cnt/openSUSE_11.1/i586/mydns-ng-1.2.8-1.1.i586.rpm
wget http://download.opensuse.org/repositories/home:/bajizs_cnt/openSUSE_11.1/i586/mydns-ng-mysql-1.2.8-1.1.i586.rpm
rpm -i mydns*.rpm
rm -f mydns*.rpm

chkconfig --add mydns

 

13 Install vlogger and Webalizer

cd /tmp
wget http://n0rp.chemlab.org/vlogger/vlogger-1.3.tar.gz
tar xvfz vlogger-1.3.tar.gz
mv vlogger-1.3/vlogger /usr/sbin/
rm -rf vlogger*
yast2 -i webalizer perl-DateManip

 

14 Install fail2ban

rpm -i http://download.opensuse.org/repositories/home:/leonardocf/openSUSE_11.0/i586/fail2ban-0.8.2-5.2.i586.rpm

Warnings like "warning: /var/tmp/rpm-xfer.SCm0TM: Header V3 DSA signature: NOKEY, key ID 5b00c76e" can be ignored.

 

15 Install jailkit

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz
tar xvfz jailkit-2.5.tar.gz
cd jailkit-2.5
./configure
make
make install
cd ..
rm -rf jailkit-2.5*

 

16 Synchronize the System Clock

If you want to have the system clock synchronized with an NTP server do the following:

yast2 -i xntp

Then add system startup links for ntp and start ntp:

chkconfig --add ntp
/etc/init.d/ntp start

 

17 ISPConfig 3

Download the current ISPConfig version and install it. The ISPConfig installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 is not nescessary anymore.

cd /tmp
wget http://downloads.sourceforge.net/ispconfig/ISPConfig-3.0.1.tar.gz?use_mirror=
tar xvfz ISPConfig-3.0.1.tar.gz
cd ispconfig3_install/install/

Now start the installation process by executing:

php -q install.php

--------------------------------------------------------------------------------
 _____ ___________   _____              __ _
|_   _/  ___| ___ \ /  __ \            / _(_)
  | | \ `--.| |_/ / | /  \/ ___  _ __ | |_ _  __ _
  | |  `--. \  __/  | |    / _ \| '_ \|  _| |/ _` |
 _| |_/\__/ / |     | \__/\ (_) | | | | | | | (_| |
 \___/\____/\_|      \____/\___/|_| |_|_| |_|\__, |
                                              __/ |
                                             |___/
--------------------------------------------------------------------------------


>> Initial configuration

Operating System: openSUSE 11.1 or compatible

    Following will be a few questions for primary configuration so be careful.
    Default values are in [brackets] and can be accepted with <ENTER>.
    Tap in "quit" (without the quotes) to stop the installer.


Select language (en,de) [en]: en

Installation mode (standard,expert) [standard]: standard

Full qualified hostname (FQDN) of the server, eg server1.domain.tld  [server1.example.com]: server1.example.com

MySQL server hostname [localhost]: localhost

MySQL root username [root]: root

MySQL root password []: howtoforge

MySQL database to create [dbispconfig]: dbispconfig

MySQL charset [utf8]: utf8

Generating a 2048 bit RSA private key
............+++
........+++
writing new private key to 'smtpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:DE
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Howtoforge
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
Configuring Jailkit
Configuring SASL
Configuring PAM
Configuring Courier
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring Pureftpd
Configuring MyDNS
Configuring Apache
Configuring Firewall
Installing ISPConfig
ISPConfig Port [8080]:8080

Configuring DBServer
Installing Crontab
no crontab for root
no crontab for getmail
Restarting services ...
Restarting service MySQL
Shutting down service MySQL ..done
Starting service MySQL ..done
Shutting down mail service (Postfix)..done
Starting mail service (Postfix)..done
Shutting down service saslauthd..done
Starting service saslauthd..done
Waiting for the process [10980] to terminate
Waiting for the process [10980] to terminate
Daemon [10980] terminated by SIGTERM
Shutting down virus-scanner (amavisd-new):..done
Starting virus-scanner (amavisd-new):..done
Shutting down Clam AntiVirus daemon ..done
LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days!  ***
LibClamAV Warning: ***   Please update it as soon as possible.    ***
LibClamAV Warning: **************************************************
Starting Clam AntiVirus daemon ..done
Shutting down Courier Authentication Daemon ..done
Starting Courier Authentication Daemon ..done
Shutting down Courier-IMAP ..done
Starting Courier-IMAP ..done
Shutting down Courier-IMAP (SSL)..done
Starting Courier-IMAP (SSL)..done
Shutting down Courier-POP3 ..done
Starting Courier-POP3 ..done
Shutting down Courier-POP3 (SSL)..done
Starting Courier-POP3 (SSL)..done
Syntax OK
Shutting down httpd2 (waiting for all children to terminate) ..done
Starting httpd2 (prefork) Shutting down pure-ftpd..done
Starting pure-ftpd..done
Installation completed.

Create a symlink for phpMyAdmin:

ln -s /srv/www/htdocs/phpMyAdmin /usr/local/ispconfig/interface/web/phpmyadmin

Cleanup the /tmp directory:

rm -f /tmp/ispconfig3_install
rm -f ISPConfig-3.0.1.tar.gz

To log in to the ISPConfig control panel, open this URL in your browser (replace the IP to match your settings!):

http://192.168.0.105:8080/

The default login is:

user: admin
password: admin

 

17.1 ISPConfig 3 Manual

 

18 Optional

Install a webbased email client:

rpm -i http://download.opensuse.org/repositories/server:/php:/applications/openSUSE_11.1/noarch/squirrelmail-1.4.17-1.2.noarch.rpm
ln -s /srv/www/htdocs/squirrelmail /usr/local/ispconfig/interface/web/webmail

 

19 Disable AppArmor

AppArmor is a security extension of SUSE (similar to Fedora's SELinux) that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

We can disable it like this:

/etc/init.d/boot.apparmor stop
chkconfig -d boot.apparmor

 

20 Links

Share this page:

24 Comment(s)

Add comment

Comments

From: at: 2009-03-30 17:01:25

this will work under openSUSE 11.0?

From: IzFazt at: 2009-07-10 20:31:34

This is the moment to unmark apparmor, before installing it. Although it is advised to de-install this later on it produces some unexplicable error at that time

From: at: 2009-04-15 09:55:31

The version of phpMyAdmin in the openSUSE repo seems to have changed. The version there now is:

phpMyAdmin-3.1.3.1-1.1.noarch.rmp

 I ran

"rpm -i http://download.opensuse.org/repositories/server:/php:/applications/openSUSE_11.1/noarch/phpMyAdmin-3.1.3.1-1.1.noarch.rpm"

it seems to work!

From: Anonymous at: 2009-05-24 13:45:26

The current version is now 3.1.5.1-1.1

From: itsonlyme at: 2009-07-10 22:53:36

it's now version 3.2.0-1.1

From: Wendy at: 2009-04-08 17:40:59

You may need to change to root folder before doing mysql secure:

 cd /

mysql_secure_installation

From: Anonymous at: 2009-03-29 17:22:30

i ran into a problem when i was trying to run..

 "mysql_secure_installation"

 so i found this fix hopefully it helps you out.

 "echo 'export PATH=$PATH:/Applications/MAMP/Library/bin' >> ~/.bash_profile"

From: itsonlyme at: 2009-07-10 20:52:26

I used 

maildrop-2.1.0-3.2.i586.rpm

because I could't find your version, hope that's ok....

From: itsonlyme at: 2009-07-10 21:16:53

and for pam-mysql-0-7RC1-tar-gz

I had to use

wget http://sourgeforge.net/projects/pam-mysql-0-7RC1-tar.gz

because that package has been moved

From: itsonlyme at: 2009-07-10 21:56:46

and better still, instead of :

......
cd /tmp
wget http://heanet.dl.... etc

just use :

rpm -i http://download.opensuse.org/repositories/home:/buschmann23/openSUSE_11.1/i586/pam_mysql-0.7RC1-11.1.i586.rpm

From: Anonymous at: 2009-09-28 18:11:10

 rpm --force -i http://download.opensuse.org/repositories/home:/atzewilms/openSUSE_11.1_Update/i586/maildrop-2.1.0-3.2.i586.rpm
warning: /var/tmp/rpm-xfer.OCxYJZ: Header V3 DSA signature: NOKEY, key ID 6530cd38
error: Failed dependencies:
        libcourierauth.so is needed by maildrop-2.1.0-3.2.i586
        libfam.so.0 is needed by maildrop-2.1.0-3.2.i586
        libgcc_s.so.1 is needed by maildrop-2.1.0-3.2.i586
        libgcc_s.so.1(GCC_3.0) is needed by maildrop-2.1.0-3.2.i586
        libgdbm.so.3 is needed by maildrop-2.1.0-3.2.i586
        libpcre.so.0 is needed by maildrop-2.1.0-3.2.i586
        libstdc++.so.6 is needed by maildrop-2.1.0-3.2.i586
        libstdc++.so.6(CXXABI_1.3) is needed by maildrop-2.1.0-3.2.i586
        libstdc++.so.6(GLIBCXX_3.4) is needed by maildrop-2.1.0-3.2.i586
        libstdc++.so.6(GLIBCXX_3.4.9) is needed by maildrop-2.1.0-3.2.i586

From: Cracklefish at: 2010-05-09 11:47:51

The current version can be got from:

rpm -i http://download.opensuse.org/repositories/server:/php/server_database_apache_openSUSE_11.1/i586/suphp-0.7.1-3.26.i586.rpm

However, this requires php5-fastcgi before it will load so I ran the  next statement and installed the php modules then ran the suphp install.

From: Cracklefish at: 2010-05-09 10:26:00

There seems to be a problem with the version of Getmail-4.17.0 on the openSUSE site, whatever version of Python I have tried it still gives a "requires Python <2.6..." message so here is what I did:

cd /tmp

wget http://pyropus.ca/software/getmail/old-versions/getmail-4.17.0.tar.gz

tar xvfz getmail-4.17.0.tar.gz

cd getmail-4.17.0

python setup.py build

python setup.py install

This was using Python 2.7b1 which is the end of life V2 Release Candidate. Apparently they will support this for 5 years. I've not tried the V3 versions on offer (if it a'int broke...!)

 

From: OvrFlote at: 2009-05-11 16:14:44

I am putting a script together (first attempt at scripting) that will do all of this for you, I have made the changes in the commands that the other users commented on.  This is just a personal project but if anyone is interested, send me an email. basically, I'm just coping and pasting from this tutorial to my script, since all of this runs from the command line. But I am wondering if the author of the tutorial has the end user download all of the packages seperately for a reason or is it just due to the amount of time it takes to install all the packages. In my script i put all of the needed packages in one "yast2 -i" command. Excellent tutorial though. Really helpful and dead on. Once this script is working, I will add Openfire, and Wowza to the mix.

From: Daniel Prez at: 2009-08-11 19:22:32

I installed everything like the how to explain. My system is function normally but i don't have DNS resolution, i'd like your script to compare with my instalation and see if i am doing something bad.

Thanks

Daniel Prez

From: mdconner at: 2009-08-18 14:38:54

Did you ever complete your project and have a working install config script?

From: at: 2009-04-23 15:36:00

This applies to the other package too... (you only mentioned the mysql sub-package)

 mydns-ng-1.2.8-5.1.i586.rpm

From: at: 2009-04-15 10:56:26

The current version of MYDNS is:

mydns-ng-mysql-1.2.8-5.1.i586.rpm

From: at: 2009-04-15 10:58:54

Should the line:

rm -f /tmp/ispconfig3_install

be:

rm -rf /tmp/ispconfig3_install

?

 

From: Emska at: 2009-06-06 11:41:00

Current fail2ban is  fail2ban-0.8.3-3.1.i586.rpm. To obtain it :

rpm -i http://download.opensuse.org/repositories/home:/leonardocf/openSUSE_11.1/i586/fail2ban-0.8.3-3.1.i586.rpm 

From: Anonymous at: 2009-08-09 22:39:43

Postfix not sending and not receiving any messages in this configuration . This is too low . In second Suse 11.1 tutorial is better postfix config.Please write more details how to create running email. Its my problem only?

.

From: Daniel Prez at: 2009-08-14 03:38:02

I had problems with virtual domains. In the apache log, the system says me that i'd been overlap when i created two or more sites, and that the first of these have been precedence.

Searching information in Internet i found that should delete the # in the line that virtualname *:80 in /etc/apache2/listen.conf.

But this is not everything, also i had to modify /etc/apache2/sites-available/name-site.vhost and write  the complete name in servername, for example www.name-site.com instead of *.name-site.com

I want help to the ispconfig create my new sites with these template in  /etc/apache2/sites-available/. If somebody knows how i can do it please !! write me.

Thanks to all pleople and the writers of this how to.

Daniel Prez

From: Ozgur Dagli at: 2009-09-11 10:02:52

You have to edit that "/etc/apache2/Listen.conf" to include these two lines.

Listen 80
NameVirtualHost *:80

First line is deafult listening port for global http server, you can add any other listening ports for special purposes. If you add any virtual servers differ than port 80, you have to add "Listen [XX]" and "NameVirtualHost *:[XX]" to your configuration.

"NameVirtualHost" parameter is required to apache for handling virtual domains...

From: Cracklefish at: 2010-05-09 12:22:23

Fail2ban doesn't appear to be available from SUSE anymore, I tracked down a SUSE version at:

rpm -i http://packman.mirrors.skynet.be/pub/packman/suse/11.1/i586/fail2ban-0.8.4-0.pm.1.1.i586.rpm