The Perfect Server - OpenSUSE 11.1 [ISPConfig 3] - Page 5
12 MyDNS
Install the MyDNS DNS Server. Run:
cd /tmp
wget http://download.opensuse.org/repositories/home:/bajizs_cnt/openSUSE_11.1/i586/mydns-ng-1.2.8-1.1.i586.rpm
wget http://download.opensuse.org/repositories/home:/bajizs_cnt/openSUSE_11.1/i586/mydns-ng-mysql-1.2.8-1.1.i586.rpm
rpm -i mydns*.rpm
rm -f mydns*.rpm
chkconfig --add mydns
13 Install vlogger and Webalizer
cd /tmp
wget http://n0rp.chemlab.org/vlogger/vlogger-1.3.tar.gz
tar xvfz vlogger-1.3.tar.gz
mv vlogger-1.3/vlogger /usr/sbin/
rm -rf vlogger*
yast2 -i webalizer perl-DateManip
14 Install fail2ban
rpm -i http://download.opensuse.org/repositories/home:/leonardocf/openSUSE_11.0/i586/fail2ban-0.8.2-5.2.i586.rpm
Warnings like "warning: /var/tmp/rpm-xfer.SCm0TM: Header V3 DSA signature: NOKEY, key ID 5b00c76e" can be ignored.
15 Install jailkit
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz
tar xvfz jailkit-2.5.tar.gz
cd jailkit-2.5
./configure
make
make install
cd ..
rm -rf jailkit-2.5*
16 Synchronize the System Clock
If you want to have the system clock synchronized with an NTP server do the following:
yast2 -i xntp
Then add system startup links for ntp and start ntp:
chkconfig --add ntp
/etc/init.d/ntp start
17 ISPConfig 3
Download the current ISPConfig version and install it. The ISPConfig installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 is not nescessary anymore.
cd /tmp
wget http://downloads.sourceforge.net/ispconfig/ISPConfig-3.0.1.tar.gz?use_mirror=
tar xvfz ISPConfig-3.0.1.tar.gz
cd ispconfig3_install/install/
Now start the installation process by executing:
php -q install.php
--------------------------------------------------------------------------------
_____ ___________ _____ __ _
|_ _/ ___| ___ \ / __ \ / _(_)
| | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _
| | `--. \ __/ | | / _ \| '_ \| _| |/ _` |
_| |_/\__/ / | | \__/\ (_) | | | | | | | (_| |
\___/\____/\_| \____/\___/|_| |_|_| |_|\__, |
__/ |
|___/
--------------------------------------------------------------------------------
>> Initial configuration
Operating System: openSUSE 11.1 or compatible
Following will be a few questions for primary configuration so be careful.
Default values are in [brackets] and can be accepted with <ENTER>.
Tap in "quit" (without the quotes) to stop the installer.
Select language (en,de) [en]: en
Installation mode (standard,expert) [standard]: standard
Full qualified hostname (FQDN) of the server, eg server1.domain.tld [server1.example.com]: server1.example.com
MySQL server hostname [localhost]: localhost
MySQL root username [root]: root
MySQL root password []: howtoforge
MySQL database to create [dbispconfig]: dbispconfig
MySQL charset [utf8]: utf8
Generating a 2048 bit RSA private key
............+++
........+++
writing new private key to 'smtpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:DE
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Howtoforge
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:
Email Address []:
Configuring Jailkit
Configuring SASL
Configuring PAM
Configuring Courier
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring Pureftpd
Configuring MyDNS
Configuring Apache
Configuring Firewall
Installing ISPConfig
ISPConfig Port [8080]:8080
Configuring DBServer
Installing Crontab
no crontab for root
no crontab for getmail
Restarting services ...
Restarting service MySQL
Shutting down service MySQL ..done
Starting service MySQL ..done
Shutting down mail service (Postfix)..done
Starting mail service (Postfix)..done
Shutting down service saslauthd..done
Starting service saslauthd..done
Waiting for the process [10980] to terminate
Waiting for the process [10980] to terminate
Daemon [10980] terminated by SIGTERM
Shutting down virus-scanner (amavisd-new):..done
Starting virus-scanner (amavisd-new):..done
Shutting down Clam AntiVirus daemon ..done
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
Starting Clam AntiVirus daemon ..done
Shutting down Courier Authentication Daemon ..done
Starting Courier Authentication Daemon ..done
Shutting down Courier-IMAP ..done
Starting Courier-IMAP ..done
Shutting down Courier-IMAP (SSL)..done
Starting Courier-IMAP (SSL)..done
Shutting down Courier-POP3 ..done
Starting Courier-POP3 ..done
Shutting down Courier-POP3 (SSL)..done
Starting Courier-POP3 (SSL)..done
Syntax OK
Shutting down httpd2 (waiting for all children to terminate) ..done
Starting httpd2 (prefork) Shutting down pure-ftpd..done
Starting pure-ftpd..done
Installation completed.
Create a symlink for phpMyAdmin:
ln -s /srv/www/htdocs/phpMyAdmin /usr/local/ispconfig/interface/web/phpmyadmin
Cleanup the /tmp directory:
rm -f /tmp/ispconfig3_install
rm -f ISPConfig-3.0.1.tar.gz
To log in to the ISPConfig control panel, open this URL in your browser (replace the IP to match your settings!):
http://192.168.0.105:8080/
The default login is:
user: admin
password: admin
17.1 ISPConfig 3 Manual
In order to learn how to use ISPConfig 3, I strongly recommend to download the ISPConfig 3 Manual.
On nearly 300 pages, it covers the concept behind ISPConfig (admin, resellers, clients), explains how to install and update ISPConfig 3, includes a reference for all forms and form fields in ISPConfig together with examples of valid inputs, and provides tutorials for the most common tasks in ISPConfig 3. It also lines out how to make your server more secure and comes with a troubleshooting section at the end.
18 Optional
Install a webbased email client:
rpm -i http://download.opensuse.org/repositories/server:/php:/applications/openSUSE_11.1/noarch/squirrelmail-1.4.17-1.2.noarch.rpm
ln -s /srv/www/htdocs/squirrelmail /usr/local/ispconfig/interface/web/webmail
19 Disable AppArmor
AppArmor is a security extension of SUSE (similar to Fedora's SELinux) that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).
We can disable it like this:
/etc/init.d/boot.apparmor stop
chkconfig -d boot.apparmor
20 Links
- OpenSUSE: http://www.opensuse.org
- ISPConfig: http://www.ispconfig.org