The Perfect Server - OpenSUSE 11.3 x86_64 [ISPConfig 3] - Page 5

12 Install BIND

The BIND nameserver can be installed as follows:

yast2 -i bind

Create the BIND system startup links and start it:

chkconfig --add named
/etc/init.d/named start

 

13 Install Webalizer And AWStats

Since ISPConfig 3 lets you choose if you want to use Webalizer or AWStats to create your web site statistics, we install both:

yast2 -i webalizer perl-DateManip
rpm -ivh http://download.opensuse.org/repositories/network:/utilities/openSUSE_11.3/noarch/awstats-6.95-3.1.noarch.rpm 

 

14 Install fail2ban

fail2ban can be installed as follows:

yast2 -i fail2ban 

 

15 Install Jailkit

Jailkit can be installed like this:

rpm -ivh http://download.opensuse.org/repositories/security/openSUSE_11.3/x86_64/jailkit-2.11-1.2.x86_64.rpm

 

16 Synchronize The System Clock

If you want to have the system clock synchronized with an NTP server do the following:

yast2 -i xntp

Then add system startup links for ntp and start ntp:

chkconfig --add ntp
/etc/init.d/ntp start

 

17 ISPConfig 3

Download the current ISPConfig 3 version and install it. The ISPConfig installer will configure all services like Postfix, Dovecot, etc. for you. A manual setup as required for ISPConfig 2 is not necessary anymore.

cd /tmp
wget http://downloads.sourceforge.net/ispconfig/ISPConfig-3.0.2.2.tar.gz?use_mirror=
tar xvfz ISPConfig-3.0.2.2.tar.gz
cd ispconfig3_install/install/

Now start the installation process by executing:

php -q install.php

server1:/tmp/ispconfig3_install/install # php -q install.php


--------------------------------------------------------------------------------
 _____ ___________   _____              __ _
|_   _/  ___| ___ \ /  __ \            / _(_)
  | | \ `--.| |_/ / | /  \/ ___  _ __ | |_ _  __ _
  | |  `--. \  __/  | |    / _ \| '_ \|  _| |/ _` |
 _| |_/\__/ / |     | \__/\ (_) | | | | | | | (_| |
 \___/\____/\_|      \____/\___/|_| |_|_| |_|\__, |
                                              __/ |
                                             |___/
--------------------------------------------------------------------------------


>> Initial configuration

Operating System: openSUSE or compatible, unknown version.

    Following will be a few questions for primary configuration so be careful.
    Default values are in [brackets] and can be accepted with <ENTER>.
    Tap in "quit" (without the quotes) to stop the installer.


Select language (en,de) [en]:
 <-- ENTER

Installation mode (standard,expert) [standard]: <-- ENTER

Full qualified hostname (FQDN) of the server, eg server1.domain.tld  [server1.example.com]: <-- ENTER

MySQL server hostname [localhost]: <-- ENTER

MySQL root username [root]: <-- ENTER

MySQL root password []: <-- yourrootsqlpassword

MySQL database to create [dbispconfig]: <-- ENTER

MySQL charset [utf8]: <-- ENTER

chown: cannot access `/var/vmail': No such file or directory
Generating a 2048 bit RSA private key
......+++
........+++
writing new private key to 'smtpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
 <-- ENTER
State or Province Name (full name) [Some-State]: <-- ENTER
Locality Name (eg, city) []: <-- ENTER
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- ENTER
Organizational Unit Name (eg, section) []: <-- ENTER
Common Name (eg, YOUR name) []: <-- ENTER
Email Address []: <-- ENTER
Configuring Jailkit
Configuring Dovecot
chmod: cannot access `/etc/dovecot/dovecot-sql.conf~': No such file or directory
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring Pureftpd
Configuring BIND
Configuring Apache
Configuring vlogger
Configuring Apps vhost
Configuring Firewall
Installing ISPConfig
ISPConfig Port [8080]:
 <-- ENTER

Configuring DBServer
Installing Crontab
no crontab for root
no crontab for getmail
Restarting services ...
Restarting service MySQL
Shutting down service MySQL ..done
Starting service MySQL ..done
Shutting down mail service (Postfix)..done
Starting mail service (Postfix)..done
Waiting for the process [3233] to terminate
Waiting for the process [3233] to terminate
Waiting for the process [3233] to terminate
Daemon [3233] terminated by SIGTERM
Shutting down virus-scanner (amavisd-new): ..done
Starting virus-scanner (amavisd-new): ..done
/usr/bin/lsb_release: line 367: echo: write error: Broken pipe
/usr/bin/lsb_release: line 367: echo: write error: Broken pipe
Shutting down Clam AntiVirus daemon ..done
/usr/bin/lsb_release: line 367: echo: write error: Broken pipe
Starting Clam AntiVirus daemon ..done
Stopping dovecot ..done
Starting dovecot ..done
Syntax OK
Shutting down httpd2 (waiting for all children to terminate) ..done
Starting httpd2 (prefork) ..done
Shutting down pure-ftpd..done
Starting pure-ftpd..done
Installation completed.
server1:/tmp/ispconfig3_install/install #

Create a symlink for phpMyAdmin:

ln -s /srv/www/htdocs/phpMyAdmin /usr/local/ispconfig/interface/web/phpmyadmin

Cleanup the /tmp directory:

rm -rf /tmp/ispconfig3_install
rm -f /tmp/ISPConfig-3.0.2.2.tar.gz

Open /etc/suphp.conf...

vi /etc/suphp.conf

... and make sure that it contains x-httpd-suphp instead of x-httpd-php towards the end of the file:

[...]
[handlers]
;Handler for php-scripts
;x-httpd-php="php:/usr/bin/php-cgi5"
x-httpd-suphp="php:/usr/bin/php-cgi5"
[...]

To log in to the ISPConfig control panel, open this URL in your browser (replace the IP to match your settings!):

http://192.168.0.100:8080/

The default login is:

user: admin
password: admin

 

17.1 ISPConfig 3 Manual

 

18 Install SquirrelMail (Optional)

Install a SquirrelMail, a web-based email client:

rpm -ivh http://download.opensuse.org/repositories/server:/php:/applications/openSUSE_11.3/noarch/squirrelmail-1.4.20-1.1.noarch.rpm
ln -s /srv/www/htdocs/squirrelmail /usr/local/ispconfig/interface/web/webmail

 

19 Disable AppArmor

AppArmor is a security extension of SUSE (similar to Fedora's SELinux) that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

We can disable it like this:

/etc/init.d/boot.apparmor stop
chkconfig -d boot.apparmor

 

Share this page:

3 Comment(s)