ISP-Server Setup - Ubuntu 5.0.4 "The Hoary Hedgehog"

This is a "copy & paste" HowTo! The easiest way to follow this tutorial is to use a command line client/SSH client (like PuTTY for Windows) and simply copy and paste the commands (except where you have to provide own information like IP addresses, hostnames, passwords,...). This helps to avoid typos.

ISP-Server Setup - Ubuntu 5.0.4 "The Hoary Hedgehog"

Version 1.0
Author: Till Brehm <t.brehm [at] ispconfig [dot] org>, Falko Timme
Last edited 09/16/2005

This is a detailed description about the steps to be taken to setup a Ubuntu based server (Ubuntu 5.0.4 - The Hoary Hedgehog) that offers all services needed by ISPs and hosters (web server (SSL-capable), mail server (with SMTP-AUTH and TLS!), DNS server, FTP server, MySQL server, POP3/POP3s/IMAP/IMAPs, Quota, Firewall, etc.).

I will use the following software:

  • Web Server: Apache 2.0.x
  • Mail Server: Postfix (easier to configure than sendmail; has a shorter history of security holes than sendmail)
  • DNS Server: BIND9
  • FTP Server: proftpd
  • POP3/POP3s/IMAP/IMAPs: in this example you can choose between the traditional UNIX mailbox format (we then use ipopd/uw-imapd) or the Maildir format (in this case we will use Courier-POP3/Courier-IMAP).
  • Webalizer for web site statistics

In the end you should have a system that works reliably and is ready for the free webhosting control panel ISPConfig (i.e., ISPConfig runs on it out of the box).

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

Requirements

To install such a system you will need the following:

  • A Ubuntu install CD (available here: http://www.ubuntu.com/download/)
  • An internet connection since I will describe a network installation in this document.

1 The Base System

Insert your Ubuntu install CD into your system and boot from it (enter server at the boot prompt to install only a base system suitable for servers).

The installation starts, and first you have to choose your language:

Chose your location:

Choose a keyboard layout:

The hardware detection starts:

Enter the hostname. In this example, my system is called server1.example.com, so I enter server1:

Share this page:

24 Comment(s)

Add comment

Comments

From: Anonymous at: 2005-10-10 02:01:05

You mention that Postfix has a shorter list of security vulnerabilities than Sendmail. In the recent times, Sendmail has performed very well. Also keep in mind that Sendmail is over 23 years old -- it's had a lot more time to be tested for these things. If you mentioned that Postfix scales better than Sendmail, I'd have marked that as credable; however, Sendmail's M4 configuration is so easy that even a monkey could do it.

As a software package, Sendmail works great. It is easy to configure. It has proven itself secure in the recent years. Don't knock it for the wrong things.

From: Anonymous at: 2005-11-16 22:54:12


May be you'd check more. Postfix is designed basically to be a secure alternative to Sendmail, check its site. And it does have a better record.

I'd say the worst thing about sendmail is the configuration, by the way. Probably you are a M4 veteran, so you don't know how complicated it is. Frankly, that was the reason I switched from sendmail to postfix, circa redhat 7.3, before it became their default. And I am not really a newbie..

From: Anonymous at: 2005-12-19 16:44:21


thanks for the walk through only had Ubuntu installed (or any type of Linux) for a couple of days and I'm already runing my own server...pure magic

From: Anonymous at: 2006-01-29 17:47:45


would this be a better starting point?

would it change everything in this howto?

http://distrowatch.com/?newsid=02988#0


From: admin at: 2006-01-29 18:26:22


The ubuntu server distribution did not exist at the time I've written this howto. I'am pretty sure that the howto will work fine with Ubuntu Server distribution too, but I've not tested it yet.

Till


From: Anonymous at: 2005-10-28 09:58:33


Bad bad bad!:
0 */2 * * * /etc/init.d/ntpdate restart

Please use an ntp daemon.


From: Anonymous at: 2005-12-03 08:59:49


And if you are already on it use 'crontab -e' to modify cronjobs instead of digging through the file system. You get syntax highlighting and it checks and installs the new cronjob for you afterwards.

From: at: 2005-09-20 02:00:06


There is an error (minor) in the following paragraph on the last page. ...

After you have
answered the questions ISPConfig should be duly installed. If you indicated www as host and xyz.com
as the domain during the installation, you will find the ISPConfig interface
under https://www.xyz.de:81
or http://www.xyz.de:81.


The addresses should have .com instead of .de (or the how should be xyz.de)


thanks for the sweet article!

From: at: 2005-09-25 21:45:42


Crossposted from OSNews:

This
is the worst HOWTO I ever read. There is NO explanation what this setup
will create NOR is it secure or suitable other than for kids to play on
their homeboxen. Postfix has not disabled plaintext without ssl so
every client pointing to server:25 and not issuing STARTTLS will get
transmit passwords in cleartext. Did I hear ISP? Where is virtual
domain support? Are you supposed to have all your mailaccounts in
/etc/passwd. What is that Apache setup meant for? Disabling PHP and
running php scripts as CGI with Suexec? Ever heard of suphp?



forget it


From: at: 2005-09-25 22:22:56

Hmm, the other guy needs a slap around the ears, not designed for kids at home, he assumes you have a basic idea if you are going to do it, there's also Articles about Virtual Domains on the site, take a chill pill and relax.

Nice Article, you may also want to look into running VHCS as well from www.vhcs.net it's also a Free Opensource Hosting panel, I think it has more features too, plus it's a heck of a lot sexier.

From: admin at: 2005-09-26 08:11:23


Thanks, I've corrected the error.

From: Anonymous at: 2005-09-26 08:19:04


It seems you have not read the howto at all. The howto prepares a server for the installation of the ispconfig controlpanel. If you do not disable PHP globally you can not manage it on a per vhost basis :-) When you have written your own server howto, you can post it here to show everyone what you think a server setup is. E.g. crossposting is :cool:

From: Anonymous at: 2005-09-27 02:30:55


Hello I am newbie. It's my first time to have handson on linux. Anyway i followed everything in this article except that when I installed ISPConfig, I got the following error:

Warning: main(config.inc.php): failed to open stream: No such file or directory in /tmp/install_ispconfig/install.php on line 624

Warning: main(): Failed opening 'config.inc.php' for inclusion (include_path='.:/root/ispconfig/php/lib/php') in /tmp/install_ispconfig/install.php on line 624

Warning: mysql_connect(): Access denied for user: 'root@localhost' (Using password: NO) in /tmp/install_ispconfig/install.php on line 634

Could not connect to db

Restarting some services...

./setup2: line 883: [:==: unary operator expected

./setup2: line 901: /etc/init.d/ispconfig_server: No such file or directory

If you have anyway of fixing this. I would be very grateful.

mike

From: Anonymous at: 2005-09-28 01:55:51


I tried this but had a dickens of a time testing the email addresses. I put "nameserver 192.168.0.100" on the top of /etc/resolv.conf and to test the DNS, I'd run "host newdomain.com" to see if the virtual address showed up. It did, so I tried setting up email accounts( 2 ) and created the accounts in Thunderbird to send back and forth. They didn't work until I started sending to "userID1@www.domain.com". Creating a Co-Domain with the Hostname cleared worked. It also resulted in /etc/prostfix/local-host-names file showing the domain.com entry( along with the www.domain.com entry ).

Cool HowTo BTW. Now I have to go in and start learning what all is going on. ;-)


I'm thinking this might be nice for a couple of friends who have small biz and need to create temp accounts for customer comm and filesharing.

From: falko at: 2005-09-28 07:40:54
From: Anonymous at: 2005-09-28 13:37:50


Rather than creating the symlinks manually as you do for the Apache modules you can use the provided tools:

a2enmod include

a2enmod ssl

etc.

From: Anonymous at: 2005-10-06 14:16:36


Is it perfect? Probably not.

Handholding? Some, but you really need to bring your own critical thinking to the table if you're to tackle an unforseen glitch.

Thorough? Absolutely. While I (might) agree there's not a lot of detailed explanations to the tasks, it's all here. You couldn't ask for a better blueprint. You wanna know more about the underpinnings of each step? Start digging. At least you now know what questions to ask!

For all the indignant boo hooing, I would say anyone whining about this article has not had to fend for themselves much and is proably still living with their parents.

Thanks for helping this newbie get a better idea of how work is accomplished in Linux!

From: Anonymous at: 2005-10-06 20:09:48


everyones a noob at some point

From: Anonymous at: 2005-10-07 16:22:42

my setup is ok now. can you tell me how to add amasvid-new and clam av to this setup?

From: admin at: 2005-10-07 17:16:33

If you use ISPConfig, mailfiltering with Spamassassin and ClamAV are installed and configured? by the ISPConfig installer.

From: Anonymous at: 2005-10-09 06:05:23


Why cant a iso of this be available to download all ready to run?

flame away ;-)

From: Anonymous at: 2005-10-09 17:00:47


I created some scripts that are a start to automating this process. You can find them here:

http://www.geekdept.com/1.script

http://www.geekdept.com/2.script

http://www.geekdept.com/3.script

http://www.geekdept.com/4.script

http://www.geekdept.com/5.script

http://www.geekdept.com/6.script

http://www.geekdept.com/7.script

http://www.geekdept.com/8.script

http://www.geekdept.com/9.script

Keep in mind that these scripts are not the cure all it just helps automate a bit. Take a look at each one before you use it. I usually run wget and get them all into the /tmp dir and then call on them as needed.


Hope this helps.

From: Anonymous at: 2005-10-10 16:38:41


i cannot receive email but i can send using outlook client with smtp authentication. also i cannot login using https://www.mydomain.com:81/mailuser.

From: SABADBOY at: 2008-11-30 08:41:44

ANYBODY MADE AN ISO YET SO THE INSTALL IS ALL AUTOMATED  SERIOUSLY I NEED IT BAD


GREAT ARTICLE