The Perfect Setup - Ubuntu 6.10 Server (Edgy Eft)

Version 1.1
Author: Falko Timme
Last edited 12/01/2006

This is a detailed description about how to set up a Ubuntu 6.10 (Edgy Eft) based server that offers all services needed by ISPs and hosters: Apache web server (SSL-capable), Postfix mail server with SMTP-AUTH and TLS, DNS server, FTP server, MySQL server, POP3/IMAP, Quota, Firewall, etc. This tutorial is written for the 32-bit version of Ubuntu Edgy Eft, but should apply to the 64-bit version with very little modifications as well.

I will use the following software:

  • Web Server: Apache 2.0
  • Database Server: MySQL 5.0
  • Mail Server: Postfix
  • DNS Server: BIND9
  • FTP Server: proftpd
  • POP3/IMAP: I will use Maildir format and therefore install Courier-POP3/Courier-IMAP.
  • Webalizer for web site statistics

In the end you should have a system that works reliably, and if you like you can install the free webhosting control panel ISPConfig (i.e., ISPConfig runs on it out of the box).

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

 

Requirements

To install such a system you will need the following:

 

Preliminary Note

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 and the gateway 192.168.0.1. These settings might differ for you, so you have to replace them where appropriate.

 

2 The Base System

Insert your Ubuntu install CD into your system and boot from it. Select Install to the hard disk:

The installation starts, and first you have to choose your language:

Then select your location:

Choose a keyboard layout:

The installer checks the installation CD, your hardware, and configures the network with DHCP if there is a DHCP server in the network:

Enter the hostname. In this example, my system is called server1.example.com, so I enter server1:

Now you have to partition your hard disk. I will create one big partition (with the mount point /) and a little swap partition so I select Erase entire disk:

Share this page:

10 Comment(s)

Add comment

Comments

From: bdk at: 2006-10-27 20:35:19

Just some comments as I'm going throgh this How-To: 

Sudo is in Ubuntu for a reason and it should be used, so instead of enabling root and setting a root password, run sudo w/ a ' -s ' argument:

sudo -s

That'll put you in as root and you won't have to prefix all of your commands with sudo.

In step #5, instead of restarting the box, you can reload the hostname via /etc/init.d/hostname.sh; faster then restarting the box.

-bdk

 

From: at: 2007-02-21 13:31:51

Just a small comment:

There's really no need to enable the root account as explained in section 3.

You might as well use

sudu su -

to switch to the root for doing administrative tasks

 

Just my two cents :-)

/Armageddon 

From: at: 2006-11-09 18:46:01

"In recent distributions of MySQL, you can also run the script mysql_secure_installation instead of just changing the root password. That script allows you to change the root password, delete the test database, remove the anonymous user, remove remote access (allowing access from the local machine only) and reset the privileges table."

Quoting from http://www.entropy.ch/software/MacOSx/mysql/

From: at: 2007-01-13 03:50:43

When I attempted to apt-get install linux-kernel-headers, I got the message that "Package linux-kernel-headers is a virtual package provided by:
  linux-libc-dev 2.6.17.1-10.34
You should explicitly select one to install"

 

I did apt-get install linux-libc-dev and I did fine.

From: at: 2006-11-02 10:32:13

I think an excelent addition to this part of the tutorial, would be to generate the default SSL Cert for Apache, so that it *can* listen on 443.

From: at: 2007-04-09 18:57:18

While xenlab make a reasonable point that SSL instructions would be useful in this How-To, it should be noted that the SSL Certificate is automatically set up during the ISPConfig setup. If you are setting up ISPConfig as suggested by the author, you needn't worry about the SSL Certificate at this stage.

Loye Young
www.IYCC.net
Laredo, Texas 

From: at: 2007-05-18 20:42:28

Just to get this additional information on this page:

 # HOST="my.apache.hostname.example.org"

# openssl genrsa -out $HOST.key

# openssl req -new -key $HOST.key -out $HOST.csr

# openssl x509 -req -days 368 -in $HOST.csr -signkey $HOST.key -out $HOST.cert

 # mv $HOST.key /etc/ssl/private/

# chmod 0400 /etc/ssl/private/$HOST.key

#mv $HOST.cert /etc/ssl/certs/

 

Following goes into the apache SSL vhost configuration:

SSLEngine On
SSLProtocol +all
SSLCiphersuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificatefile /etc/ssl/certs/my.apache.hostname.example.org.cert
SSLCertificatekeyfile /etc/ssl/private/my.apache.hostname.example.org.key

From: at: 2007-01-29 12:31:53

System Changes / Package changes caused proftpd-common proftpd

root@beta:/etc/postfix/ssl# apt-get install proftpd proftpd-common ucf

Reading package lists... Done Building dependency tree Reading state information... Done Package proftpd-common is a virtual package provided by: proftpd 1.3.0-9ubuntu0.1 You should explicitly select one to install. E: Package proftpd-common has no installation candidate

root@beta:/etc/postfix/ssl# apt-get install proftpd ucf Works perfectly so far

From: at: 2007-05-15 13:31:03

You can also edit your /etc/hosts file and add/modify ipv6 lines like this:

::1     ip6-localhost ip6-loopback server1 server1.example.com

bye

Giuseppe

From: at: 2007-09-29 20:17:36

Setting your server name on 127.0.0.1 IS BAD! This address is made for loopback ONLY.
 
In order to make your proftpd start without messing up your system, you can add a single line :
DefaultAddress 192.168.0.1
(with the appropriate address) to your proftpd.conf