The Perfect Server - Ubuntu 14.04 (nginx, BIND, MySQL, PHP, Postfix, Dovecot and ISPConfig 3)

Version 1.0
Author: Falko Timme, updated by Srijan Kishore
Last edited 28/Apr/2014

This tutorial shows how to prepare an Ubuntu 14.04 (Trusty Tahr) server (with nginx, BIND, Dovecot) for the installation of ISPConfig 3, and how to install ISPConfig 3. ISPConfig 3 is a webhosting control panel that allows you to configure the following services through a web browser: Apache or nginx web server, Postfix mail server, Courier or Dovecot IMAP/POP3 server, MySQL, BIND or MyDNS nameserver, PureFTPd, SpamAssassin, ClamAV, and many more. This setup covers nginx (instead of Apache), BIND (instead of MyDNS), and Dovecot (instead of Courier).

If you want to use nginx instead of Apache with ISPConfig, please note that your nginx version must be at least 0.8.21, and you must install PHP-FPM as well. For CGI/Perl support, you must use fcgiwrap. This is all covered by this tutorial.

Please note that you cannot use this tutorial for Debian Squeeze because Squeeze comes with an older nginx version (0.7.67.) and does not have a PHP-FPM package!

Please note that this setup does not work for ISPConfig 2! It is valid for ISPConfig 3 only!

I do not issue any guarantee that this will work for you!

 

1 Requirements

To install such a system you will need the following:

 

2 Preliminary Note

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 and the gateway 192.168.0.1. These settings might differ for you, so you have to replace them where appropriate.

3 The Base System

Insert your Ubuntu install CD into your system and boot from it. Select your language:

Then select Install Ubuntu Server:

Choose your language again (?):

Then select your location:

I will continue here as India location, configure keyboard as No &  I select English(US) here: 





The installer checks the installation CD, your hardware, and configures the network with DHCP if there is a DHCP server in the network: 

Enter the hostname. In this example, my system is called server1.example.com, so I enter server1:

Create a user, for example the user Administrator with the user name administrator (don't use the user name admin as it is a reserved name on Ubuntu 14.04):









Share this page:

18 Comment(s)

Add comment

Comments

From: Pete Williams at: 2014-07-19 20:42:09

I found another solution to the 502 error when attempting to access ISPConfig when using nginx.  I used the instructions here:

http://stackoverflow.com/questions/23443398/nginx-error-connect-to-php5-fpm-sock-failed-13-permission-denied

The issue is related to PHP update to mitigate security risk per this page:
  1. Open /etc/php5/fpm/pool.d/www.conf
  2. Remove comment prefix # from all permission lines, like:

    listen.owner = www-data

    listen.group = www-data

    listen.mode = 0660
  3. Restart fpm - sudo service php5-fpm restart

 

From: Killozap at: 2014-09-10 22:27:01

You will get a error-message at first when trying to start the admin-page of ispconfig, don't try to use the changes in one comment here, only restart your server and it works!

 When you do the mentioned changes here, it wors, and after the next restart, it will not function anymore.

From: at: 2014-12-07 16:44:27

I have created an ansible script does steps 8 and further in this howto on a clean ubuntu machine. Steps 1-7 are about providing the clean ubuntu machine.

See: https://github.com/wiebew/ispconfig_install

From: admin at: 2014-07-17 06:34:04

The command works fine in 14.04, just tested it. You can ignore the warning message that you get, the command still works.

From: at: 2014-07-17 04:07:10

AFAIK service networking restart command did not work anymore, do we have any proper way to do it with 14.04?!?

From: John Kounis at: 2014-07-07 05:16:44

Since Ubuntu 14.04 comes with php5.5 that has its own Zend opcode cache, php_apc is no longer available. You can delete the following command:

 apt-get install php-apc


From: Anonymous at: 2014-07-07 21:22:05

apt-get REMOVE php-apc

not install :)

From: at: 2014-11-01 05:50:16

Hi,

 What Mr. Kounis meant was to "Skip it", remove it from the ToDo, I'm pretty sure ;)

From: Anonymous at: 2014-08-21 22:21:10

Hi,

Is it possible to run 2 instances of MySql, say at port 3307 and 3306 at the same time?

After installing ISPconfig 3 I would like to try to install a kind of CMS using port 3307.


 

From: Nadeistos at: 2014-05-07 20:00:00

There is a mistake in : filter = sasl should be : filter = postfix-sasl Thierry

From: Nik at: 2014-05-08 05:35:22

The above jail.local has a typo. 

 filter = sasl should be filter=post-sasl

From: at: 2014-07-10 21:33:17

If you're using a purchased SSL key, which comes as a .crt and .key file, you must create pure-ftpd.pem as follows:

 

cat example.com.key example.com.crt > /etc/ssl/private/pure-ftpd.pem

 

If you don't do this, and /etc/ssl/private/pure-ftpd.pem only contains a private key (no public key), the error message will be:

pure-ftpd: (?@?) [ERROR] Sorry, but that file doesn't exist: [/etc/ssl/private/pure-ftpd.pem] 

which is very confusing, since /etc/ssl/private/pure-ftpd.pem does exist.

From: John Kounis at: 2014-07-06 06:06:53

I got a "502 Bad Gateway" error connecting to ISPConfig after following these instructions.

I followed the instructions at http://wildlyinaccurate.com/solving-502-bad-gateway-with-nginx-php-fpm and edited /etc/php5/fpm/pool.d/www.conf

I changed:

listen=/var/run/php5-fpm.sock

to:

listen=127.0.0.1:9000

 This fixed the problem

From: Mario at: 2015-03-06 20:04:49

I followed the guide installing on a Microsoft Azure server without getting any problem.I get a strange error : i cannot list directories when i connect by FTP, i get a timeout of 20 seconds.I've tested connecting in Google Chrome and the problem is still there.How to fix?

From: lolo888 at: 2015-03-15 16:47:28

For cgi-bin/mailman > error 403 > http://forum.nginx.org/read.php?2,227508,227548#msg-227548

put "include /etc/nginx/fastcgi_params;"

after

fastcgi_intercept_errors on;

enjoy!

From: Andre at: 2015-03-18 17:36:29

Hi,

I have a lots of errors (Ubuntu 14.04.2, 3.0.5.4p5).

FTP.

I need to do this for pure-ftpd:

echo 'yes' > Daemonizeecho 'yes' > VerboseLogecho ,21 > Bindecho 50100 50200 > PassivePortRangeecho 1000 > MaxClientsPerIPecho 1000 > MaxClientsNumberecho yes > NoAnonymous

 

This allows me to sent magento files to the server. Still there were couple (300+) failed transfers.

Database.

I can create user, but he is not appeared when I creating database and moreover I can create database even I have not defined a user. Magento fail to install :(

Nginx.

Only this config allows me to run (not to complete install) of magento:

  location / {    index index.html index.php; ## Allow a static html file to be shown first    try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler    expires 30d; ## Assume all files are cachable  }    ## These locations would be hidden by .htaccess normally  location /app/                { deny all; }  location /includes/           { deny all; }  location /lib/                { deny all; }  location /media/downloadable/ { deny all; }  location /pkginfo/            { deny all; }  location /report/config.xml   { deny all; }  location /var/                { deny all; }

  ## http://vvv.tobiassjosten.net/nginx/generate-htpasswd-for-nginx/  location /var/export/ { ## Allow admins only to view export folder    auth_basic           "Restricted"; ## Message shown in login window    auth_basic_user_file /home/lumz/public_html/.htpasswd; ## See /etc/nginx/htpassword    autoindex            on;  }   ## Disable .htaccess and other hidden files  location ~ /\. {    deny all;    access_log off;    log_not_found off;  }  location @handler { ## Magento uses a common front handler    rewrite / /index.php;  }    location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler    rewrite ^(.*.php)/ $1 last;  }

   # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini location ~ .php$ {    if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss    expires        off; ## Do not cache dynamic content

    fastcgi_pass   unix:/var/run/php5-fpm.sock;    fastcgi_param GATEWAY_INTERFACE CGI/1.1;    fastcgi_param SERVER_SOFTWARE nginx;    fastcgi_param DOCUMENT_ROOT /home/lumz/public_html;   fastcgi_param QUERY_STRING $query_string;   fastcgi_param REQUEST_METHOD $request_method;   fastcgi_param CONTENT_TYPE $content_type;   fastcgi_param CONTENT_LENGTH $content_length;   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;   fastcgi_param SCRIPT_NAME $fastcgi_script_name;   fastcgi_param REQUEST_URI $request_uri;   fastcgi_param DOCUMENT_URI $document_uri;   fastcgi_param SERVER_PROTOCOL $server_protocol;   fastcgi_param REMOTE_ADDR $remote_addr;   fastcgi_param REMOTE_PORT $remote_port;   fastcgi_param SERVER_ADDR $server_addr;   fastcgi_param SERVER_PORT $server_port;   fastcgi_param SERVER_NAME $server_name;   fastcgi_param HTTPS $https;    fastcgi_param  MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores    fastcgi_param  MAGE_RUN_TYPE store;    include        /etc/nginx/fastcgi_params; ## See /etc/nginx/fastcgi_params }

 

Database user solution? Anyone?

Thank you.

 

 

From: till at: 2015-03-18 18:47:10

I installed the same tutorial today for a customer without any changes and it works fine, no issues at all.

 

The pure-ftpd things that you describe are only required if you block ports with a firewall. 

 

The magento config that you posted is not fully compatible with ispconfig as you try to override the php setup so that all php files run under a wrong owner and you refernce directries like /home/... which are outside of the website.So remove the php config and set the corrcet path to the auth file.

 

Regarding saabase user: a database user gets created when you create the first database for it. Creating a mysql user when there is no database that it can be used for makes no sense and therefor it gets created together with the databse.

From: JamesB at: 2015-03-26 07:26:29

service networking restart does not work in Ubuntu 14.04 and according to official Ubuntu documents the correct method for reseting networking connections in Ubuntu 14.04 is using ifdown <interface> followed by ifup <interface>.