Virtual Multiserver Environment With Dedicated Web & MySQL, Email & DNS Servers On Debian Squeeze With ISPConfig 3 - Page 3

6.3 Installing The Primary DNS Server

Edit the hosts file and add the IP addresses and hostnames for all servers. The hostnames and IP addresses have to be adjusted to match your setup.

nano /etc/hosts

127.0.0.1  localhost
192.168.1.2 web.example.tld
192.168.1.3 mail.example.tld
192.168.1.4 ns1.example.tld
192.168.1.5 ns2.example.tld

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

Set the hostname of the server:

echo ns1.example.tld > /etc/hostname
/etc/init.d/hostname.sh start

Install MySQL client and server:

apt-get -y install mysql-client mysql-server

Enter the new password for MySQL when requested by the installer.

Then install install the commandline version of PHP to be able to run PHP-based shell scripts for ISPConfig:

apt-get -y install php5-cli php5-mysql php5-mcrypt mcrypt

Install fail2ban: This is optional but recommended, because the ISPConfig monitor tries to show the log:

apt-get install fail2ban

Install BIND DNS Server:

apt-get -y install bind9 dnsutils

Next install ISPConfig 3 on the dns server. To get the download URL of the latest ISPConfig 3 stable release, please visit the ISPConfig website: http://www.ispconfig.org/ispconfig-3/download/

Download the latest ISPConfig 3 stable release:

cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install/

Then start the install script:

php -q install.php

Select language (en,de) [en]:<-- en
Installation mode (standard,expert) [standard]:<-- expert
Full qualified hostname (FQDN) of the server, eg server2.domain.tld [ns1.example.tld]:<-- ns1.example.tld
MySQL server hostname [localhost]:<-- localhost
MySQL root username [root]:<-- root
MySQL root password []:<-- Enter your MySQL root password here
MySQL database to create [dbispconfig]:<-- dbispconfig
MySQL charset [utf8]:<-- utf8
Shall this server join an existing ISPConfig multiserver setup (y,n) [n]:<-- y
MySQL master server hostname []:<-- web.example.tld
MySQL master server root username [root]:<-- root
MySQL master server root password []:<-- Enter the root password of the master server here
MySQL master server database name [dbispconfig]:<-- dbispconfig
Configure Mail (y,n) [y]:<-- n
Configure Jailkit (y,n) [y]:<-- n
Configure FTP Server (y,n) [y]:<-- n
Configure DNS Server (y,n) [y]:<-- y
Configure Apache Server (y,n) [y]:<-- n
Configure Firewall Server (y,n) [y]:<--n
Install ISPConfig Web-Interface (y,n) [y]:<--n

Run...

rm -f /var/www/ispconfig

... to remove the ISPConfig interface link in the /var/www directory.

Clean up the install directories:

rm -rf /tmp/ispconfig3_install/install
rm -f /tmp/ISPConfig-3-stable.tar.gz

 

6.4 Installing The Secondary DNS Server

Edit the hosts file and add the IP addresses and hostnames for all servers. The hostnames and IP addresses have to be adjusted to match your setup.

nano /etc/hosts

127.0.0.1  localhost
192.168.1.2 web.example.tld
192.168.1.3 mail.example.tld
192.168.1.4 ns1.example.tld
192.168.1.5 ns2.example.tld

# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

Set the hostname of the server:

echo ns2.example.tld > /etc/hostname
/etc/init.d/hostname.sh start

Install MySQL client and server:

apt-get -y install mysql-client mysql-server

Enter the new password for MySQL when requested by the installer.

Then install install the commandline version of PHP to be able to run PHP-based shell scripts for ISPConfig:

apt-get -y install php5-cli php5-mysql php5-mcrypt mcrypt

Install fail2ban: This is optional but recommended, because the ISPConfig monitor tries to show the log:

apt-get install fail2ban

Install BIND DNS Server:

apt-get -y install bind9 dnsutils

Next install ISPConfig 3 on the dns server. To get the download URL of the latest ISPConfig 3 stable release, please visit the ISPConfig website: http://www.ispconfig.org/ispconfig-3/download/

Download the latest ISPConfig 3 stable release:

cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install/

Then start the install script:

php -q install.php

Select language (en,de) [en]:<-- en
Installation mode (standard,expert) [standard]:<-- expert
Full qualified hostname (FQDN) of the server, eg server2.domain.tld [ns2.example.tld]:<-- ns2.example.tld
MySQL server hostname [localhost]:<-- localhost
MySQL root username [root]:<-- root
MySQL root password []:<-- Enter your MySQL root password here
MySQL database to create [dbispconfig]:<-- dbispconfig
MySQL charset [utf8]:<-- utf8
Shall this server join an existing ISPConfig multiserver setup (y,n) [n]:<-- y
MySQL master server hostname []:<-- web.example.tld
MySQL master server root username [root]:<-- root
MySQL master server root password []:<-- Enter the root password of the master server here
MySQL master server database name [dbispconfig]:<-- dbispconfig
Configure Mail (y,n) [y]:<-- n
Configure Jailkit (y,n) [y]:<-- n
Configure FTP Server (y,n) [y]:<-- n
Configure DNS Server (y,n) [y]:<-- y
Configure Apache Server (y,n) [y]:<-- n
Configure Firewall Server (y,n) [y]:<--n
Install ISPConfig Web-Interface (y,n) [y]:<--n

Run...

rm -f /var/www/ispconfig

... to remove the ISPConfig interface link in the /var/www directory.

Clean up the install directories:

rm -rf /tmp/ispconfig3_install/install
rm -f /tmp/ISPConfig-3-stable.tar.gz

 

6.5 Adjust The Server Settings In ISPConfig

Log into ISPConfig on the master server with a web browser:

http://192.168.1.2:8080

Click on System > Server services > web.example.tld and disable all checkboxes except of the Webserver, Fileserver and DB-Server checkbox and click on Save.

Click on System > Server services > mail.example.tld and disable all checkboxes except of the Mailserver checkbox and click on Save.

Click on System > Server services > ns1.example.tld and disable all checkboxes except of the DNS-Server checkbox and click on Save.

Click on System > Server services > ns2.example.tld and disable all checkboxes except of the DNS-Server checkbox and select ns1.example.tld in the Is mirror of Server selectbox and click on Save.

 

6.6 Setting Reverse DNS

Since most mail servers check for a valid Reverse DNS entry, we have to setup one for our mail server. Hetzner allows us to do this in their Web Interface:

Note the entry for IP 176.9.221.50. For you, under IP 192.168.1.3 you should fill in: mail.example.tld

Share this page:

12 Comment(s)

Add comment

Comments

From: Anonymous at: 2012-05-22 03:13:15

thank you very much!

From: trambinux at: 2012-07-23 01:57:27


Hi thanks for your howto, a little error here : /etc/vz/vz.conf :

  IPTABLES=".....iptable__mangle.....

 

must be

 IPTABLES="....iptable_mangle... 

 

From: at: 2012-08-03 21:28:38

Oh, what an ugly typo. Fixed now - thanks :)

From: at: 2013-07-06 18:34:56

You will need to install these two gems to add another server  to the mix in OpenVZ Web Panel, Just an fyi 

gem install net-ssh
gem install net-sftp 

From: at: 2013-07-09 21:09:18

Do you have any reference confirming that (e.g. an OVZ issue ticket)? The installer should handle everything itself and I never had to install additional gems to get things up and running. 
 
Please let me know so I can recheck. Thanks!
 
 edit: found this// https://code.google.com/p/ovz-web-panel/issues/detail?id=282#c5 -> no need to install the gems...if you need to, therefor something really wrong.

From: Jorge Quiterio at: 2014-05-22 01:52:51

On the 

http://ovz-web-panel.googlecode.com/svn/installer/ai.sh

Alter from ruby to ruby1.8 for ap-get -y install on the line 88

From: jokajinx@gmail.com at: 2014-08-05 12:27:52

  ************If you get ************ Setting up g++ (4:4.7.2-1) ...update-alternatives: using /usr/bin/g++ to provide /usr/bin/c++ (c++) in auto modeSetting up build-essential (11.5) ...Setting up libstdc++6-4.7-dev (4.7.2-5) ...Checking presence of the command: ruby Fatal error: Panel requires Ruby 1.8 (Ruby 1.9 is not supported).************Check version ************ruby -vruby 1.9.3p194 (2012-04-20 revision 35410) [i486-linux] dpkg -l | grep "ruby1.8"ii  libruby1.8                           1.8.7.358-7.1+deb7u1          i386         Libraries necessary to run Ruby 1.8ii  ruby1.8                              1.8.7.358-7.1+deb7u1          i386         Interpreter of object-oriented scripting language Ruby 1.8ii  ruby1.8-dev                          1.8.7.358-7.1+deb7u1          i386         Header files for compiling extension modules for the Ruby 1.8************You Fixed it with  ************ update-alternatives --config rubyThere are 2 choices for the alternative ruby (providing /usr/bin/ruby).  Selection    Path                Priority   Status------------------------------------------------------------* 0            /usr/bin/ruby1.9.1   51        auto mode  1            /usr/bin/ruby1.8     50        manual mode  2            /usr/bin/ruby1.9.1   51        manual modePress enter to keep the current choice[*], or type selection number: 1update-alternatives: using /usr/bin/ruby1.8 to provide /usr/bin/ruby (ruby) in manual mode

From: Yaroslav Halchenko at: 2012-05-22 02:56:45

Issue was fixed in 0.8.6 IIRC and present also in version in Debian stable 0.8.4-3+squeeze1: http://packages.debian.org/changelogs/pool/main/f/fail2ban/fail2ban_0.8.4-3+squeeze1/changelog

as of few days back

 

Enjoy

From: at: 2012-05-22 17:26:39

It should be said that its not a good idea to run both nameservers:

  • on the same server
  • in the same datacenter
  • in the same network

Outages will lead to severe issues. A DNS server doesn't eat up much resources so it can be put on a cheap VPS somewhere else.

From: lol at: 2012-05-28 13:41:23

Hi, May I suggest to you to correct the failregex: failregex = ^\[[^\]]*\]\s+\[error\]\s+\[client \] client denied by server configuration:\s As following: failregex = ^\[[^\]]*\]\s+\[error\]\s+\[client <HOST>\] client denied by server configuration:\s Because without it cause error in fail2ban: 2012-05-28 07:22:55,553 fail2ban.filter : ERROR No 'host' group in '^\[[^\]]*\]\s+\[error\]\s+\[client \] client denied by server configuration:\s'

From: at: 2012-06-23 10:20:40

Thanks for the hint, I fixed the typo.

 @Yaroslav thx too, removed that part :)

From: Alexandre at: 2012-07-19 01:49:00

First thing: Thank you for this guide, seems i get everything working!!! I wanna know if would be possible you add on this guide how to setup the horde mail, i followed this: http://www.howtoforge.com/install-horde-4-webmail-for-ispconfig-on-debian-squeeze-through-pear But only work if a do an second apache install on mailserver.... or if i join mailserver and webserver in one... I`m willing keep the setup of this guide with only one webserver, one mailserver, etc... Thanks in advice.