=============================================================================== Installation =============================================================================== It is recommended to use a clean (fresh) Ubuntu 8.04 LTS install where you selected no additional packages or servers during setup. Then follow the steps below to setup your server with ISPConfig 3: 1) Prepare your OS ******************************************************************************* Become root user by executing: ___ sudo su ___ and entering the password of the user that you created during setup. Edit the file /etc/apt/sources.list and comment out the line beginning with "deb cdrom:....", then run: ___ apt-get update apt-get -u upgrade ___ 1.1) Change The Default Shell ******************************************************************************* There are alway Shell-Scripts which are not POSIX-compatible and only run when using BASH instead of DASH! ___ sudo dpkg-reconfigure dash <-- ANSWER WITH: No ___ 1.1) Install some software ******************************************************************************* ___ apt-get install wget ___ 2) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin ******************************************************************************* (1 line!) ___ apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl maildrop getmail4 ___ Answer the questions from the package manager as follows. Enter the mysql root password. <-- Enter your mysql-root Password Create directories for web-based administration ? <-- No General type of configuration? <-- Internet site Mail name? <-- server1.mydomain.tld SSL certificate required <-- Ok ... use your own domain name of course ;) Authentication will be done by saslauthd. We have to change a few things to make it work properly. Because Postfix runs chrooted in /var/spool/postfix we have to do the following: ___ echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf mkdir -p /var/spool/postfix/var/run/saslauthd chmod 4755 /var/run/courier/authdaemon ___ Now we have to edit /etc/default/saslauthd in order to activate saslauthd. Set ### START=yes ### and change the line OPTIONS="-c -m /var/run/saslauthd" to ### OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r" ### Next add the postfix user to the sasl group (this makes sure that Postfix has the permission to access saslauthd): ___ adduser postfix sasl ___ Now restart Postfix and start saslauthd: ___ /etc/init.d/postfix restart /etc/init.d/saslauthd start ___ 3) Install Amavisd-new, Spamassassin and Clamav ******************************************************************************* (1 line!) ___ apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl ___ 4) Install apache, PHP5 and phpmyadmin ******************************************************************************* (1 line!) ___ apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli ___ Then run the following to enable the Apache modules: ___ a2enmod suexec a2enmod rewrite a2enmod ssl a2enmod include a2enmod actions a2enmod headers ___ 4.1) Optional: Install SuPHP ******************************************************************************* ___ apt-get install libapache2-mod-suphp vi /etc/suphp/suphp.conf ___ set docroot to: ### docroot=/var/clients ### Change: application/x-httpd-php=php:/usr/bin/php-cgi to: ### x-httpd-php=php:/usr/bin/php-cgi ### 4.2) Optional: Install Fast-CGI ******************************************************************************* ___ apt-get install libapache2-mod-fcgid ___ 5) Install pure-ftpd and quota ******************************************************************************* ___ apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool echo 'yes' > /etc/pure-ftpd/conf/DontResolve ___ 6) Install mydns ******************************************************************************* ___ apt-get install g++ libc6 gcc gawk make texinfo libmysqlclient15-dev cd /tmp wget http://heanet.dl.sourceforge.net/sourceforge/mydns-ng/mydns-1.2.8.15.tar.gz tar xvfz mydns-1.2.8.15.tar.gz cd mydns-1.2.8 ./configure make make install ___ Now create the start / stop script for mydns: ___ vi /etc/init.d/mydns ___ and enter the following lines (between the "---"-lines): ------------------------------------------------------------------------------- #! /bin/bash # # mydns Start the MyDNS server # # Author: Philipp Kern . # Based upon skeleton 1.9.4 by Miquel van Smoorenburg # and Ian Murdock . # ### BEGIN INIT INFO # Provides: MyDNS # Required-Start: $syslog # Should-Start: # Required-Stop: # Should-Stop: # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: MyDNS Server # Description: MyDNS DNS Server ### END INIT INFO set -e PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/local/sbin/mydns NAME=mydns DESC="DNS server" SCRIPTNAME=/etc/init.d/$NAME # Gracefully exit if the package has been removed. test -x $DAEMON || exit 0 case "$1" in start) echo -n "Starting $DESC: $NAME" start-stop-daemon --start --quiet \ --exec $DAEMON -- -b echo "." ;; stop) echo -n "Stopping $DESC: $NAME" start-stop-daemon --stop --oknodo --quiet \ --exec $DAEMON echo "." ;; reload|force-reload) echo -n "Reloading $DESC configuration ..." start-stop-daemon --stop --signal HUP --quiet \ --exec $DAEMON echo "done." ;; restart) echo -n "Restarting $DESC: $NAME" start-stop-daemon --stop --quiet --oknodo \ --exec $DAEMON sleep 1 start-stop-daemon --start --quiet \ --exec $DAEMON -- -b echo "." ;; *) echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 exit 1 ;; esac exit 0 ------------------------------------------------------------------------------- now execute: ___ chmod +x /etc/init.d/mydns update-rc.d mydns defaults ___ 7) Install vlogger, webalizer and firewall ******************************************************************************* ___ apt-get install vlogger webalizer bastille ___ 7.1) OPTIONAL: Installing Jailkit ******************************************************************************* ___ apt-get install build-essential autoconf automake1.9 libtool flex bison cd /tmp wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz tar xvfz jailkit-2.5.tar.gz cd jailkit-2.5 ./configure make make install ___ 8) Install ISPConfig 3 ******************************************************************************* There are two possile scenarios a) or b), but not both: a) Installation of beta 3 ___ cd /tmp wget http://www.ispconfig.org/downloads/ISPConfig-3.0.0.9-rc2.tar.gz tar xvfz ISPConfig_3.0.0.9-rc2.tar.gz cd ispconfig3_install/install/ ___ b) Installation from SVN ___ apt-get install subversion cd /tmp svn export svn://svn.ispconfig.org/ispconfig3/trunk/ cd trunk/install ___ after a) or b) proceed with the ISPConfig installation. Now start the installation process by executing: ___ php -q install.php ___ The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not necessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!): http://server1.mydomain.tld:8080/ the default login is: user: admin password: admin In case you get a permission denied error from apache, please restart the apache webserver process. 8) Further Configuration-Tips ******************************************************************************* 8.1) Apache ******************************************************************************* edit /etc/apache2/sites-available/default change the first lines to match your system. Replace 0.0.0.0 with your IP. Change Document root to /var/www/apache2-default/ This directory is now the standard-hompage for your Server. ### NameVirtualHost 0.0.0.0:80 ServerAdmin webmaster@localhost DocumentRoot /var/www/apache2-default/ ### 8.2) Postfix - Aliases ******************************************************************************* change /etc/aliases ### # See man 5 aliases for format postmaster: root clamav: root root: webmaster@yourdomain.tld ### Then run: ___ newaliases ___ 8.3) Php.ini ******************************************************************************* I changed the following in the php.ini-Files in the following directorys: /etc/php5/apache2/ /etc/php5/cgi/ /etc/php5/cli/ It is important to search the following parameters in the php.ini and replace them!!! Don't just copy the whole stuff to the end of the file. ### memory_limit = 64M ; Maximum amount of memory a script may consume (16MB) display_errors = Off log_errors = On upload_max_filesize = 32M allow_url_fopen = On allow_url_include = On date.timezone = Europe/Berlin extension = imap.so extension = mcrypt.so ;Typo3 fast-cgi PHP5 bug fix cgi.fix_pathinfo = 0 ### add to the end of the file: ### [htscanner] Extension = "htscanner.so" config_file = ".htaccess" default_docroot = "/var/www" ### 9) Additional Software ******************************************************************************* 9.1) NTP, Denyhosts ******************************************************************************* __ apt-get install ntp denyhosts __ in /etc/ntp.conf replace the server-line with: ### server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org ### 9.2) Typo3 - typo3.org ******************************************************************************* ___ apt-get install imagemagick php5-gd php5-imagick gs gs-esp ___ There is a bug in the php5-library under Ubuntu 8.04. You can fix it by changing "cgi.fix_pathinfo = 0" in the php.ini. Look at 8.4). 10.2) Horde (Webmail) - horde.org ******************************************************************************* First of all, install the horde3 and Imp4 packages (Ubuntu/Debian) ___ apt-get install horde3 imp4 gollem kronolith2 mnemo2 nag2 turba2 pear install --onlyreqdeps Log Mail Mail_Mime MDB2 File Date ___ It is then necessary to setup an Alias for Apache. If you want horde only on single pages, that are created with ispc3: Add the following line to ISPConfig->Sites->Web Domain->Options->Apache directives If you want to access webmail on all pages add the following line to /etc/apache2/apache2.conf ### Alias /horde3 /usr/share/horde3 ### Allow Apache to write horde configuration files : ___ chown -R www-data:www-data /etc/horde ___ Important parameters to change are (in Horde setup) : ### Horde URL (change it to /horde3) Enable Database Access. Do Not use MySQL Improved (4+), my attempts at using it failed. MySQL Standard runs fine however Enable Authentication. I recommend IMAP authentication (something like {localhost:143/imap/notls}. Do not forget the /notls, not specifying failed on my setup). Also make sure to add your username to the list of Administrators, otherwise, you won’t have access to horde/imp4 parameters. Using anything else than IMAP seeemed to fail on my setup Generate the configuration Horde should now be setup. You now have to configure imp4 generate a configuration using the horde administration panel modify the /etc/horde/imp4/servers.php file. Instruction are given inside the file concerning the syntax. If you run Courier-IMAP, and want Imp to automatically authenticate using horde credentials : $servers[’imap’] = array( ‘name’ => ‘IMAP Server’, ’server’ => ‘localhost’, ‘hordeauth’ => true, ‘protocol’ => ‘imap/notls’, ‘port’ => 143, ‘folders’ => ‘INBOX.’, ‘namespace’ => ‘’, ‘maildomain’ => ‘domain.com’, ’smtphost’ => ‘localhost’, ’smtpport’ => 25, ‘realm’ => ‘’, ‘preferred’ => ‘’, ‘dotfiles’ => false, ‘hierarchies’ => array() ); ### 11) have fun and drink a cup of coffee ******************************************************************************* :-)