...
 
Commits (146)

Too many changes to show.

To preserve performance only 1000 of 1000+ files are displayed.

......@@ -23,7 +23,7 @@ Server
Mail module
--------------------------------------
- Show mail statistics in the interface. the mail statistics are stored
- Show mail statistics in the interface. The mail statistics are stored
in the database table mail_traffic and are collected by the file
server/cron_daily.php
......@@ -41,7 +41,7 @@ Administration module
--------------------------------------
- Add a firewall configuration form. Any suggestions for a good firewall
script that runs on many linux distributions, or shall we stay with bastille
script that runs on many Linux distributions, or shall we stay with Bastille
firewall that is used in ISPConfig 2?
......@@ -75,7 +75,7 @@ Remoting framework
Interface
--------------------------------------
- Enhance the list function to allow soorting by column
- Enhance the list function to allow sorting by column
- Enhance the paging in lists (e.g. like this: [1 2 3 4 ... 10])
- Use graphical Icons in the lists for on / off columns.
- Add a graphical delete button to the lists.
......
......@@ -5,18 +5,18 @@
# dxr@brutalsec.net
# 01-09-2009
#
# We can create a script for configure chroot enviroment but,
# We can create a script for configure chroot environment but,
# YOU MUST UNDERSTAND HOW TO WORK IT for can solve possible
# problems in the future.
#
# Every service has its own chroot enviroment:
# Every service has its own chroot environment:
# BIND -> chroot
# Apache -> chroot
# Dovecot -> chroot
# Pureftpd -> Apache's chroot
#
# Only apache and php packages aren't installed in real system,
# only in chroot enviroment with symbolic links from real system.
# only in chroot environment with symbolic links from real system.
#
# PLEASE, CONFIGURE CHROOT ENVIROMENT IF SECURITY IS REALLY
# IMPORTANT FOR YOU AND YOU KNOWN HOW TO WORK IT!
......@@ -24,10 +24,10 @@
exit 1
1. BACKUP before change something in the system
1. BACKUP before changing anything on the system
2. Create partitions
3. Remove possible apache or php installations on real system
4. Prepair Chroot enviroment
3. Remove possible Apache or PHP installations on real system
4. Prepare Chroot environment
5. Linking Webserver aplication from real system
6. mini_sendmail
7. Test services
......@@ -35,8 +35,8 @@ exit 1
9. Migration
1. BACKUP before change something in the system
# If is not a new instalation, then
1. BACKUP before changing anything on the system
# If is not a new installation, then
BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
......@@ -62,12 +62,12 @@ mount /dev/lvm_foobar2/apachelogs_lv /var/www/html/var/log/apache2
mount /dev/lvm_foobar3/hosting_lv /var/www/html/var/www/html
3. Remove possible apache or php installations on real system
# We never wont install apache or php in non-chroot system, if we have installed, we only have do a backup of confgigurations, uninstall, and check every simbolic link
3. Remove possible Apache or PHP installations on real system
# We never wont install apache or php in non-chroot system, if we have installed, we only have do a backup of configurations, uninstall, and check every symbolic link
dpkg -l|egrep --color -i 'apache|php'
4. Prepair Chroot enviroment
4. Prepare Chroot environment
# Install packages in real system
apt-get install debootstrap libpcre3 libaprutil1 libxml2 mime-support patch make gcc mysql-server subversion ssh openssh-server ntp ntpdate vim libdbd-mysql libdbi-perl dnsutils
......@@ -128,7 +128,7 @@ chown root:root /var/www/html/etc/apache2/ && chmod 700 /var/www/html/etc/apache
chmod 711 /var/www/html/etc/php5/
5. # Is good idea to add nagios alarm for check every simbolic link is correct.
5. # Is good idea to add Nagios alarm for check every symbolic link is correct.
ln -s /var/www/html/etc/apache2 /etc/apache2
ln -s /var/www/html/etc/suphp /etc/suphp
ln -s /var/www/html/var/run/apache2 /var/run/apache2
......
......@@ -162,6 +162,18 @@ tar xvfz vlogger-1.3.tar.gz
mv vlogger-1.3/vlogger /usr/sbin/
rm -rf vlogger*
Edit the file /etc/sudoers
vi /etc/sudoers
and change the line:
Defaults requiretty
to:
# Defaults requiretty
7) Install ISPConfig 3
Disable the firewall:
......@@ -193,7 +205,7 @@ Now start the installation process by executing:
php -q install.php
The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not necessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
http://192.168.0.100:8080/
......
......@@ -191,6 +191,18 @@ make
make install
rm -rf jailkit-2.11*
Edit the file /etc/sudoers
vi /etc/sudoers
and change the line:
Defaults requiretty
to:
# Defaults requiretty
7) Install ISPConfig 3
......@@ -204,7 +216,7 @@ Now start the installation process by executing:
php -q install.php
The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not necessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
http://192.168.0.100:8080/
......
......@@ -167,7 +167,7 @@ Now start the installation process by executing:
php -q install.php
The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not necessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
http://192.168.0.100:8080/
......@@ -211,4 +211,4 @@ done
Optional packages recommended:
denyhosts - a utility to help sys admins thwart ssh crackers
rsync - fast remote file copy program (for backup)
\ No newline at end of file
rsync - fast remote file copy program (for backup)
Installation
-------------
-----------
# It is recommended to use a clean (fresh) Debian lenny install where you just selected "Standard System" as the package selection during
# setup. Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as texteditor, but you ofcourse
# It is recommended to use a clean (fresh) Debian Lenny install where you just selected "Standard System" at the package selection during
# setup (tasksel). Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as text editor, but
# you can use whatever you prefer. You should be root for doing all of this.
......@@ -14,7 +14,6 @@
# if not, then we assign a hostname (for example ispconfig):
echo ispconfig.example.com > /etc/hostname
/etc/init.d/hostname.sh
vi /etc/hosts
......@@ -27,21 +26,20 @@ vi /etc/hosts
/etc/init.d/hostname.sh
# enable the Debian volaitile repository to get a newer clamav version
# enable the Debian Volatile repository to get an updated ClamAV version
echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list
echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list.d/volatile.list
apt-get update
# Some optional choices
opt0.1) Optionally install SSH-server to get remote shell
apt-get install ssh openssh-server
apt-get install openssh-server
opt0.2) Optionally if you are not running in virtual machine you can set server clocksync via NTP. Virtual quests get this from the host.
opt0.2) Optionally, if you are not running inside a virtual machine, you can set server clocksync via NTP. Virtual guests get this from the host.
apt-get install ntp ntpdate
apt-get -y install ntp ntpdate
opt0.3) Optionally if you want vi editor improvement
......@@ -81,7 +79,7 @@ to:
/etc/init.d/mysql restart
2) Install Amavisd-new, Spamassassin and Clamav (1 line!):
2) Install Amavisd-new, Spamassassin and ClamAV (1 line!):
apt-get -y install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl sudo
......@@ -116,22 +114,22 @@ mkpop3dcert
/etc/init.d/courier-pop-ssl restart
3) Install apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
3) Install Apache, PHP5, PhpMyAdmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
apt-get -y install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-ruby
# When phpMyAdmin is asking weather to configure itself automatically, select "Apache2"
# When phpMyAdmin is asking wether to configure itself automatically, select "Apache2"
# Then run the following to enable the Apache modules suexec, rewrite and ssl:
a2enmod suexec rewrite ssl actions include ruby
# If you want to use webdav then run the following to enable the Apache webdav modules:
# If you want to use WebDAV then run the following to enable the Apache webdav modules:
a2enmod dav_fs dav auth_digest
# restart apache before continuing
# restart Apache before continuing
/etc/init.d/apache2 restart
......@@ -140,7 +138,7 @@ a2enmod dav_fs dav auth_digest
apt-get -y install pure-ftpd-common pure-ftpd-mysql quota quotatool
# Enable TLS in pureftpd
# Optional: Enable TLS in pureftpd
echo 1 > /etc/pure-ftpd/conf/TLS
mkdir -p /etc/ssl/private/
openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
......@@ -171,7 +169,7 @@ quotacheck -avugm
quotaon -avug
5) Install mydns
5) Install MyDNS
apt-get install g++ libc6 gcc gawk make texinfo libmysqlclient15-dev
......@@ -266,12 +264,12 @@ update-rc.d mydns defaults
6) Install vlogger and webalizer
apt-get install vlogger webalizer
apt-get -y install vlogger webalizer
7) Install Jailkit (optional, only needed if you want to use chrroting for SSH users)
7) Install Jailkit (optional, only needed if you want to use chrooting for SSH users)
apt-get install build-essential autoconf automake1.9 libtool flex bison debhelper
apt-get -y install build-essential autoconf automake1.9 libtool flex bison debhelper
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
tar xvfz jailkit-2.11.tar.gz
......@@ -284,7 +282,7 @@ rm -rf jailkit-2.11*
8) Install fail2ban (optional but recomended, because the monitor tries to show the log)
More info at: http://www.howtoforge.com/fail2ban_debian_etch
apt-get install fail2ban
apt-get -y install fail2ban
9) Install ISPConfig 3
......@@ -297,7 +295,7 @@ cd ispconfig3_install/install/
php -q install.php
# The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
# The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not necessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
http://192.168.0.100:8080/
......
Installation
-----------
-------------
# It is recommended to use a clean (fresh) Debian lenny install where you just selected "Standard System" as the package selection during
# setup. Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as texteditor, but you ofcourse
# It is recommended to use a clean (fresh) Debian Lenny install where you just selected "Standard System" at the package selection during
# setup (tasksel). Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as text editor, but
# you can use whatever you prefer. You should be root for doing all of this.
......@@ -26,18 +26,18 @@ vi /etc/hosts
/etc/init.d/hostname.sh
# enable the Debian volaitile repository to get a newer clamav version
# enable the Debian Volatile repository to get an updated ClamAV version
echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list
echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list.d/volatile.list
apt-get update
# Some optional choices
opt0.1) Optionally install SSH-server to get remote shell
apt-get install ssh openssh-server
apt-get install openssh-server
opt0.2) Optionally if you are not running in virtual machine you can set server clocksync via NTP. Virtual quests get this from the host.
opt0.2) Optionally, if you are not running inside a virtual machine, you can set server clocksync via NTP. Virtual guests get this from the host.
apt-get -y install ntp ntpdate
......@@ -79,27 +79,27 @@ to:
/etc/init.d/mysql restart
2) Install Amavisd-new, Spamassassin and Clamav (1 line!):
2) Install Amavisd-new, Spamassassin and ClamAV (1 line!):
apt-get -y install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl
3) Install apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
3) Install Apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
apt-get -y install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-ruby
# When phpMyAdmin is asking weather to configure itself automatically, select "Apache2"
# When phpMyAdmin is asking wether to configure itself automatically, select "Apache2"
# Then run the following to enable the Apache modules suexec, rewrite and ssl:
a2enmod suexec rewrite ssl actions include ruby
# If you want webdav then run the following to enable the Apache webdav modules:
# If you want to use WebDAV then run the following to enable the Apache webdav modules:
a2enmod dav_fs a2enmod dav auth_digest
a2enmod dav_fs dav auth_digest
# restart apache before continuing
# restart Apache before continuing
/etc/init.d/apache2 restart
......@@ -145,20 +145,23 @@ apt-get -y install bind9 dnsutils
6) Install vlogger and webalizer
apt-get -y install vlogger webalizer
apt-get -y install vlogger webalizer awstats
mkdir /usr/share/awstats/tools
cp -prf /usr/share/doc/awstats/examples/awstats_buildstaticpages.pl /usr/share/awstats/tools/awstats_buildstaticpages.pl
7) Install Jailkit (optional, only needed if you want to use chrroting for SSH users)
7) Install Jailkit (optional, only needed if you want to use chrooting for SSH users)
apt-get -y install build-essential autoconf automake1.9 libtool flex bison debhelper
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
tar xvfz jailkit-2.11.tar.gz
cd jailkit-2.11
wget http://olivier.sessink.nl/jailkit/jailkit-2.12.tar.gz
tar xvfz jailkit-2.12.tar.gz
cd jailkit-2.12
./debian/rules binary
cd ..
dpkg -i jailkit_2.11-1_*.deb
rm -rf jailkit-2.11*
dpkg -i jailkit_2.12-1_*.deb
rm -rf jailkit-2.12*
8) Install fail2ban (optional but recomended, because the monitor tries to show the log)
More info at: http://www.howtoforge.com/fail2ban_debian_etch
......@@ -168,15 +171,15 @@ apt-get -y install fail2ban
9) Install ISPConfig 3
cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3.0.2.tar.gz
tar xvfz ISPConfig-3.0.2.tar.gz
wget http://www.ispconfig.org/downloads/ISPConfig-3.0.2.2.tar.gz
tar xvfz ISPConfig-3.0.2.2.tar.gz
cd ispconfig3_install/install/
# Now start the installation process by executing:
php -q install.php
# The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
# The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not necessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
http://192.168.0.100:8080/
......
......@@ -12,7 +12,8 @@ a2enmod suexec rewrite ssl actions include
# If you want webdav then run the following to enable the Apache webdav modules:
a2enmod dav_fs a2enmod dav auth_digest
a2enmod dav_fs
a2enmod dav auth_digest
apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool
......@@ -27,7 +28,10 @@ STANDALONE_OR_INETD=standalone
VIRTUALCHROOT=true
[...]
apt-get install vlogger webalizer
apt-get install vlogger webalizer awstats
mkdir /usr/share/awstats/tools
cp -prf /usr/share/doc/awstats/examples/awstats_buildstaticpages.pl /usr/share/awstats/tools/awstats_buildstaticpages.pl
apt-get install gcc make
......
Installation
-----------
-------------
# It is recommended to use a clean (fresh) Debian Squeeze install where you just selected "Standard System" as the package selection during
# setup. Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as texteditor, but you ofcourse