From 3a94180e026d9353d13522e8d04cb15b11dc2bb2 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Wed, 24 Feb 2010 13:38:44 +0000
Subject: [PATCH] - Added install instructions for debian 5.0 with dovecot and
 bind. - Improved debian installer.

---
 docs/INSTALL_DEBIAN_5.0_dovecot_bind.txt | 259 +++++++++++++++++++++++
 install/lib/installer_base.lib.php       |  12 ++
 2 files changed, 271 insertions(+)
 create mode 100644 docs/INSTALL_DEBIAN_5.0_dovecot_bind.txt

diff --git a/docs/INSTALL_DEBIAN_5.0_dovecot_bind.txt b/docs/INSTALL_DEBIAN_5.0_dovecot_bind.txt
new file mode 100644
index 000000000..08c04d9ad
--- /dev/null
+++ b/docs/INSTALL_DEBIAN_5.0_dovecot_bind.txt
@@ -0,0 +1,259 @@
+Installation
+-----------
+
+# It is recommended to use a clean (fresh) Debian lenny install where you just selected "Standard System" as the package selection during
+# setup. Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as texteditor, but you ofcourse
+# you can use whatever you prefer. You should be root for doing all of this.
+
+
+# Check we have Fully Qualified Domain Name
+
+/bin/hostname
+
+# it should return something like "ispconfig.example.com"
+# if not, then we assign a hostname (for example ispconfig):
+
+echo ispconfig.example.com > /etc/hostname
+
+vi /etc/hosts
+
+# and add lines similar but appropriate:
+
+127.0.0.1       localhost.localdomain   localhost
+192.168.0.100   ispconfig.example.com   ispconfig
+
+# Run:
+
+/etc/init.d/hostname.sh
+
+# Some optional choices
+
+opt0.1) Optionally install SSH-server to get remote shell
+
+apt-get install ssh openssh-server
+
+opt0.2) Optionally if you are not running in virtual machine you can set server clocksync via NTP. Virtual quests get this from the host.
+
+apt-get -y install ntp ntpdate
+
+opt0.3) Optionally if you want vi editor improvement
+
+apt-get -y install vim-nox
+
+
+# Next is the real deal
+
+1) Install Postfix, Dovecot, MySQL, phpMyAdmin, rkhunter, binutils with the following command line (on one line!):
+
+apt-get -y install postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d
+
+# Answer the questions from the package manager as follows.
+
+Create directories for web-based administration ? <-- No
+General type of configuration? <-- Internet site
+Mail name? <-- server1.mydomain.tld
+ SSL certificate required <-- Ok
+
+# ...use your own domain name of course ;)
+
+
+
+# Edit the file /etc/mysql/my.cnf
+
+vi /etc/mysql/my.cnf
+
+# and change the line:
+
+bind-address          = 127.0.0.1
+
+to:
+
+#bind-address          = 127.0.0.1
+
+# then restart mysql
+
+/etc/init.d/mysql restart
+
+2) Install Amavisd-new, Spamassassin and Clamav (1 line!):
+
+apt-get -y install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl
+
+
+3) Install apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
+
+apt-get -y install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
+
+
+# When phpMyAdmin is asking weather to configure itself automatically, select "Apache2"
+
+# Then run the following to enable the Apache modules suexec, rewrite and ssl:
+
+a2enmod suexec rewrite ssl actions include
+
+# restart apache before continuing
+
+/etc/init.d/apache2 restart
+ 
+
+4) Install pure-ftpd and quota
+
+apt-get -y install pure-ftpd-common pure-ftpd-mysql quota quotatool
+
+# Optional: Enable TLS in pureftpd
+echo 1 > /etc/pure-ftpd/conf/TLS
+mkdir -p /etc/ssl/private/
+openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/pure-ftpd.pem  -out /etc/ssl/private/pure-ftpd.pem
+chmod 600 /etc/ssl/private/pure-ftpd.pem 
+
+
+# Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to the partition with the mount point /):
+
+vi /etc/fstab
+
+----------------------------------------------------------------------------------------------
+# /etc/fstab: static file system information.
+#
+# <file system> <mount point>   <type>  <options>       <dump>  <pass>
+proc            /proc           proc    defaults        0       0
+/dev/sda1       /               ext3    errors=remount-ro,usrquota,grpquota 0       1
+/dev/sda5       none            swap    sw              0       0
+/dev/hda        /media/cdrom0   udf,iso9660 user,noauto     0       0
+/dev/fd0        /media/floppy0  auto    rw,user,noauto  0       0
+----------------------------------------------------------------------------------------------
+
+# To enable quota, run these commands:
+
+touch /quota.user /quota.group
+chmod 600 /quota.*
+mount -o remount /
+quotacheck -avugm
+quotaon -avug
+
+
+5) Install BIND DNS Server
+
+apt-get -y install bind9 dnsutils
+
+6) Install vlogger and webalizer
+
+apt-get -y install vlogger webalizer
+
+
+7) Install Jailkit (optional, only needed if you want to use chrroting for SSH users)
+
+apt-get -y install build-essential autoconf automake1.9 libtool flex bison debhelper
+cd /tmp
+wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
+tar xvfz jailkit-2.11.tar.gz
+cd jailkit-2.11
+./debian/rules binary
+cd ..
+dpkg -i jailkit_2.11-1_*.deb
+rm -rf jailkit-2.11*
+
+8) Install fail2ban (optional but recomended, because the monitor tries to show the log)
+More info at: http://www.howtoforge.com/fail2ban_debian_etch
+
+apt-get install fail2ban
+
+9) Install ISPConfig 3
+
+cd /tmp
+wget http://www.ispconfig.org/downloads/ISPConfig-3.0.2.tar.gz
+tar xvfz ISPConfig-3.0.2.tar.gz
+cd ispconfig3_install/install/
+
+# Now start the installation process by executing:
+
+php -q install.php
+
+# The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
+
+http://192.168.0.100:8080/
+
+# the default login is:
+
+user: admin
+password: admin
+
+# In case you get a permission denied error from apache, please restart the apache webserver process.
+
+
+
+----------------------------------------------------------------------------------------------------------
+Optional:
+
+Install a webbased Email Client
+
+apt-get install squirrelmail
+ln -s /usr/share/squirrelmail/ /var/www/webmail
+
+Access squirrelmail:
+
+http://192.168.0.100/webmail
+
+
+To configure squirrelmail, run:
+
+/usr/sbin/squirrelmail-configure
+
+----------------------------------------------------------------------------------------------------------
+
+Hints:
+
+debian 5.0 under openvz:
+
+VPSID=101
+for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE
+do
+  vzctl set $VPSID --capability ${CAP}:on --save
+done
+
+----------------------------------------------------------------------------------------------------------
+
+
+Optional recommended packages:
+
+denyhosts - a utility to help sys admins thwart ssh crackers
+rsync - fast remote file copy program (for backup)
+
+-----------------------------------------------------------------------------------------------------------
+
+Ispc log files rotate, for now manual add but to add in ispc installer:
+
+/etc/logrotate.d/logispc3
+
+/var/log/ispconfig/ispconfig.log {
+	weekly
+	missingok
+	rotate 4
+	compress
+	delaycompress
+}
+/var/log/ispconfig/cron.log {
+	weekly
+	missingok
+	rotate 4
+	compress
+	delaycompress
+}
+
+
+-----------------------------------------------------------------------------------------------------------
+
+Possible errors and their solutions
+------------------------------------
+
+pureftpd login does not work. Take a look at the syslog, if you find an error message like this:
+Mar 24 16:26:28 ispconfig pure-ftpd: (?@?) [ERROR] Sorry, invalid address given
+
+then pureftpd is not able to resolve the hostname. Name resolving can be disabled with these commands:
+
+echo 'yes' > /etc/pure-ftpd/conf/DontResolve
+/etc/init.d/pure-ftpd-mysql restart
+
+
+
+
+
+
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index ba8b22423..42b27b0f9 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -834,6 +834,18 @@ class installer_base {
 		//exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone');
 		exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone');
 		exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility');
+		
+		if(is_file('/etc/default/pure-ftpd-common')) {
+			replaceLine('/etc/default/pure-ftpd-common','STANDALONE_OR_INETD=inetd','STANDALONE_OR_INETD=standalone',1,0);
+			replaceLine('/etc/default/pure-ftpd-common','VIRTUALCHROOT=false','VIRTUALCHROOT=true',1,0);
+		}
+		
+		if(is_file('/etc/inetd.conf')) {
+			replaceLine('/etc/inetd.conf','ftp     stream  tcp     nowait  root    /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper','#ftp     stream  tcp     nowait  root    /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper',1,0);
+			if(is_file('/etc/init.d/openbsd-inetd')) exec('/etc/init.d/openbsd-inetd restart');
+		}
+		
+		if(!is_file('/etc/pure-ftpd/conf/DontResolve')) exec("echo 'yes' > /etc/pure-ftpd/conf/DontResolve");
 	}
 	
 	public function configure_mydns()
-- 
GitLab