From a3c6057c9896381f5cd5949fe6f46fcdfce096e6 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 24 Mar 2009 15:41:53 +0000
Subject: [PATCH] Updated debian installation instructions.
---
docs/INSTALL_DEBIAN_5.0.txt | 697 ++++++++++++++++++------------------
1 file changed, 358 insertions(+), 339 deletions(-)
diff --git a/docs/INSTALL_DEBIAN_5.0.txt b/docs/INSTALL_DEBIAN_5.0.txt
index f3923edcc5..8fefe07bad 100644
--- a/docs/INSTALL_DEBIAN_5.0.txt
+++ b/docs/INSTALL_DEBIAN_5.0.txt
@@ -1,339 +1,358 @@
-Installation
------------
-
-# It is recommended to use a clean (fresh) Debian lenny install where you just selected "Standard System" as the package selection during
-# setup. Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as texteditor, but you ofcourse
-# you can use whatever you prefer. You should be root for doing all of this.
-
-
-# Check we have Fully Qualified Domain Name
-
-/bin/hostname
-
-# it should return something like "ispconfig.example.com"
-# if not, then we assign a hostname (for example ispconfig):
-
-echo ispconfig.example.com > /etc/hostname
-
-vi /etc/hosts
-
-# and add lines similar but appropriate:
-
-127.0.0.1 localhost.localdomain localhost
-192.168.0.100 ispconfig.example.com ispconfig
-
-
-
-# Some optional choices
-
-opt0.1) Optionally install SSH-server to get remote shell
-
-apt-get install ssh openssh-server
-
-opt0.2) Optionally if you are not running in virtual machine you can set server clocksync via NTP. Virtual quests get this from the host.
-
-apt-get install ntp ntpdate
-
-
-
-# Next is the real deal
-
-1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils with the following command line (on one line!):
-
-apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4 rkhunter binutils
-
-# Answer the questions from the package manager as follows.
-
-Create directories for web-based administration ? <-- No
-General type of configuration? <-- Internet site
-Mail name? <-- server1.mydomain.tld
- SSL certificate required <-- Ok
-
-# ...use your own domain name of course ;)
-
-
-
-# Edit the file /etc/mysql/my.cnf
-
-vi /etc/mysql/my.cnf
-
-# and comment out the line
-
-bind-address = 127.0.0.1
-
-# then restart mysql
-
-/etc/init.d/mysql restart
-
-2) Install Amavisd-new, Spamassassin and Clamav (1 line!):
-
-apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl
-
-
-
-3) Install apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
-
-apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
-
-
-# When phpMyAdmin is asking weather to configure itself automatically, select "Apache2"
-
-# Then run the following to enable the Apache modules suexec, rewrite and ssl:
-
-a2enmod suexec rewrite ssl actions include
-
-# Secure phpMyAdmin by deleting setuppassword-file
-# and removing/commenting Setup Authorization from apache.conf
-
-rm /etc/phpmyadmin/htpasswd.setup
-
-vi /etc/phpmyadmin/apache.conf
-
-# delete/comment following lines (between the ----- lines):
-------------------------------------------------------
- # Authorize for setup
- <Files setup.php>
- # For Apache 1.3 and 2.0
- <IfModule mod_auth.c>
- AuthType Basic
- AuthName "phpMyAdmin Setup"
- AuthUserFile /etc/phpmyadmin/htpasswd.setup
- </IfModule>
- # For Apache 2.2
- <IfModule mod_authn_file.c>
- AuthType Basic
- AuthName "phpMyAdmin Setup"
- AuthUserFile /etc/phpmyadmin/htpasswd.setup
- </IfModule>
- Require valid-user
- </Files>
-------------------------------------------------------
-
-# restart apache before continuing
-
-/etc/init.d/apache2 restart
-
-
-4) Install pure-ftpd and quota
-
-apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool
-
-# Edit the file /etc/default/pure-ftpd-common to change the start mode from "inetd" to "standalone"
-and set VIRTUALCHROOT=true
-
-vi /etc/default/pure-ftpd-common
-
-# Edit the file /etc/inetd.conf to prevent inetd from trying to start ftp.
-# To do this, comment line starting like "ftp stream tcp" by adding "#"-sign in front of the line.
-
-vi /etc/inetd.conf
-
-# Then execute:
-
-/etc/init.d/openbsd-inetd restart
-
-
-# Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to the partition with the mount point /):
-
-vi /etc/fstab
-
-----------------------------------------------------------------------------------------------
-# /etc/fstab: static file system information.
-#
-# <file system> <mount point> <type> <options> <dump> <pass>
-proc /proc proc defaults 0 0
-/dev/sda1 / ext3 errors=remount-ro,usrquota,grpquota 0 1
-/dev/sda5 none swap sw 0 0
-/dev/hda /media/cdrom0 udf,iso9660 user,noauto 0 0
-/dev/fd0 /media/floppy0 auto rw,user,noauto 0 0
-----------------------------------------------------------------------------------------------
-
-# To enable quota, run these commands:
-
-touch /quota.user /quota.group
-chmod 600 /quota.*
-mount -o remount /
-quotacheck -avugm
-quotaon -avug
-
-
-5) Install mydns
-
-apt-get install g++ libc6 gcc gawk make texinfo libmysqlclient15-dev
-
-cd /tmp
-wget http://heanet.dl.sourceforge.net/sourceforge/mydns-ng/mydns-1.2.8.25.tar.gz
-tar xvfz mydns-1.2.8.25.tar.gz
-cd mydns-1.2.8
-./configure
-make
-make install
-
-# Now create the start / stop script for mydns:
-
-vi /etc/init.d/mydns
-
-# and enter the following lines (between the ----- lines):
-
-------------------------------------------------------
-#! /bin/sh
-#
-# mydns Start the MyDNS server
-#
-# Author: Philipp Kern <phil@philkern.de>.
-# Based upon skeleton 1.9.4 by Miquel van Smoorenburg
-# <miquels@cistron.nl> and Ian Murdock <imurdock@gnu.ai.mit.edu>.
-#
-
-set -e
-
-PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
-DAEMON=/usr/local/sbin/mydns
-NAME=mydns
-DESC="DNS server"
-
-SCRIPTNAME=/etc/init.d/$NAME
-
-# Gracefully exit if the package has been removed.
-test -x $DAEMON || exit 0
-
-case "$1" in
- start)
- echo -n "Starting $DESC: $NAME"
- start-stop-daemon --start --quiet \
- --exec $DAEMON -- -b
- echo "."
- ;;
- stop)
- echo -n "Stopping $DESC: $NAME"
- start-stop-daemon --stop --oknodo --quiet \
- --exec $DAEMON
- echo "."
- ;;
- reload|force-reload)
- echo -n "Reloading $DESC configuration..."
- start-stop-daemon --stop --signal HUP --quiet \
- --exec $DAEMON
- echo "done."
- ;;
- restart)
- echo -n "Restarting $DESC: $NAME"
- start-stop-daemon --stop --quiet --oknodo \
- --exec $DAEMON
- sleep 1
- start-stop-daemon --start --quiet \
- --exec $DAEMON -- -b
- echo "."
- ;;
- *)
- echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
- exit 1
- ;;
-esac
-
-exit 0
----------------------------------------------------------------------------
-
-# now execute:
-
-chmod +x /etc/init.d/mydns
-update-rc.d mydns defaults
-
-6) Install vlogger and webalizer
-
-apt-get install vlogger webalizer
-
-7) Install Jailkit (optional, only needed if you want to use chrroting for SSH users)
-
-apt-get install build-essential autoconf automake1.9 libtool flex bison
-cd /tmp
-wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz
-tar xvfz jailkit-2.5.tar.gz
-cd jailkit-2.5
-./configure
-make
-make install
-cd ..
-rm -rf jailkit-2.5*
-
-8) Install fail2ban (optional but recomended, because the monitor tries to show the log)
-More info at: http://www.howtoforge.com/fail2ban_debian_etch
-
-apt-get install fail2ban
-
-9) Install ISPConfig 3
-
-# There are two possile scenarios, but not both:
-9.1) Install the latest released version
-9.2) Install directly from SVN
-
-9.1) Installation of last version from tar.gz
-
- cd /tmp
- wget http://www.ispconfig.org/downloads/ISPConfig-3.0.0.9-rc2.tar.gz
- tar xvfz ISPConfig-3.0.0.9-rc2.tar.gz
- cd ispconfig3_install/install/
-
-9.2) Installation from SVN
-
- apt-get install subversion
- cd /tmp
- svn export svn://svn.ispconfig.org/ispconfig3/trunk/
- cd trunk/install
-
-
-9.1+9.2) Now proceed with the ISPConfig installation.
-
-# Now start the installation process by executing:
-
-php -q install.php
-
-# The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
-
-http://192.168.0.100:8080/
-
-# the default login is:
-
-user: admin
-password: admin
-
-# In case you get a permission denied error from apache, please restart the apache webserver process.
-
-
-
-----------------------------------------------------------------------------------------------------------
-Optional:
-
-Install a webbased Email Client
-
-apt-get install squirrelmail
-ln -s /usr/share/squirrelmail/ /var/www/webmail
-
-Access squirrelmail:
-
-http://192.168.0.100/webmail
-
-
-To configure squirrelmail, run:
-
-/usr/sbin/squirrelmail-configure
-
-----------------------------------------------------------------------------------------------------------
-
-Hints:
-
-debian 5.0 under openvz:
-
-VPSID=101
-for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE
-do
- vzctl set $VPSID --capability ${CAP}:on --save
-done
-
-----------------------------------------------------------------------------------------------------------
-
-
-Optional recommended packages:
-
-denyhosts - a utility to help sys admins thwart ssh crackers
-rsync - fast remote file copy program (for backup)
\ No newline at end of file
+Installation
+-----------
+
+# It is recommended to use a clean (fresh) Debian lenny install where you just selected "Standard System" as the package selection during
+# setup. Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as texteditor, but you ofcourse
+# you can use whatever you prefer. You should be root for doing all of this.
+
+
+# Check we have Fully Qualified Domain Name
+
+/bin/hostname
+
+# it should return something like "ispconfig.example.com"
+# if not, then we assign a hostname (for example ispconfig):
+
+echo ispconfig.example.com > /etc/hostname
+
+vi /etc/hosts
+
+# and add lines similar but appropriate:
+
+127.0.0.1 localhost.localdomain localhost
+192.168.0.100 ispconfig.example.com ispconfig
+
+
+
+# Some optional choices
+
+opt0.1) Optionally install SSH-server to get remote shell
+
+apt-get install ssh openssh-server
+
+opt0.2) Optionally if you are not running in virtual machine you can set server clocksync via NTP. Virtual quests get this from the host.
+
+apt-get install ntp ntpdate
+
+
+
+# Next is the real deal
+
+1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils with the following command line (on one line!):
+
+apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4 rkhunter binutils
+
+# Answer the questions from the package manager as follows.
+
+Create directories for web-based administration ? <-- No
+General type of configuration? <-- Internet site
+Mail name? <-- server1.mydomain.tld
+ SSL certificate required <-- Ok
+
+# ...use your own domain name of course ;)
+
+
+
+# Edit the file /etc/mysql/my.cnf
+
+vi /etc/mysql/my.cnf
+
+# and comment out the line
+
+bind-address = 127.0.0.1
+
+# then restart mysql
+
+/etc/init.d/mysql restart
+
+2) Install Amavisd-new, Spamassassin and Clamav (1 line!):
+
+apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl
+
+
+
+3) Install apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
+
+apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
+
+
+# When phpMyAdmin is asking weather to configure itself automatically, select "Apache2"
+
+# Then run the following to enable the Apache modules suexec, rewrite and ssl:
+
+a2enmod suexec rewrite ssl actions include
+
+# Secure phpMyAdmin by deleting setuppassword-file
+# and removing/commenting Setup Authorization from apache.conf
+
+rm /etc/phpmyadmin/htpasswd.setup
+
+vi /etc/phpmyadmin/apache.conf
+
+# delete/comment following lines (between the ----- lines):
+------------------------------------------------------
+ # Authorize for setup
+ <Files setup.php>
+ # For Apache 1.3 and 2.0
+ <IfModule mod_auth.c>
+ AuthType Basic
+ AuthName "phpMyAdmin Setup"
+ AuthUserFile /etc/phpmyadmin/htpasswd.setup
+ </IfModule>
+ # For Apache 2.2
+ <IfModule mod_authn_file.c>
+ AuthType Basic
+ AuthName "phpMyAdmin Setup"
+ AuthUserFile /etc/phpmyadmin/htpasswd.setup
+ </IfModule>
+ Require valid-user
+ </Files>
+------------------------------------------------------
+
+# restart apache before continuing
+
+/etc/init.d/apache2 restart
+
+
+4) Install pure-ftpd and quota
+
+apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool
+
+# Edit the file /etc/default/pure-ftpd-common to change the start mode from "inetd" to "standalone"
+and set VIRTUALCHROOT=true
+
+vi /etc/default/pure-ftpd-common
+
+# Edit the file /etc/inetd.conf to prevent inetd from trying to start ftp.
+# To do this, comment line starting like "ftp stream tcp" by adding "#"-sign in front of the line.
+
+vi /etc/inetd.conf
+
+# Then execute:
+
+/etc/init.d/openbsd-inetd restart
+
+
+# Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to the partition with the mount point /):
+
+vi /etc/fstab
+
+----------------------------------------------------------------------------------------------
+# /etc/fstab: static file system information.
+#
+# <file system> <mount point> <type> <options> <dump> <pass>
+proc /proc proc defaults 0 0
+/dev/sda1 / ext3 errors=remount-ro,usrquota,grpquota 0 1
+/dev/sda5 none swap sw 0 0
+/dev/hda /media/cdrom0 udf,iso9660 user,noauto 0 0
+/dev/fd0 /media/floppy0 auto rw,user,noauto 0 0
+----------------------------------------------------------------------------------------------
+
+# To enable quota, run these commands:
+
+touch /quota.user /quota.group
+chmod 600 /quota.*
+mount -o remount /
+quotacheck -avugm
+quotaon -avug
+
+
+5) Install mydns
+
+apt-get install g++ libc6 gcc gawk make texinfo libmysqlclient15-dev
+
+cd /tmp
+wget http://heanet.dl.sourceforge.net/sourceforge/mydns-ng/mydns-1.2.8.25.tar.gz
+tar xvfz mydns-1.2.8.25.tar.gz
+cd mydns-1.2.8
+./configure
+make
+make install
+
+# Now create the start / stop script for mydns:
+
+vi /etc/init.d/mydns
+
+# and enter the following lines (between the ----- lines):
+
+------------------------------------------------------
+#! /bin/sh
+#
+# mydns Start the MyDNS server
+#
+# Author: Philipp Kern <phil@philkern.de>.
+# Based upon skeleton 1.9.4 by Miquel van Smoorenburg
+# <miquels@cistron.nl> and Ian Murdock <imurdock@gnu.ai.mit.edu>.
+#
+
+set -e
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/local/sbin/mydns
+NAME=mydns
+DESC="DNS server"
+
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Gracefully exit if the package has been removed.
+test -x $DAEMON || exit 0
+
+case "$1" in
+ start)
+ echo -n "Starting $DESC: $NAME"
+ start-stop-daemon --start --quiet \
+ --exec $DAEMON -- -b
+ echo "."
+ ;;
+ stop)
+ echo -n "Stopping $DESC: $NAME"
+ start-stop-daemon --stop --oknodo --quiet \
+ --exec $DAEMON
+ echo "."
+ ;;
+ reload|force-reload)
+ echo -n "Reloading $DESC configuration..."
+ start-stop-daemon --stop --signal HUP --quiet \
+ --exec $DAEMON
+ echo "done."
+ ;;
+ restart)
+ echo -n "Restarting $DESC: $NAME"
+ start-stop-daemon --stop --quiet --oknodo \
+ --exec $DAEMON
+ sleep 1
+ start-stop-daemon --start --quiet \
+ --exec $DAEMON -- -b
+ echo "."
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
+---------------------------------------------------------------------------
+
+# now execute:
+
+chmod +x /etc/init.d/mydns
+update-rc.d mydns defaults
+
+6) Install vlogger and webalizer
+
+apt-get install vlogger webalizer
+
+7) Install Jailkit (optional, only needed if you want to use chrroting for SSH users)
+
+apt-get install build-essential autoconf automake1.9 libtool flex bison
+cd /tmp
+wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz
+tar xvfz jailkit-2.5.tar.gz
+cd jailkit-2.5
+./configure
+make
+make install
+cd ..
+rm -rf jailkit-2.5*
+
+8) Install fail2ban (optional but recomended, because the monitor tries to show the log)
+More info at: http://www.howtoforge.com/fail2ban_debian_etch
+
+apt-get install fail2ban
+
+9) Install ISPConfig 3
+
+# There are two possile scenarios, but not both:
+9.1) Install the latest released version
+9.2) Install directly from SVN
+
+9.1) Installation of last version from tar.gz
+
+ cd /tmp
+ wget http://www.ispconfig.org/downloads/ISPConfig-3.0.0.9-rc2.tar.gz
+ tar xvfz ISPConfig-3.0.0.9-rc2.tar.gz
+ cd ispconfig3_install/install/
+
+9.2) Installation from SVN
+
+ apt-get install subversion
+ cd /tmp
+ svn export svn://svn.ispconfig.org/ispconfig3/trunk/
+ cd trunk/install
+
+
+9.1+9.2) Now proceed with the ISPConfig installation.
+
+# Now start the installation process by executing:
+
+php -q install.php
+
+# The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
+
+http://192.168.0.100:8080/
+
+# the default login is:
+
+user: admin
+password: admin
+
+# In case you get a permission denied error from apache, please restart the apache webserver process.
+
+
+
+----------------------------------------------------------------------------------------------------------
+Optional:
+
+Install a webbased Email Client
+
+apt-get install squirrelmail
+ln -s /usr/share/squirrelmail/ /var/www/webmail
+
+Access squirrelmail:
+
+http://192.168.0.100/webmail
+
+
+To configure squirrelmail, run:
+
+/usr/sbin/squirrelmail-configure
+
+----------------------------------------------------------------------------------------------------------
+
+Hints:
+
+debian 5.0 under openvz:
+
+VPSID=101
+for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE
+do
+ vzctl set $VPSID --capability ${CAP}:on --save
+done
+
+----------------------------------------------------------------------------------------------------------
+
+
+Optional recommended packages:
+
+denyhosts - a utility to help sys admins thwart ssh crackers
+rsync - fast remote file copy program (for backup)
+
+-----------------------------------------------------------------------------------------------------------
+
+Possible errors and their solutions
+------------------------------------
+
+pureftpd login does not work. Take a look at the syslog, if you find an error message like this:
+Mar 24 16:26:28 ispconfig pure-ftpd: (?@?) [ERROR] Sorry, invalid address given
+
+then pureftpd is not able to resolve the hostname. Name resolving can be disabled with these commands:
+
+echo 'yes' > /etc/pure-ftpd/conf/DontResolve
+/etc/init.d/pure-ftpd-mysql restart
+
+
+
+
+
+
--
GitLab