INSTALL_DEBIAN_6.0_dovecot_bind.txt 7.83 KB
Newer Older
1
Installation
2
-------------
3

4 5
# It is recommended to use a clean (fresh) Debian Squeeze 6.0 install where you just selected "Standard System" at the package selection during
# setup (tasksel). Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as text editor, but
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
# you can use whatever you prefer. You should be root for doing all of this.


# Check we have Fully Qualified Domain Name

/bin/hostname

# it should return something like "ispconfig.example.com"
# if not, then we assign a hostname (for example ispconfig):

echo ispconfig.example.com > /etc/hostname

vi /etc/hosts

# and add lines similar but appropriate:

127.0.0.1       localhost.localdomain   localhost
192.168.0.100   ispconfig.example.com   ispconfig

# Run:

/etc/init.d/hostname.sh

29 30 31
# enable the Debian Volatile repository to get an updated ClamAV version
# The Volatile repository for Debian Squeeze was not available yet at the time this howto was written.
# echo "deb http://volatile.debian.org/debian-volatile squeeze/volatile main contrib non-free" >> /etc/apt/sources.list.d/volatile.list
32 33 34 35 36 37
# apt-get update

# Some optional choices

opt0.1) Optionally install SSH-server to get remote shell

38
apt-get install openssh-server
39

40
opt0.2) Optionally, if you are not running inside a virtual machine, you can set server clocksync via NTP. Virtual guests get this from the host.
41 42 43 44 45 46 47 48 49 50 51 52

apt-get -y install ntp ntpdate

opt0.3) Optionally if you want vi editor improvement

apt-get -y install vim-nox


# Next is the real deal

1) Install Postfix, Dovecot, MySQL, phpMyAdmin, rkhunter, binutils with the following command line (on one line!):

53
apt-get -y install postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d sudo
54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79

# Answer the questions from the package manager as follows.

General type of configuration? <-- Internet site
Mail name? <-- server1.mydomain.tld

# ...use your own domain name of course ;)



# Edit the file /etc/mysql/my.cnf

vi /etc/mysql/my.cnf

# and change the line:

bind-address          = 127.0.0.1

to:

#bind-address          = 127.0.0.1

# then restart mysql

/etc/init.d/mysql restart

80
2) Install Amavisd-new, Spamassassin and ClamAV (1 line!):
81 82 83 84

apt-get -y install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl


85
3) Install Apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
86

87
apt-get -y install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-ruby
88 89


90
# When phpMyAdmin is asking wether to configure itself automatically, select "Apache2"
91 92 93

# Then run the following to enable the Apache modules suexec, rewrite and ssl:

94
a2enmod suexec rewrite ssl actions include ruby
95

96
# restart Apache before continuing
97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141

/etc/init.d/apache2 restart
 

4) Install pure-ftpd and quota

apt-get -y install pure-ftpd-common pure-ftpd-mysql quota quotatool

# Optional: Enable TLS in pureftpd
echo 1 > /etc/pure-ftpd/conf/TLS
mkdir -p /etc/ssl/private/
openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/pure-ftpd.pem  -out /etc/ssl/private/pure-ftpd.pem
chmod 600 /etc/ssl/private/pure-ftpd.pem 


# Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to the partition with the mount point /):

vi /etc/fstab

----------------------------------------------------------------------------------------------
# /etc/fstab: static file system information.
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    defaults        0       0
/dev/sda1       /               ext3    errors=remount-ro,usrquota,grpquota 0       1
/dev/sda5       none            swap    sw              0       0
/dev/hda        /media/cdrom0   udf,iso9660 user,noauto     0       0
/dev/fd0        /media/floppy0  auto    rw,user,noauto  0       0
----------------------------------------------------------------------------------------------

# To enable quota, run these commands:

touch /aquota.user /aquota.group
chmod 600 /aquota.*
mount -o remount /
quotacheck -avugm
quotaon -avug


5) Install BIND DNS Server

apt-get -y install bind9 dnsutils

6) Install vlogger and webalizer

142 143 144 145
apt-get -y install vlogger webalizer awstats

mkdir /usr/share/awstats/tools
cp -prf /usr/share/doc/awstats/examples/awstats_buildstaticpages.pl /usr/share/awstats/tools/awstats_buildstaticpages.pl
146 147


148
7) Install Jailkit (optional, only needed if you want to use chrooting for SSH users)
149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175

apt-get -y install build-essential autoconf automake1.9 libtool flex bison debhelper
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
tar xvfz jailkit-2.11.tar.gz
cd jailkit-2.11
./debian/rules binary
cd ..
dpkg -i jailkit_2.11-1_*.deb
rm -rf jailkit-2.11*

8) Install fail2ban (optional but recomended, because the monitor tries to show the log)
More info at: http://www.howtoforge.com/fail2ban_debian_etch

apt-get -y install fail2ban

9) Install ISPConfig 3

cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3.0.2.2.tar.gz
tar xvfz ISPConfig-3.0.2.2.tar.gz
cd ispconfig3_install/install/

# Now start the installation process by executing:

php -q install.php

jwarnier's avatar
jwarnier committed
176
# The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not necessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227

http://192.168.0.100:8080/

# the default login is:

user: admin
password: admin

# In case you get a permission denied error from apache, please restart the apache webserver process.



----------------------------------------------------------------------------------------------------------
Optional:

Install a webbased Email Client

apt-get install squirrelmail
ln -s /usr/share/squirrelmail/ /var/www/webmail

Access squirrelmail:

http://192.168.0.100/webmail


To configure squirrelmail, run:

/usr/sbin/squirrelmail-configure

----------------------------------------------------------------------------------------------------------

Hints:

debian 5.0 under openvz:

VPSID=101
for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE
do
  vzctl set $VPSID --capability ${CAP}:on --save
done

----------------------------------------------------------------------------------------------------------


Optional recommended packages:

denyhosts - a utility to help sys admins thwart ssh crackers
rsync - fast remote file copy program (for backup)

-----------------------------------------------------------------------------------------------------------

228
Ispc log files rotation, for now manual add but to add in ispc installer:
229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265

/etc/logrotate.d/logispc3

/var/log/ispconfig/ispconfig.log {
	weekly
	missingok
	rotate 4
	compress
	delaycompress
}
/var/log/ispconfig/cron.log {
	weekly
	missingok
	rotate 4
	compress
	delaycompress
}


-----------------------------------------------------------------------------------------------------------

Possible errors and their solutions
------------------------------------

pureftpd login does not work. Take a look at the syslog, if you find an error message like this:
Mar 24 16:26:28 ispconfig pure-ftpd: (?@?) [ERROR] Sorry, invalid address given

then pureftpd is not able to resolve the hostname. Name resolving can be disabled with these commands:

echo 'yes' > /etc/pure-ftpd/conf/DontResolve
/etc/init.d/pure-ftpd-mysql restart