Commit 0f2bb179 authored by tbrehm's avatar tbrehm
Browse files

- Improved Fedora installer.

- Added Installation instructions for Fedora 12
- Added Dovecot support for fedora 12
parent 8f898a3a
It is recommended to use a clean (fresh) Fedora install. Then follow the steps below to setup your server with ISPConfig 3:
Installation of some basic requirements:
// rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
yum update
// yum groupinstall 'Development Tools'
// yum groupinstall 'Development Libraries'
You should disable selinux now, as some programs will not start when selinux is enabled:
vi /etc/selinux/config
and set:
then reboot the server.
1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin with the following command line (on one line!):
yum install ntp httpd mysql-server php php-mysql php-mbstring phpMyAdmin getmail postfix dovecot dovecot-mysql wget
chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start
chkconfig --levels 235 httpd on
/etc/init.d/httpd start
chkconfig --levels 235 dovecot on
/etc/init.d/dovecot start
chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
/etc/init.d/sendmail stop
/etc/init.d/postfix start
/etc/init.d/saslauthd start
Set the mysql database password:
2) Install Amavisd-new, Spamassassin and Clamav (1 line!):
yum install amavisd-new spamassassin clamav clamav-data clamav-server clamav-update unzip bzip2 unrar
chkconfig --levels 235 amavisd on
chkconfig --levels 235 clamd.amavisd on
/etc/init.d/amavisd start
/etc/init.d/clamd.amavisd start
3) Install apache, PHP5 and phpmyadmin (1 line!):
yum install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-eaccelerator php-magickwand php-magpierss php-mapserver php-mbstring php-mcrypt php-mhash php-mssql php-shout php-snmp php-soap php-tidy curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel phpmyadmin
disable php mapserver module as it causes errors on cli:
vi /etc/php.d/mapserver.ini
and add ; in front of the line
4) Install pure-ftpd and quota
yum install pure-ftpd quota
chkconfig --levels 235 pure-ftpd on
5) Install bind dns server
yum install bind bind-utils
chkconfig --levels 235 named on
6) Install vlogger dependencies and webalizer
yum install webalizer perl-DateTime-Format-HTTP perl-DateTime-Format-Builder
6.5) Install jailkit
yum install gcc
cd /tmp
tar xvfz jailkit-2.11.tar.gz
cd jailkit-2.11
make install
rm -rf jailkit-2.11*
6.6) Install fail2ban
yum install fail2ban
7) Configure the firewall
Now you should switch off the firewall by running:
ISPConfig comes with a iptables bsed firewall script that can be managed from within the ispconfig interface.
8) Install ISPConfig 3
cd /tmp
tar xvfz ISPConfig-3.0.2.tar.gz
cd ispconfig3_install/install/
Now start the installation process by executing:
php -q install.php
The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
the default login is:
user: admin
password: admin
In case you get a permission denied error from apache, please restart the apache webserver process.
Install a webbased Email Client
yum install squirrelmail
debian 4.0 under openvz:
vzctl set $VPSID --capability ${CAP}:on --save
......@@ -68,6 +68,17 @@ yast2 -i php5-bcmath php5-bz2 php5-calendar php5-ctype php5-curl php5-dom php5-f
rpm -i
Edit the file /etc/php5/cli/php.ini
vi /etc/php5/cli/php.ini
and change:
error_reporting = E_ALL & ~E_DEPRECATED
error_reporting = E_ALL & ~E_NOTICE
Then run the following to enable the Apache modules:
......@@ -126,7 +126,7 @@ $conf['courier']['courier-pop-ssl'] = 'courier-imap';
//* Dovecot
$conf['dovecot']['installed'] = false; // will be detected automatically during installation
$conf['dovecot']['config_dir'] = '/etc/dovecot';
$conf['dovecot']['config_dir'] = '/etc';
$conf['dovecot']['init_script'] = 'dovecot';
//* SASL
......@@ -161,11 +161,11 @@ $conf['powerdns']['init_script'] = 'pdns';
//* BIND DNS Server
$conf['bind']['installed'] = false; // will be detected automatically during installation
$conf['bind']['bind_user'] = 'root';
$conf['bind']['bind_group'] = 'bind';
$conf['bind']['bind_zonefiles_dir'] = '/etc/bind';
$conf['bind']['named_conf_path'] = '/etc/bind/named.conf';
$conf['bind']['named_conf_local_path'] = '/etc/bind/named.conf.local';
$conf['bind']['bind_user'] = 'named';
$conf['bind']['bind_group'] = 'named';
$conf['bind']['bind_zonefiles_dir'] = '/var/named';
$conf['bind']['named_conf_path'] = '/etc/named.conf';
$conf['bind']['named_conf_local_path'] = '/etc/named.conf.local';
$conf['bind']['init_script'] = 'named';
//* Jailkit
......@@ -270,6 +270,74 @@ class installer_dist extends installer_base {
wf($configfile, $content);
public function configure_dovecot()
global $conf;
$config_dir = $conf['dovecot']['config_dir'];
//* Configure and add a line for deliver
copy($config_dir.'/', $config_dir.'/');
exec('chmod 400 '.$config_dir.'/');
$content = rf($conf["postfix"]["config_dir"].'/');
// Only add the content if we had not addded it before
if(!stristr($content,"dovecot/deliver")) {
$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
//* Reconfigure postfix to use dovecot authentication
// Adding the amavisd commands to the postfix configuration
$postconf_commands = array (
'dovecot_destination_recipient_limit = 1',
'virtual_transport = dovecot',
'smtpd_sasl_type = dovecot',
'smtpd_sasl_path = private/auth',
'receive_override_options = no_address_mappings'
// Make a backup copy of the file
// Executing the postconf commands
foreach($postconf_commands as $cmd) {
$command = "postconf -e '$cmd'";
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* copy dovecot.conf
$configfile = 'dovecot.conf';
copy("$config_dir/$configfile", "$config_dir/$configfile~");
//* dovecot-sql.conf
$configfile = 'dovecot-sql.conf';
copy("$config_dir/$configfile", "$config_dir/$configfile~");
exec("chmod 400 $config_dir/$configfile~");
$content = rf("tpl/fedora_dovecot-sql.conf.master");
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
$content = str_replace('{mysql_server_host}',$conf['mysql']['host'],$content);
wf("$config_dir/$configfile", $content);
exec("chmod 600 $config_dir/$configfile");
exec("chown root:root $config_dir/$configfile");
public function configure_amavis() {
global $conf;
......@@ -406,6 +474,14 @@ class installer_dist extends installer_base {
public function configure_bind() {
global $conf;
// add the include line at the end of named.conf.
replaceLine('/etc/named.conf','include "/etc/named.conf.local";','include "/etc/named.conf.local";',0,1);
public function configure_apache()
global $conf;
......@@ -91,9 +91,9 @@ $policy_bank{'AM.PDP-SOCK'} = {
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.2; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9; # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent
$sa_tag2_level_deflt = 20; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 100; # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 100; # spam level beyond which a DSN is not sent
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam
......@@ -783,7 +783,7 @@ $spam_admin = undef;
$LOGFILE = "/var/log/amavis.log"; # (defaults to empty, no log)
$log_level = 5; # (defaults to 0)
$log_level = 0; # (defaults to 0)
1; # insure a defined return
# This file is opened as root, so it should be owned by root and mode 0600.
# For the sql passdb module, you'll need a database with a table that
# contains fields for at least the username and password. If you want to
# use the user@domain syntax, you might want to have a separate domain
# field as well.
# If your users all have the same uig/gid, and have predictable home
# directories, you can use the static userdb module to generate the home
# dir based on the username and domain. In this case, you won't need fields
# for home, uid, or gid in the database.
# If you prefer to use the sql userdb module, you'll want to add fields
# for home, uid, and gid. Here is an example table:
# CREATE TABLE users (
# username VARCHAR(128) NOT NULL,
# domain VARCHAR(128) NOT NULL,
# password VARCHAR(64) NOT NULL,
# home VARCHAR(255) NOT NULL,
# );
# Database driver: mysql, pgsql, sqlite
#driver =
# Database connection string. This is driver-specific setting.
# pgsql:
# For available options, see the PostgreSQL documention for the
# PQconnectdb function of libpq.
# mysql:
# Basic options emulate PostgreSQL option names:
# host, port, user, password, dbname
# But also adds some new settings:
# client_flags - See MySQL manual
# ssl_ca, ssl_ca_path - Set either one or both to enable SSL
# ssl_cert, ssl_key - For sending client-side certificates to server
# ssl_cipher - Set minimum allowed cipher security (default: HIGH)
# option_file - Read options from the given file instead of
# the default my.cnf location
# option_group - Read options from the given group (default: client)
# You can connect to UNIX sockets by using host: host=/var/run/mysql.sock
# Note that currently you can't use spaces in parameters.
# MySQL supports multiple host parameters for load balancing / HA.
# sqlite:
# The path to the database file.
# Examples:
# connect = host= dbname=users
# connect = dbname=virtual user=virtual password=blarg
# connect = /etc/dovecot/authdb.sqlite
#connect =
# Default password scheme.
# List of supported schemes is in
#default_pass_scheme = MD5
# passdb query to retrieve the password. It can return fields:
# password - The user's password. This field must be returned.
# user - user@domain from the database. Needed with case-insensitive lookups.
# username and domain - An alternative way to represent the "user" field.
# The "user" field is often necessary with case-insensitive lookups to avoid
# e.g. "name" and "nAme" logins creating two different mail directories. If
# your user and domain names are in separate fields, you can return "username"
# and "domain" fields instead of "user".
# The query can also return other fields which have a special meaning, see
# Commonly used available substitutions (see
# for full list):
# %u = entire user@domain
# %n = user part of user@domain
# %d = domain part of user@domain
# Note that these can be used only as input to SQL query. If the query outputs
# any of these substitutions, they're not touched. Otherwise it would be
# difficult to have eg. usernames containing '%' characters.
# Example:
# password_query = SELECT userid AS user, pw AS password \
# FROM users WHERE userid = '%u' AND active = 'Y'
#password_query = \
# SELECT username, domain, password \
# FROM users WHERE username = '%n' AND domain = '%d'
# userdb query to retrieve the user information. It can return fields:
# uid - System UID (overrides mail_uid setting)
# gid - System GID (overrides mail_gid setting)
# home - Home directory
# mail - Mail location (overrides mail_location setting)
# None of these are strictly required. If you use a single UID and GID, and
# home or mail directory fits to a template string, you could use userdb static
# instead. For a list of all fields that can be returned, see
# Examples:
# user_query = SELECT home, uid, gid FROM users WHERE userid = '%u'
# user_query = SELECT dir AS home, user AS uid, group AS gid FROM users where userid = '%u'
# user_query = SELECT home, 501 AS uid, 501 AS gid FROM users WHERE userid = '%u'
#user_query = \
# SELECT home, uid, gid \
# FROM users WHERE username = '%n' AND domain = '%d'
# If you wish to avoid two SQL lookups (passdb + userdb), you can use
# userdb prefetch instead of userdb sql in dovecot.conf. In that case you'll
# also have to return userdb fields in password_query prefixed with "userdb_"
# string. For example:
#password_query = \
# SELECT userid AS user, password, \
# home AS userdb_home, uid AS userdb_uid, gid AS userdb_gid \
# FROM users WHERE userid = '%u'
driver = mysql
connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_server_ispconfig_user} password={mysql_server_ispconfig_password}
default_pass_scheme = CRYPT
password_query = SELECT password FROM mail_user WHERE email = '%u' AND disable%Ls = 'n'
user_query = SELECT email as user, maildir as home, CONCAT(maildir, '/Maildir') as mail, uid, gid, CONCAT('maildir:storage=', quota) AS quota, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE email = '%u' AND disable%Ls = 'n'
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment