ghzhost
diff --git a/‎docs/INSTALL_DEBIAN_6.0.txt‎
Lines changed: 381 additions & 0 deletions b/‎docs/INSTALL_DEBIAN_6.0.txt‎
Lines changed: 381 additions & 0 deletions
@@ -0,0 +1,381 @@
+Installation
+-----------
+
+# It is recommended to use a clean (fresh) Debian Squeeze install where you just selected "Standard System" as the package selection during
+# setup. Then follow the steps below to setup your server with ISPConfig 3. In this guide "vi" is used as texteditor, but you ofcourse
+# you can use whatever you prefer. You should be root for doing all of this.
+
+
+# Check we have Fully Qualified Domain Name
+
+/bin/hostname
+
+# it should return something like "ispconfig.example.com"
+# if not, then we assign a hostname (for example ispconfig):
+
+echo ispconfig.example.com > /etc/hostname
+
+vi /etc/hosts
+
+# and add lines similar but appropriate:
+
+127.0.0.1       localhost.localdomain   localhost
+192.168.0.100   ispconfig.example.com   ispconfig
+
+
+
+# Some optional choices
+
+opt0.1) Optionally install SSH-server to get remote shell
+
+apt-get install ssh openssh-server
+
+opt0.2) Optionally if you are not running in virtual machine you can set server clocksync via NTP. Virtual quests get this from the host.
+
+apt-get install ntp ntpdate
+
+
+
+# Next is the real deal
+
+1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils with the following command line (on one line!):
+
+apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4 rkhunter binutils
+
+# Answer the questions from the package manager as follows.
+
+Create directories for web-based administration ? <-- No
+General type of configuration? <-- Internet site
+Mail name? <-- server1.mydomain.tld
+ SSL certificate required <-- Ok
+
+# ...use your own domain name of course ;)
+
+
+
+# Edit the file /etc/mysql/my.cnf
+
+vi /etc/mysql/my.cnf
+
+# and change the line:
+
+bind-address          = 127.0.0.1
+
+to:
+
+#bind-address          = 127.0.0.1
+
+# then restart mysql
+
+/etc/init.d/mysql restart
+
+2) Install Amavisd-new, Spamassassin and Clamav (1 line!):
+
+apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl
+
+# During the installation, the SSL certificates for IMAP-SSL and POP3-SSL are created with the hostname localhost. To change this to the correct hostname (server1.example.com in this tutorial), delete the certificates...
+
+cd /etc/courier
+rm -f /etc/courier/imapd.pem
+rm -f /etc/courier/pop3d.pem
+
+# ... and modify the following two files; replace CN=localhost with CN=server1.example.com (you can also modify the other values, if necessary):
+
+vi /etc/courier/imapd.cnf
+
+[...]
+CN=server1.example.com
+[...]
+
+vi /etc/courier/pop3d.cnf
+
+[...]
+CN=server1.example.com
+[...]
+
+# Then recreate the certificates...
+
+mkimapdcert
+mkpop3dcert
+
+# ... and restart Courier-IMAP-SSL and Courier-POP3-SSL:
+
+/etc/init.d/courier-imap-ssl restart
+/etc/init.d/courier-pop-ssl restart 
+
+
+3) Install apache, PHP5, phpmyadmin, better fastCGI, suexec, Pear and mcrypt (1 line!):
+
+apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
+
+
+# When phpMyAdmin is asking weather to configure itself automatically, select "Apache2"
+
+# Then run the following to enable the Apache modules suexec, rewrite and ssl:
+
+a2enmod suexec rewrite ssl actions include
+
+# restart apache before continuing
+
+/etc/init.d/apache2 restart
+ 
+
+4) Install pure-ftpd and quota
+
+apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool
+
+# Edit the file /etc/default/pure-ftpd-common to change the start mode from "inetd" to "standalone"
+and set VIRTUALCHROOT=true
+
+vi /etc/default/pure-ftpd-common
+
+# Edit the file /etc/inetd.conf to prevent inetd from trying to start ftp.
+# To do this, comment line starting like "ftp   stream  tcp" by adding "#"-sign in front of the line.
+
+vi /etc/inetd.conf
+
+# Then execute:
+
+/etc/init.d/openbsd-inetd restart
+
+# Some additional settings for pureftpd
+
+echo 'yes' > /etc/pure-ftpd/conf/DontResolve
+
+# Enable TLS in pureftpd
+echo 1 > /etc/pure-ftpd/conf/TLS
+mkdir -p /etc/ssl/private/
+openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/ssl/private/pure-ftpd.pem  -out /etc/ssl/private/pure-ftpd.pem
+chmod 600 /etc/ssl/private/pure-ftpd.pem 
+
+
+# Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to the partition with the mount point /):
+
+vi /etc/fstab
+
+----------------------------------------------------------------------------------------------
+# /etc/fstab: static file system information.
+#
+# <file system> <mount point>   <type>  <options>       <dump>  <pass>
+proc            /proc           proc    defaults        0       0
+/dev/sda1       /               ext4    errors=remount-ro,usrquota,grpquota 0       1
+/dev/sda5       none            swap    sw              0       0
+/dev/hda        /media/cdrom0   udf,iso9660 user,noauto     0       0
+/dev/fd0        /media/floppy0  auto    rw,user,noauto  0       0
+----------------------------------------------------------------------------------------------
+
+# To enable quota, run these commands:
+
+touch /quota.user /quota.group
+chmod 600 /quota.*
+mount -o remount /
+quotacheck -avugm
+quotaon -avug
+
+
+5) Install mydns
+
+apt-get install g++ libc6 gcc gawk make texinfo libmysqlclient15-dev
+
+cd /tmp
+wget http://heanet.dl.sourceforge.net/sourceforge/mydns-ng/mydns-1.2.8.27.tar.gz
+tar xvfz mydns-1.2.8.27.tar.gz
+cd mydns-1.2.8
+./configure
+make
+make install
+
+# Now create the start / stop script for mydns:
+
+vi /etc/init.d/mydns
+
+# and enter the following lines (between the ----- lines):
+
+------------------------------------------------------
+#! /bin/sh
+#
+# mydns         Start the MyDNS server
+#
+# Author:       Philipp Kern <phil@philkern.de>.
+#               Based upon skeleton 1.9.4 by Miquel van Smoorenburg
+#               <miquels@cistron.nl> and Ian Murdock <imurdock@gnu.ai.mit.edu>.
+#
+
+set -e
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/local/sbin/mydns
+NAME=mydns
+DESC="DNS server"
+
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Gracefully exit if the package has been removed.
+test -x $DAEMON || exit 0
+
+case "$1" in
+  start)
+        echo -n "Starting $DESC: $NAME"
+        start-stop-daemon --start --quiet \
+                --exec $DAEMON -- -b
+        echo "."
+        ;;
+  stop)
+        echo -n "Stopping $DESC: $NAME"
+        start-stop-daemon --stop --oknodo --quiet \
+                --exec $DAEMON
+        echo "."
+        ;;
+  reload|force-reload)
+        echo -n "Reloading $DESC configuration..."
+        start-stop-daemon --stop --signal HUP --quiet \
+                --exec $DAEMON
+        echo "done."
+        ;;
+  restart)
+        echo -n "Restarting $DESC: $NAME"
+        start-stop-daemon --stop --quiet --oknodo \
+                --exec $DAEMON
+        sleep 1
+        start-stop-daemon --start --quiet \
+                --exec $DAEMON -- -b
+        echo "."
+        ;;
+  *)
+        echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+        exit 1
+        ;;
+esac
+
+exit 0
+---------------------------------------------------------------------------
+
+# now execute:
+
+chmod +x /etc/init.d/mydns
+update-rc.d mydns defaults
+
+6) Install vlogger and webalizer
+
+apt-get install vlogger webalizer
+
+Change the following line in /etc/webalizer/webalizer.conf from
+
+#Incremental    no
+
+to
+
+Incremental    yes 
+
+7) Install Jailkit (optional, only needed if you want to use chrroting for SSH users)
+
+apt-get install build-essential autoconf automake1.9 libtool flex bison debhelper
+cd /tmp
+wget http://olivier.sessink.nl/jailkit/jailkit-2.7.tar.gz
+tar xvfz jailkit-2.7.tar.gz
+cd jailkit-2.7
+./debian/rules binary
+cd ..
+dpkg -i jailkit_2.7-1_*.deb
+rm -rf jailkit-2.7*
+
+8) Install fail2ban (optional but recomended, because the monitor tries to show the log)
+More info at: http://www.howtoforge.com/fail2ban_debian_etch
+
+apt-get install fail2ban
+
+9) Install ISPConfig 3
+
+# There are two possile scenarios, but not both:
+9.1) Install the latest released version 
+9.2) Install directly from SVN
+
+9.1) Installation of last version from tar.gz
+
+  cd /tmp
+  wget http://www.ispconfig.org/downloads/ISPConfig-3.0.0.9-rc2.tar.gz
+  tar xvfz ISPConfig-3.0.0.9-rc2.tar.gz
+  cd ispconfig3_install/install/
+
+9.2) Installation from SVN
+
+  apt-get install subversion
+  cd /tmp
+  svn export svn://svn.ispconfig.org/ispconfig3/trunk/
+  cd trunk/install
+
+
+9.1+9.2) Now proceed with the ISPConfig installation.
+
+# Now start the installation process by executing:
+
+php -q install.php
+
+# The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary. To login to the ISPConfig controlpanel, open the following URL in your browser (replace the IP to match your settings!):
+
+http://192.168.0.100:8080/
+
+# the default login is:
+
+user: admin
+password: admin
+
+# In case you get a permission denied error from apache, please restart the apache webserver process.
+
+
+
+----------------------------------------------------------------------------------------------------------
+Optional:
+
+Install a webbased Email Client
+
+apt-get install squirrelmail
+ln -s /usr/share/squirrelmail/ /var/www/webmail
+
+Access squirrelmail:
+
+http://192.168.0.100/webmail
+
+
+To configure squirrelmail, run:
+
+/usr/sbin/squirrelmail-configure
+
+----------------------------------------------------------------------------------------------------------
+
+Hints:
+
+debian 5.0 under openvz:
+
+VPSID=101
+for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE
+do
+  vzctl set $VPSID --capability ${CAP}:on --save
+done
+
+----------------------------------------------------------------------------------------------------------
+
+
+Optional recommended packages:
+
+denyhosts - a utility to help sys admins thwart ssh crackers
+rsync - fast remote file copy program (for backup)
+
+-----------------------------------------------------------------------------------------------------------
+
+Possible errors and their solutions
+------------------------------------
+
+pureftpd login does not work. Take a look at the syslog, if you find an error message like this:
+Mar 24 16:26:28 ispconfig pure-ftpd: (?@?) [ERROR] Sorry, invalid address given
+
+then pureftpd is not able to resolve the hostname. Name resolving can be disabled with these commands:
+
+echo 'yes' > /etc/pure-ftpd/conf/DontResolve
+/etc/init.d/pure-ftpd-mysql restart
+
+
+
+
+
+