Added a first draft of the chrooted install manual for debian 5.0.

tbrehm · tbrehm · commit 35c10155f8cc · 2009-08-26T12:31:41.000Z
diff --git a/docs/CHROOTED_DEBIAN_5.0.txt b/docs/CHROOTED_DEBIAN_5.0.txt
@@ -0,0 +1,129 @@
+
+
+Setting up a chrooted ispconfig 3 installation
+--------------------------------------------------------------------
+
+# Follow the steps 1 - 8 of the INSTALL_DEBIAN_5.0 Guide, then proceed
+# with the steps below.
+# 
+# This guide is experimental as there are a few cahnges nescessary in
+# ispconfig to get it workin. These changes will be part of ISPConfig 3.0.2
+
+# Install packages
+
+apt-get install debootstrap libapache2-mod-chroot
+
+# Create the chroot enviroment
+
+debootstrap lenny /var/www/ ftp://ftp.fr.debian.org/debian/
+
+# Add mountpoints for the chroot env into the fstab file.
+
+echo "/proc         /var/www/proc               proc           defaults        0       0">>/etc/fstab
+echo "devpts      /var/www/dev/pts            devpts         defaults        0       0">>/etc/fstab
+
+# mount the filesystems
+
+mount -a
+
+# add a default chroot dir for all users of the sshusers group.
+
+echo "@sshusers       -       chroot  /var/www/">>/etc/security/limits.conf
+
+# copy passwd and group files to the chroot env.
+
+cp -rf /etc/apt /etc/passwd /etc/group /var/www/etc/ # Cleaning unecesary users and groups
+
+# Create symlinks.
+
+cd /var/www/var/
+rm -rf /var/www/var/www
+ln -s / www
+
+# Enter the chroot
+
+chroot /var/www
+
+# Update files in the chroot enviroment and install some packages.
+# You can ignore warnings about locales, we will fix them in the next step.
+
+apt-get update
+apt-get install fakeroot --force-yes -y
+apt-get install locales
+
+# Reconfigure locales. Select e.g the en_US* locales.
+
+dpkg-reconfigure locales
+
+# run a dist upgarde.
+
+fakeroot apt-get dist-upgrade
+
+# Install apache and php in the chroot enviroment
+
+apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
+/etc/init.d/apache2 stop
+
+# Exit the chroot
+
+exit
+
+# Moving the apache configuration is not nescessary, as apache reads
+# the config files before it moves into the chroot
+# rm -rf /var/www/etc/apache2
+# mv -f /etc/apache2 /var/www/etc/
+# ln -s /var/www/etc/apache2 /etc/apache2
+
+rm -rf /var/www/etc/php5/cgi/
+mv -f /etc/php5/cgi/ /var/www/etc/php5/
+ln -s /var/www/etc/php5/cgi /etc/php5/
+
+rm -rf /var/www/etc/php5/apache2/
+mv -f /etc/php5/apache2/ /var/www/etc/php5/
+ln -s /var/www/etc/php5/apache2 /etc/php5/
+
+ln -s /var/www/var/run/apache2.pid /var/run/apache2.pid
+
+# enable mod_chroot
+
+a2enmod mod_chroot
+echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf
+
+# Start apache
+
+/etc/init.d/apache2 start
+
+# Install ISPConfig
+
+cd /tmp
+wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz
+tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz
+cd ispconfig3_install/install/
+php -q install.php
+cd /tmp/
+rm -rf ispconfig3_install
+rm -f ISPConfig-3.0.1.4-beta-2.tar.gz
+
+# Move the ispconfig interface part to the chroot enviroment and create a symlink
+
+mkdir /var/www/usr/local/ispconfig
+chown ispconfig:ispconfig /var/www/usr/local/ispconfig
+chmod 750 /var/www/usr/local/ispconfig
+mv /usr/local/ispconfig/interface /var/www/usr/local/ispconfig/
+ln -s /var/www/usr/local/ispconfig/interface /usr/local/ispconfig/interface
+chroot /var/www adduser www-data ispconfig
+
+# Create a link for the mysql socket.
+
+ln /var/run/mysqld/mysqld.sock /var/www/var/run/mysqld/mysqld.sock
+
+# As an alternative to making a hardlink to the mysql socket, 
+# change the my.cnf file in the chroot to use tcp sockets.
+# This is more secure but a bit slower then using the mysqld.sock file.
+
+# Restart apache
+
+/etc/init.d/apache2 restart
+
+
+
