TULC!
News & About
IPC Starnote
Compaq B1800
Linux on IPC
FreeBSD
Hardware
Software
FAQ
Laptop-Forum
Old Forum
Links
©

vServer and SysCP install

 

Install a minimum Linux package (whatever your provider offers J)

 

Create a non-root user: adduser

Change in /etc/ssh/sshd-config: PermitRootLogin no

 

Add "deb http://debian.syscp.de/ sarge/" to /etc/apt/sources.list

 

apt-get update

apt-get upgrade

apt-get install aptitude

 

aptitude install postfix postfix-mysql postfix-doc postfix-tls mysql-client mysql-server mysql-common courier-authdaemon courier-authmysql courier-maildrop courier-pop courier-pop-ssl courier-imap courier-imap-ssl courier-ssl libsasl2 libsasl2-modules libsasl2-modules-sql spamassassin clamav clamav-daemon apache apache-common apache-utils libapache-mod-php4 libapache-mod-ssl php4 php4-mysql bind9-host proftpd-common proftpd-mysql openssl unzip unarj phpmyadmin

 

(for bind9 see vserver fix below and add separately)

 

Postfix:

- Internet site (default)

- root mail to: NONE (default)

- mail name: vsxxxx.vserver.tld (default)

- other destinations: vsxxxx.vserver.tld, localhost.vserver.tld, , localhost (default)

- force synchronous updates on mail queue: no (default)

 

Apache:

- suExec: Yes

 

Clamav-freshclam:

- daemon (default)

- database mirror site: Germany

- HTTP proxy: none/blank (default)

- notify after updates: Yes

 

Courier-base

- create web-based admin: No (default)

 

Ok for remarks/hints

 

ProFTPd

- inetd

 

Resolvconf

- Append to file: No

 

Ok for remark

 

Phpmyadmin

- reconfigure webservers: select apache + apache-ssl

 

WAIT

 

Restart Apache: Yes

 

aptitude install syscp

 

Webalizer:

default directory

Usage Statistics for.... (default)

...access.log.1 (default)

 

Open webbrowser: http://x.x.x.x/phpmyadmin

 

Login: root, no password

 

Change password

 

Create new database: syscp

 

Back to start page, Privileges, Add new user: syscp, host: local, same password as mysql root, don't select any global privileges

 

Database specific privileges, select syscp, check all, uncheck Grant.

 

Apache:

run "vi /etc/apache/httpd.conf"

 

Edit:

Listen x.x.x.x:80

BindAddress x.x.x.x

ServerName vsxxxx.vserver.tld

 

Remove "Indexes" under Options (several times)

ServerSignature Off

 

run "/etc/init.d/apache restart" (may be necessary to run 2 times)

 

Modify: "vi /etc/php4/apache/php.ini": remove semicolon to enable mysql extension

extensions=mysql.so

 

In browser open: http://x.x.x.x/syscp, configure

 

Enter previously defined passwords, next, status messages should be all green.

 

Login as admin, <password>

 

Left menu, Settings:

- change all three /var/kunden/<xyz> to /var/www/<xyz>

- phpMyAdmin URL: http://x.x.x.x/phpmyadmin

 

Left menu, Configuration

- Apache: run all commands in terminal window

- Bind9: run all commands in terminal window, vi /etc/bind/default.zone file and copy content in, restart daemon,

  error message "Stopping domain name service: namedrndc: connect failed: connection refused"

  cd /etc/bind

  rndc-confgen > rndc.conf

  vi rndc.key, copy secret from rndc.conf into rndc.key

  vi named.conf, copy second commented part of rndc.conf into named.conf, uncomment

  chown root rndc.key

  try /etc/init.d/bind9 restart

  reboot  

  Follow guidelines below!

- Courier, edit all files as mentioned (overwrite files), change mysql password to the previously configured one, remove any blank space/line at the end of the files

  vi /etc/courier/authdaemonrc

  vi /etc/courier/authmysqlrc

  restart 2x

- Postfix: run commands, then overwrite listed files, remove spaces at the end, insert mysql password

  vi /etc/postfix/main.cf (replace IP address with FQDN in myhostname and mydomain)

  vi /etc/postfix/mysql-virtual_alias_maps.cf

  vi /etc/postfix/mysql-virtual_mailbox_domains.cf

  vi /etc/postfix/mysql-virtual_mailbox_maps.cf

  vi /etc/postfix/sasl/smtpd.conf

  /etc/init.d/postfix restart

  If it doesn't work properly, check if localhost or 127.0.0.1 is used, usually 127.0.0.1 works (depending on MySQL settings)

- ProFTPd: vi /etc/proftpd.conf, overwrite, change standalone to inetd, change mysql password, /etc/init.d/proftpd restart

  To test: aptitude install ftp (no ftp client installed per default)

  ftp localhost

  If it doesn't start check /etc/hosts       

- Cron: vi /etc/php4/syscpcron/php.ini, insert content

  open another terminal window, cd /etc/php4, mkdir syscpcron, save the new edited file

  vi /etc/cron.d/syscp, insert content

  /etc/init.d/cron restart

 

Reboot the damned thing.

 

That's it :)

 

For some reason SysCP doesn't allow me to create a user account named web1. Supposedly to similar to system accounts?! Strange.

 

 

Postfix-GLD

aptitude install postfix-gld

 

Change MySQL priority:

update-rc.d -f mysql remove

update-rc.d mysql defaults 18

 

Create database (account details as in /etc/gld.conf at the end)

mysql mysql -u root -p

use mysql;

CREATE DATABASE gld;

GRANT ALL PRIVILEGES ON gld.* TO gld@localhost IDENTIFIED BY 'gld';

USE gld;

source /usr/share/gld/tables.mysql

source /usr/share/gld/table-whitelist.sql

 

Edit /etc/default/gld so that it reads:

ENABLED=1

 

Start gld and see if there are errors:

invoke-rc.d gld start

 

Edit /etc/postfix/main.cf, insert (all in one line):

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_non_fqdn_sender,check_sender_access hash:/etc/postfix/localdomains,check_recipient_access hash:/etc/postfix/recv_access,check_client_access hash:/etc/postfix/client_access,reject_rbl_client sbl-xbl.spamhaus.org,reject_rbl_client list.dsbl.org,reject_rbl_client relays.ordb.org,reject_unknown_sender_domain,reject_rhsbl_sender bogusmx.rfc-ignorant.org,reject_unlisted_recipient,check_policy_service inet:127.0.0.1:2525

 

Create /etc/postfix/recv_access and /etc/postfix/client_access files according to http://wyae.de/docs/greylisting/

 

touch /etc/postfix/localdomains

put all local domains in this file in following format:

domain.tld               PERMIT

postmap /etc/postfix/localdomains

 

Change /atc/gld.conf

MINTIME=58

 

Create /etc/cron.daily/gld-cleanup

#!/bin/sh

/usr/sbin/gld -c 14

/usr/sbin/gld -k 1

 

Change /etc/postfix/main.cf

message_size_limit = 20480000 (20MB)

 

Restart postfix:

/etc/init.d/postfix restart

 

Fix pam_limit error (in log)

vi /etc/pam.d/login

vi /etc/pam.d/ssh

vi /etc/pam.d/ssh.dpkg-dist

vi /etc/pam.d/su

 

Comment out:

session    required     pam_limits.so

 

Bind9 for vServer

cd /usr/src/

aptitude install dpkg-dev

aptitude install gcc

aptitude install libssl-dev

aptitude install source bind9

cd bind9-9.2.4

./configure --disable-linux-caps --enable-threads --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc

make; make install

 

Or alternatively get it from here:

add to /etc/apt/sources.list:

deb http://www.paul.sladen.org/debian sarge bind9

aptitude update

aptitude install bind9

(Note: Somehow the readily built packages did not work, so you may have to compile your own named binaries as above.)

 

Create a directory /var/run/named

chown bind:bind /var/run/named

vi /etc/bind/named.conf.options

Add: pid-file "/var/run/named/named.pid";

 

Reboot

 

Logcheck

aptitidude install logcheck

Modify: vi /etc/logcheck/logcheck.conf and if required /etc/cron.d/logcheck (at least adjust the email address the report should be send to). It’s really a helpful tool.

 

Partner: ©  perhapsMedia.com - 7d6n - Tomatenmark - Thaiforum - Arbeitslosenversicherungen - Vollkaskoversicherung