PmWiki /

UbuntuSetup

Ubuntu 6.06 LTS ISP Server set up with DTC

Install of Ubuntu 6.06 LTS Server with the DTC control panel to provide a secure virtual hosting platform for Email, Webmail Anti-spam and Anti-virus with usage statistics.

http://www.ubuntu.com/server(approve sites)
http://www.gplhost.com

This system uses the LAMP install of Ubuntu and Domain Technologies control panel.

Remote access with ssh
Firewall security with Shorelines Shorewall
DNS Sever: Bind9
FTP server: Pureftp
Mail: Postfix, Courier POP(s), IMAP(s)
Web mail with Squirrelmail
Mailing lists management with mlmmj
Anti virus and Spam controls with Spam Assassin, Clam AV,SPF, Amavis
Web statistics with Webalizer and awstats
Security certificates from CaCerts

The control panel also features a package installer for 'one click' application deployment.
For the future, the control panel supports virtualisation with xen.

I can be contacted by email at kdavies at syntosdotltddotuk or from my website www.syntos.ltd.uk.

Enjoy

Kevin

Install the Ubuntu LAMP server.

Reconfigure eth0 for a static ip address.
In this example I used 192.168.1.15 as the server ip.
Now for some configuration changes as root. 


    sudo -i
    vi /etc/network/interfaces

#This file describes the network interfaces available on your system
#and how to activate them. For more information, see interfaces(5).
#The loopback network interface
auto lo

iface lo inet loopback

#The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.15
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1 


    {+Notes from my own experience:+}
    For those wanting a copy paste howto
    - the above interfaces file is wrongly formatted
    It should be as follows

    ==================================================
    Copy Below:

#This file describes the network interfaces available on your system
#and how to activate them. For more information, see interfaces(5). 
#The loopback network interface
auto lo

iface lo inet loopback

#The primary network interface
auto eth0
iface eth0 inet static
	address 192.168.1.15
	netmask 255.255.255.0
	network 192.168.1.0
	broadcast 192.168.1.255
	gateway 192.168.1.1

     End Copy
     ===================================================

Turn off IPv6 


    echo "alias net-pf-10 off" > /etc/modprobe.d/bad_list

reload the network settings 


    /etc/init.d/networking restart

edit the /etc/hosts file to reflect the new ip. 


    vi /etc/hosts

127.0.0.1 localhost
192.168.1.15 myhostname.home.net myhostname

A reboot may be desirable at this stage.

Update your system
Check /etc/apt/sources.list to ensure repositories are enabled and remove cdrom from sources.list 


    vi /etc/apt/sources.list
    apt-get update
    apt-get upgrade

Remote access with ssh


    apt-get install ssh

use ssh to connect to your server. 


    ssh adminname@192.168.1.15

To log into the admin account on the server without having to enter a password each time, populate the authorized_keys file on the server 


    ssh-copy-id -i ~/.ssh/id_dsa.pub adminname@192.168.1.15

You can now logon to the server. 


    ssh adminame@192.168.1.15

Start a root session 


    sudo -i

Remove some unwanted software 


    apt-get remove pppoeconf ppp pppconfig

Now to get some software 


    apt-get install screen defoma fontconfig gawk fileutils unrar-free zip unzip
    libzzip-0-12 mhonarc fakeroot chrootuid patch ucf openntpd ncftp

    apt-get install php5 php5-cli php5-cgi php5-curl php5-gd php5-imap php5-mcrypt 
    php5-mhash php5-pspell php5-recode php5-snmp php5-xmlrpc php5-xsl php-pear 
    php-net-smtp php-net-socket php-xml-parser

When asked about libclient answer no. we want to use maildirs. 


    apt-get install bind9 bindgraph
    apt-get install rrdtool rrdcollect mrtg-rrd librrd2 mrtg libgd-tools mrtg-contrib

Answer no to MRTG user only.
edit mrtg.cfg to reflect your web work directory 


    vi /etc/mrtg.cfg



    Notes from my own experience:

    /etc/mrtg.conf <-- This did not exist

    but /etc/mrtg.cfg did. I just copied the file just in case
    cp /etc/mrtg.cfg /etc/mrtg.conf

    or you can make a symlink
    ln -s /etc/mrtg.cfg /etc/mrtg.conf



    apt-get install libmysqlclient12 libdigest-hmac-perl libdigest-sha1-perl 
    libhtml-parser-perl libhtml-tagset-perl libltdl3 liburi-perl libnet-ip-perl 
    libnet-dns-perl libnet-cidr-lite-perl libmail-spf-query-perl

    apt-get install libsocket6-perl

needed for mysql authentication 


    apt-get install libpam-mysql libnss-mysql



    apt-get install postfix postfix-mysql courier-base courier-pop courier-imap 
    courier-authdaemon courier-maildrop courier-authmysql courier-ssl courier-imap-ssl 
    courier-pop-ssl sasl2-bin libsasl2 libsasl2-modules



    rm /var/spool/postfix/var/run/saslauthd/
    ln -s /var/run/saslauthd /var/spool/postfix/var/run



    Notes from my own experience:

    /var/spool/postfix/var/run/saslauthd/ <-- This did not exist

    /var/spool/postfix/var did not exist therefore the following failed:
    ln -s /var/run/saslauthd /var/spool/postfix/var/run

    Do the following first
    mkdir /var/spool/postfix/var
    Then
    ln -s /var/run/saslauthd /var/spool/postfix/var/run

Answer yes for web based configuration files.
Chose Internet site 


    apt-get install spamassassin spamc
    apt-get install clamav-base clamav-daemon php5-clamavlib clamav clamav-freshclam
    apt-get install phpmyadmin webalizer awstats squirrelmail sqwebmail amavisd-new
    amavisd-new-milter

Had some problems with ftp-server, this worked. 


    aptitude -t ftp-server install pure-ftpd pure-ftpd-common pure-ftpd-mysql



    pear install Crypt_CBC Auth_SASL

Some setting up 


    ln -s /usr/share/php/PEAR /usr/share/pear
    ln -s /var/log /etc/apache2/logs
    touch /etc/apache2/logs/mod_log_sql-preserve
    chown nobody:nogroup /etc/apache2/logs/mod_log_sql-preserve

Set up root user password for MySQL 


    mysqladmin password mysqlrootpassword

PHP settings. Edit php.ini files. 


    vi /etc/php5/apache2/php.ini


    set max_execution_time = 300
    set memory_limit = 32M
    set upload_max_filesize = 6M
    set extension=mysql.so
    set extension=mysqli.so


    Notes from my own experience:

    extension=mysql.so was already set
    extension=mysqli.so was already set

then copy to the cgi and cli directories 


    cp /etc/php5/apache2/php.ini /etc/php5/cgi
    cp /etc/php5/apache2/php.ini /etc/php5/cli

Apache configuration
copy the cgi-bin alias from default site to apache2.conf 


    vi /etc/apache2/apache2.conf

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all

</Directory>

Restart Apache webserver 


    apache2ctl restart

Add the dtc repository to /etc/apt/sources.list 


    echo deb ftp://ftp.gplhost.com/debian stable main >>/etc/apt/sources.list

Update apt 


    apt-get update



    apt-get install mlmmj sbox-dtc libapache2-mod-log-sql-mysql libapache2-mod-log-sql 
    libapache2-mod-log-sql-ssl

Install DTC control panel

For the standard release: 


    apt-get dtc



    Notes from my own experience:

    standard apt-get release did not work for me.
    there were issues with php4 dependencies when ubuntu comes
    standard with php5.

    also apache2 could not start.

    sorry, not technical enough to know why but the cvs worked
    for me.

For the latest version from cvs: 


    apt-get install cvs



    cvs -d :pserver:anonymous@gplhost.com:/var/lib/cvs login

Password is anoncvs 


    cvs -d :pserver:anonymous@gplhost.com:/var/lib/cvs checkout dtc



    cvs -d :pserver:anonymous@gplhost.com:/var/lib/cvs logout

Now to make DTC package 


    cd dtc/bin
    ./makeDebian

Next install the control panel 


    dpkg -i dtc_0.21.0-0_all.deb



    Notes from my own experience:

    As of 3rd October 2006 the latest cvs was 0.22 not 0.21
    dpkg -i dtc_0.22.0-0_all.deb

To remove dtc 


    dpkg -r dtc

To reconfigure dtc 


    dpkg-reconfigure dtc

Install some traffic loggers 


    apt-get install mysqmail-postfix-logger mysqmail-courier-logger 
    mysqmail-pure-ftpd-logger

Firewall configuration with Shorewall 


    apt-get install shorewall

To get phpmyadmin to work I had to edit /etc/phpmyadmin/blowfish_secret.inc.php and add it to /usr/share/phpmyadmin/config.inc.php

Using the control panel

Browse to http://yourdtcdomain.com/dtcadmin(approve sites)
Log in
Select DTC general configuration
Set Use SSL to yes

Using DTC

Set up mail
Select Users Administration ==>dtcdomain ==>Mailboxes
In the login box enter postmaster
Enter a password
for the postmaster username
In the Catch-all dropdown box select postmaster
Select ok
Continue to add emails.

Change account settings select
Admin editor or
Domain config

Adding a database
Select Client interface ==> database
First create a database username with a password
Select create
Create your database with username ==> create



Editing this page means accepting its license.

Edit - History - Print - Recent Changes - Search
Page last modified on October 17, 2006, at 03:55 PM EST