Използвал съм ръководството на howtoforge от тук http://howtoforge.com/perfect-server-ubuntu-10.04-lucid-lynx-ispconfig-3
Вече имам две такива инсталации които се държат много добре. Минаха вече два месеца тестове за да съм сигурен, че избора ми е правилен.
В момента има конфигурирани 3 клиента, 24 сайта, 24 ftp потребителя, 3 майл домейна и 8 пощенски кутии. Меил часта е добре организирана и борбата със спам е добро решение тук. Намерих само един бъг ако може да се нарече така с директивите в apache сървъра но не е болка за умиране (бързо се оправя).
Като за начало трябва да създадем парола на root потребителя и да сме сигурни, че е инсталиран ssh за да можем да администрираме отдалечено системата.
sudo su sudo passwd root aptitude install ssh openssh-server |
Конфигурираме мрежата.
nano /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 93.155.130.14
netmask 255.255.255.0
gateway 93.155.130.1 |
Създаваме име на системата. Тази операция е много нужна за apache сървъра.
nano /etc/hosts
127.0.0.1 localhost.localdomain localhost 93.155.130.14 host.itservice-bg.net host ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters |
echo host.itservice-bg.net > /etc/hostname /etc/init.d/hostname restart hostname hostname -f |
Обновяваме системата и рестартираме.
aptitude update aptitude safe-upgrade reboot |
Връщаме си стандартната обвивка bash.
dpkg-reconfigure dash [...] Install dash as /bin/sh? <-- No [...] |
Деинсталираме apparmor защото ще ни прави номера.
/etc/init.d/apparmor stop update-rc.d -f apparmor remove aptitude remove apparmor apparmor-utils |
Инсталиране на нужен ни софтуер.
aptitude install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl getmail4 rkhunter binutils maildrop ntp ntpdate [...] New password for the MySQL "root" user: <-- yourrootsqlpassword Repeat password for the MySQL "root" user: <-- yourrootsqlpassword Create directories for web-based administration? <-- No General type of mail configuration: <-- Internet Site System mail name: <-- server1.example.com SSL certificate required <-- Ok [...] |
Трябва да затворим порта на mysql към 127.0.0.1
nano /etc/mysql/my.cnf
[...] # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. #bind-address = 127.0.0.1 [...] |
Да изтрием вече създадените сертификати.
cd /etc/courier rm -f /etc/courier/imapd.pem rm -f /etc/courier/pop3d.pem |
Да опишем домейна в imap и pop3 демоните.
nano /etc/courier/imapd.cnf
[...] CN=host.itservice-bg.net [...] |
nano /etc/courier/pop3d.cnf
[...] CN=host.itservice-bg.net [...] |
Да създадем отново сертификатите.
mkimapdcert mkpop3dcert /etc/init.d/courier-imap-ssl restart /etc/init.d/courier-pop-ssl restart |
Инсталиране на нужен софтуер.
aptitude install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl bind9 dnsutils vlogger webalizer build-essential autoconf automake1.9 libtool flex bison debhelper fail2ban [...] Web server to reconfigure automatically: <-- apache2 Configure database for phpmyadmin with dbconfig-common? <-- No [...] |
Активиране на модулите на Apache.
a2enmod suexec rewrite ssl actions include /etc/init.d/apache2 restart |
Инсталиране и конфигуриране на ftp демона.
aptitude install pure-ftpd-common pure-ftpd-mysql quota quotatool nano /etc/default/pure-ftpd-common [...] STANDALONE_OR_INETD=standalone [...] VIRTUALCHROOT=true [...] /etc/init.d/pure-ftpd-mysql restart |
Инсталиране и конфигуриране на квотата.
nano /etc/fstab
[...] proc /proc proc nodev,noexec,nosuid 0 0 # / was on /dev/sda1 during installation UUID=79c51eab-ed24-42b6-aabb-ca700753229a / ext4 errors=remount-ro,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 0 # /mnt/sdb was on /dev/sdb1 during installation UUID=c6f5c31f-0996-4ff4-b836-9d50b6746eda /mnt/sdb ext4 defaults 0 2 # /mnt/sdc was on /dev/sdc1 during installation UUID=ed068da7-3577-490f-9402-ef1edbbab87c /mnt/sdc ext4 defaults 0 2 # swap was on /dev/sda5 during installation UUID=8298959b-03a9-4fda-9b14-cf023905bb46 none swap sw 0 0 [...] touch /aquota.user /aquota.group chmod 600 /aquota.* mount -o remount / quotacheck -avugm quotaon -avug |
Инсталиране и конфигуриране на jailkit който осигурява chroot през ssh достъп.
cd /tmp wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz tar xvfz jailkit-2.11.tar.gz cd jailkit-2.11 ./debian/rules binary cd .. dpkg -i jailkit_2.11-1_*.deb rm -rf jailkit-2.11* |
Инсталиране и конфигуриране на squirrelmail с courier IMAP server.
aptitude install squirrelmail ln -s /usr/share/squirrelmail/ /var/www/webmail squirrelmail-configure |
SquirrelMail Configuration : Read: config.php (1.4.0)
———————————————————
Main Menu —
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages
D. Set pre-defined settings for specific IMAP servers
C Turn color on
S Save data
Q Quit
Command >> <– D
SquirrelMail Configuration : Read: config.php
———————————————————
While we have been building SquirrelMail, we have discovered some
preferences that work better with some servers that don’t work so
well with others. If you select your IMAP server, this option will
set some pre-defined settings for that server.
Please note that you will still need to go through and make sure
everything is correct. This does not change everything. There are
only a few settings that this will change.
Please select your IMAP server:
bincimap = Binc IMAP server
courier = Courier IMAP server
cyrus = Cyrus IMAP server
dovecot = Dovecot Secure IMAP server
exchange = Microsoft Exchange IMAP server
hmailserver = hMailServer
macosx = Mac OS X Mailserver
mercury32 = Mercury/32
uw = University of Washington’s IMAP server
gmail = IMAP access to Google mail (Gmail) accounts
quit = Do not change anything
Command >> <– courier
SquirrelMail Configuration : Read: config.php
———————————————————
While we have been building SquirrelMail, we have discovered some
preferences that work better with some servers that don’t work so
well with others. If you select your IMAP server, this option will
set some pre-defined settings for that server.
Please note that you will still need to go through and make sure
everything is correct. This does not change everything. There are
only a few settings that this will change.
Please select your IMAP server:
bincimap = Binc IMAP server
courier = Courier IMAP server
cyrus = Cyrus IMAP server
dovecot = Dovecot Secure IMAP server
exchange = Microsoft Exchange IMAP server
hmailserver = hMailServer
macosx = Mac OS X Mailserver
mercury32 = Mercury/32
uw = University of Washington’s IMAP server
quit = Do not change anything
Command >> courier
imap_server_type = courier
default_folder_prefix = INBOX.
trash_folder = Trash
sent_folder = Sent
draft_folder = Drafts
show_prefix_option = false
default_sub_of_inbox = false
show_contain_subfolders_option = false
optional_delimiter = .
delete_folder = true
Press any key to continue… <– ENTER
SquirrelMail Configuration : Read: config.php (1.4.0)
———————————————————
Main Menu —
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages
D. Set pre-defined settings for specific IMAP servers
C Turn color on
S Save data
Q Quit
Command >> <– S
SquirrelMail Configuration : Read: config.php (1.4.0)
———————————————————
Main Menu —
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages
D. Set pre-defined settings for specific IMAP servers
C Turn color on
S Save data
Q Quit
Command >> S
Data saved in config.php
Press enter to continue… <– ENTER
SquirrelMail Configuration : Read: config.php (1.4.0)
———————————————————
Main Menu —
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages
D. Set pre-defined settings for specific IMAP servers
C Turn color on
S Save data
Q Quit
Command >> <– Q
Самата инсталация на ISPconfig 3 – сравнително лесна е.
cd /tmp wget http://downloads.sourceforge.net/ispconfig/ISPConfig-3.0.2.1.tar.gz?use_mirror= tar xvfz ISPConfig-3.0.2.1.tar.gz cd ispconfig3_install/install/ php -q install.php ispconfig_update.sh |
Остана да се логнем и настроим системата.
http://host.itservice-bg.net:8080
По някаква причина ISPConfig-a не ми приема юзернейма и паролата.
Оправих се юзер admin с парола admin .
За тези които се сблъскат с това.
Поздрави.
Май само аз ще си пиша тук.
Въпрос имали начин да се логвам само с потребителско име без домейн ако има само един мейл домейн.
Ами ако имаш само един домейн тогава няма да ти е нужен ispconfig а той самият затова е написан за работа с много домейни. Както и да е, в ispconfig не може да се логваш само с username но по принцип може ако няма mysql postfix търси потребителя направо от /etc/passwd и директорията /home/user.