Install ISPconfig3 on ubuntu 10.4

December 5th, 2010 • RelatedFiled Under
feature photo

Introduction
If your hosting company has installed the bare minimum (operating system+SSH) and left you to fend for yourself then fear not my friend, we’re about to set up a complete and fully functional server around an open source hosting control panel for Linux called ISPConfig. (hey, cPanel costs money!)

Foolish Assumptions
In this tutorial I assume you already have Ubuntu installed on a web server and you control the server via SSH (plus a basic understanding of the terminal). I also assume you’re using Ubuntu 10.4 (Lucid Lynx) for the purposes of this tutorial, so it will need to be altered for use on other versions. Furthermore, I assume that you have vi installed and know how to use it (it’s most likely of all editors to already be installed). If you want to use another editor then alter the tutorial accordingly. This tutorial will also work from the console if you have physical access to the machine or a web based console tool. Lastly, I assume that you already know that it’s arguably better to prepend sudo in front of each command to gain root access rather than typing these commands as the root user.

What is ISPConfig?
The ISPConfig website says “ISPConfig 3 is a webhosting control panel that allows you to configure the following services through a web browser: Apache web server, Postfix mail server, MySQL, BIND or MyDNS nameserver, PureFTPd, SpamAssassin, ClamAV, and many more.” I couldn’t have explained it any better myself.

Please note that this tutorial will not work for ISPConfig 2.

Preparation
First things first, we’ll check to see if universe and multiverse repositories are enabled and that the CD Installation is commented out. To do this we edit /etc/apt/sources.list.

Code:
1 vi /etc/apt/sources.list

When you’re done your sources.list will contain at least this (replace us with your country):

Code:
1 deb http://us.archive.ubuntu.com/ubuntu/ lucid main universe multiverse
2 deb-src http://us.archive.ubuntu.com/ubuntu/ lucid main universe multiverse

And you’ll comment out any line that contains the prefix deb cdrom, similar to this:

Code:
1 #deb cdrom:[Ubuntu-Server 10.04 LTS _Lucid Lynx_ - Release amd64 (20100427)]/ lucid main restricted
2 #deb cdrom:[Ubuntu-Server 10.04 LTS _Lucid Lynx_ - Release amd64 (20100427)]/ lucid main restricted

TIP: Everything else can be left as-is, if you have any trouble with this section you can replace your list.sources file with one from the Ubuntu Sources List Generator.

Then we’ll update aptitude and the apt package database and reboot:

Code:
1 aptitude update
2 aptitude safe-upgrade
3
4 reboot

Now, we’ll change /bin/sh (a symlink to /bin/dash) to point to /bin/bash.

Code:
1 dpkg-reconfigure dash
2
3 Install dash as /bin/sh? <-choose no->

Installation Begins
Now, we install Postfix, Courier, Saslauthd, MySQL, rkhunter, binutils, and related packages. I used to do these one at a time to make sure I didn’t misspell or forget anything, but after doing this so many times I can do it in my sleep. If it’s your first time you may want to do each one separately (aptitude install X).

Code:
1 aptitude install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl getmail4 rkhunter binutils maildrop

You’ll be asked a series of questions, which you’ll answer like this:

Code:
1 New password for the MySQL “root” user:
2 <-enter new root password for MySQL->
3
4 Repeat password for the MySQL “root” user:
5 <-repeat password->
6
7
8 Create directories for web-based administration?
9 <-choose no->
10
11
12 General type of mail configuration:
13 <-choose Internet Site->
14
15
16 System mail name:
17 <-enter yourwebsite.com without the http://->
18
19
20 SSL certificate required:
21 <-choose OK (only option)->

Next, edit /etc/mysql/my.cnf and comment out bind-address = 127.0.0.1:

Code:
1 vi /etc/mysql/my.cnf

Once you’ve opened the file and made the edit, it’ll look something like this:

Code:
1 <-other stuff->
2 #bind-address = 127.0.0.1
3 <-other stuff->

Next, we need to restart MySQL:

Code:
1 /etc/init.d/mysql restart

Our next issue is that the SSL certificates for IMAP and POP3 are using localhost for their hostnames. That won’t do at all, so we delete them:

Code:
1 cd /etc/courier
2
3 rm -f /etc/courier/imapd.pem
4 rm -f /etc/courier/pop3d.pem

Now we prepare to regenerate them. We’ll open imapd.cnf and pop3d.cnf then change CN=localhost to CN=yourwebsite.com (without the http://).

First imapd.cnf:

Code:
1 vi /etc/courier/imapd.cnf

Code:
1 <-other stuff->
2 CN=yourwebsite.com <-without the http://->
3 <-other stuff->

Then pop3d.cnf:

Code:
1 vi /etc/courier/pop3pd.cnf

Code:
1 <-other stuff->
2 CN=yourwebsite.com <-without the http://->
3 <-other stuff->

Finally, we regenerate the certificates with the correct hostnames and restart Courier-IMAP-SSL and Courier-POP3-SSL

Code:
1 mkimapdcert
2 mkpop3dcert
3
4
5 /etc/init.d/courier-imap-ssl restart
6 /etc/init.d/courier-pop-ssl restart

Now, we’ll install Amavisd-new, SpamAssassin, Clamav, and related packages. Once again, If it’s your first time you may want to do each one separately (aptitude install X). :

Code:
1 aptitude install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl

Then, we’ll install Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, mcrypt, and related packages (at this point I’ll stop advising n00bs to install them separately):

Code:
1 aptitude install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-ruby

You’ll be asked these questions:

Code:
1 Web server to reconfigure automatically:
2 <-choose Apache2->
3
4 Configure database for phpMyAdmin with dbconfig-common?
5 <-choose no->

Then, we’ll enable some Apache modules and restart Apache:

Code:
1 a2enmod suexec rewrite ssl actions include
2 a2enmod dav_fs dav auth_digest
3
4 /etc/init.d/apache2 restart

Next, we’ll install PureFTPd and Quota:

Code:
1 aptitude install pure-ftpd-common pure-ftpd-mysql quota quotatool

Finally, we restart PureFTPd:

Code:
1 /etc/init.d/pure-ftpd-mysql restart

Now, we edit the fstab (caution: be very careful in this file! One mistake and your server won’t reboot). Find the partition with the mount point and add ,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0:

Code:
1 vi /etc/fstab

The file will look something like this:

Code:
1 # /etc/fstab: static file system information.
2 #
3 #
4
5 proc /proc proc defaults 0 0
6 # /dev/sda5
7 UUID=be35a709-c787-4198-a903-d5fdc80ab2f8 / ext3 relatime,errors=remount-ro,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0: 0 1
8 # /dev/sda6
9 UUID=cee15eca-5b2e-48ad-9735-eae5ac14bc90 none swap sw 0 0
10
11 /dev/scd0 /media/cdrom0 udf,iso9660 user,noauto,exec,utf8 0 0

Next, it’s time to enable quota:

Code:
1 touch /aquota.user /aquota.group
2 chmod 600 /aquota.*
3 mount -o remount /
4
5
6 quotacheck -avugm
7 quotaon -avug

Now, we install BIND, Vlogger, Webalizer, AWstats, Jailkit, fail2ban (Jailkit is only needed if you need to chroot SSH users, but since it CANNOT be installed after ISPConfig, we’ll install it either way just in-case):

Code:
1 aptitude install bind9 dnsutils
2
3 aptitude install vlogger webalizer awstats
4 cp -prf /usr/share/doc/awstats/examples/awstats_buildstaticpages.pl /usr/share/awstats/tools/awstats_buildstaticpages.pl
5
6 aptitude install build-essential autoconf automake1.9 libtool flex bison debhelper
7
8 cd /tmp
9 wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
10 tar xvfz jailkit-2.11.tar.gz
11 cd jailkit-2.11
12 ./debian/rules binary
13 cd ..
14 dpkg -i jailkit_2.11-1_*.deb
15 rm -rf jailkit-2.11*
16
17 aptitude install fail2ban

We’re almost done, so let’s install SquirrelMail:

Code:
1 aptitude install squirrelmail
2 ln -s /usr/share/squirrelmail/ /var/www/webmail
3 squirrelmail-configure

When the SquirrelMail configuration process starts, enter these answers in this order (you’ll see a whole page of information or options each time you hit enter):

Code:
1 D
2 <-enter->
3 courier
4 <-enter->
5 <-enter again->
6 S
7 <-enter->
8 <-enter again->
9 Q
10 <-enter->

We can now access SquirrelMail at http:// yourwebsite.com/webmail/

Finally. we can install ISPConfig:

Code:
1 cd /tmp
2 wget http://downloads.sourceforge.net/ispconfig/ISPConfig-3.0.2.1.tar.gz?use_mirror=
3 tar xvfz ISPConfig-X.X.X.X.tar.gz
4 cd ispconfig3_install/install/
5
6 php -q install.php

Everything will then be configured for you, just continue to hit enter but watch out because you’ll be asked to enter the MySQL root password at some point.

When finished, you’ll find ISPConfig 3 at http:// yourwebsite.com:8080/. Use admin for the username and password.

Congratulations! You know have a fully working server ready to be configured and customized to your liking!

Post a Response

You must be logged in to post a comment.