Installare Ispconfig Con Apache2 E Nginx Come Reverse Proxy Su Ubuntu 12

ispconfig

Questo tutorial spiega come installare ispconfig3 con apache2 e nginx come reverse proxy insieme a dovecot e tutto il necessario per un webserver completo anche di roundcube e dns. Cominciamo installando:

 

apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve sudo

 

New password for the MySQL "root" user: <– yourrootsqlpassword

<span class="system">Repeat password for the MySQL &quot;root&quot; user:</span> <span class="highlight">&lt;-- <span style="color:#FF0000">yourrootsqlpassword</span></span>

<span class="system">General type of mail configuration:</span> <span class="highlight">&lt;-- <span style="color:#FF0000">Internet Site</span></span>

<span class="system">System mail name:</span> <span class="highlight">&lt;-- <span style="color:#FF0000">server1.example.com</span></span>

Aprire le porte per postfix

 

 

vi /etc/postfix/master.cf

 

Inseriamo

[...]
submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
smtps     inet  n       -       -       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#  -o milter_macro_daemon_name=ORIGINATING
[...]

Riavviamo postfix e abilitiamo il bind a mysql non solo in locale commentando come segue

/etc/init.d/postfix restart

 

vi /etc/mysql/my.cnf

 

 

[...]
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address           = 127.0.0.1
[...]

 

/etc/init.d/mysql restart

Installiamo Amavisd-new, SpamAssassin e Clamav

apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl

Fermiamo spamassassin

/etc/init.d/spamassassin stop

update-rc.d -f spamassassin remove

Installiamo Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, e mcrypt

 

apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-curl php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libruby libapache2-mod-ruby libapache2-mod-python libapache2-mod-perl2

 

Alle seguenti domande rispondiamo

Web server to reconfigure automatically: <– apache2

<span class="system">Configure database for phpmyadmin with dbconfig-common?</span> <span class="highlight">&lt;-- <span style="color:#FF0000">No </span></span>

Digitiamo ora

a2enmod suexec rewrite ssl actions include

 

a2enmod dav_fs dav auth_digest

 

Riavviamo apache2

 

service apache2 restart

 

vi /etc/mime.types

 

[...]
#application/x-ruby                             rb
[...]

Installiamo ora xcache e poi riavviamo apache2

apt-get install php5-xcache

service apache2 restart

Installiamo ora il client ftp pureftpd

apt-get install pure-ftpd-common pure-ftpd-mysql
vi /etc/default/pure-ftpd-common
[...]
STANDALONE_OR_INETD=standalone
[...]
VIRTUALCHROOT=true
[...]

Abilitiamo FTP e TLS nelle connessioni

echo 1 > /etc/pure-ftpd/conf/TLS

Creiamo il certificato

mkdir -p /etc/ssl/private/

openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem

Compiliamo tutti i campi della licenza dopodichè settiamo i permessi e riavviamo

chmod 600 /etc/ssl/private/pure-ftpd.pem

/etc/init.d/pure-ftpd-mysql restart

Installiamo ora BIND Dns server

apt-get install bind9 dnsutils

Installiamo Vlogger, Webalizer e AWstats

apt-get install vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl

Apriamo le configurazioni del cron di awstat e commentiamo tutto

 

#MAILTO=root
#*/10 * * * * www-data [ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh
# Generate static reports:
#10 03 * * * www-data [ -x /usr/share/awstats/tools/buildstatic.sh ] && /usr/share/awstats/tools/buildstatic.sh

 

Installiamo fail2ban

apt-get install fail2ban

Creiamo poi il file

vi /etc/fail2ban/jail.local

 

[pureftpd]
enabled  = true
port     = ftp
filter   = pureftpd
logpath  = /var/log/syslog
maxretry = 3

[dovecot-pop3imap]
enabled = true
filter = dovecot-pop3imap
action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp]
logpath = /var/log/mail.log
maxretry = 5

 

Creiamo i due filtri

vi /etc/fail2ban/filter.d/pureftpd.conf
[Definition]
failregex = .*pure-ftpd: (.*@) [WARNING] Authentication failed for user.*
ignoreregex =

 

vi /etc/fail2ban/filter.d/dovecot-pop3imap.conf

 

 

[Definition]
failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login (auth failed|Aborted login (tried to use disabled|Disconnected (auth failed|Aborted login (d+ authentication attempts).*rip=(?PS*),.*
ignoreregex =

 

Riavviamo adesso fail2ban

/etc/init.d/fail2ban restart 

Passiamo ora ad installare squirrelmail o roundcube

Creiamo la directory per la webmail roundcube o squirrelmail

 mkdir /var/www/webmail/
 cd /var/www/ 

Incaso vogliamo continuare nell'installazione di roundcube continuiamo con i seguenti codici altrimenti passiamo al prossimo step

Scarichiamo l'ultima versione di roundcube disponibile (al momento la 0.8.4)

 

wget http://sourceforge.net/projects/roundcubemail/files/roundcubemail/0.8.4/roundcubemail-0.8.4.tar.gz/download

tar xfz roundcubemail-0.8.4.tar.gz

mv roundcubemail-0.8.4/* webmail

rm roundcubemail-0.8.4.tar.gz

rm -rf roundcubemail-0.8.4

 

Ora settiamo i permessi

cd webmail

chown -R www-data:www-data temp/ logs/ 

Creiamo il database che ospiterà roundcube quindi colleghiamoci al mysql digitando

`mysql -u root -p`

Inseriamo la password e digitiamo
CREATE DATABASE roundcubemail;

GRANT ALL PRIVILEGES ON roundcubemail.* TO [email protected] IDENTIFIED BY 'password';
FLUSH PRIVILEGES; 

Inseriamo la password che vogliamo e naturalmente se preferiamo avere un diverso database basterà cambiare il nome utente

Per finire l&#039;installazione di roundcube dovremo recarci al nostro indirizzo ip del server http://indirizzo.ip/webmail e alla fine ricordiamo di eliminare la cartella d&#039;installazione
rm -rf /var/www/webmail/installer

Installazione di squirrelmail

 

apt-get install squirrelmail

 

squirrelmail-configure

 

SquirrelMail Configuration : Read: config.php (1.4.0)

---------------------------------------------------------

Main&nbsp;Menu&nbsp;--

1.&nbsp;&nbsp;Organization&nbsp;Preferences

2.&nbsp;&nbsp;Server&nbsp;Settings

3.&nbsp;&nbsp;Folder&nbsp;Defaults

4.&nbsp;&nbsp;General&nbsp;Options

5.&nbsp;&nbsp;Themes

6.&nbsp;&nbsp;Address&nbsp;Books

7.&nbsp;&nbsp;Message&nbsp;of&nbsp;the&nbsp;Day&nbsp;(MOTD)

8.&nbsp;&nbsp;Plugins

9.&nbsp;&nbsp;Database

10.&nbsp;Languages

D.&nbsp;&nbsp;Set&nbsp;pre-defined&nbsp;settings&nbsp;for&nbsp;specific&nbsp;IMAP&nbsp;servers

C&nbsp;&nbsp;&nbsp;Turn&nbsp;color&nbsp;on

S&nbsp;&nbsp;&nbsp;Save&nbsp;data

Q&nbsp;&nbsp;&nbsp;Quit

Command&nbsp;&gt;&gt;</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">D</span></span>

<span class="system">SquirrelMail&nbsp;Configuration&nbsp;:&nbsp;Read:&nbsp;config.php

---------------------------------------------------------

While&nbsp;we&nbsp;have&nbsp;been&nbsp;building&nbsp;SquirrelMail,&nbsp;we&nbsp;have&nbsp;discovered&nbsp;some

preferences&nbsp;that&nbsp;work&nbsp;better&nbsp;with&nbsp;some&nbsp;servers&nbsp;that&nbsp;don&#039;t&nbsp;work&nbsp;so

well&nbsp;with&nbsp;others.&nbsp;&nbsp;If&nbsp;you&nbsp;select&nbsp;your&nbsp;IMAP&nbsp;server,&nbsp;this&nbsp;option&nbsp;will

set&nbsp;some&nbsp;pre-defined&nbsp;settings&nbsp;for&nbsp;that&nbsp;server.

Please&nbsp;note&nbsp;that&nbsp;you&nbsp;will&nbsp;still&nbsp;need&nbsp;to&nbsp;go&nbsp;through&nbsp;and&nbsp;make&nbsp;sure

everything&nbsp;is&nbsp;correct.&nbsp;&nbsp;This&nbsp;does&nbsp;not&nbsp;change&nbsp;everything.&nbsp;&nbsp;There&nbsp;are

only&nbsp;a&nbsp;few&nbsp;settings&nbsp;that&nbsp;this&nbsp;will&nbsp;change.

Please&nbsp;select&nbsp;your&nbsp;IMAP&nbsp;server:

&nbsp;&nbsp;&nbsp;&nbsp;bincimap&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Binc&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;courier&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Courier&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;cyrus&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Cyrus&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;dovecot&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Dovecot&nbsp;Secure&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;exchange&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Microsoft&nbsp;Exchange&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;hmailserver&nbsp;=&nbsp;hMailServer

&nbsp;&nbsp;&nbsp;&nbsp;macosx&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Mac&nbsp;OS&nbsp;X&nbsp;Mailserver

&nbsp;&nbsp;&nbsp;&nbsp;mercury32&nbsp;&nbsp;&nbsp;=&nbsp;Mercury/32

&nbsp;&nbsp;&nbsp;&nbsp;uw&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;University&nbsp;of&nbsp;Washington&#039;s&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;gmail&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;IMAP&nbsp;access&nbsp;to&nbsp;Google&nbsp;mail&nbsp;(Gmail)&nbsp;accounts

&nbsp;&nbsp;&nbsp;&nbsp;quit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Do&nbsp;not&nbsp;change&nbsp;anything

Command&nbsp;&gt;&gt;</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">dovecot</span></span>

<span class="system">SquirrelMail&nbsp;Configuration&nbsp;:&nbsp;Read:&nbsp;config.php

---------------------------------------------------------

While&nbsp;we&nbsp;have&nbsp;been&nbsp;building&nbsp;SquirrelMail,&nbsp;we&nbsp;have&nbsp;discovered&nbsp;some

preferences&nbsp;that&nbsp;work&nbsp;better&nbsp;with&nbsp;some&nbsp;servers&nbsp;that&nbsp;don&#039;t&nbsp;work&nbsp;so

well&nbsp;with&nbsp;others.&nbsp;&nbsp;If&nbsp;you&nbsp;select&nbsp;your&nbsp;IMAP&nbsp;server,&nbsp;this&nbsp;option&nbsp;will

set&nbsp;some&nbsp;pre-defined&nbsp;settings&nbsp;for&nbsp;that&nbsp;server.

Please&nbsp;note&nbsp;that&nbsp;you&nbsp;will&nbsp;still&nbsp;need&nbsp;to&nbsp;go&nbsp;through&nbsp;and&nbsp;make&nbsp;sure

everything&nbsp;is&nbsp;correct.&nbsp;&nbsp;This&nbsp;does&nbsp;not&nbsp;change&nbsp;everything.&nbsp;&nbsp;There&nbsp;are

only&nbsp;a&nbsp;few&nbsp;settings&nbsp;that&nbsp;this&nbsp;will&nbsp;change.

Please&nbsp;select&nbsp;your&nbsp;IMAP&nbsp;server:

&nbsp;&nbsp;&nbsp;&nbsp;bincimap&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Binc&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;courier&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Courier&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;cyrus&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Cyrus&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;dovecot&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Dovecot&nbsp;Secure&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;exchange&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Microsoft&nbsp;Exchange&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;hmailserver&nbsp;=&nbsp;hMailServer

&nbsp;&nbsp;&nbsp;&nbsp;macosx&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Mac&nbsp;OS&nbsp;X&nbsp;Mailserver

&nbsp;&nbsp;&nbsp;&nbsp;mercury32&nbsp;&nbsp;&nbsp;=&nbsp;Mercury/32

&nbsp;&nbsp;&nbsp;&nbsp;uw&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;University&nbsp;of&nbsp;Washington&#039;s&nbsp;IMAP&nbsp;server

&nbsp;&nbsp;&nbsp;&nbsp;gmail&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;IMAP&nbsp;access&nbsp;to&nbsp;Google&nbsp;mail&nbsp;(Gmail)&nbsp;accounts

&nbsp;&nbsp;&nbsp;&nbsp;quit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=&nbsp;Do&nbsp;not&nbsp;change&nbsp;anything

Command&nbsp;&gt;&gt;&nbsp;<span style="color:#FF0000">dovecot</span>

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;imap_server_type&nbsp;=&nbsp;dovecot

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;default_folder_prefix&nbsp;=&nbsp;&lt;none&gt;

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;trash_folder&nbsp;=&nbsp;Trash

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;sent_folder&nbsp;=&nbsp;Sent

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;draft_folder&nbsp;=&nbsp;Drafts

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;show_prefix_option&nbsp;=&nbsp;false

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;default_sub_of_inbox&nbsp;=&nbsp;false

show_contain_subfolders_option&nbsp;=&nbsp;false

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;optional_delimiter&nbsp;=&nbsp;detect

&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;delete_folder&nbsp;=&nbsp;false

Press&nbsp;any&nbsp;key&nbsp;to&nbsp;continue...</span>&nbsp;<span class="highlight">&lt;-- <span style="color:#FF0000">premi un tasto</span></span>

<span class="system">SquirrelMail&nbsp;Configuration&nbsp;:&nbsp;Read:&nbsp;config.php&nbsp;(1.4.0)

---------------------------------------------------------

Main&nbsp;Menu&nbsp;--

1.&nbsp;&nbsp;Organization&nbsp;Preferences

2.&nbsp;&nbsp;Server&nbsp;Settings

3.&nbsp;&nbsp;Folder&nbsp;Defaults

4.&nbsp;&nbsp;General&nbsp;Options

5.&nbsp;&nbsp;Themes

6.&nbsp;&nbsp;Address&nbsp;Books

7.&nbsp;&nbsp;Message&nbsp;of&nbsp;the&nbsp;Day&nbsp;(MOTD)

8.&nbsp;&nbsp;Plugins

9.&nbsp;&nbsp;Database

10.&nbsp;Languages

D.&nbsp;&nbsp;Set&nbsp;pre-defined&nbsp;settings&nbsp;for&nbsp;specific&nbsp;IMAP&nbsp;servers

C&nbsp;&nbsp;&nbsp;Turn&nbsp;color&nbsp;on

S&nbsp;&nbsp;&nbsp;Save&nbsp;data

Q&nbsp;&nbsp;&nbsp;Quit

Command&nbsp;&gt;&gt;</span>&nbsp;<span class="highlight">&lt;--<span style="color:#FF0000">&nbsp;S</span></span>

<span class="system">SquirrelMail&nbsp;Configuration&nbsp;:&nbsp;Read:&nbsp;config.php&nbsp;(1.4.0)

---------------------------------------------------------

Main&nbsp;Menu&nbsp;--

1.&nbsp;&nbsp;Organization&nbsp;Preferences

2.&nbsp;&nbsp;Server&nbsp;Settings

3.&nbsp;&nbsp;Folder&nbsp;Defaults

4.&nbsp;&nbsp;General&nbsp;Options

5.&nbsp;&nbsp;Themes

6.&nbsp;&nbsp;Address&nbsp;Books

7.&nbsp;&nbsp;Message&nbsp;of&nbsp;the&nbsp;Day&nbsp;(MOTD)

8.&nbsp;&nbsp;Plugins

9.&nbsp;&nbsp;Database

10.&nbsp;Languages

D.&nbsp;&nbsp;Set&nbsp;pre-defined&nbsp;settings&nbsp;for&nbsp;specific&nbsp;IMAP&nbsp;servers

C&nbsp;&nbsp;&nbsp;Turn&nbsp;color&nbsp;on

S&nbsp;&nbsp;&nbsp;Save&nbsp;data

Q&nbsp;&nbsp;&nbsp;Quit

Command&nbsp;&gt;&gt;</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">Q</span></span>

Non abbiamo ancora finito, ora dobbiamo configurare apache

cd /etc/apache2/conf.d/

ln -s ../../squirrelmail/apache.conf squirrelmail.conf

/etc/init.d/apache2 reload

Apriamo

vi /etc/apache2/conf.d/squirrelmail.conf

Andiamo a controllare e modificare le seguenti linee

[...]

  Options FollowSymLinks

    AddType application/x-httpd-php .php

    php_flag magic_quotes_gpc Off

    php_flag track_vars On

    php_admin_flag allow_url_fopen Off

    php_value include_path .

    php_admin_value upload_tmp_dir /var/lib/squirrelmail/tmp

    php_admin_value open_basedir /usr/share/squirrelmail:/etc/squirrelmail:/var/lib/squirrelmail:/etc/hostname:/etc/mailname:/var/spool/squirrelmail

    php_flag register_globals off

    DirectoryIndex index.php

  # access to configtest is limited by default to prevent information leak

    order deny,allow

    deny from all

    allow from 127.0.0.1

[...]

Creiamo la cartella temporanea di squirrelmail

mkdir /var/lib/squirrelmail/tmp

Diamogli i permessi

chown www-data /var/lib/squirrelmail/tmp

Infine facciamo il reload di apache

/etc/init.d/apache2 reload 

 

Adesso passiamo all'installazione di ispconfig3 scaricando l'ultima versione disponibile,scompattandolo e installandolo

 

cd /tmp

wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz

tar xfz ISPConfig-3-stable.tar.gz

cd ispconfig3_install/install/

php -q install.php

Adesso seguirà una procedura d'installazione in cui dovremo inserire i campi giusti e nella generazione della ssl inseriamo i nostri campi

Select language (en,de) [en]: <– ENTER

Installation mode (standard,expert) [standard]: <– ENTER

Full qualified hostname (FQDN) of the server, eg server1.domain.tld  [server1.example.com]: <– ENTER

MySQL server hostname [localhost]: <– ENTER

MySQL root username [root]: <– ENTER

MySQL root password []: <– yourrootsqlpassword

MySQL database to create [dbispconfig]: <– ENTER

MySQL charset [utf8]: <– ENTER

Generating a 2048 bit RSA private key

...........+++

.....................+++

writing&nbsp;new&nbsp;private&nbsp;key&nbsp;to&nbsp;&#039;smtpd.key&#039;

-----

You&nbsp;are&nbsp;about&nbsp;to&nbsp;be&nbsp;asked&nbsp;to&nbsp;enter&nbsp;information&nbsp;that&nbsp;will&nbsp;be&nbsp;incorporated

into&nbsp;your&nbsp;certificate&nbsp;request.

What&nbsp;you&nbsp;are&nbsp;about&nbsp;to&nbsp;enter&nbsp;is&nbsp;what&nbsp;is&nbsp;called&nbsp;a&nbsp;Distinguished&nbsp;Name&nbsp;or&nbsp;a&nbsp;DN.

There&nbsp;are&nbsp;quite&nbsp;a&nbsp;few&nbsp;fields&nbsp;but&nbsp;you&nbsp;can&nbsp;leave&nbsp;some&nbsp;blank

For&nbsp;some&nbsp;fields&nbsp;there&nbsp;will&nbsp;be&nbsp;a&nbsp;default&nbsp;value,

If&nbsp;you&nbsp;enter&nbsp;&#039;.&#039;,&nbsp;the&nbsp;field&nbsp;will&nbsp;be&nbsp;left&nbsp;blank.

-----

Country&nbsp;Name&nbsp;(2&nbsp;letter&nbsp;code)&nbsp;[AU]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">State&nbsp;or&nbsp;Province&nbsp;Name&nbsp;(full&nbsp;name)&nbsp;[Some-State]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Locality&nbsp;Name&nbsp;(eg,&nbsp;city)&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Organization&nbsp;Name&nbsp;(eg,&nbsp;company)&nbsp;[Internet&nbsp;Widgits&nbsp;Pty&nbsp;Ltd]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Organizational&nbsp;Unit&nbsp;Name&nbsp;(eg,&nbsp;section)&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Common&nbsp;Name&nbsp;(e.g.&nbsp;server&nbsp;FQDN&nbsp;or&nbsp;YOUR&nbsp;name)&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Email&nbsp;Address&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Configuring&nbsp;Jailkit

Configuring&nbsp;Dovecot

Configuring&nbsp;Spamassassin

Configuring&nbsp;Amavisd

Configuring&nbsp;Getmail

Configuring&nbsp;Pureftpd

Configuring&nbsp;BIND

Configuring&nbsp;Apache

Configuring&nbsp;Vlogger

Configuring&nbsp;Apps&nbsp;vhost

Configuring&nbsp;Bastille&nbsp;Firewall

Configuring&nbsp;Fail2ban

Installing&nbsp;ISPConfig

ISPConfig&nbsp;Port&nbsp;[8080]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <– ENTER

Generating RSA private key, 4096 bit long modulus

.......++

.........................................................++

e&nbsp;is&nbsp;65537&nbsp;(0x10001)

You&nbsp;are&nbsp;about&nbsp;to&nbsp;be&nbsp;asked&nbsp;to&nbsp;enter&nbsp;information&nbsp;that&nbsp;will&nbsp;be&nbsp;incorporated

into&nbsp;your&nbsp;certificate&nbsp;request.

What&nbsp;you&nbsp;are&nbsp;about&nbsp;to&nbsp;enter&nbsp;is&nbsp;what&nbsp;is&nbsp;called&nbsp;a&nbsp;Distinguished&nbsp;Name&nbsp;or&nbsp;a&nbsp;DN.

There&nbsp;are&nbsp;quite&nbsp;a&nbsp;few&nbsp;fields&nbsp;but&nbsp;you&nbsp;can&nbsp;leave&nbsp;some&nbsp;blank

For&nbsp;some&nbsp;fields&nbsp;there&nbsp;will&nbsp;be&nbsp;a&nbsp;default&nbsp;value,

If&nbsp;you&nbsp;enter&nbsp;&#039;.&#039;,&nbsp;the&nbsp;field&nbsp;will&nbsp;be&nbsp;left&nbsp;blank.

-----

Country&nbsp;Name&nbsp;(2&nbsp;letter&nbsp;code)&nbsp;[AU]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">State&nbsp;or&nbsp;Province&nbsp;Name&nbsp;(full&nbsp;name)&nbsp;[Some-State]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Locality&nbsp;Name&nbsp;(eg,&nbsp;city)&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Organization&nbsp;Name&nbsp;(eg,&nbsp;company)&nbsp;[Internet&nbsp;Widgits&nbsp;Pty&nbsp;Ltd]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Organizational&nbsp;Unit&nbsp;Name&nbsp;(eg,&nbsp;section)&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Common&nbsp;Name&nbsp;(e.g.&nbsp;server&nbsp;FQDN&nbsp;or&nbsp;YOUR&nbsp;name)&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">Email&nbsp;Address&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

Please enter the following 'extra' attributes

to&nbsp;be&nbsp;sent&nbsp;with&nbsp;your&nbsp;certificate&nbsp;request

A&nbsp;challenge&nbsp;password&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">An&nbsp;optional&nbsp;company&nbsp;name&nbsp;[]:</span>&nbsp;<span class="highlight">&lt;--&nbsp;<span style="color:#FF0000">ENTER</span></span>

<span class="system">writing&nbsp;RSA&nbsp;key

Configuring&nbsp;DBServer

Installing&nbsp;ISPConfig&nbsp;crontab

no&nbsp;crontab&nbsp;for&nbsp;root

no&nbsp;crontab&nbsp;for&nbsp;getmail

Restarting&nbsp;services&nbsp;...

Rather&nbsp;than&nbsp;invoking&nbsp;init&nbsp;scripts&nbsp;through&nbsp;/etc/init.d,&nbsp;use&nbsp;the&nbsp;service(8)

utility,&nbsp;e.g.&nbsp;service&nbsp;mysql&nbsp;restart</span>

Since the script you are attempting to invoke has been converted to an

Upstart&nbsp;job,&nbsp;you&nbsp;may&nbsp;also&nbsp;use&nbsp;the&nbsp;stop(8)&nbsp;and&nbsp;then&nbsp;start(8)&nbsp;utilities,

e.g.&nbsp;stop&nbsp;mysql&nbsp;;&nbsp;start&nbsp;mysql.&nbsp;The&nbsp;restart(8)&nbsp;utility&nbsp;is&nbsp;also&nbsp;available.

mysql&nbsp;stop/waiting

mysql&nbsp;start/running,&nbsp;process&nbsp;2543

&nbsp;*&nbsp;Stopping&nbsp;Postfix&nbsp;Mail&nbsp;Transport&nbsp;Agent&nbsp;postfix

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

&nbsp;&nbsp;&nbsp;...done.

&nbsp;*&nbsp;Starting&nbsp;Postfix&nbsp;Mail&nbsp;Transport&nbsp;Agent&nbsp;postfix

postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

/usr/sbin/postconf:&nbsp;warning:&nbsp;/etc/postfix/master.cf:&nbsp;unused&nbsp;parameter:&nbsp;smtpd_bind_address=127.0.0.1

&nbsp;&nbsp;&nbsp;...done.

Stopping&nbsp;amavisd:&nbsp;(not&nbsp;running).

The&nbsp;amavisd&nbsp;daemon&nbsp;is&nbsp;already&nbsp;running,&nbsp;PID:&nbsp;[1126]

Starting&nbsp;amavisd:&nbsp;(failed).

&nbsp;*&nbsp;Stopping&nbsp;ClamAV&nbsp;daemon&nbsp;clamd

&nbsp;&nbsp;&nbsp;...done.

&nbsp;*&nbsp;Starting&nbsp;ClamAV&nbsp;daemon&nbsp;clamd

&nbsp;&nbsp;&nbsp;...done.

Rather&nbsp;than&nbsp;invoking&nbsp;init&nbsp;scripts&nbsp;through&nbsp;/etc/init.d,&nbsp;use&nbsp;the&nbsp;service(8)

utility,&nbsp;e.g.&nbsp;service&nbsp;dovecot&nbsp;restart

Since the script you are attempting to invoke has been converted to an

Upstart&nbsp;job,&nbsp;you&nbsp;may&nbsp;also&nbsp;use&nbsp;the&nbsp;stop(8)&nbsp;and&nbsp;then&nbsp;start(8)&nbsp;utilities,

e.g.&nbsp;stop&nbsp;dovecot&nbsp;;&nbsp;start&nbsp;dovecot.&nbsp;The&nbsp;restart(8)&nbsp;utility&nbsp;is&nbsp;also&nbsp;available.

dovecot&nbsp;stop/waiting

dovecot&nbsp;start/running,&nbsp;process&nbsp;3668

&nbsp;*&nbsp;Restarting&nbsp;Mailman&nbsp;master&nbsp;qrunner&nbsp;mailmanctl

&nbsp;*&nbsp;Waiting...

&nbsp;&nbsp;&nbsp;...done.

&nbsp;&nbsp;&nbsp;...done.

&nbsp;*&nbsp;Restarting&nbsp;web&nbsp;server&nbsp;apache2

&nbsp;...&nbsp;waiting&nbsp;.&nbsp;&nbsp;&nbsp;...done.

Restarting&nbsp;ftp&nbsp;server:&nbsp;Running:&nbsp;/usr/sbin/pure-ftpd-mysql-virtualchroot&nbsp;-l&nbsp;mysql:/etc/pure-ftpd/db/mysql.conf&nbsp;-l&nbsp;pam&nbsp;-E&nbsp;-H&nbsp;-Y&nbsp;1&nbsp;-O&nbsp;clf:/var/log/pure-ftpd/transfer.log&nbsp;-8&nbsp;UTF-8&nbsp;-b&nbsp;-D&nbsp;-A&nbsp;-u&nbsp;1000&nbsp;-B

Installation&nbsp;completed.

Adesso andando all'indirizzo http(s)://nostro.ip:8080 possiamo loggarci con user e password admin (consiglio di riconfigurare la password) e procedere con l'installazione di nginx

// Una piccola nota per chi stia installando ispconfig su un container openvz (macchina virtuale) eseguire le modifiche sull'host

VPSID=101

for CAP in CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE CHOWN DAC_READ_SEARCH SETGID SETUID NET_BIND_SERVICE NET_ADMIN SYS_CHROOT SYS_NICE

do

&nbsp;&nbsp;vzctl set $VPSID --capability ${CAP}:on --save

done

Adesso finalmente passiamo alla configurazione di nginx. Prima di cominciare configuriamo apache2 a lavorare sulla porta 82 quindi andiamo in

/etc/apache2/ports.conf

Spostiamo il listen e i virtualhost dalla porta 80 alla porta 82

`NameVirtualHost *:82

Listen 82`

Adesso rechiamo in /etc/apache2/sites-available e configuriamo il default cambiando porta nella stringa del virtualhost

Cambiato la porta adesso diamo ora i comandi

mkdir /root/apache2_vhost_backup/

mv /etc/apache2/sites-available/*.vhoste /root/apache2_vhost_backup/

Riavviamo infine apache2

 

service apache2 restart

 

 

Adesso dobbiamo cambiare i template di ispconfig quindi diamo i comandi

cd /usr/local/ispconfig/server/

cp conf/apache_ispconfig.conf.master conf-custom/

cp conf/vhost.conf.master conf-custom/

Andiamo ad aprire i file appena copiati e cambiamo le porte da 80 a 82

 

cd /usr/local/ispconfig/server/conf-custom/

vi apache_ispconfig.conf.master

Cerchiamo la linea e inseriamo 82 come porta finale

 

 

NameVirtualHost {tmpl_var name="ip_address"}:82

 

 

Adesso facciamo la stessa cosa con l'altro file cambiando la porta da 80 a 82

vi vhost.conf.master

82>

controlliamo dando questo comando

 

grep :82 -i /usr/local/ispconfig/server/conf-custom/* 

se sono state trovate le voci nei file

 

 

Installiamo ora l'ultima mod per apache2

apt-get install libapache2-mod-rpaf

/etc/apache2/apache2.conf

RPAFsethostname On

RPAFproxy_ips 127.0.0.1 YOU_IP_ADDRESS

 

 

 

Installiamo ora nginx

 apt-get install nginx

rm /etc/nginx/sites-available/default

vi /etc/nginx/sites-available/default

Inseriamo adesso

server {
    listen   80 default;
        server_name  _;
        server_name_in_redirect  off;
    resolver  127.0.0.1;
#### www. redirect    - all domains starting with www will be redirected to http://domain. ####
    if ($host ~* ^(www.)(.+)) {
        set $rawdomain $2;
        rewrite ^/(.*)$  http://$rawdomain/$1 permanent;
    }
    access_log  /var/log/ispconfig/httpd/$host/access.log;
location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|swf|flv|html|htm|mp3)$ {
    root   /var/www/$host/web;
    access_log off;
    expires 30d;
    }
location / {
    root   /var/www/$host/web;
    index  index.html index.htm index.php;
        access_log      off;
        proxy_pass http://$host:82;
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

Questo è tutto. Finalmente nginx e apache2 sono configurati in ispconfig3. Riavviamo i due webserver e cominciamo ad utilizzare il nostro server

 

service apache2 restart && service nginx restart

 

 

Con questo è tutto. Lascio il link alle guide originali in lingua inglese  e con i file di configurazione  di apache2 nginx e i vari default e vhost [Link Dropbox]

Se avete degli errori nell'upload dei file (ad esempio da wordpress) o errori 50X provate a commentare o a cancellare nel file /usr/local/ispconfig/server/conf/nginx_vhost.conf.master la linea

`fastcgi_intercept_errors on;`

[Configurazione ISP Config Ubuntu 12][Nginx][Roundcube in ispconfig3]

Condividi Commenti