百利工頭 » Linux服務主機討論區 » [轉貼]Ubuntu Server 8.10下安装ispconfig 3教程

打印

[轉貼]Ubuntu Server 8.10下安装ispconfig 3教程

chun

管理員

Rank: 9 Rank: 9 Rank: 9

1^# 大中小發表於 2009-11-18 20:00 只看該作者

[轉貼]Ubuntu Server 8.10下安装ispconfig 3教程

http://www.ispcpcn.com/article/23/

Ubuntu Server 8.10下安装ispconfig 3教程

ISPConfig 是Linux的一款开源的虚拟主机管理程序，带Web控制面板，可通过Web控制面板管理虚拟主机、开设网站、开设邮箱、开设和管理mysql数据库、支持DNS解析和监控服务器运行状况等功能。下面我们将讲解如何在Ubuntu Server 8.10中安装ISPConfig3。
1、Ubuntu Server 8.10的安装
这里，我们的安装设置是：
IP地址：192.168.0.100
子网掩码：255.255.255.0
网关：192.168.0.1
DNS服务器：61.128.192.68 61.128.128.68
服务器主机名：server.ispcpcn.com
详细的安装请参照本站Ubuntu Server 8.10的安装
2、开启并使用root用户
在重启之后，我们将使用root用户按照本文章的步骤来完成安装，这样，我们就不必每次运行命令都要加个“sudo”了！而且某些步骤使用“sudo”来执行也是个麻烦的事情。我们先获得root权限

ispcpcn@server:~$ sudo su

然后设置root的密码

ispcpcn@server:~$ passwd root

输入两次密码后root的密码就设定了，退出然后再用root登陆就可以了。
3、安装SSH Server 如果您已经安装了SSH Server，请忽略这一步。

root@server:~# apt-get install ssh openssh-server

4、安装vim-nox，如果您还是习惯用nano编辑器，这一步可以忽略

root@server:~# apt-get install vim-nox

5、设置主机名

root@server:~# vi /etc/hosts

编辑后的内容如下：

127.0.0.1 localhost
192.168.0.100 server.ispcpcn.com server

# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

然后运行下面的命令：

root@server:~# echo server.ispcpcn.com > /etc/hostname
root@server:~# /etc/init.d/hostname.sh start

然后运行

root@server:~# hostname
root@server:~# hostname -f

然后显示的结果都应该是server.ispcpcn.com。
6、更新系统到最新。

root@server:~# aptitude update && aptitude safe-upgrade

7、重启服务器。

root@server:~# reboot

8、修改默认的Shell
/bin/sh是/bin/dash的连接，然而我们需要/bin/bash而不是/bin/dash，所以我们运行如下命令：

root@server:~# ln -sf /bin/bash /bin/sh

如果您不执行本操作，后续安装将失败。
9、禁止AppArmor

root@server:~# /etc/init.d/apparmor stop
root@server:~# update-rc.d -f apparmor remove
root@server:~# aptitude remove apparmor apparmor-utils

10、校正系统时间
使用NTP矫正服务器的系统时间是一个好习惯，他可以保持您的服务器时间的正确性。

root@server:~# aptitude install ntp ntpdate

11、安装Postfix，Courier，Saslauthd，MySQL，phpmyadmin，rkhunter，binutils

root@server:~# aptitude install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl maildrop getmail4 rkhunter binutils

我们可能需要回答以下问题：

New password for the MySQL "root" user: <-- 你的MySQL的root用户的密码
Repeat password for the MySQL "root" user: <-- 重复输入root的用户密码
Create directories for web-based administration? <-- No
General type of mail configuration: <-- Internet Site
System mail name: <-- server.ispcpcn.com
SSL certificate required <-- Ok

如果我们想让MySQL能服务所有的网络，而不仅仅是本地，那么，我们要编辑/etc/mysql/my.cnf使用#把bind-address=127.0.0.1给禁止了。编辑/etc/mysql/my.cnf

root@server:~# vi /etc/mysql/my.cnf

编辑部分的内容如下：

[...]
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
#bind-address = 127.0.0.1
[...]

然后我们重启MySQL服务

root@server:~# /etc/init.d/mysql restart

在安装期间，IMAP-SSL和POP3-SSL将使用localhost这个主机名建立两个证书，我们要把他改成正确的主机名(在这里是server.ispcpcn.com)，删除证书文件：

root@server:~# cd /etc/courier
root@server:~# rm -f /etc/courier/imapd.pem
root@server:~# rm -f /etc/courier/pop3d.pem

接下来我们要编辑两个文件，用CN=server.ispcpcn.com替换文件中的CN=localhost

root@server:~# vi /etc/courier/imapd.cnf

编辑的内容如下：

[...]
CN=server.ispcpcn.com
[...]

root@server:~# vi /etc/courier/pop3d.cnf

编辑的内容如下：

[...]
CN=server.ispcpcn.com
[...]

然后重新生成新的证书文件

root@server:~# mkimapdcert
root@server:~# mkpop3dcert

然后重启Courier-IMAP-SSL和Courier-POP3-SSL：

root@server:~# /etc/init.d/courier-imap-ssl restart
root@server:~# /etc/init.d/courier-pop-ssl restart

12、安装Amavisd-new、SpamAssassin和Clamav
运行下面命令安装Amavisd-new、SpamAssassin和Clamav:

root@server:~# aptitude install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl

13、安装Apache2、PHP5、phpMyAdmin、FCGI、suExec、Pear和mcrypt

root@server:~# aptitude install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp

在安装的过程中，我们要回答以下问题：
Web server to reconfigure automatically: <-- apache2
为了能提供更安全的PHP，我们要升级PHP到5.2.9版。
编辑/etc/apt/sources.list

root@server:~# vi /etc/apt/sources.list

在最下面一行添加以下内容：

deb http://packages.dotdeb.org/ oldstable all

然后升级安装5.2.9版的PHP

root@server:~# apt-get update
root@server:~# apt-get install php-cli
root@server:~# apt-get upgrade

升级的过程中，会提示要修改/etc/mysql/my.cnf，这个时候请输入“y”，等安装完成后，按照上文11步的要求重新编辑/etc /mysql/my.cnf。然后我们运行下面命令启用Apache的suexec,rewrite,ssl,actions和include的模块：

root@server:~# a2enmod suexec rewrite ssl actions include

为了安全，我们注释掉phpmyadmin中的/etc/phpmyadmin/apache.conf文件的部分内容。
编辑/etc/phpmyadmin/apache.conf

root@server:~# vi /etc/phpmyadmin/apache.conf

注释掉的部分如下：

[...]
# # Authorize for setup
# <Files setup.php>
# # For Apache 1.3 and 2.0
# <IfModule mod_auth.c>
# AuthType Basic
# AuthName "phpMyAdmin Setup"
# AuthUserFile /etc/phpmyadmin/htpasswd.setup
# </IfModule>
# # For Apache 2.2
# <IfModule mod_authn_file.c>
# AuthType Basic
# AuthName "phpMyAdmin Setup"
# AuthUserFile /etc/phpmyadmin/htpasswd.setup
# </IfModule>
# Require valid-user
# </Files>
[...]

然后重启Apache:

root@server:~# /etc/init.d/apache2 restart

14、安装PureFTPd和Quota 运行如下命令安装PureFTPd和Quota：

root@server:~# aptitude install pure-ftpd-common pure-ftpd-mysql quota quotatool

然后编辑文件/etc/default/pure-ftpd-common

root@server:~# vi /etc/default/pure-ftpd-common

我们要确保启动模式是standalone，VIRTUALCHROOT=true：

[...]
STANDALONE_OR_INETD=standalone
[...]
VIRTUALCHROOT=true
[...]

然后重启PureFTPd

root@server:~# /etc/init.d/pure-ftpd-mysql restart

编辑/etc/fstab，添加“ ,usrquota,grpquota到分区加载点 /”，编辑内容如下：

root@server:~# vi /etc/fstab

编辑后的内容如下（注意本文中可能出现换行，在实际的情况中那个换行是不存在的：

# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
# /dev/sda1
UUID=e7f9e640-1254-462f-b314-6471ce83db4d / ext3 relatime,errors=remount-ro,usrquota,grpquota 0 1
# /dev/sda5
UUID=32b41e4e-4d4a-4825-8922-27e8c6aeeb45 none swap sw 0 0
/dev/scd0 /media/cdrom0 udf,iso9660 user,noauto,exec,utf8 0 0

运行如下命令，去启用quota：

root@server:~# touch /quota.user /quota.group
root@server:~# chmod 600 /quota.*
root@server:~# mount -o remount /
root@server:~# quotacheck -avugm
root@server:~# quotaon -avug

15、安装MyDNS
在安装MyDNS前，我们安装一些MyDNS的依赖包：

root@server:~# aptitude install g++ libc6 gcc gawk make texinfo libmysqlclient15-dev

MyDNS没有包含在Ubuntu 8.10的更新源中，所以我们必须去自己编译：

root@server:~# cd /tmp
root@server:~# wget http://heanet.dl.sourceforge.net/sourceforge/mydns-ng/mydns-1.2.8.27.tar.gz
root@server:~# tar xvfz mydns-1.2.8.27.tar.gz
root@server:~# cd mydns-1.2.8
root@server:~# ./configure
root@server:~# make
root@server:~# make install

然后我们来创建MyDNS的启动脚本：

root@server:~# vi /etc/init.d/mydns

启动脚本如下：

#! /bin/sh
#
# mydns Start the MyDNS server
#
# Author: Philipp Kern <phil@philkern.de>.
# Based upon skeleton 1.9.4 by Miquel van Smoorenburg
# <miquels@cistron.nl> and Ian Murdock <imurdock@gnu.ai.mit.edu>.
#

set -e

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/local/sbin/mydns
NAME=mydns
DESC="DNS server"

SCRIPTNAME=/etc/init.d/$NAME

# Gracefully exit if the package has been removed.
test -x $DAEMON || exit 0

case "$1" in
start)
echo -n "Starting $DESC: $NAME"
start-stop-daemon --start --quiet \
--exec $DAEMON -- -b
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
start-stop-daemon --stop --oknodo --quiet \
--exec $DAEMON
echo "."
;;
reload|force-reload)
echo -n "Reloading $DESC configuration..."
start-stop-daemon --stop --signal HUP --quiet \
--exec $DAEMON
echo "done."
;;
restart)
echo -n "Restarting $DESC: $NAME"
start-stop-daemon --stop --quiet --oknodo \
--exec $DAEMON
sleep 1
start-stop-daemon --start --quiet \
--exec $DAEMON -- -b
echo "."
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
exit 1
;;
esac

exit 0

然后我们给这个脚本可执行权限，并且建立系统启动连接：

root@server:~# chmod +x /etc/init.d/mydns
root@server:~# update-rc.d mydns defaults

16、安装Vlogger和Webalizer

root@server:~# aptitude install vlogger webalizer

17、安装Jailkit
Jailkiet仅仅当你使用chroot SSH用户的时候才需要Jailkit（必须在安装ISPConfig之前安装Jailkit），使用如下命令行安装：

root@server:~# aptitude install build-essential autoconf automake1.9 libtool flex bison
root@server:~# cd /tmp
root@server:~# wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz
root@server:~# tar xvfz jailkit-2.5.tar.gz
root@server:~# cd jailkit-2.5
root@server:~# ./configure
root@server:~# make
root@server:~# make install
root@server:~# cd ..
root@server:~# rm -rf jailkit-2.5*

18、安装fail2ban
这是可选的，但是建议安装，因为ISPConfig的监测管理将尝试显示fail2ban的日志。

root@server:~# aptitude install fail2ban

19、安装SquirrelMail
运行一下命令安装AquirrelMail客户端：

root@server:~# aptitude install squirrelmail

然后建立如下连接：

root@server:~# ln -s /usr/share/squirrelmail/ /var/www/webmail

然后配置SquirrelMail：

root@server:~# squirrelmail-configure

配置让SquirrelMail使用Courier-IMAP和Courier-POP3：

rSquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages

D. Set pre-defined settings for specific IMAP servers

C Turn color on
S Save data
Q Quit

Command >> <-- D

SquirrelMail Configuration : Read: config.php
---------------------------------------------------------
While we have been building SquirrelMail, we have discovered some
preferences that work better with some servers that don't work so
well with others. If you select your IMAP server, this option will
set some pre-defined settings for that server.

Please note that you will still need to go through and make sure
everything is correct. This does not change everything. There are
only a few settings that this will change.

Please select your IMAP server:
bincimap = Binc IMAP server
courier = Courier IMAP server
cyrus = Cyrus IMAP server
dovecot = Dovecot Secure IMAP server
exchange = Microsoft Exchange IMAP server
hmailserver = hMailServer
macosx = Mac OS X Mailserver
mercury32 = Mercury/32
uw = University of Washington's IMAP server

quit = Do not change anything
Command >> <-- courier

Please note that you will still need to go through and make sure
everything is correct. This does not change everything. There are
only a few settings that this will change.

quit = Do not change anything
Command >> courier

imap_server_type = courier
default_folder_prefix = INBOX.
trash_folder = Trash
sent_folder = Sent
draft_folder = Drafts
show_prefix_option = false
default_sub_of_inbox = false
show_contain_subfolders_option = false
optional_delimiter = .
delete_folder = true

Press any key to continue... <-- 按任意键

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages

D. Set pre-defined settings for specific IMAP servers

C Turn color on
S Save data
Q Quit

Command >> <-- S

D. Set pre-defined settings for specific IMAP servers

C Turn color on
S Save data
Q Quit

Command >> <-- Q

20、安装ISPConfig 3
下载ISPConfig 3的最新版本并解压缩：

root@server:~# cd /tmp
root@server:~# wget http://downloads.sourceforge.net/ispconfig/ISPConfig-3.0.1.1.tar.gz?use_mirror=
root@server:~# tar xvfz ISPConfig-3.0.1.tar.gz
root@server:~# cd ispconfig3_install/install/

下一步运行如下命令安装：

root@server:~# php -q install.php

然后就开始安装ISPConfig 3了：

r
--------------------------------------------------------------------------------
_____ ___________ _____ __ _
|_ _/ ___| ___ \ / __ \ / _(_)
| | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _
| | `--. \ __/ | | / _ \| '_ \| _| |/ _` |
_| |_/\__/ / | | \__/\ (_) | | | | | | | (_| |
\___/\____/\_| \____/\___/|_| |_|_| |_|\__, |
__/ |
|___/
--------------------------------------------------------------------------------

>> Initial configuration

Operating System: Debian Lenny/Sid or compatible

Following will be a few questions for primary configuration so be careful.
Default values are in [brackets] and can be accepted with <ENTER>.
Tap in "quit" (without the quotes) to stop the installer.

Select language (en,de) [en]: <-- ENTER

Installation mode (standard,expert) [standard]: <-- ENTER

Full qualified hostname (FQDN) of the server, eg server.ispcpcn.com [server.ispcpcn.com]: <-- ENTER

MySQL server hostname [localhost]: <-- ENTER

MySQL root username [root]: <-- ENTER

MySQL root password []: <-- 输入MySQL的root用户密码

MySQL database to create [dbispconfig]: <-- ENTER

MySQL charset [utf8]: <-- ENTER

Generating a 2048 bit RSA private key
..........................................................+++
.+++
writing new private key to 'smtpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]: <-- 中国输入CN
State or Province Name (full name) [Some-State]: <-- 省份
Locality Name (eg, city) []: <-- 城市
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- 公司
Organizational Unit Name (eg, section) []: <-- 组织
Common Name (eg, YOUR name) []: <-- 注释名
Email Address []: <-- 电子邮件地址
Configuring Jailkit
Configuring SASL
Configuring PAM
Configuring Courier
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring Pureftpd
Configuring MyDNS
Configuring Apache
Configuring Firewall
Installing ISPConfig
ISPConfig Port [8080]: <-- 端口号，可以默认

Configuring DBServer
Installing Crontab
no crontab for root
no crontab for getmail
Restarting services ...
* Stopping MySQL database server mysqld
...done.
* Starting MySQL database server mysqld
...done.
* Checking for corrupt, not cleanly closed and upgrade needing tables.
* Stopping Postfix Mail Transport Agent postfix
...done.
* Starting Postfix Mail Transport Agent postfix
...done.
* Stopping SASL Authentication Daemon saslauthd
...done.
* Starting SASL Authentication Daemon saslauthd
...done.
Stopping amavisd: amavisd-new.
Starting amavisd: amavisd-new.
* Stopping ClamAV daemon clamd
...done.
* Starting ClamAV daemon clamd
LibClamAV Warning: ***********************************************************
LibClamAV Warning: *** This version of the ClamAV engine is outdated. ***
LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq ***
LibClamAV Warning: ***********************************************************
...done.
* Stopping Courier authentication services authdaemond
...done.
* Starting Courier authentication services authdaemond
...done.
* Stopping Courier IMAP server...
...done.
* Starting Courier IMAP server...
...done.
* Stopping Courier IMAP-SSL server...
...done.
* Starting Courier IMAP-SSL server...
...done.
* Stopping Courier POP3 server...
...done.
* Starting Courier POP3 server...
...done.
* Stopping Courier POP3-SSL server...
...done.
* Starting Courier POP3-SSL server...
...done.
* Restarting web server apache2
... waiting ...done.
Restarting ftp server: Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql:/etc/pure-ftpd/db/mysql.conf -l pam -E -u 1000 -O clf:/var/log/pure-ftpd/transfer.log -b -A -B
Installation completed.

至此安装完毕，使用http://server.ispcpcn.com:8080或者http://192.168.0.100:8080就可以访问你的ISPConfig 3了，默认用户名和密码都是admin！！欢迎转载，转载时请注明转自：开源虚拟主机社区，并注明转载地址http://www.ispcpcn.com。谢谢！！

TOP

‹‹ 上一主題 | 下一主題 ››