2010年12月4日 星期六

ispconfig安裝實作

由於專題部分需要架設一台isp服務伺服器,提供web mail ftp 服務所以就找了2套相關的自由軟體來安裝,本次安裝ispconfig


參考使用手冊說明
中文版的管理員手冊_chinese: Administrator manual
ref: http://ispconfig.org/downloads/manua...n_big5_src.htm
中文版的reseller手冊_chinese: Reseller manual
ref: http://ispconfig.org/downloads/manua...r_big5_src.htm
中文版的客戶手冊_chinese: Clients manual
ref: http://ispconfig.org/downloads/manua...e_big5_src.htm

開始安裝
yum update
yum groupinstall 'Development Tools'
yum groupinstall 'Development Libraries'
rpm -ivh rpmforge-release-0.5.2-2.el5.rf.i386.rpm
安裝必要套件
yum install ntp httpd mysql-server php php-mysql php-mbstring php-mcrypt phpmyadmin rpm-build gcc mysql-devel openssl-devel cyrus-sasl-devel pkgconfig zlib-devel pcre-devel openldap-devel postgresql-devel expect libtool-ltdl-devel openldap-servers libtool gdbm-devel pam-devel gamin-devel

由於套件courier-imap不能使用 root來編譯,因此握們必須新增一個一般用戶
useradd -m -s /bin/bash admin        新增admin使用者
passwd admin
接下來給這個使用者有執行sudo compile的權限
visudo      找到下面位置新增一行admin 
 root    ALL=(ALL)       ALL
admin   ALL=(ALL)       ALL     新增這行給予root相同權限

su admin  變更身分
建立必要目錄
mkdir $HOME/rpm
mkdir $HOME/rpm/SOURCES
mkdir $HOME/rpm/SPECS
mkdir $HOME/rpm/BUILD
mkdir $HOME/rpm/SRPMS
mkdir $HOME/rpm/RPMS
mkdir $HOME/rpm/RPMS/i386
echo "%_topdir $HOME/rpm" >> $HOME/.rpmmacros

安裝 courier套件

一樣在 /tmp目錄下建立courier rpm套件
cd /tmp
sudo rpmbuild -ta courier-authlib-0.62.1.tar.bz2

I386系統執行以下完成可在這目錄下找到打包好的套件 $HOME/rpm/RPMS/i386
( 如果你是64系統請到 $HOME/rpm/RPMS/x86_64 )
cd $HOME/rpm/RPMS/i386          
[admin@usd i386]$ ll
總計 584
-rw-r--r-- 1 root root 140795 12  4 12:01 courier-authlib-0.62.1-1.i386.rpm
-rw-r--r-- 1 root root 308441 12  4 12:01 courier-authlib-debuginfo-0.62.1-1.i386.rpm
-rw-r--r-- 1 root root  35203 12  4 12:01 courier-authlib-devel-0.62.1-1.i386.rpm
-rw-r--r-- 1 root root  17763 12  4 12:01 courier-authlib-ldap-0.62.1-1.i386.rpm
-rw-r--r-- 1 root root  13919 12  4 12:01 courier-authlib-mysql-0.62.1-1.i386.rpm
-rw-r--r-- 1 root root  13159 12  4 12:01 courier-authlib-pgsql-0.62.1-1.i386.rpm
-rw-r--r-- 1 root root   8091 12  4 12:01 courier-authlib-pipe-0.62.1-1.i386.rpm
-rw-r--r-- 1 root root  35932 12 4 12:01 courier-authlib-userdb-0.62.1-1.i386.rpm


sudo rpm -ivh courier-authlib-0.63.0-1.i386.rpm  courier-authlib-mysql-0.63.0-1.i386.rpm courier-authlib-devel-0.63.0-1.i386.rpm

回到 /tmp目錄 因為這邊不要使用sudo安裝
cd /tmp
rpmbuild -ta courier-imap-4.4.1.tar.bz2      
cd $HOME/rpm/RPMS/i386 回到這個目錄會多2個安裝檔案
ls –al
-rw-rw-r-- 1 compileuser compileuser 395137 Feb 26 03:13 courier-imap-4.4.1-1.i386.rpm
-rw-rw-r-- 1 compileuser compileuser 906775 Feb 26 03:13 courier-imap-debuginfo-4.4.1-1.i386.rpm

安裝courier-imap
sudo rpm -ivh courier-imap-4.8.1-2.i386.rpm
回到 tmp目錄在執行一次rpmbuild
cd /tmp
sudo rpmbuild -ta maildrop-2.5.2.tar.bz2
cd $HOME/rpm/RPMS/i386
[admin@usd i386]$ ll
總計 5776
-rw-r--r-- 1 root  root   140800 12  4 12:40 courier-authlib-0.62.1-1.i386.rpm
-rw-r--r-- 1 root  root   308440 12  4 12:40 courier-authlib-debuginfo-0.62.1-1.i386.rpm
-rw-r--r-- 1 root  root    35204 12  4 12:40 courier-authlib-devel-0.62.1-1.i386.rpm
-rw-r--r-- 1 root  root    17763 12  4 12:40 courier-authlib-ldap-0.62.1-1.i386.rpm
-rw-r--r-- 1 root  root    13919 12  4 12:40 courier-authlib-mysql-0.62.1-1.i386.rpm
-rw-r--r-- 1 root  root    13166 12  4 12:40 courier-authlib-pgsql-0.62.1-1.i386.rpm
-rw-r--r-- 1 root  root     8091 12  4 12:40 courier-authlib-pipe-0.62.1-1.i386.rpm
-rw-r--r-- 1 root  root    35934 12  4 12:40 courier-authlib-userdb-0.62.1-1.i386.rpm
-rw-r--r-- 1 admin admin  393397 12  4 12:47 courier-imap-4.4.1-1.i386.rpm
-rw-r--r-- 1 admin admin  896865 12  4 12:47 courier-imap-debuginfo-4.4.1-1.i386.rpm
-rw-r--r-- 1 root  root  2193522 12  4 12:33 maildrop-2.5.2-1.i386.rpm
-rw-r--r-- 1 root  root  1588220 12  4 12:33 maildrop-debuginfo-2.5.2-1.i386.rpm
-rw-r--r-- 1 root  root   147155 12  4 12:33 maildrop-devel-2.5.2-1.i386.rpm
-rw-r--r-- 1 root  root    62697 12  4 12:33 maildrop-man-2.5.2-1.i386.rpm

sudo rpm -ivh maildrop-2.5.2-1.i386.rpm
exit  回到root身分
cd /usr/src
wget http://ftp-stud.fht-esslingen.de/pub/Mirrors/centos/5.5/os/SRPMS/postfix-2.3.3-2.1.el5_2.src.rpm 
rm postfix-2.3.19-1.src.rpm
會出現身份不同 可以忽略
warning: user mockbuild does not exist - using root錯誤訊息
warning: group mockbuild does not exist - using root

cd /usr/src/redhat/SOURCES
wget http://vda.sourceforge.net/VDA/postfix-2.3.3-vda.patch.gz
gunzip postfix-2.3.3-vda.patch.gz
 
cd /usr/src/redhat/SPECS/
 vi postfix.spec      紅字部位+入這些行數

%define MYSQL 1
# Patches
Patch0: postfix-2.3.3-vda.patch         
Patch1: postfix-2.1.1-config.patch
Patch3: postfix-alternatives.patch
 [...]
%setup -q
# Apply obligatory patches
%patch0 -p1 -b .vda
%patch1 -p1 -b .config
 [...]

rpmbuild -ba postfix.spec
正在檢查未被打包的檔案:/usr/lib/rpm/check-files /var/tmp/postfix-buildroot
已寫入:/usr/src/redhat/SRPMS/postfix-2.3.3-2.1.src.rpm
已寫入:/usr/src/redhat/RPMS/i386/postfix-2.3.3-2.1.i386.rpm
已寫入:/usr/src/redhat/RPMS/i386/postfix-pflogsumm-2.3.3-2.1.i386.rpm
已寫入:/usr/src/redhat/RPMS/i386/postfix-debuginfo-2.3.3-2.1.i386.rpm
正在執行 (%clean)/bin/sh -e /var/tmp/rpm-tmp.73533
+ umask 022
+ cd /usr/src/redhat/BUILD
+ cd postfix-2.3.3
+ /bin/rm -rf /var/tmp/postfix-buildroot
+ exit 0           正常

cd /usr/src/redhat/RPMS/i386
rpm -ivh postfix-2.3.3-2.i386.rpm
chkconfig --levels 235 courier-authlib on
/etc/init.d/courier-authlib start
chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on

chkconfig --levels 235 saslauthd on
/etc/init.d/sendmail stop
/etc/init.d/postfix start
/etc/init.d/saslauthd start
chkconfig --levels 235 courier-imap on
/etc/init.d/courier-authlib restart
/etc/init.d/courier-imap restart
cd /usr/lib/courier-imap/share/
rm -f imapd.pem
rm -f pop3d.pem
vi /usr/lib/courier-imap/etc/imapd.cnf
        [...]
        CN=server1.example.com      輸入hostname
        [...]
vi /usr/lib/courier-imap/etc/pop3d.cnf
          [...]
        CN=server1.example.com
        [...]
./mkimapdcert
./mkpop3dcert

/etc/init.d/courier-authlib restart
/etc/init.d/courier-imap restart
yum install getmail
chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start
mysqladmin -u root password yourrootsqlpassword
vi /etc/httpd/conf.d/phpmyadmin.conf
        #phpmyadmin 只允許本機登入,所以可以在這加入信任IP
        #  Web application to manage MySQL
        #
     #
        #  Order Deny,Allow
        #  Deny from all
        #  Allow from 127.0.0.1 192.168.1.254 ß可加入信任IP
        #
        Alias /phpmyadmin /usr/share/phpmyadmin
        Alias /phpMyAdmin /usr/share/phpmyadmin
        Alias /mysqladmin /usr/share/phpmyadmin

vi /usr/share/phpmyadmin/config.inc.php
         [...]
       /* Authentication type */
       $cfg['Servers'][$i]['auth_type'] = 'http';
       [...]

chkconfig --levels 235 httpd on
/etc/init.d/httpd start
瀏覽器 登入http://192.168.1.254/phpmyadmin看能否登入
yum install amavisd-new spamassassin clamav clamd unzip bzip2 unrar perl-DBD-mysql
chkconfig --levels 235 amavisd on
chkconfig --levels 235 clamd on
/usr/bin/freshclam
/etc/init.d/amavisd start    
要先編輯 /etc/amavisd.conf
$mydomain = 'ezso.tw';   # a convenient default for other settings 輸入正確網址
$myhostname = 'ezso.tw';  # must be a fully-qualified domain name!  去掉#符號 輸入主機名稱
/etc/init.d/clamd start
mkdir /var/run/amavisd /var/spool/amavisd /var/spool/amavisd/tmp /var/spool/amavisd/db
chown amavis /var/run/amavisd /var/spool/amavisd /var/spool/amavisd/tmp /var/spool/amavisd/db

vi /etc/yum.repos.d/kbsingh-CentOS-Extras.repo
[...]
[kbs-CentOS-Testing]
name=CentOS.Karan.Org-EL$releasever - Testing
gpgcheck=0
gpgkey=http://centos.karan.org/RPM-GPG-KEY-karan.org.txt
enabled=1      1
baseurl=http://centos.karan.org/el$releasever/extras/testing/$basearch/RPMS/
yum install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-eaccelerator php-mbstring php-mcrypt php-mhash php-mssql php-snmp php-soap php-tidy curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel mod_fcgid php-cli httpd-devel

vi /etc/php.ini
        cgi.fix_pathinfo = 1   加到最後面一行
cd /tmp
wget http://www.suphp.org/download/suphp-0.7.0.tar.gz
tar xvfz suphp-0.7.0.tar.gz
cd suphp-0.7.0/
./configure --prefix=/usr --sysconfdir=/etc --with-apr=/usr/bin/apr-1-config --with-apxs=/usr/sbin/apxs \
--with-apache-user=apache --with-setid-mode=owner --with-php=/usr/bin/php-cgi \
--with-logfile=/var/log/httpd/suphp_log --enable-SUPHP_USE_USERGROUP=yes

make
make install
vi /etc/httpd/conf.d/suphp.conf
LoadModule suphp_module modules/mod_suphp.so
vi /etc/suphp.conf
[global]
;Path to logfile
logfile=/var/log/httpd/suphp.log
;Loglevel
loglevel=info
;User Apache is running as
webserver_user=apache
;Path all scripts have to be in
docroot=/
;Path to chroot() to before executing script
;chroot=/mychroot
; Security options
allow_file_group_writeable=true
allow_file_others_writeable=false
allow_directory_group_writeable=true
allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=true
;Send minor error messages to browser
errors_to_browser=false
;PATH environment variable
env_path=/bin:/usr/bin
;Umask to set, specify in octal notation
umask=0077
; Minimum UID
min_uid=100
; Minimum GID
min_gid=100
[handlers]
;Handler for php-scripts
x-httpd-suphp="php:/usr/bin/php-cgi"
;Handler for CGI-scripts
x-suphp-cgi="execute:!self"
/etc/init.d/httpd restart
yum install pure-ftpd
chkconfig --levels 235 pure-ftpd on

/etc/init.d/pure-ftpd start
wget http://mydns.bboy.net/download/mydns-mysql-1.1.0-1.i386.rpm

rpm -ivh mydns-mysql-1.1.0-1.i386.rpm
vi /etc/init.d/mydns
               # chkconfig: 345 52 50                 改成 # chkconfig: 345 65 50
chkconfig --levels 235 mydns on
yum install webalizer perl-DateTime-Format-HTTP perl-DateTime-Format-Builder
cd /tmp
wget http://n0rp.chemlab.org/vlogger/vlogger-1.3.tar.gz
tar xvfz vlogger-1.3.tar.gz
mv vlogger-1.3/vlogger /usr/sbin/
rm -rf vlogger*
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.5.tar.gz
tar xvfz jailkit-2.5.tar.gz
cd jailkit-2.5
./configure
make
make install

rm -rf jailkit-2.5*
yum install fail2ban
chkconfig --levels 235 fail2ban on
/etc/init.d/fail2ban start
yum install rkhunter
/etc/init.d/httpd restart
/usr/share/squirrelmail/config/conf.pl
               依序輸入 D  courier  press a key  s  q
 
vi /etc/squirrelmail/config_local.php
$default_folder_prefix                = '';
改成 //$default_folder_prefix        = '';
 
http://192.168.1.254/webmail 登入你的mail server
yum remove bind dovecot
cd /tmp

wget http://downloads.sourceforge.net/ispconfig/ISPConfig-3.0.1.tar.gz?use_mirror=

tar xvfz ISPConfig-3.0.1.tar.gz

cd ispconfig3_install/install/
php -q install.php     開始設定畫面
Select language (en,de) [en]:

Installation mode (standard,expert) [standard]: <-- ENTER

Full qualified hostname (FQDN) of the server, eg server1.domain.tld  [server1.example.com]: <-- ENTER

MySQL server hostname [localhost]: <-- ENTER

MySQL root username [root]: <-- ENTER

MySQL root password []: <-- yourrootsqlpassword

MySQL database to create [dbispconfig]: <-- ENTER

MySQL charset [utf8]: <-- ENTER
Country Name (2 letter code) [GB]: <-- ENTER

State or Province Name (full name) [Berkshire]: <-- ENTER

Locality Name (eg, city) [Newbury]: <-- ENTER

Organization Name (eg, company) [My Company Ltd]: <-- ENTER

Organizational Unit Name (eg, section) []: <-- ENTER

Common Name (eg, your name or your server's hostname) []: <-- ENTER

Email Address []: <-- ENTER
ISPConfig Port [8080]: <-- ENTER
 
測試登入ispconfig   http://192.168.1.254:8080 

沒有留言:

張貼留言