written by |
Mircea-Cristian Racasan |
Nutex VServer is an system for ISP that can manage one or more servers from one central place. One server could be the master server and the others the nodes. It provides 4 levels of administration: Admin, Reseller, Domain Owner and Email User. In every level of administration, one can manage its own data and the data of the underlying levels. It is written solely in PHP and uses XML-RPC and HTTPS to communicate with the nodes. It provides support for Apache (PHP + mod_ssl + mod_perl + Frontpage), qmail (vmailmgr + autorespond + ezmlm), Proftp, MySQL, Webalizer, Bind, Tomcat, Quota, Multi-Language, Skins and others.
It has its own instance of Apache that runs with the privileges of the user vserver. It uses sudo to change to root and manage everything. As it uses its own instance of apache it will still run in case the main apache on the same server has problems and won't restart anymore.
The master and the nodes use ssl to communicate. The master also has to know the password of the node's vserver. The node checks the ip of the caller and if it is not the ip of the server it won't respond. To enhance the security cracklib is used to check the passwords. There are checks to make the communication secure but you should consider to use a private network for the master-node communication.
There is also a notification system, so that if a user changes for example changes his data, his reseller and the admins get an notification email. The same if the reseller data gets changed the admins get an email. The quota gets checked once each day and if it gets exceeded for resellers or domains they get a notification email. Whenever the emails get sent, the notification system checks the language of every user that should get the emails and chooses the appropriate text.
In the frontend there is also a box on the left side in the default design that describes the page that the user sees.
I wrote this in my spare time to learn more about PHP and Linux and it is more or less a proof of concept. If you have any ideas or whatever let me know. My Email is Darx_Kies@GMX.NET.
- multi language
- it has skins support (smarty)
- it has reseller support
- it can be used to manage lots of servers
- the reseller gets one or more servers and ips that belong to the "owned" servers
- resellers, domain owners and users can manage their own data
- it uses cracklib to check how secure the passwords are
- it uses mysql
- qmail as mail server and vmailmgr for domains
- autorespond
- one quota for mysql, email, webspace and so on.
- wap
- jsp
- custom errors
- frontpage
- htaccess support
- notification system
- mailinglist support
- anonymous ftp for every domain
- php
- ssi
- cgi
- ssl
- statistics (webalizer)
- email aliases
- forwarding
- autorespond
......
USE IT ON YOUR OWN RISK. This is not for beginners and the installation is rather difficult, that's why I wrote almost all the commands that you need to install VServer.
By now there is only support for SuSE 8.2 Pro and United Linux 1.0. If someone is interested in porting it to other distros or even FreeBSD (it should be possible as almost everything that I used runs under FreeBSD as well.) let me know.
So this is the required software.
Note: In linux I would recommend that you set PermitRootLogin to no in /etc/ssh/sshd_config
and restart ssh with /etc/init.d/sshd restart.
First we need a partition for the ISP data, that has user and group quotas enabled.
I used the second harddisk drive and this is how I first created the partition:
vserver:~ # fdisk /dev/sdb
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF
disklabel
Building a new DOS disklabel. Changes will remain in memory only,
until you decide to write them. After that, of course, the previous
content won't be recoverable.
Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-522, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-522, default 522):
Using default value 522
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
And then reboot. It is safer that way.
Now we have to format the partition. I choosed ReiserFS as its File System. But you could
use ext3 as well.
vserver:~ # mkreiserfs /dev/sdb1
mkreiserfs 3.6.4 (2002 www.namesys.com)
mkreiserfs: Guessing about desired format..
mkreiserfs: Kernel 2.4.20-4GB-athlon is running.
Format 3.6 with standard journal
Count of blocks on the device: 1048233
Number of blocks consumed by mkreiserfs formatting process: 8243
Blocksize: 4096
Hash function used to sort names: "r5"
Journal Size 8193 blocks (first block 18)
Journal Max transaction length 1024
inode generation number: 0
UUID: e62347c7-56a1-428b-9d04-dea904e0ba74
ATTENTION: YOU SHOULD REBOOT AFTER FDISK!
ALL DATA WILL BE LOST ON '/dev/sdb1'!
Continue (y/n):y
Initializing journal - 0%....20%....40%....60%....80%....100%
Syncing..ok
Please visit www.namesys.com for information about ReiserFS sponsors
This line belongs to /etc/fstab:
/dev/sdb1 /var/isphome/ auto defaults,usrquota,grpquota 1 2
We create the directory of the mount point and mount it:
vserver:~ # mkdir /var/isphome
vserver:~ # mount /var/isphome/
The following command creates the quota files (aquota.user and aquota.group) in /var/isphome:
vserver:/var/isphome # quotacheck -guac
SuSE 8.2 note:
and add quota_v2 to INITRD_MODULES in /etc/sysconfig/kernel, run mk_initrd afterwards and reboot
This one turns the quota on:
vserver:/var/isphome # quotaon -augv
To turn the quota on at boot time:
For SuSE and United Linux
vserver:/var/isphome # chkconfig -s quota on
Now we should set the grace values. UnitedLinux has like 7 days but SuSE 8.2 one year or something like that. The commands bellow set the grace to 7 days for users and groups.
setquota -u -t 604800 604800 -a
setquota -g -t 604800 604800 -a
And now we have quota enabled.
Install the package of your distribution.
create the directory /var/isphome/webalizer
vserver:~ # mkdir /var/isphome/webalizer
This should be already installed. The dev package too. If not you should install it as it is needed by a couple of programs that we'll compile later.
You should install the package of your distribution. It is very important that the devel package of openssl is installed too.
Install the mysql package of your distribution.
For SuSE and United Linux
vserver:~ # chkconfig -s mysql on
Stop mysql in case it is running already as we want to move the data directory to /var/isphome
because of the quota for the databases.
vserver:~ # /etc/init.d/mysql stop
vserver:~ # cd /var/lib/
vserver:/var/lib # mv mysql/ /var/isphome/
vserver:/var/lib # mkdir mysql
vserver:/var/isphome # chown mysql /var/lib/mysql/
For SuSE and United Linux:
and now open /etc/init.d/mysql and edit the path for datadir
datadir=/var/isphome/mysql
vserver:~ # /etc/init.d/mysql start
vserver:/var/isphome # chmod go-rwx /var/lib/mysql/
And don't forget to set a password for the mysql root user.
This one should be already installed too. If not you know what to do. :D
For SuSE and United Linux:
vserver:~ # chkconfig -s named on
First create an install directory in your home directory and download apache 1.3.28, mod_ssl 2.8.15 and frontpage 2002 to that directory. Make sure openssl-devel and gdbm-devel are installed.
vserver:~ # tar xzfv install/fp50.linux.tar.gz
vserver:~ # tar xzfv install/apache_1.3.28.tar.gz
vserver:~ # tar xzfv install/mod_ssl-2.8.15-1.3.28.tar.gz
copy mod_frontpage.c to the modules/extra directory in apache
vserver:~ # cp frontpage/version5.0/apache-fp/mod_frontpage.c apache_1.3.28/src/modules/extra/
vserver:~ # cd mod_ssl-2.8.15-1.3.28/
vserver:~/mod_ssl-2.8.15-1.3.28 # ./configure --with-apache=../apache_1.3.28
vserver:~/mod_ssl-2.8.15-1.3.28 # cd ../apache_1.3.28/
vserver:~/apache_1.3.28 # export EAPI_MM=/usr/
vserver:~/apache_1.3.28 # ./configure \
--enable-module=ssl \
--enable-rule=EAPI \
--prefix=/usr/local/apache-1.3.28 \
--enable-module=so \
--add-module=src/modules/extra/mod_frontpage.c \
--enable-module=all \
--enable-shared=max \
--enable-suexec \
--enable-shared=frontpage \
--suexec-caller=nobody
vserver:~/apache_1.3.28 # make
NOTE: if you get something like this
`FNM_CASE_BLIND' undeclared (first use in this function)
edit the Makefiles in the directories where the error occurs and look for this line
INCLUDES1= -I/usr/include
and delete everything after =.
Does anyone know another way that happens?
vserver:~/apache_1.3.28 # make install
vserver:~/apache_1.3.28 # ln -s /usr/local/apache-1.3.28 /usr/local/apache
Now append export PATH=$PATH:/usr/local/apache/bin to /etc/profile and run:
vserver:~/apache_1.3.28 # source /etc/profile
Open /usr/local/apache/conf/httpd.conf and look for the line below:
AllowOverride None
and change AllowOverride to All. It has to be the one for the Document Root (/usr/local/apache-1.3.28/htdocs).
and add this two lines:
ResourceConfig /dev/null
AccessConfig /dev/null
Now remove the previous installed apache + php and all their modules in case they got installed.
vserver:~ # apachectl start
vserver:~/frontpage/version5.0 # ./fp_install.sh
Step 1. Setting Up Installation Environment
Setting umask 002
Logged in as root.
fp_install.sh
Revision: 1.24
Date: 2003/02/27 22:07:46
This script will step the user through upgrading existing and installing
new servers and webs. As with any software installation, a backup should be
done before continuing. It is recommended that the FrontPage installation
directory, server configuration file directory, and all web content be
backed up before continuing with this installation.
Are you satisfied with your backup of the system (y/n) [N]? Y
Directory /usr/local exists.
Root has necessary access to /usr/local.
Where would you like to install the FrontPage Server Extensions. If
you select a location other than /usr/local/frontpage/ then a symbolic
link will be created from /usr/local/frontpage/ to the location that
is chosen.
FrontPage Server Extensions directory [/usr/local/frontpage/]:
WARNING: Directory /usr/local/frontpage already exists.
Installation will overwrite existing files.
Continue the installation (y/n) [N]? Y
Step 2. Untarring the Extensions and Checking Protections
Version 5.0 FrontPage Server Extensions found.
Would you like to overwrite? (y/n) [Y]? y
Looking for tar file...
Platform is linux.
Cannot find the FrontPage Server Extensions tar file in /root/frontpage/version5.0/.
Which directory is the file located in (X to cancel)? /root/install
Where is the zcat which can uncompress gz files? /bin/zcat
Uncompressing/Untarring file /root/install/fp50.linux.tar.gz into /usr/local...
Step 3. Upgrading/Installing the extensions
Which version of Apache will you be using? (1.3 or 2.0) 1.3
Where is the current apache daemon located: []/usr/local/apache/bin/httpd
Currently running Apache/1.3.27
Checking for previous versions of FrontPage Server Extensions to upgrade...
You have no previous versions of FrontPage Server Extensions installed.
There are no settings to migrate!
Checking if the FrontPage patch to Apache is already installed.
The FrontPage server patch has not been installed in your server
You are running a newer version of Apache than supported by
this kit. Your Apache should work with this version, but check
our release notes to be sure.
You are already running mod_frontpage.so, no changes will be made
Checking for existing FrontPage web servers to upgrade...
Existing web servers were found; do you want to upgrade them now?
(If you answer "no", you can safely run this script again and answer "yes"
to upgrade your servers later.)
Upgrade now (y/n) [Y]? y
The file /usr/local/frontpage/version5.0/upgrade_results.txt will
contain Success/Fail status for the upgrades. When the upgrade is
complete you should examine this file to make sure that all of the
upgrades completed successfully.
Hit enter to continue
All existing servers will now be upgraded:
Upgrading using configuration file: /usr/local/frontpage/we80.cnf
Verifying web server configuration...
Getting DocumentRoot and UserDir.
Getting resource configuration file
Found Directive ResourceConfig, value /dev/null.
Getting DocumentRoot from /usr/local/apache/conf/httpd.conf
Getting UserDir from /usr/local/apache/conf/httpd.conf
DocumentRoot: /usr/local/apache-1.3.27/htdocs
UserDir: public_html
Found Directive AccessConfig, value /dev/null.
Upgrading server 80
Starting upgrade, port: 80.
Created: 24 Jun 2003 18:14:12 -0000
Version: 5.0.2.2634
Chowning Content in service /.
Port 80: Upgrade completed.
Upgraded Version: 5.0.2.2634.
Preparing to chown webs...
All requested upgrades to the new FrontPage Server Extensions have taken place.
The next step is to chown the web in order to guarantee that the extensions
will work properly. At this point you have two options:
1. This script will prompt you interactively for an owner and group of
each web and then perform the chown. If you do not have a lot of
webs you might want to choose this option.
2. This script will generate a script, which you can edit to fill in the
owner and group for each web, to run at a later date. If you have a
large number of webs you might want to choose this option.
Would you like interactive prompting for each webs owner/group (y/n) [Y]? y
Processing webs in port 80...
Getting DocumentRoot and UserDir.
Getting resource configuration file
Found Directive ResourceConfig, value /dev/null.
Getting DocumentRoot from /usr/local/apache/conf/httpd.conf
Getting UserDir from /usr/local/apache/conf/httpd.conf
DocumentRoot: /usr/local/apache-1.3.27/htdocs
UserDir: public_html
Getting DocumentRoot and UserDir.
Getting resource configuration file
Found Directive ResourceConfig, value /dev/null.
Getting DocumentRoot from /usr/local/apache/conf/httpd.conf
Getting UserDir from /usr/local/apache/conf/httpd.conf
DocumentRoot: /usr/local/apache-1.3.27/htdocs
UserDir: public_html
Who should own web root web on port 80 [nobody]:
What should the group for web root web on port 80 be [nobody]:
Using Apache V1
Starting chown, port: 80, web: "/".
DocumentRoot: "/usr/local/apache-1.3.27/htdocs"
Chowning Content in service /.
1. LATIN1 (ISO 8859-1)
2. LATIN2 (ISO 8859-2)
3. EUCJP (Japanese EUC)
4. EUCKR (Korean EUC)
Which local character encoding does your system support: [1]
1. English
2. French
3. German
4. Italian
5. Japanese
6. Spanish
What should the default language be: [1]
Setting /usr/local/frontpage/version5.0/frontpage.cnf to:
defaultLanguage:en
localCharEncoding:latin1
Copying /usr/local/frontpage/version5.0/frontpage.cnf to /usr/local/frontpage/version5.0/frontpage.cnf.orig
Creating and modifying new /usr/local/frontpage/version5.0/frontpage.cnf...
Note: Local version of Apache must use the FrontPage Apache patch.
See http://www.microsoft.com/frontpage/ for more details.
Note: If you have not installed the root web then you need to do it now.
Do you want to install a root web (y/n) [Y]?
Installing the root web...
Server config filename: /usr/local/apache/conf/httpd.conf
FrontPage Administrator's user name: fpadmin
Getting User from /usr/local/apache/conf/httpd.conf
Unix user name of the owner of this new web: [nobody]
Getting Group from /usr/local/apache/conf/httpd.conf
Unix group of this new web: [nobody]
Installing root web into port 80...
installing server / on port 80
Will chown web to nobody as part of install.
Will chgrp web to nobody as part of install.
Starting install, port: 80.
Created: 24 Jun 2003 18:14:12 -0000
Version: 5.0.2.2634
Server extensions already installed on port 80.
Reverting to upgrade.
Starting upgrade, port: 80.
Created: 24 Jun 2003 18:14:12 -0000
Version: 5.0.2.2634
Chowning Content in service /.
Port 80: Upgrade completed.
Upgraded Version: 5.0.2.2634.
Install new sub/per-user webs now (y/n) [Y]? n
For details on how to upgrade servers manually, please see
the Server Extension Resource Kit (SERK), located at
http://www.microsoft.com/frontpage
Installing Virtual Webs..
Do you want to install Virtual Webs (y/n) [Y]? n
Installation completed! Exiting...
Note: the frontpage install part kinda sux. The older versions were a pain in the ... you know what. I had to hack it to get installed. The intstall of the latest version runs more or less smoothly. After a couple of tries it will get installed.
For SuSE and United Linux
vserver:~ # ln -s /usr/local/apache/bin/apachectl /etc/rc.d/rc3.d/S90apache
First make sure cracklib, curl-devel, gd-devel, libpng-devel, pam_devel and imap-devel are installed
Download php 4.3.3, cracklib 2.7 and curl-7.10.7.tar.bz2 (the later if you use debian) in install and unpack them:
vserver:~ # tar xzfv install/cracklib,2.7.tar.gz
vserver:~ # bzcat install/php-4.3.3.tar.bz2 | tar xfv -
php needs the include file packer.h so we have to copy the file /usr/include
vserver:~ # cp cracklib,2.7/cracklib/packer.h /usr/include/
vserver:~ # cd php-4.3.3/
vserver:~/php-4.3.3 # ./configure \
--prefix=/usr/local/php-4.3.3/ \
--enable-track-vars\
--enable-bcmath \
--enable-calendar \
--enable-ftp=shared \
--enable-wddx \
--enable-versioning \
--enable-track-vars=yes \
--enable-url-includes \
--enable-trans-sid \
--enable-sysvshm=yes \
--enable-sysvsem=yes \
--with-apxs=/usr/local/apache/bin/apxs \
--with-mysql=shared \
--with-zlib \
--with-gettext=shared \
--with-pear \
--with-ssl=shared \
--with-curl=shared \
--with-imap=shared \
--disable-magic-quotes \
--with-openssl \
--with-imap-ssl \
--with-gd=shared \
--with-crack=shared \
--with-mm
vserver:~/php-4.3.3 # make
vserver:~/php-4.3.3 # make install
vserver:~/php-4.3.3 # ln -s /usr/local/php-4.3.3 /usr/local/php
And now add as above /usr/local/php/bin to PATH in profile and reload /etc/profile with source /etc/profile.
vserver:~/php-4.3.3 # cp php.ini-dist /usr/local/php/lib/php.ini
now open /usr/local/php/lib/php.ini and edit the extension_dir line and it should look like this:
extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20020429"
and add this lines so that the php extensions get loaded:
extension=crack.so
extension=curl.so
extension=ftp.so
extension=gd.so
extension=gettext.so
extension=imap.so
extension=mysql.so
Append the block bellow to /usr/local/apache/conf/httpd.conf
<VirtualHost 192.168.109.136>
AddType application/x-httpd-php .php .php4
DocumentRoot /usr/local/apache-1.3.28/htdocs
ServerName vserver.nutex
</VirtualHost>
You should replace the name of the server name and the ip with the proper ones.
and now restart apache with: apachectl restart
perl has to be already installed then download mod_perl 1.0 in install and unpack it:
vserver:~ # tar xzfv install/mod_perl-1.0-current.tar.gz
vserver:~ # cd mod_perl-1.27/
vserver:~/mod_perl-1.27 # perl Makefile.PL USE_APXS=1 WITH_APXS=/usr/local/apache/bin/apxs EVERYTHING=1
vserver:~/mod_perl-1.27 # make
vserver:~/mod_perl-1.27 # make install
vserver:~/mod_perl-1.27 # apachectl restart
Download proftpd 1.2.8 and put it in install and unpack it:
vserver:~ # bzcat install/proftpd-1.2.8.tar.bz2 | tar xfv -
vserver:~ # cd proftpd-1.2.8/
vserver:~/proftpd-1.2.8 # ./configure --prefix=/usr/local/proftpd-1.2.8
vserver:~/proftpd-1.2.8 # make
vserver:~/proftpd-1.2.8 # make install
vserver:~/proftpd-1.2.8 # ln -s /usr/local/proftpd-1.2.8/ /usr/local/proftpd
put this lines in /etc/init.d/proftpd
#!/bin/bash
proftpd=/usr/local/proftpd/sbin/proftpd
conf=/usr/local/proftpd/etc/proftd.conf
pid=/usr/local/proftpd/var/proftpd.pid
start() {
echo -e $"Starting ProFTPd"
$proftpd
}
stop() {
echo -e $"Shutting down ProFTPd"
killproc $proftpd -p $pid
}
restart() {
echo -e $"Restarting ProFTPd"
killproc -HUP $proftpd -p $pid
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
vserver:~/proftpd-1.2.8 # chmod u+x /etc/init.d/proftpd
vserver:/etc/init.d # ln -s /etc/init.d/proftpd /etc/rc.d/rc3.d/S90proftpd
vserver:~ # /etc/init.d/proftpd start
To install qmail and the related components, I heavily used "Life With Qmail" so in case something bellow won't work as described take a look an visit that link.
http://qmail.org/moni.csi.hu/pub/glibc-2.3.1/daemontools-0.76.errno.patch
http://qmail.org/moni.csi.hu/pub/glibc-2.3.1/checkpassword-0.90.errno.patch
http://qmail.org/moni.csi.hu/pub/glibc-2.3.1/qmail-1.03.errno.patch
http://qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88.errno.patch
ftp://cr.yp.to/software/qmail-1.03.tar.gz
ftp://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz
ftp://cr.yp.to/daemontools/daemontools-0.76.tar.gz
http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gz
http://untroubled.org/relay-ctrl/relay-ctrl-3.1.1.tar.gz
http://www.lifewithqmail.org/qmailctl-script-dt70
http://untroubled.org/vmailmgr/current/vmailmgr-0.96.9-2.i386.rpm
http://untroubled.org/qmail-autoresponder/qmail-autoresponder-0.96.1.tar.gz
http://untroubled.org/bglibs/bglibs-1.009.tar.gz
http://cr.yp.to/cdb/cdb-0.75.tar.gz
http://gd.tuwien.ac.at/infosys/mail/qmail/ezmlm-patches/ezmlm-0.53.tar.gz
http://gd.tuwien.ac.at/infosys/mail/qmail/ezmlm-patches/ezmlm-idx-0.324.tar.gz
vserver:~ # tar xzfv install/qmail-1.03.tar.gz
vserver:~ # patch -p0 < install/qmail-1.03.errno.patch
vserver:~ # mkdir -p /var/qmail/control
vserver:~ # groupadd nofiles
vserver:~ # useradd -g nofiles -d /var/qmail/alias alias
vserver:~ # useradd -g nofiles -d /var/qmail qmaild
vserver:~ # useradd -g nofiles -d /var/qmail qmaill
vserver:~ # useradd -g nofiles -d /var/qmail qmailp
vserver:~ # groupadd qmail
vserver:~ # useradd -g qmail -d /var/qmail qmailq
vserver:~ # useradd -g qmail -d /var/qmail qmailr
vserver:~ # useradd -g qmail -d /var/qmail qmails
vserver:~ # cd qmail-1.03/
vserver:~/qmail-1.03 # make setup check
vserver:~/qmail-1.03 # ./config-fast vserver.nutex
Your fully qualified host name is vserver.nutex.
Putting vserver.nutex into control/me...
Putting vserver.nutex into control/defaultdomain...
Putting vserver.nutex into control/plusdomain...
Putting vserver.nutex into control/locals...
Putting vserver.nutex into control/rcpthosts...
Now qmail will refuse to accept SMTP messages except to vserver.nutex.
Make sure to change rcpthosts if you add hosts to locals or virtualdomains!
change vserver.nutex to your hostname.
vserver:~/qmail-1.03 # cd ..
vserver:~ # tar xzfv install/ucspi-tcp-0.88.tar.gz
vserver:~ # patch -p0 < install/ucspi-tcp-0.88.errno.patch
vserver:~ # cd ucspi-tcp-0.88/
vserver:~/ucspi-tcp-0.88 # make
vserver:~/ucspi-tcp-0.88 # make setup check
vserver:~/ucspi-tcp-0.88 # cd ..
vserver:~ # tar xzfv install/daemontools-0.76.tar.gz
vserver:~ # mkdir -p /package
vserver:~ # chmod 1755 /package
vserver:~ # mv admin/ /package/
vserver:~ # cd /package/admin/
vserver:/package/admin # patch -p0 < /root/install/daemontools-0.76.errno.patch
vserver:/package/admin # cd daemontools-0.76/
vserver:/package/admin/daemontools-0.76 # package/install
open /var/qmail/rc and put this into it:
#!/bin/sh # Using stdout for logging # Using control/defaultdelivery from qmail-local to deliver messages by default exec env - PATH="/var/qmail/bin:$PATH" \ qmail-start "`cat /var/qmail/control/defaultdelivery`"
vserver:~ # chmod 755 /var/qmail/rc
vserver:~ # mkdir /var/qmail/log
vserver:~ # echo "./email/" > /var/qmail/control/defaultdelivery
vserver:~ # cp install/qmailctl-script-dt70 /var/qmail/bin/qmailctl
vserver:~ # chmod 755 /var/qmail/bin/qmailctl
vserver:~ # ln -s /var/qmail/bin/qmailctl /usr/bin/
vserver:~ # mkdir -p /var/qmail/supervise/qmail-send/log
vserver:~ # mkdir -p /var/qmail/supervise/qmail-smtpd/log
Create the file /var/qmail/supervise/qmail-send/run
#!/bin/sh exec /var/qmail/rc
Create the file /var/qmail/supervise/qmail-send/log/run
#!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/qmail/log
Create the file /var/qmail/supervise/qmail-smtpd/run
#!/bin/bash QMAILDUID=`id -u qmaild` NOFILESGID=`id -g qmaild` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` exec /usr/local/bin/softlimit -m 2000000 \ envdir /etc/relay-ctrl \ /usr/local/bin/relay-ctrl-chdir \ /usr/local/bin/tcpserver -v -R -l 0 -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /usr/local/bin/relay-ctrl-check /var/qmail/bin/qmail-smtpd 2>&1
vserver:~ # echo 20 > /var/qmail/control/concurrencyincoming
vserver:~ # chmod 644 /var/qmail/control/concurrencyincoming
Create the file /var/qmail/supervise/qmail-smtpd/log/run
#!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/qmail/log/smtpd
vserver:~ # chmod 755 /var/qmail/supervise/qmail-send/run
vserver:~ # chmod 755 /var/qmail/supervise/qmail-send/log/run
vserver:~ # chmod 755 /var/qmail/supervise/qmail-smtpd/run
vserver:~ # chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
vserver:~ # mkdir -p /var/qmail/log/smtpd
vserver:~ # chown qmaill /var/qmail/log/ /var/qmail/log/smtpd/
vserver:~ # ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd
/service
vserver:~ # qmailctl stop
vserver:~ # echo '127.:allow,RELAYCLIENT=""' > /etc/tcp.smtp
vserver:~ # qmailctl cdb
Reloaded /etc/tcp.smtp.
vserver:~ # rpm -e --nodeps postfix
To fully remove postfix
vserver:~ # killall qmgr
vserver:~ # ln -s /var/qmail/bin/sendmail /usr/lib/
vserver:~ # ln -s /var/qmail/bin/sendmail /usr/sbin/
Replace darxkies with the name of the admin user that takes care of the system (not root but a normal unix user.)
vserver:~ # echo "darxkies" > /var/qmail/alias/.qmail-root
vserver:~ # echo "darxkies" > /var/qmail/alias/.qmail-postmaster
vserver:~ # ln -s /var/qmail/alias/.qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
vserver:~ # chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster
vserver:~ # /var/qmail/bin/maildirmake /etc/skel/email
vserver:~ # echo "./email/" > /etc/skel/.qmail
For the users that already exist you have to copy the email directory and the .qmail files to the home directory of that users and change the owner of them so that the delivery can work.
---------------------------------------------------------------------------
vserver:~ # tar xzfv install/checkpassword-0.90.tar.gz
vserver:~ # patch -p0 < install/checkpassword-0.90.errno.patch
patching file checkpassword-0.90/error.h
vserver:~ # cd checkpassword-0.90/
vserver:~/checkpassword-0.90 # make
vserver:~/checkpassword-0.90 # make setup check
-----------------------------------------------------------------------------------
vserver:~/checkpassword-0.90 # mkdir -p /var/qmail/supervise/qmail-pop3d/log
Create the file /var/qmail/supervise/qmail-pop3d/run
#!/bin/bash exec /usr/local/bin/softlimit -m 2000000 \ envdir /etc/relay-ctrl \ /usr/local/bin/relay-ctrl-chdir \ /usr/local/bin/tcpserver -v -R -H -l 0 0 110 /var/qmail/bin/qmail-popup \ vserver.nutex /usr/bin/checkvpw /usr/local/bin/relay-ctrl-allow /var/qmail/bin/qmail-pop3d email 2>&1
Note: replace vserver.nutex with your hostname.
Create a /var/qmail/supervise/qmail-pop3d/log/run script containing
#!/bin/sh exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \ /var/qmail/log/pop3d
vserver:~ # mkdir /var/qmail/log/pop3d
vserver:~ # chown qmaill /var/qmail/log/pop3d/
vserver:~ # chmod 755 /var/qmail/supervise/qmail-pop3d/run
vserver:~ # chmod 755 /var/qmail/supervise/qmail-pop3d/log/run
vserver:~ # ln -s /var/qmail/supervise/qmail-pop3d/ /service/
Open /var/qmail/bin/qmailctl and append to the sections bellow the coresponding code:
start:
if svok /service/qmail-pop3d ; then
svc -u /service/qmail-pop3d /service/qmail-pop3d/log
else
echo "qmail-pop3d supervise not
running"
fi
stop:
echo " qmail-pop3d"
svc -d /service/qmail-pop3d /service/qmail-pop3d/log
stat:
svstat /service/qmail-pop3d
svstat /service/qmail-pop3d/log
pause:
echo "Pausing qmail-pop3d"
svc -p /service/qmail-pop3d
cont:
echo "Continuing qmail-pop3d"
svc -c /service/qmail-pop3d
restart:
echo "* Restarting qmail-pop3d."
svc -t /service/qmail-pop3d /service/qmail-pop3d/log
-----------------------------------------------relay-ctrl--------------------------------
vserver:~ # tar xzfv install/relay-ctrl-3.1.1.tar.gz
vserver:~ # cd relay-ctrl-3.1.1/
vserver:~/relay-ctrl-3.1.1 # make
vserver:~/relay-ctrl-3.1.1 # ./installer
vserver:~/relay-ctrl-3.1.1 # mkdir /etc/relay-ctrl
vserver:~ # echo "/var/spool/relay-ctrl/allow" > /etc/relay-ctrl/RELAY_CTRL_DIR
vserver:~ # mkdir -p /var/spool/relay-ctrl/allow
vserver:~ # chmod 700 /var/spool/relay-ctrl/
vserver:~ # chmod 777 /var/spool/relay-ctrl/allow/
Add the following line to your cron:
* * * * * /usr/local/bin/envdir /etc/relay-ctrl /usr/local/bin/relay-ctrl-age
-----------------------------------------------relay-ctrl--------------------------------
-----------------------------------------------vmailmgr--------------------------------
vserver:~ # rpm -i install/vmailmgr-0.96.9-2.i386.rpm
I used the rpm version as trying to install from the sources failed due to gcc 3.3 compile bugs.
vserver:~ # touch /var/qmail/control/virtualdomains
-----------------------------------------------vmailmgr--------------------------------
-----------------------------------------------autoresponder--------------------------------
Note: install mysql-devel
vserver:~ # tar xzfv install/bglibs-1.009.tar.gz
vserver:~ # cd bglibs-1.009/
open selftests.sh, replace the last line with true and run make
vserver:~/bglibs-1.009 # mkdir /usr/local/bglibs/
vserver:~/bglibs-1.009 # make
vserver:~/bglibs-1.009 # ./installer
vserver:~ # tar xzfv install/qmail-autoresponder-0.96.1.tar.gz
vserver:~ # cd qmail-autoresponder-0.96.1/
Note: open main.c and search for usage_str and change it to this
static const char* usage_str = "test";
/*
"usage: %s [-cqDNT] [-n NUM] [-s STR] [-t TIME] %s
-c Copy message into response
-n NUM Set the maximum number of replies (defaults to 1)
-s STR Add the subject to the autoresponse, prefixed by STR
-t TIME Set the time interval, in seconds (defaults to 1 hour)
-q Don't show error messages
-D Don't remove old response records
-N Don't send, just send autoresponse to standard output
If more than NUM messages are received from the same sender
within TIME seconds of each other, no response is sent.
This program must be run by qmail.
%s";*/
gcc had problems to compile that. no idea why.
vserver:~/qmail-autoresponder-0.96.1 # make
vserver:~/qmail-autoresponder-0.96.1 # ./installer
Create the file /etc/vmailmgr/vdeliver-postdeliver
#!/bin/sh if test -s $MAILDIR/autoresponse/message.txt then qmail-autoresponder message.txt $MAILDIR/autoresponse fi
vserver:~/qmail-autoresponder-0.96.1 # chmod a+x /etc/vmailmgr/vdeliver-postdeliver
-----------------------------------------------autoresponder--------------------------------
------------------------------------------cdb--------------------------------------
cdb install procedure. it installs cdbdump used to analyze the vmailmgr password files.
vserver:~ # tar xzfv install/cdb-0.75.tar.gz
vserver:~ # cd cdb-0.75/
open error.h and add #include <errno.h> after
#ifndef ERROR_H
#define ERROR_H
vserver:~/cdb-0.75 # make
vserver:~/cdb-0.75 # make setup check
------------------------------------------cdb--------------------------------------
----------------------------------------ezmlm-idx----------------------------------
vserver:~ # tar xzfv install/ezmlm-0.53.tar.gz
vserver:~ # tar xzfv install/ezmlm-idx-0.324.tar.gz
sserver:~ # mv ezmlm-idx-0.324/* ezmlm-0.53/
vserver:~ # cd ezmlm-0.53/
vserver:~/ezmlm-0.53 # patch < idx.patch
edit conf-bin and remove ezmlm from /usr/local/bin/ezmlm
now do the same as above, open error.h and add the #include <errno.h> after
#ifndef ERROR_H
#define ERROR_H
vserver:~/ezmlm-0.53 # make
vserver:~/ezmlm-0.53 # make man
vserver:~/ezmlm-0.53 # make setup
to test it send an email mailing-help@<domain> after enabling it in the frontend
for <domain>
----------------------------------------ezmlm-idx----------------------------------
now it should work.
install jakarta-tomcat from your linux cds
vserver:~ # chkconfig -s tomcat on
vserver:~ # /etc/init.d/tomcat start
append the 3 line bellow to /usr/local/apache/conf/httpd.conf
JkWorkersFile /opt/jakarta/tomcat/conf/workers.properties
JkLogFile /usr/local/apache/logs/mod_jk.log
JkLogLevel error
add the 2 lines bellow to the loadmodule and addmodule blocks
LoadModule jk_module /usr/lib/apache/mod_jk.so
AddModule mod_jk.c
and restart apache with apachectl restart
Look for the first occurance of the following code block in /opt/jakarta/tomcat/conf/server.xml
</Host>
</Engine>
and change it to this
</Host>
<!--vserver-->
</Engine>
http://smarty.php.net/download.php
http://xmlrpc.usefulinc.com/php.html#download
You can get the latest version of Nutex VServer from here.
install sudo
append to /etc/sudoers
vserver ALL=PASSWD: ALL
vserver:/var # groupadd vserver
vserver:~ # useradd vserver -m -d /var/vserver -g vserver
vserver:~ # passwd vserver
vserver:~# chgrp vserver /var/isphome/mysql/
vserver:~# chmod g+rwx /var/isphome/mysql/
Remove all the files that are not needed.
vserver:~ # rm -Rf /var/vserver/*
vserver:~ # rm -Rf /var/vserver/.*
Copy the content of vserver.tgz to /var/vserver
vserver:/var # tar xzfv /root/install/vserver.tgz
vserver:/var # chmod go-rwx vserver -R
vserver:/var # chmod u+rwx vserver -R
vserver:/var # chown vserver.vserver vserver/ -R
vserver:/var/vserver # su -l vserver
vserver@vserver:~> cd etc/
vserver@vserver:~/etc> openssl genrsa -rand file1:file2:file3:file4:file5
-out server.key 1024
0 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
...............................++++++
......++++++
e is 65537 (0x10001)
vserver@vserver:~/etc> openssl req -new -key server.key -out server.csr
Using configuration from /etc/ssl/openssl.cnf
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:at
State or Province Name (full name) [Some-State]:st
Locality Name (eg, city) []:graz
Organization Name (eg, company) [Internet Widgits Pty Ltd]:nutex
Organizational Unit Name (eg, section) []:vserver
Common Name (eg, YOUR name) []:vserver.nutex
Email Address []:darx_kies@gmx.net
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
vserver@vserver:~/etc> openssl x509 -req -in server.csr -signkey server.key
-out server.crt
Signature ok
subject=/C=at/ST=st/L=graz/O=nutex/OU=vserver/CN=vserver.nutex/Email=darx_kies@gmx.net
Getting Private key
vserver@vserver:~> exit
vserver:~ # cd /usr/local/
vserver:/usr/local # tar xzfv /root/install/Smarty-2.5.0.tar.gz
vserver:/usr/local # ln -s Smarty-2.5.0/ smarty
vserver:/usr/local # tar xzfv /root/install/xmlrpc-1.0.99.2.tar.gz
vserver:/usr/local # ln -s xmlrpc-1.0.99.2/ xmlrpc
edit /usr/local/php/lib/php.ini and edit this line:
include_path = ".:/usr/local/php/lib/php:/usr/local/smarty/libs:/usr/local/xmlrpc"
end set register_globals = on
mysql.default_socket = /var/lib/mysql/mysql.sock
and append this lines
[crack]
crack.default_dictionary=/usr/lib/cracklib_dict
vserver:~ # ln -s /var/vserver/bin/vserver.sh /etc/init.d/vserver
vserver:~ # ln -s /etc/init.d/vserver /etc/rc.d/rc3.d/S90vserver
restart apache (both)
vserver:/usr/local # apachectl restart
vserver:/usr/local # /etc/init.d/vserver start
If you want a node skip the mysql part.
vserver:~ # mysql -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 3.23.55-log
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> create database vserver;
Query OK, 1 row affected (0.00 sec)
mysql> grant all privileges on vserver.* to vserver@localhost identified by 'vserver';
Query OK, 0 rows affected (0.00 sec)
mysql>
Change the MySQL root password to a more suitable one
vserver:/var/vserver/dox # mysql -p vserver < vserver.sql
Append to /usr/local/apache/conf/httpd.conf
Include /usr/local/apache/conf/namevirtualhosts
Create the file above and restart apache
vserver:~ # touch /usr/local/apache/conf/namevirtualhosts
remove from /etc/skel everything you don't need
Remove fpadmcgi.exe from /usr/local/frontpage/version5.0/exes/_vti_bin/_vti_adm
Open /var/vserver/etc/config.ini and check the settings there. Make sure everything is where it should be, that means the paths are ok and so on. Search for node_password and set a valid password. Set password to the unix password of the user vserver in the [admin] section.
If you want to setup only a node then set enable in the [node] section to true and customize modules/index/templates/default/node.tpl to for exmample redirect to the master or something else. You could delete in htdocs index.php or server.php depending on what you want.
Now run crontab -e and add the lines bellow depending on what kind of vserver you run.
Node:
0 3 * * * cd ~vserver/bin; /usr/local/php/bin/php ~vserver/bin/node_cron.php
Server:
0 3 * * * cd ~vserver/bin; /usr/local/php/bin/php ~vserver/bin/server_cron.php
The server uses by default the port 4443 and https. https://192.168.109.144:4443/ for example. When you access the frontend for the first time you have to add an admin user and then the login page comes. Then you have to add a server and an IP for that server and after that a reseller. When you have a reseller you can add domains and email users.
Have fun. :D