Nutex VServer

written by
Mircea-Cristian Racasan

Introduction

Nutex VServer is an system for ISP that can manage one or more servers from one central place. One server could be the master server and the others the nodes. It provides 4 levels of administration: Admin, Reseller, Domain Owner and Email User. In every level of administration, one can manage its own data and the data of the underlying levels. It is written solely in PHP and uses XML-RPC and HTTPS to communicate with the nodes. It provides support for Apache (PHP + mod_ssl + mod_perl + Frontpage), qmail (vmailmgr + autorespond + ezmlm), Proftp, MySQL, Webalizer, Bind, Tomcat, Quota, Multi-Language, Skins and others.

It has its own instance of Apache that runs with the privileges of the user vserver. It uses sudo to change to root and manage everything. As it uses its own instance of apache it will still run in case the main apache on the same server has problems and won't restart anymore.

The master and the nodes use ssl to communicate. The master also has to know the password of the node's vserver. The node checks the ip of the caller and if it is not the ip of the server it won't respond. To enhance the security cracklib is used to check the passwords. There are checks to make the communication secure but you should consider to use a private network for the master-node communication.

There is also a notification system, so that if a user changes for example changes his data, his reseller and the admins get an notification email. The same if the reseller data gets changed the admins get an email. The quota gets checked once each day and if it gets exceeded for resellers or domains they get a notification email. Whenever the emails get sent, the notification system checks the language of every user that should get the emails and chooses the appropriate text.

In the frontend there is also a box on the left side in the default design that describes the page that the user sees.

I wrote this in my spare time to learn more about PHP and Linux and it is more or less a proof of concept. If you have any ideas or whatever let me know. My Email is Darx_Kies@GMX.NET.

Features

- multi language

- it has skins support (smarty)

- it has reseller support

- it can be used to manage lots of servers

- the reseller gets one or more servers and ips that belong to the "owned" servers

- resellers, domain owners and users can manage their own data

- it uses cracklib to check how secure the passwords are

- it uses mysql

- qmail as mail server and vmailmgr for domains

- autorespond

- one quota for mysql, email, webspace and so on.

- wap

- jsp

- custom errors

- frontpage

- htaccess support

- notification system

- mailinglist support

- anonymous ftp for every domain

- php

- ssi

- cgi

- ssl

- statistics (webalizer)

- email aliases

- forwarding

- autorespond

......

Installation

USE IT ON YOUR OWN RISK. This is not for beginners and the installation is rather difficult, that's why I wrote almost all the commands that you need to install VServer.

By now there is only support for SuSE 8.2 Pro and United Linux 1.0. If someone is interested in porting it to other distros or even FreeBSD (it should be possible as almost everything that I used runs under FreeBSD as well.) let me know.

So this is the required software.

Note: In linux I would recommend that you set PermitRootLogin to no in /etc/ssh/sshd_config and restart ssh with /etc/init.d/sshd restart.
 

Quota

First we need a partition for the ISP data, that has user and group quotas enabled.

I used the second harddisk drive and this is how I first created the partition:

vserver:~ # fdisk /dev/sdb
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel
Building a new DOS disklabel. Changes will remain in memory only,
until you decide to write them. After that, of course, the previous
content won't be recoverable.

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite)

Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-522, default 1):
Using default value 1
Last cylinder or +size or +sizeM or +sizeK (1-522, default 522):
Using default value 522

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.
Syncing disks.

And then reboot. It is safer that way.

Now we have to format the partition. I choosed ReiserFS as its File System. But you could

use ext3 as well.

vserver:~ # mkreiserfs /dev/sdb1
mkreiserfs 3.6.4 (2002 www.namesys.com)
mkreiserfs: Guessing about desired format..
mkreiserfs: Kernel 2.4.20-4GB-athlon is running.
Format 3.6 with standard journal
Count of blocks on the device: 1048233
Number of blocks consumed by mkreiserfs formatting process: 8243
Blocksize: 4096
Hash function used to sort names: "r5"
Journal Size 8193 blocks (first block 18)
Journal Max transaction length 1024
inode generation number: 0
UUID: e62347c7-56a1-428b-9d04-dea904e0ba74
ATTENTION: YOU SHOULD REBOOT AFTER FDISK!
ALL DATA WILL BE LOST ON '/dev/sdb1'!
Continue (y/n):y
Initializing journal - 0%....20%....40%....60%....80%....100%
Syncing..ok
Please visit www.namesys.com for information about ReiserFS sponsors
 

This line belongs to /etc/fstab:

/dev/sdb1 /var/isphome/ auto defaults,usrquota,grpquota 1 2
 

We create the directory of the mount point and mount it:

vserver:~ # mkdir /var/isphome

vserver:~ # mount /var/isphome/

The following command creates the quota files (aquota.user and aquota.group) in /var/isphome:

vserver:/var/isphome # quotacheck -guac

SuSE 8.2 note:

and add quota_v2 to INITRD_MODULES in /etc/sysconfig/kernel, run mk_initrd afterwards and reboot

This one turns the quota on:

vserver:/var/isphome # quotaon -augv
 

To turn the quota on at boot time:

For SuSE and United Linux

vserver:/var/isphome # chkconfig -s quota on
 

Now we should set the grace values. UnitedLinux has like 7 days but SuSE 8.2 one year or something like that. The commands bellow set the grace to 7 days for users and groups.

setquota -u -t 604800 604800 -a
setquota -g -t 604800 604800 -a
 

And now we have quota enabled.

webalizer

Install the package of your distribution.

create the directory /var/isphome/webalizer

vserver:~ # mkdir /var/isphome/webalizer
 

mm

This should be already installed. The dev package too. If not you should install it as it is needed by a couple of programs that we'll compile later.

openssl

You should install the package of your distribution. It is very important that the devel package of openssl is installed too.

mysql

Install the mysql package of your distribution.

For SuSE and United Linux

vserver:~ # chkconfig -s mysql on

Stop mysql in case it is running already as we want to move the data directory to /var/isphome

because of the quota for the databases.

vserver:~ # /etc/init.d/mysql stop

vserver:~ # cd /var/lib/

vserver:/var/lib # mv mysql/ /var/isphome/

vserver:/var/lib # mkdir mysql

vserver:/var/isphome # chown mysql /var/lib/mysql/

For SuSE and United Linux:

and now open /etc/init.d/mysql and edit the path for datadir

datadir=/var/isphome/mysql

vserver:~ # /etc/init.d/mysql start

vserver:/var/isphome # chmod go-rwx /var/lib/mysql/

And don't forget to set a password for the mysql root user.

bind

This one should be already installed too. If not you know what to do. :D

For SuSE and United Linux:

vserver:~ # chkconfig -s named on

apache + mod_ssl + frontpage

First create an install directory in your home directory and download apache 1.3.28, mod_ssl 2.8.15 and frontpage 2002 to that directory. Make sure openssl-devel and gdbm-devel are installed.

vserver:~ # tar xzfv install/fp50.linux.tar.gz

vserver:~ # tar xzfv install/apache_1.3.28.tar.gz

vserver:~ # tar xzfv install/mod_ssl-2.8.15-1.3.28.tar.gz

copy mod_frontpage.c to the modules/extra directory in apache

vserver:~ # cp frontpage/version5.0/apache-fp/mod_frontpage.c apache_1.3.28/src/modules/extra/

vserver:~ # cd mod_ssl-2.8.15-1.3.28/

vserver:~/mod_ssl-2.8.15-1.3.28 # ./configure --with-apache=../apache_1.3.28

vserver:~/mod_ssl-2.8.15-1.3.28 # cd ../apache_1.3.28/

vserver:~/apache_1.3.28 # export EAPI_MM=/usr/

vserver:~/apache_1.3.28 # ./configure \
--enable-module=ssl \
--enable-rule=EAPI \
--prefix=/usr/local/apache-1.3.28 \
--enable-module=so \
--add-module=src/modules/extra/mod_frontpage.c \
--enable-module=all \
--enable-shared=max \
--enable-suexec \
--enable-shared=frontpage \
--suexec-caller=nobody

vserver:~/apache_1.3.28 # make

NOTE: if you get something like this

`FNM_CASE_BLIND' undeclared (first use in this function)
 

edit the Makefiles in the directories where the error occurs and look for this line

INCLUDES1= -I/usr/include

and delete everything after =.

Does anyone know another way that happens?
 

vserver:~/apache_1.3.28 # make install

vserver:~/apache_1.3.28 # ln -s /usr/local/apache-1.3.28 /usr/local/apache

Now append export PATH=$PATH:/usr/local/apache/bin to /etc/profile and run:

vserver:~/apache_1.3.28 # source /etc/profile
   

Open /usr/local/apache/conf/httpd.conf and look for the line below:

AllowOverride None
 

and change AllowOverride to All. It has to be the one for the Document Root (/usr/local/apache-1.3.28/htdocs).

and add this two lines:

ResourceConfig /dev/null
AccessConfig /dev/null
 

Now remove the previous installed apache + php and all their modules in case they got installed.


vserver:~ # apachectl start
 

vserver:~/frontpage/version5.0 # ./fp_install.sh

Step 1. Setting Up Installation Environment

Setting umask 002
Logged in as root.

fp_install.sh

Revision: 1.24
Date: 2003/02/27 22:07:46

This script will step the user through upgrading existing and installing
new servers and webs. As with any software installation, a backup should be
done before continuing. It is recommended that the FrontPage installation
directory, server configuration file directory, and all web content be
backed up before continuing with this installation.

Are you satisfied with your backup of the system (y/n) [N]? Y

Directory /usr/local exists.
Root has necessary access to /usr/local.

Where would you like to install the FrontPage Server Extensions. If
you select a location other than /usr/local/frontpage/ then a symbolic
link will be created from /usr/local/frontpage/ to the location that
is chosen.

FrontPage Server Extensions directory [/usr/local/frontpage/]:
WARNING: Directory /usr/local/frontpage already exists.
Installation will overwrite existing files.

Continue the installation (y/n) [N]? Y


Step 2. Untarring the Extensions and Checking Protections

Version 5.0 FrontPage Server Extensions found.
Would you like to overwrite? (y/n) [Y]? y

Looking for tar file...
Platform is linux.
Cannot find the FrontPage Server Extensions tar file in /root/frontpage/version5.0/.
Which directory is the file located in (X to cancel)? /root/install
Where is the zcat which can uncompress gz files? /bin/zcat
Uncompressing/Untarring file /root/install/fp50.linux.tar.gz into /usr/local...

Step 3. Upgrading/Installing the extensions

Which version of Apache will you be using? (1.3 or 2.0) 1.3

Where is the current apache daemon located: []/usr/local/apache/bin/httpd
Currently running Apache/1.3.27
Checking for previous versions of FrontPage Server Extensions to upgrade...
You have no previous versions of FrontPage Server Extensions installed.
There are no settings to migrate!

Checking if the FrontPage patch to Apache is already installed.
The FrontPage server patch has not been installed in your server
You are running a newer version of Apache than supported by
this kit. Your Apache should work with this version, but check
our release notes to be sure.
You are already running mod_frontpage.so, no changes will be made
Checking for existing FrontPage web servers to upgrade...

Existing web servers were found; do you want to upgrade them now?
(If you answer "no", you can safely run this script again and answer "yes"
to upgrade your servers later.)

Upgrade now (y/n) [Y]? y

The file /usr/local/frontpage/version5.0/upgrade_results.txt will
contain Success/Fail status for the upgrades. When the upgrade is
complete you should examine this file to make sure that all of the
upgrades completed successfully.

Hit enter to continue

All existing servers will now be upgraded:


Upgrading using configuration file: /usr/local/frontpage/we80.cnf
Verifying web server configuration...
Getting DocumentRoot and UserDir.
Getting resource configuration file
Found Directive ResourceConfig, value /dev/null.
Getting DocumentRoot from /usr/local/apache/conf/httpd.conf
Getting UserDir from /usr/local/apache/conf/httpd.conf

DocumentRoot: /usr/local/apache-1.3.27/htdocs
UserDir: public_html

Found Directive AccessConfig, value /dev/null.
Upgrading server 80

Starting upgrade, port: 80.

Created: 24 Jun 2003 18:14:12 -0000
Version: 5.0.2.2634
Chowning Content in service /.
Port 80: Upgrade completed.
Upgraded Version: 5.0.2.2634.

Preparing to chown webs...

All requested upgrades to the new FrontPage Server Extensions have taken place.
The next step is to chown the web in order to guarantee that the extensions
will work properly. At this point you have two options:

1. This script will prompt you interactively for an owner and group of
each web and then perform the chown. If you do not have a lot of
webs you might want to choose this option.

2. This script will generate a script, which you can edit to fill in the
owner and group for each web, to run at a later date. If you have a
large number of webs you might want to choose this option.

Would you like interactive prompting for each webs owner/group (y/n) [Y]? y

Processing webs in port 80...

Getting DocumentRoot and UserDir.
Getting resource configuration file
Found Directive ResourceConfig, value /dev/null.
Getting DocumentRoot from /usr/local/apache/conf/httpd.conf
Getting UserDir from /usr/local/apache/conf/httpd.conf

DocumentRoot: /usr/local/apache-1.3.27/htdocs
UserDir: public_html


Getting DocumentRoot and UserDir.
Getting resource configuration file
Found Directive ResourceConfig, value /dev/null.
Getting DocumentRoot from /usr/local/apache/conf/httpd.conf
Getting UserDir from /usr/local/apache/conf/httpd.conf

DocumentRoot: /usr/local/apache-1.3.27/htdocs
UserDir: public_html

Who should own web root web on port 80 [nobody]:
What should the group for web root web on port 80 be [nobody]:
Using Apache V1

Starting chown, port: 80, web: "/".

DocumentRoot: "/usr/local/apache-1.3.27/htdocs"
Chowning Content in service /.

1. LATIN1 (ISO 8859-1)
2. LATIN2 (ISO 8859-2)
3. EUCJP (Japanese EUC)
4. EUCKR (Korean EUC)
Which local character encoding does your system support: [1]


1. English
2. French
3. German
4. Italian
5. Japanese
6. Spanish
What should the default language be: [1]

Setting /usr/local/frontpage/version5.0/frontpage.cnf to:

defaultLanguage:en
localCharEncoding:latin1

Copying /usr/local/frontpage/version5.0/frontpage.cnf to /usr/local/frontpage/version5.0/frontpage.cnf.orig

Creating and modifying new /usr/local/frontpage/version5.0/frontpage.cnf...

Note: Local version of Apache must use the FrontPage Apache patch.
See http://www.microsoft.com/frontpage/ for more details.

Note: If you have not installed the root web then you need to do it now.

Do you want to install a root web (y/n) [Y]?

Installing the root web...

Server config filename: /usr/local/apache/conf/httpd.conf
FrontPage Administrator's user name: fpadmin

Getting User from /usr/local/apache/conf/httpd.conf
Unix user name of the owner of this new web: [nobody]

Getting Group from /usr/local/apache/conf/httpd.conf
Unix group of this new web: [nobody]
Installing root web into port 80...


installing server / on port 80

Will chown web to nobody as part of install.
Will chgrp web to nobody as part of install.

Starting install, port: 80.

Created: 24 Jun 2003 18:14:12 -0000
Version: 5.0.2.2634
Server extensions already installed on port 80.
Reverting to upgrade.

Starting upgrade, port: 80.

Created: 24 Jun 2003 18:14:12 -0000
Version: 5.0.2.2634
Chowning Content in service /.
Port 80: Upgrade completed.
Upgraded Version: 5.0.2.2634.

Install new sub/per-user webs now (y/n) [Y]? n
For details on how to upgrade servers manually, please see
the Server Extension Resource Kit (SERK), located at
http://www.microsoft.com/frontpage


Installing Virtual Webs..

Do you want to install Virtual Webs (y/n) [Y]? n

Installation completed! Exiting...

 

Note: the frontpage install part kinda sux. The older versions were a pain in the ... you know what. I had to hack it to get installed. The intstall of the latest version runs more or less smoothly. After a couple of tries it will get installed.

For SuSE and United Linux

vserver:~ # ln -s /usr/local/apache/bin/apachectl /etc/rc.d/rc3.d/S90apache

php

First make sure cracklib, curl-devel, gd-devel, libpng-devel, pam_devel and imap-devel are installed

Download php 4.3.3, cracklib 2.7  and curl-7.10.7.tar.bz2 (the later if you use debian) in install and unpack them:

vserver:~ # tar xzfv install/cracklib,2.7.tar.gz

vserver:~ # bzcat install/php-4.3.3.tar.bz2 | tar xfv -

php needs the include file packer.h so we have to copy the file /usr/include

vserver:~ # cp cracklib,2.7/cracklib/packer.h /usr/include/
 

vserver:~ # cd php-4.3.3/

vserver:~/php-4.3.3 # ./configure \
--prefix=/usr/local/php-4.3.3/ \
--enable-track-vars\
--enable-bcmath \
--enable-calendar \
--enable-ftp=shared \
--enable-wddx \
--enable-versioning \
--enable-track-vars=yes \
--enable-url-includes \
--enable-trans-sid \
--enable-sysvshm=yes \
--enable-sysvsem=yes \
--with-apxs=/usr/local/apache/bin/apxs \
--with-mysql=shared \
--with-zlib \
--with-gettext=shared \
--with-pear \
--with-ssl=shared \
--with-curl=shared \
--with-imap=shared \
--disable-magic-quotes \
--with-openssl \
--with-imap-ssl \
--with-gd=shared \
--with-crack=shared \
--with-mm
 

vserver:~/php-4.3.3 # make

vserver:~/php-4.3.3 # make install

vserver:~/php-4.3.3 # ln -s /usr/local/php-4.3.3 /usr/local/php

And now add as above /usr/local/php/bin to PATH in profile and reload /etc/profile with source /etc/profile.

vserver:~/php-4.3.3 # cp php.ini-dist /usr/local/php/lib/php.ini
 

now open /usr/local/php/lib/php.ini and edit the extension_dir line and it should look like this:

extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20020429"
 

and add this lines so that the php extensions get loaded:

extension=crack.so
extension=curl.so
extension=ftp.so
extension=gd.so
extension=gettext.so
extension=imap.so
extension=mysql.so

Append the block bellow to /usr/local/apache/conf/httpd.conf

<VirtualHost 192.168.109.136>
AddType application/x-httpd-php .php .php4
DocumentRoot /usr/local/apache-1.3.28/htdocs
ServerName vserver.nutex
</VirtualHost>
 

You should replace the name of the server name and the ip with the proper ones.

and now restart apache with: apachectl restart

mod_perl

perl has to be already installed then download mod_perl 1.0 in install and unpack it:

vserver:~ # tar xzfv install/mod_perl-1.0-current.tar.gz

vserver:~ # cd mod_perl-1.27/

vserver:~/mod_perl-1.27 # perl Makefile.PL USE_APXS=1 WITH_APXS=/usr/local/apache/bin/apxs EVERYTHING=1

vserver:~/mod_perl-1.27 # make

vserver:~/mod_perl-1.27 # make install

vserver:~/mod_perl-1.27 # apachectl restart

proftpd

Download proftpd 1.2.8 and put it in install and unpack it:

vserver:~ # bzcat install/proftpd-1.2.8.tar.bz2 | tar xfv -

vserver:~ # cd proftpd-1.2.8/

vserver:~/proftpd-1.2.8 # ./configure --prefix=/usr/local/proftpd-1.2.8

vserver:~/proftpd-1.2.8 # make

vserver:~/proftpd-1.2.8 # make install

vserver:~/proftpd-1.2.8 # ln -s /usr/local/proftpd-1.2.8/ /usr/local/proftpd

put this lines in /etc/init.d/proftpd

#!/bin/bash

proftpd=/usr/local/proftpd/sbin/proftpd
conf=/usr/local/proftpd/etc/proftd.conf
pid=/usr/local/proftpd/var/proftpd.pid

start() {
echo -e $"Starting ProFTPd"
$proftpd
}

stop() {
echo -e $"Shutting down ProFTPd"
killproc $proftpd -p $pid
}

restart() {
echo -e $"Restarting ProFTPd"
killproc -HUP $proftpd -p $pid
}

case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
exit 1
esac
 

vserver:~/proftpd-1.2.8 # chmod u+x /etc/init.d/proftpd
 

vserver:/etc/init.d # ln -s /etc/init.d/proftpd /etc/rc.d/rc3.d/S90proftpd

vserver:~ # /etc/init.d/proftpd start

   

qmail

To install qmail and the related components, I heavily used "Life With Qmail" so in case something bellow won't work as described take a look an visit that link.

http://qmail.org/moni.csi.hu/pub/glibc-2.3.1/daemontools-0.76.errno.patch

http://qmail.org/moni.csi.hu/pub/glibc-2.3.1/checkpassword-0.90.errno.patch

http://qmail.org/moni.csi.hu/pub/glibc-2.3.1/qmail-1.03.errno.patch

http://qmail.org/moni.csi.hu/pub/glibc-2.3.1/ucspi-tcp-0.88.errno.patch

ftp://cr.yp.to/software/qmail-1.03.tar.gz

ftp://cr.yp.to/ucspi-tcp/ucspi-tcp-0.88.tar.gz

ftp://cr.yp.to/daemontools/daemontools-0.76.tar.gz

http://cr.yp.to/checkpwd/checkpassword-0.90.tar.gz

http://untroubled.org/relay-ctrl/relay-ctrl-3.1.1.tar.gz

http://www.lifewithqmail.org/qmailctl-script-dt70

http://untroubled.org/vmailmgr/current/vmailmgr-0.96.9-2.i386.rpm

http://untroubled.org/qmail-autoresponder/qmail-autoresponder-0.96.1.tar.gz

http://untroubled.org/bglibs/bglibs-1.009.tar.gz

http://cr.yp.to/cdb/cdb-0.75.tar.gz

http://gd.tuwien.ac.at/infosys/mail/qmail/ezmlm-patches/ezmlm-0.53.tar.gz

http://gd.tuwien.ac.at/infosys/mail/qmail/ezmlm-patches/ezmlm-idx-0.324.tar.gz

vserver:~ # tar xzfv install/qmail-1.03.tar.gz
 

vserver:~ # patch -p0 < install/qmail-1.03.errno.patch
 

vserver:~ # mkdir -p /var/qmail/control

vserver:~ # groupadd nofiles
vserver:~ # useradd -g nofiles -d /var/qmail/alias alias
vserver:~ # useradd -g nofiles -d /var/qmail qmaild
vserver:~ # useradd -g nofiles -d /var/qmail qmaill
vserver:~ # useradd -g nofiles -d /var/qmail qmailp
vserver:~ # groupadd qmail
vserver:~ # useradd -g qmail -d /var/qmail qmailq
vserver:~ # useradd -g qmail -d /var/qmail qmailr
vserver:~ # useradd -g qmail -d /var/qmail qmails
 

vserver:~ # cd qmail-1.03/

vserver:~/qmail-1.03 # make setup check

vserver:~/qmail-1.03 # ./config-fast vserver.nutex
Your fully qualified host name is vserver.nutex.
Putting vserver.nutex into control/me...
Putting vserver.nutex into control/defaultdomain...
Putting vserver.nutex into control/plusdomain...
Putting vserver.nutex into control/locals...
Putting vserver.nutex into control/rcpthosts...
Now qmail will refuse to accept SMTP messages except to vserver.nutex.
Make sure to change rcpthosts if you add hosts to locals or virtualdomains!

change vserver.nutex to your hostname.


vserver:~/qmail-1.03 # cd ..

 
vserver:~ # tar xzfv install/ucspi-tcp-0.88.tar.gz
 

vserver:~ # patch -p0 < install/ucspi-tcp-0.88.errno.patch


vserver:~ # cd ucspi-tcp-0.88/
 

vserver:~/ucspi-tcp-0.88 # make

vserver:~/ucspi-tcp-0.88 # make setup check

vserver:~/ucspi-tcp-0.88 # cd ..

vserver:~ # tar xzfv install/daemontools-0.76.tar.gz

vserver:~ # mkdir -p /package
vserver:~ # chmod 1755 /package
vserver:~ # mv admin/ /package/
vserver:~ # cd /package/admin/
 


vserver:/package/admin # patch -p0 < /root/install/daemontools-0.76.errno.patch

vserver:/package/admin # cd daemontools-0.76/

vserver:/package/admin/daemontools-0.76 # package/install
 

open /var/qmail/rc and put this into it:

#!/bin/sh

# Using stdout for logging
# Using control/defaultdelivery from qmail-local to deliver messages by default

exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start "`cat /var/qmail/control/defaultdelivery`"

vserver:~ # chmod 755 /var/qmail/rc

vserver:~ # mkdir /var/qmail/log
 

vserver:~ # echo "./email/" > /var/qmail/control/defaultdelivery

vserver:~ # cp install/qmailctl-script-dt70 /var/qmail/bin/qmailctl
vserver:~ # chmod 755 /var/qmail/bin/qmailctl
vserver:~ # ln -s /var/qmail/bin/qmailctl /usr/bin/
 

vserver:~ # mkdir -p /var/qmail/supervise/qmail-send/log
vserver:~ # mkdir -p /var/qmail/supervise/qmail-smtpd/log

Create the file /var/qmail/supervise/qmail-send/run

#!/bin/sh
exec /var/qmail/rc

Create the file /var/qmail/supervise/qmail-send/log/run

#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/qmail/log

Create the file /var/qmail/supervise/qmail-smtpd/run

#!/bin/bash
QMAILDUID=`id -u qmaild`
NOFILESGID=`id -g qmaild`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
exec /usr/local/bin/softlimit -m 2000000 \
envdir /etc/relay-ctrl \
/usr/local/bin/relay-ctrl-chdir \
/usr/local/bin/tcpserver -v -R -l 0 -x /etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /usr/local/bin/relay-ctrl-check /var/qmail/bin/qmail-smtpd 2>&1
 


vserver:~ # echo 20 > /var/qmail/control/concurrencyincoming
vserver:~ # chmod 644 /var/qmail/control/concurrencyincoming
 

Create the file /var/qmail/supervise/qmail-smtpd/log/run

#!/bin/sh
exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t /var/qmail/log/smtpd

vserver:~ # chmod 755 /var/qmail/supervise/qmail-send/run
vserver:~ # chmod 755 /var/qmail/supervise/qmail-send/log/run
vserver:~ # chmod 755 /var/qmail/supervise/qmail-smtpd/run
vserver:~ # chmod 755 /var/qmail/supervise/qmail-smtpd/log/run
 

vserver:~ # mkdir -p /var/qmail/log/smtpd
vserver:~ # chown qmaill /var/qmail/log/ /var/qmail/log/smtpd/

vserver:~ # ln -s /var/qmail/supervise/qmail-send /var/qmail/supervise/qmail-smtpd /service
 

vserver:~ # qmailctl stop

vserver:~ # echo '127.:allow,RELAYCLIENT=""' > /etc/tcp.smtp

vserver:~ # qmailctl cdb
Reloaded /etc/tcp.smtp.
 

vserver:~ # rpm -e --nodeps postfix
 

To fully remove postfix

vserver:~ # killall qmgr


vserver:~ # ln -s /var/qmail/bin/sendmail /usr/lib/
vserver:~ # ln -s /var/qmail/bin/sendmail /usr/sbin/

 

Replace darxkies with the name of the admin user that takes care of the system (not root but a normal unix user.)

vserver:~ # echo "darxkies" > /var/qmail/alias/.qmail-root
vserver:~ # echo "darxkies" > /var/qmail/alias/.qmail-postmaster
vserver:~ # ln -s /var/qmail/alias/.qmail-postmaster /var/qmail/alias/.qmail-mailer-daemon
vserver:~ # chmod 644 /var/qmail/alias/.qmail-root /var/qmail/alias/.qmail-postmaster
 

vserver:~ # /var/qmail/bin/maildirmake /etc/skel/email

vserver:~ # echo "./email/" > /etc/skel/.qmail
 

For the users that already exist you have to copy the email directory and the .qmail files to the home directory of that users and change the owner of them so that the delivery can work.  

---------------------------------------------------------------------------

vserver:~ # tar xzfv install/checkpassword-0.90.tar.gz
 

vserver:~ # patch -p0 < install/checkpassword-0.90.errno.patch
patching file checkpassword-0.90/error.h
 

vserver:~ # cd checkpassword-0.90/

vserver:~/checkpassword-0.90 # make

vserver:~/checkpassword-0.90 # make setup check
-----------------------------------------------------------------------------------

vserver:~/checkpassword-0.90 # mkdir -p /var/qmail/supervise/qmail-pop3d/log

Create the file /var/qmail/supervise/qmail-pop3d/run

#!/bin/bash
exec /usr/local/bin/softlimit -m 2000000 \
envdir /etc/relay-ctrl \
/usr/local/bin/relay-ctrl-chdir \
/usr/local/bin/tcpserver -v -R -H -l 0 0 110 /var/qmail/bin/qmail-popup \
vserver.nutex /usr/bin/checkvpw /usr/local/bin/relay-ctrl-allow /var/qmail/bin/qmail-pop3d email 2>&1
Note: replace vserver.nutex with your hostname.

Create a /var/qmail/supervise/qmail-pop3d/log/run script containing

    #!/bin/sh
    exec /usr/local/bin/setuidgid qmaill /usr/local/bin/multilog t \
        /var/qmail/log/pop3d
 

vserver:~ # mkdir /var/qmail/log/pop3d
vserver:~ # chown qmaill /var/qmail/log/pop3d/
vserver:~ # chmod 755 /var/qmail/supervise/qmail-pop3d/run
vserver:~ # chmod 755 /var/qmail/supervise/qmail-pop3d/log/run
vserver:~ # ln -s /var/qmail/supervise/qmail-pop3d/ /service/
 

Open /var/qmail/bin/qmailctl and append to the sections bellow the coresponding code:

start:

     if svok /service/qmail-pop3d ; then
        svc -u /service/qmail-pop3d /service/qmail-pop3d/log
    else
        echo "qmail-pop3d supervise not running"
    fi
 

stop:

    echo "  qmail-pop3d"
    svc -d /service/qmail-pop3d /service/qmail-pop3d/log

stat:

    svstat /service/qmail-pop3d
    svstat /service/qmail-pop3d/log

pause:

    echo "Pausing qmail-pop3d"
    svc -p /service/qmail-pop3d

cont:

    echo "Continuing qmail-pop3d"
    svc -c /service/qmail-pop3d

restart:

    echo "* Restarting qmail-pop3d."
    svc -t /service/qmail-pop3d /service/qmail-pop3d/log
 

-----------------------------------------------relay-ctrl--------------------------------

vserver:~ # tar xzfv install/relay-ctrl-3.1.1.tar.gz   

vserver:~ # cd relay-ctrl-3.1.1/

vserver:~/relay-ctrl-3.1.1 # make

vserver:~/relay-ctrl-3.1.1 # ./installer
 

vserver:~/relay-ctrl-3.1.1 # mkdir /etc/relay-ctrl
 

vserver:~ # echo "/var/spool/relay-ctrl/allow" > /etc/relay-ctrl/RELAY_CTRL_DIR

vserver:~ # mkdir -p /var/spool/relay-ctrl/allow
vserver:~ # chmod 700 /var/spool/relay-ctrl/
vserver:~ # chmod 777 /var/spool/relay-ctrl/allow/

Add the following line to your cron:

* * * * * /usr/local/bin/envdir /etc/relay-ctrl /usr/local/bin/relay-ctrl-age
 

-----------------------------------------------relay-ctrl--------------------------------

-----------------------------------------------vmailmgr--------------------------------

vserver:~ # rpm -i install/vmailmgr-0.96.9-2.i386.rpm

I used the rpm version as trying to install from the sources failed due to gcc 3.3 compile bugs.

vserver:~ #  touch /var/qmail/control/virtualdomains
 

-----------------------------------------------vmailmgr--------------------------------

-----------------------------------------------autoresponder--------------------------------

Note: install mysql-devel

vserver:~ # tar xzfv install/bglibs-1.009.tar.gz

vserver:~ # cd bglibs-1.009/

open selftests.sh, replace the last line with true and run make

vserver:~/bglibs-1.009 # mkdir /usr/local/bglibs/

vserver:~/bglibs-1.009 # make

vserver:~/bglibs-1.009 # ./installer

 

vserver:~ # tar xzfv install/qmail-autoresponder-0.96.1.tar.gz

vserver:~ # cd qmail-autoresponder-0.96.1/

Note: open main.c and search for usage_str and change it to this

static const char* usage_str = "test";
/*
"usage: %s [-cqDNT] [-n NUM] [-s STR] [-t TIME] %s
-c Copy message into response
-n NUM Set the maximum number of replies (defaults to 1)
-s STR Add the subject to the autoresponse, prefixed by STR
-t TIME Set the time interval, in seconds (defaults to 1 hour)
-q Don't show error messages
-D Don't remove old response records
-N Don't send, just send autoresponse to standard output
If more than NUM messages are received from the same sender
within TIME seconds of each other, no response is sent.
This program must be run by qmail.
%s";*/
 

gcc had problems to compile that. no idea why.

vserver:~/qmail-autoresponder-0.96.1 # make

vserver:~/qmail-autoresponder-0.96.1 # ./installer

 

Create the file /etc/vmailmgr/vdeliver-postdeliver

#!/bin/sh
if test -s $MAILDIR/autoresponse/message.txt
  then
    qmail-autoresponder message.txt $MAILDIR/autoresponse
fi

vserver:~/qmail-autoresponder-0.96.1 # chmod a+x /etc/vmailmgr/vdeliver-postdeliver

-----------------------------------------------autoresponder--------------------------------

------------------------------------------cdb--------------------------------------

cdb install procedure. it installs cdbdump used to analyze the vmailmgr password files.

vserver:~ # tar xzfv install/cdb-0.75.tar.gz

vserver:~ # cd cdb-0.75/

open error.h and add #include <errno.h> after

#ifndef ERROR_H
#define ERROR_H
 

vserver:~/cdb-0.75 # make

vserver:~/cdb-0.75 # make setup check
 

------------------------------------------cdb--------------------------------------

 

----------------------------------------ezmlm-idx----------------------------------

vserver:~ # tar xzfv install/ezmlm-0.53.tar.gz

vserver:~ # tar xzfv install/ezmlm-idx-0.324.tar.gz

sserver:~ # mv ezmlm-idx-0.324/* ezmlm-0.53/

vserver:~ # cd ezmlm-0.53/

vserver:~/ezmlm-0.53 # patch < idx.patch

edit conf-bin and remove ezmlm from /usr/local/bin/ezmlm

now do the same as above, open error.h and add the #include <errno.h> after

#ifndef ERROR_H
#define ERROR_H

vserver:~/ezmlm-0.53 # make

vserver:~/ezmlm-0.53 # make man

vserver:~/ezmlm-0.53 # make setup

to test it send an email mailing-help@<domain> after enabling it in the frontend for <domain>

----------------------------------------ezmlm-idx----------------------------------

 

now it should work.

jsp

install jakarta-tomcat from your linux cds

vserver:~ # chkconfig -s tomcat on
vserver:~ # /etc/init.d/tomcat start
 

append the 3 line bellow to /usr/local/apache/conf/httpd.conf

JkWorkersFile /opt/jakarta/tomcat/conf/workers.properties
JkLogFile /usr/local/apache/logs/mod_jk.log
JkLogLevel error

add the 2 lines bellow to the loadmodule and addmodule blocks

LoadModule jk_module /usr/lib/apache/mod_jk.so
 

AddModule mod_jk.c

and restart apache with apachectl restart

Look for the first occurance of the following code block in  /opt/jakarta/tomcat/conf/server.xml

 </Host>

</Engine>
 

and change it to this 

 </Host>

<!--vserver-->

</Engine>

vserver

http://smarty.php.net/download.php

http://xmlrpc.usefulinc.com/php.html#download

You can get the latest version of Nutex VServer from here.

install sudo

append to /etc/sudoers

vserver ALL=PASSWD: ALL

vserver:/var # groupadd vserver

vserver:~ # useradd vserver -m -d /var/vserver -g vserver

vserver:~ # passwd vserver

vserver:~# chgrp vserver /var/isphome/mysql/

vserver:~# chmod g+rwx /var/isphome/mysql/

Remove all the files that are not needed.

vserver:~ # rm -Rf /var/vserver/*

vserver:~ # rm -Rf /var/vserver/.*

Copy the content of vserver.tgz to /var/vserver

vserver:/var # tar xzfv /root/install/vserver.tgz

vserver:/var # chmod go-rwx vserver -R

vserver:/var # chmod u+rwx vserver -R

vserver:/var # chown vserver.vserver vserver/ -R
 

vserver:/var/vserver # su -l vserver

vserver@vserver:~> cd etc/
 

vserver@vserver:~/etc> openssl genrsa -rand file1:file2:file3:file4:file5 -out server.key 1024
0 semi-random bytes loaded
Generating RSA private key, 1024 bit long modulus
...............................++++++
......++++++
e is 65537 (0x10001)
 

vserver@vserver:~/etc> openssl req -new -key server.key -out server.csr
Using configuration from /etc/ssl/openssl.cnf
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:at
State or Province Name (full name) [Some-State]:st
Locality Name (eg, city) []:graz
Organization Name (eg, company) [Internet Widgits Pty Ltd]:nutex
Organizational Unit Name (eg, section) []:vserver
Common Name (eg, YOUR name) []:vserver.nutex
Email Address []:darx_kies@gmx.net

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
 

vserver@vserver:~/etc> openssl x509 -req -in server.csr -signkey server.key -out server.crt
Signature ok
subject=/C=at/ST=st/L=graz/O=nutex/OU=vserver/CN=vserver.nutex/Email=darx_kies@gmx.net
Getting Private key
 

vserver@vserver:~> exit

vserver:~ # cd /usr/local/

vserver:/usr/local # tar xzfv /root/install/Smarty-2.5.0.tar.gz

vserver:/usr/local # ln -s Smarty-2.5.0/ smarty

 

vserver:/usr/local # tar xzfv /root/install/xmlrpc-1.0.99.2.tar.gz
 

vserver:/usr/local # ln -s xmlrpc-1.0.99.2/ xmlrpc
 

edit /usr/local/php/lib/php.ini and edit this line:

include_path = ".:/usr/local/php/lib/php:/usr/local/smarty/libs:/usr/local/xmlrpc"

end set register_globals = on

mysql.default_socket = /var/lib/mysql/mysql.sock

and append this lines

[crack]
crack.default_dictionary=/usr/lib/cracklib_dict
 


vserver:~ # ln -s /var/vserver/bin/vserver.sh /etc/init.d/vserver
 

vserver:~ # ln -s /etc/init.d/vserver /etc/rc.d/rc3.d/S90vserver
 

restart apache (both)

vserver:/usr/local # apachectl restart

vserver:/usr/local # /etc/init.d/vserver start
 

If you want a node skip the mysql part.

vserver:~ # mysql -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 3.23.55-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> create database vserver;
Query OK, 1 row affected (0.00 sec)

mysql> grant all privileges on vserver.* to vserver@localhost identified by 'vserver';
Query OK, 0 rows affected (0.00 sec)

mysql>
 

Change the MySQL root password to a more suitable one

vserver:/var/vserver/dox # mysql -p vserver < vserver.sql

Append to /usr/local/apache/conf/httpd.conf

Include /usr/local/apache/conf/namevirtualhosts

Create the file above and restart apache

vserver:~ # touch /usr/local/apache/conf/namevirtualhosts

remove from /etc/skel everything you don't need

Remove fpadmcgi.exe from /usr/local/frontpage/version5.0/exes/_vti_bin/_vti_adm

Open /var/vserver/etc/config.ini and check the settings there. Make sure everything is where it should be, that means the paths are ok and so on. Search for node_password and set a valid password. Set password to the unix password of the user vserver in the [admin] section.

If you want to setup only a node then set enable in the [node] section to true and customize modules/index/templates/default/node.tpl to for exmample redirect to the master or something else. You could delete in htdocs index.php or server.php depending on what you want.

Now run crontab -e and add the lines bellow depending on what kind of vserver you run.

Node:

0 3 * * * cd ~vserver/bin; /usr/local/php/bin/php ~vserver/bin/node_cron.php

Server:

0 3 * * * cd ~vserver/bin; /usr/local/php/bin/php ~vserver/bin/server_cron.php

The server uses by default the port 4443 and https. https://192.168.109.144:4443/ for example. When you access the frontend for the first time you have to add an admin user and then the login page comes. Then you have to add a server and an IP for that server and after that a reseller. When you have a reseller you can add domains and email users.

Have fun. :D