Debian: Hosting Server

From ReceptiveIT
Jump to: navigation, search

Introduction

Hosting on Linux for its inherit security, flexibility and freedom is not new, but traditionally it has required people with a technical background to perform this task on a daily basis. Many large ISPs and hosting providers have solved this problem by either writing a customised control panel, or using a commercially available one that hid the complexity of what was really being done.

There exists many open source solutions to this problem, and I will be documenting the one that I have found to be the most elegant, ISPMan. ISPMan handles DNS hosting, Mail hosting and Web hosting on many different machines, using LDAP and LDAP replication to push configuration changes. At the time of writing, the latest version of ISPMan is 1.3rc2.

Getting Started

One of the first things we need to do is to pick some good, strong passwords. We will need two passwords, one for LDAP administration, and one for Cyrus. I find that the trusty utility pwgen comes in quite handy for this task, so lets install it.

apt-get install pwgen

If we run pwgen without any extra arguments, it will generate a matrix of 8 character passwords using lowercase A-Z, uppercase A-Z and numbers, for you to choose from.

pwgen
Thoo3upa ahs5daiM ceiLoo2t sieW8nee oYoo4Yoo at6ieW8p oopheaB4 eid4Eet3
Beev9gae ahS2yifa if8Ahvoh kie1Tho4 Ogh0aida xaeH8Fae xipaex3I On6bohda
tae7AiNi yeTh5eig Vie5AePo Aeph9wiJ ohc9Iech Naeshoo3 TuuX4mum shep5Ied
Sha5apae Pae3naht Te7ohphi ooC5Eite aeku0eiT ahCueK8e We1oov6c aes6Ili5
oShai4ch Ohbam6sa lai2aXou xio1juoF Eiy6vaiw aeB7Jomo poo2eh4Z li0Cei6a
vieP0uka Zai9geiJ ohYi3Kev Iethei4g doo4tahF aM2Lu4Ae ohTh3boh YohY2Peu
uyo9Iech heiM0nae Reer9loo ahl9Ahch ua6Aeluj Eph1shie oaBies0z hohpee7T
pheiD8iy AhWah0ch Wae7Eil4 bie0Zai8 aCooSh9e QuahZom7 Vealohw3 Ochiu9lo
geeQuah9 eek5ooCi ahvuth2J eiWo5hai koun9ohS Iu8jae3u ve0KeiGh hei4keeX
yeZue1ca Aip2oosa shioH4ae xae5nahX Aipijee4 diech0Ph aeQu8aht nuz4iFae
ahphaiZ6 joid4Ooy AhNoh4ji Ab8kei5P AhGhan1o loh9ohYo ru5eeL4p ohThus8o
IeG5ohxi eik3iLoo OoPei2we tiesaeP9 Maimoo3a uku2Leis oof6Ohne yoQu2eeP
teePh9Ib Oongei8U feeni6Oo souWai8g shaht4Ch eZ4shexo kaiRood1 huCa4Mie
meVaij0i Ohz2Xai5 ma7aeThi hua5eiTh quee1eDu ow8si2Ku iyajee2J Tai2wahc
aoH6shah tie8suoR Faine5uL ijee5Eez aj7ieS9U ahp4Soh3 Coe2rava eir7Shia
Eek2zaip Xa3chah9 JiBaife0 Heek1xoo Abooj1ul uhohPif4 ii6toh4G Cai2xiog
ohTa3roo gooN1aib AeTheda0 Iph2Ira7 eeP0Oela mu3Eicho jahjoT2u ohm5gieV
ToK1ENga xoh3Eech iiTieka4 iec2Tiey Mie1saiL Taa6quoh ruB7xu4u ya3Aemai
Umiedah0 eew3uYai lav1XahX Ahcai2mu SooWe0lu een5Tahm Eurewei4 Je9aihoh
aa9Ien4u meezu3Th feil5Roh iekee7Av Im2aw4ah baar1Su8 auCh0AiJ sahC6ve8

Once you have chosen your password, save them into a file called /root/secrets. Since this file contains sensetive information, it would be a good idea if only root had access to read it.

vi /root/secrets
chown root:root /root/secrets
chmod 600 /root/secrets
apt-get install slapd db4.2-util libdigest-md5-perl cvs make

Omit OpenLDAP server configuration? No

DNS domain name: everythingdata.com

Name of your organisation: Everything Data

Admin Password: Chosen LDAP Password

Allow LDAPv2 protocol? Yes (Perdition)

cd /opt
wget http://optusnet.dl.sourceforge.net/sourceforge/ispman/ispman-1.3rc2.tar.gz
tar -zxvvf ispman-1.3rc2.tar.gz
adduser -system ispman
cd /opt/ispman-1.3
cvs -z3 update -dP
./configure
make
make install-base install-bin install-agent install-web
chown -R ispman /opt/ispman

Statistics with AWStats

NOTE: Gratuitously lifted from http://www.nyetwork.org/wiki/AWStats

http://awstats.sourceforge.net

"AWStats is a free powerful and featureful tool that generates advanced web, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages. It uses a partial information file to be able to process large log files, often and quickly."

Here's some quick notes on setting it up with ISPMan in a Debian environment. This script is rougly based on a script from Dave Capella (http://grox.net/software/mine/awstats4vhost/index.php).

Install awstats:

apt-get install awstats

Download the cronjob script I created:

cd /usr/local/bin
wget http://www.nyetwork.org/ispman/awstatsreporting.sh
chmod +x aw*.sh

Add this to /opt/ispman/templates/vhosts.conf.template:

RewriteEngine On
RewriteRule /newstats /awstats-cgi-bin/awstats.pl [R]
Alias /awstats /usr/share/awstats
ScriptAlias /awstats-cgi-bin /usr/lib/cgi-bin

Regenerate vhosts.conf:

/opt/ispman/bin/ispman.ldap2apache
/etc/init.d/apache restart

Download the headless template from http://grox.net/software/mine/awstats4vhost/awstats4vhost.tgz and place it in /etc/awstats.

Finally, run the awstatsreporting.sh script manually to see it complete, then create a cronjob to run it regularly.

To process already rotated/compressed logfiles, edit the script so that the config file looks at /ispman/logs/vhost.access*. This only needs to be the first time, and may or will take a long time to complete.

One advantage of my script over Capella's is that the CGI, icons, etc for AWStats aren't copied all over the place - each virtual hosts shares the same ones.