Debian: Hosting Server
Hosting on Linux for its inherit security, flexibility and freedom is not new, but traditionally it has required people with a technical background to perform this task on a daily basis. Many large ISPs and hosting providers have solved this problem by either writing a customised control panel, or using a commercially available one that hid the complexity of what was really being done.
There exists many open source solutions to this problem, and I will be documenting the one that I have found to be the most elegant, ISPMan. ISPMan handles DNS hosting, Mail hosting and Web hosting on many different machines, using LDAP and LDAP replication to push configuration changes. At the time of writing, the latest version of ISPMan is 1.3rc2.
One of the first things we need to do is to pick some good, strong passwords. We will need two passwords, one for LDAP administration, and one for Cyrus. I find that the trusty utility pwgen comes in quite handy for this task, so lets install it.
apt-get install pwgen
If we run pwgen without any extra arguments, it will generate a matrix of 8 character passwords using lowercase A-Z, uppercase A-Z and numbers, for you to choose from.
pwgen Thoo3upa ahs5daiM ceiLoo2t sieW8nee oYoo4Yoo at6ieW8p oopheaB4 eid4Eet3 Beev9gae ahS2yifa if8Ahvoh kie1Tho4 Ogh0aida xaeH8Fae xipaex3I On6bohda tae7AiNi yeTh5eig Vie5AePo Aeph9wiJ ohc9Iech Naeshoo3 TuuX4mum shep5Ied Sha5apae Pae3naht Te7ohphi ooC5Eite aeku0eiT ahCueK8e We1oov6c aes6Ili5 oShai4ch Ohbam6sa lai2aXou xio1juoF Eiy6vaiw aeB7Jomo poo2eh4Z li0Cei6a vieP0uka Zai9geiJ ohYi3Kev Iethei4g doo4tahF aM2Lu4Ae ohTh3boh YohY2Peu uyo9Iech heiM0nae Reer9loo ahl9Ahch ua6Aeluj Eph1shie oaBies0z hohpee7T pheiD8iy AhWah0ch Wae7Eil4 bie0Zai8 aCooSh9e QuahZom7 Vealohw3 Ochiu9lo geeQuah9 eek5ooCi ahvuth2J eiWo5hai koun9ohS Iu8jae3u ve0KeiGh hei4keeX yeZue1ca Aip2oosa shioH4ae xae5nahX Aipijee4 diech0Ph aeQu8aht nuz4iFae ahphaiZ6 joid4Ooy AhNoh4ji Ab8kei5P AhGhan1o loh9ohYo ru5eeL4p ohThus8o IeG5ohxi eik3iLoo OoPei2we tiesaeP9 Maimoo3a uku2Leis oof6Ohne yoQu2eeP teePh9Ib Oongei8U feeni6Oo souWai8g shaht4Ch eZ4shexo kaiRood1 huCa4Mie meVaij0i Ohz2Xai5 ma7aeThi hua5eiTh quee1eDu ow8si2Ku iyajee2J Tai2wahc aoH6shah tie8suoR Faine5uL ijee5Eez aj7ieS9U ahp4Soh3 Coe2rava eir7Shia Eek2zaip Xa3chah9 JiBaife0 Heek1xoo Abooj1ul uhohPif4 ii6toh4G Cai2xiog ohTa3roo gooN1aib AeTheda0 Iph2Ira7 eeP0Oela mu3Eicho jahjoT2u ohm5gieV ToK1ENga xoh3Eech iiTieka4 iec2Tiey Mie1saiL Taa6quoh ruB7xu4u ya3Aemai Umiedah0 eew3uYai lav1XahX Ahcai2mu SooWe0lu een5Tahm Eurewei4 Je9aihoh aa9Ien4u meezu3Th feil5Roh iekee7Av Im2aw4ah baar1Su8 auCh0AiJ sahC6ve8
Once you have chosen your password, save them into a file called /root/secrets. Since this file contains sensetive information, it would be a good idea if only root had access to read it.
vi /root/secrets chown root:root /root/secrets chmod 600 /root/secrets
apt-get install slapd db4.2-util libdigest-md5-perl cvs make
Omit OpenLDAP server configuration? No
DNS domain name: everythingdata.com
Name of your organisation: Everything Data
Admin Password: Chosen LDAP Password
Allow LDAPv2 protocol? Yes (Perdition)
cd /opt wget http://optusnet.dl.sourceforge.net/sourceforge/ispman/ispman-1.3rc2.tar.gz tar -zxvvf ispman-1.3rc2.tar.gz adduser -system ispman cd /opt/ispman-1.3 cvs -z3 update -dP ./configure make make install-base install-bin install-agent install-web chown -R ispman /opt/ispman
Statistics with AWStats
NOTE: Gratuitously lifted from http://www.nyetwork.org/wiki/AWStats
"AWStats is a free powerful and featureful tool that generates advanced web, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages. It uses a partial information file to be able to process large log files, often and quickly."
Here's some quick notes on setting it up with ISPMan in a Debian environment. This script is rougly based on a script from Dave Capella (http://grox.net/software/mine/awstats4vhost/index.php).
apt-get install awstats
Download the cronjob script I created:
cd /usr/local/bin wget http://www.nyetwork.org/ispman/awstatsreporting.sh chmod +x aw*.sh
Add this to /opt/ispman/templates/vhosts.conf.template:
RewriteEngine On RewriteRule /newstats /awstats-cgi-bin/awstats.pl [R] Alias /awstats /usr/share/awstats ScriptAlias /awstats-cgi-bin /usr/lib/cgi-bin
/opt/ispman/bin/ispman.ldap2apache /etc/init.d/apache restart
Download the headless template from http://grox.net/software/mine/awstats4vhost/awstats4vhost.tgz and place it in /etc/awstats.
Finally, run the awstatsreporting.sh script manually to see it complete, then create a cronjob to run it regularly.
To process already rotated/compressed logfiles, edit the script so that the config file looks at /ispman/logs/vhost.access*. This only needs to be the first time, and may or will take a long time to complete.
One advantage of my script over Capella's is that the CGI, icons, etc for AWStats aren't copied all over the place - each virtual hosts shares the same ones.