sudo su
sudo passwd root
aptitude install ssh openssh-server
aptitude install vim-nox
gedit /etc/network/interfaces
# This file describes the network interfaces available on your system# and how to activate them. For more information, see interfaces(5).# The loopback network interfaceauto loiface lo inet loopback# The primary network interfaceauto eth0iface eth0 inet static address 192.168.1.100 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.1
/etc/init.d/networking restart
gedit /etc/hosts
127.0.0.1 localhost.localdomain localhost192.168.1.100 server1.example.com server1# The following lines are desirable for IPv6 capable hosts::1 localhost ip6-localhost ip6-loopbackfe00::0 ip6-localnetff00::0 ip6-mcastprefixff02::1 ip6-allnodesff02::2 ip6-allrouters
echo server1.example.com > /etc/hostname/etc/init.d/hostname restart
hostnamehostname -f
server1.example.com
gedit /etc/apt/sources.list
vi /etc/apt/sources.list
# deb cdrom:[Ubuntu-Server 10.04 LTS _Lucid Lynx_ - Release amd64 (20100427)]/ lucid main restricted#deb cdrom:[Ubuntu-Server 10.04 LTS _Lucid Lynx_ - Release amd64 (20100427)]/ lucid main restricted# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to# newer versions of the distribution.deb http://de.archive.ubuntu.com/ubuntu/ lucid main restricteddeb-src http://de.archive.ubuntu.com/ubuntu/ lucid main restricted## Major bug fix updates produced after the final release of the## distribution.deb http://de.archive.ubuntu.com/ubuntu/ lucid-updates main restricteddeb-src http://de.archive.ubuntu.com/ubuntu/ lucid-updates main restricted## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu## team. Also, please note that software in universe WILL NOT receive any## review or updates from the Ubuntu security team.deb http://de.archive.ubuntu.com/ubuntu/ lucid universedeb-src http://de.archive.ubuntu.com/ubuntu/ lucid universedeb http://de.archive.ubuntu.com/ubuntu/ lucid-updates universedeb-src http://de.archive.ubuntu.com/ubuntu/ lucid-updates universe## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu## team, and may not be under a free licence. Please satisfy yourself as to## your rights to use the software. Also, please note that software in## multiverse WILL NOT receive any review or updates from the Ubuntu## security team.deb http://de.archive.ubuntu.com/ubuntu/ lucid multiversedeb-src http://de.archive.ubuntu.com/ubuntu/ lucid multiversedeb http://de.archive.ubuntu.com/ubuntu/ lucid-updates multiversedeb-src http://de.archive.ubuntu.com/ubuntu/ lucid-updates multiverse## Uncomment the following two lines to add software from the 'backports'## repository.## N.B. software from this repository may not have been tested as## extensively as that contained in the main release, although it includes## newer versions of some applications which may provide useful features.## Also, please note that software in backports WILL NOT receive any review## or updates from the Ubuntu security team.# deb http://de.archive.ubuntu.com/ubuntu/ lucid-backports main restricted universe multiverse# deb-src http://de.archive.ubuntu.com/ubuntu/ lucid-backports main restricted universe multiverse## Uncomment the following two lines to add software from Canonical's## 'partner' repository.## This software is not part of Ubuntu, but is offered by Canonical and the## respective vendors as a service to Ubuntu users.# deb http://archive.canonical.com/ubuntu lucid partner# deb-src http://archive.canonical.com/ubuntu lucid partnerdeb http://security.ubuntu.com/ubuntu lucid-security main restricteddeb-src http://security.ubuntu.com/ubuntu lucid-security main restricteddeb http://security.ubuntu.com/ubuntu lucid-security universedeb-src http://security.ubuntu.com/ubuntu lucid-security universedeb http://security.ubuntu.com/ubuntu lucid-security multiversedeb-src http://security.ubuntu.com/ubuntu lucid-security multiverse
aptitude update
aptitude safe-upgrade
reboot
dpkg-reconfigure dash
Install dash as /bin/sh? <-- Нет
/etc/init.d/apparmor stopupdate-rc.d -f apparmor removeaptitude remove apparmor apparmor-utils
aptitude install ntp
aptitude install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl getmail4 rkhunter binutils maildrop
New password for the MySQL "root" user: <-- yourrootsqlpasswordRepeat password for the MySQL "root" user: <-- yourrootsqlpasswordCreate directories for web-based administration? <-- NoGeneral type of mail configuration: <-- Internet SiteSystem mail name: <-- server1.example.comSSL certificate required <-- Ok
gedit /etc/mysql/my.cnf
[...]# Instead of skip-networking the default is now to listen only on# localhost which is more compatible and is not less secure.#bind-address = 127.0.0.1[...]
/etc/init.d/mysql restart
netstat -tap | grep mysql
root@server1:~# netstat -tap | grep mysqltcp 0 0 *:mysql *:* LISTEN 9732/mysqldroot@server1:~#
cd /etc/courierrm -f /etc/courier/imapd.pemrm -f /etc/courier/pop3d.pem
gedit /etc/courier/imapd.cnf
[...]CN=server1.example.com[...]
gedit /etc/courier/pop3d.cnf
mkimapdcertmkpop3dcert
/etc/init.d/courier-imap-ssl restart/etc/init.d/courier-pop-ssl restart
aptitude install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl
aptitude install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
Web server to reconfigure automatically: <-- apache2Configure database for phpmyadmin with dbconfig-common? <-- No
a2enmod suexec rewrite ssl actions include
/etc/init.d/apache2 restart
aptitude install pure-ftpd-common pure-ftpd-mysql quota quotatool
gedin /etc/default/pure-ftpd-common
[...]STANDALONE_OR_INETD=standalone[...]VIRTUALCHROOT=true[...]
/etc/init.d/pure-ftpd-mysql restart
gedit /etc/fstab
# /etc/fstab: static file system information.## Use 'blkid -o value -s UUID' to print the universally unique identifier# for a device; this may be used with UUID= as a more robust way to name# devices that works even if disks are added and removed. See fstab(5).## <file system> <mount point> <type> <options> <dump> <pass>proc /proc proc nodev,noexec,nosuid 0 0/dev/mapper/server1-root / ext4 errors=remount-ro,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 0 1# /boot was on /dev/sda1 during installationUUID=9eef7b6b-5688-456c-8fe2-05ae739e3635 /boot ext2 defaults 0 2/dev/mapper/server1-swap_1 none swap sw 0 0/dev/fd0 /media/floppy0 auto rw,user,noauto,exec,utf8 0 0
touch /aquota.user /aquota.groupchmod 600 /aquota.*mount -o remount /
quotacheck -avugmquotaon -avug
aptitude install bind9 dnsutils
aptitude install vlogger webalizer
aptitude install build-essential autoconf automake1.9 libtool flex bison debhelper
cd /tmpwget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gztar xvfz jailkit-2.11.tar.gzcd jailkit-2.11./debian/rules binarycd ..dpkg -i jailkit_2.11-1_*.debrm -rf jailkit-2.11*
aptitude install fail2ban
aptitude install squirrelmail
ln -s /usr/share/squirrelmail/ /var/www/webmail
squirrelmail-configure
SquirrelMail Configuration : Read: config.php (1.4.2)---------------------------------------------------------Main Menu --1. Organization Preferences2. Server Settings3. Folder Defaults4. General Options5. Themes6. Address Books7. Message of the Day (MOTD)8. Plugins9. Database10. LanguagesD. Set pre-defined settings for specific IMAP serversC Turn color onS Save dataQ QuitCommand >> <-- DSquirrelMail Configuration : Read: config.php---------------------------------------------------------While we have been building SquirrelMail, we have discovered somepreferences that work better with some servers that don't work sowell with others. If you select your IMAP server, this option willset some pre-defined settings for that server.Please note that you will still need to go through and make sureeverything is correct. This does not change everything. There areonly a few settings that this will change.Please select your IMAP server: bincimap = Binc IMAP server courier = Courier IMAP server cyrus = Cyrus IMAP server dovecot = Dovecot Secure IMAP server exchange = Microsoft Exchange IMAP server hmailserver = hMailServer macosx = Mac OS X Mailserver mercury32 = Mercury/32 uw = University of Washington's IMAP server gmail = IMAP access to Google mail (Gmail) accounts quit = Do not change anythingCommand >> <-- courierSquirrelMail Configuration : Read: config.php---------------------------------------------------------While we have been building SquirrelMail, we have discovered somepreferences that work better with some servers that don't work sowell with others. If you select your IMAP server, this option willset some pre-defined settings for that server.Please note that you will still need to go through and make sureeverything is correct. This does not change everything. There areonly a few settings that this will change.Please select your IMAP server: bincimap = Binc IMAP server courier = Courier IMAP server cyrus = Cyrus IMAP server dovecot = Dovecot Secure IMAP server exchange = Microsoft Exchange IMAP server hmailserver = hMailServer macosx = Mac OS X Mailserver mercury32 = Mercury/32 uw = University of Washington's IMAP server quit = Do not change anythingCommand >> courier imap_server_type = courier default_folder_prefix = INBOX. trash_folder = Trash sent_folder = Sent draft_folder = Drafts show_prefix_option = false default_sub_of_inbox = falseshow_contain_subfolders_option = false optional_delimiter = . delete_folder = truePress any key to continue... <-- ENTERSquirrelMail Configuration : Read: config.php (1.4.0)---------------------------------------------------------Main Menu --1. Organization Preferences2. Server Settings3. Folder Defaults4. General Options5. Themes6. Address Books7. Message of the Day (MOTD)8. Plugins9. Database10. LanguagesD. Set pre-defined settings for specific IMAP serversC Turn color onS Save dataQ QuitCommand >> <-- SSquirrelMail Configuration : Read: config.php (1.4.0)---------------------------------------------------------Main Menu --1. Organization Preferences2. Server Settings3. Folder Defaults4. General Options5. Themes6. Address Books7. Message of the Day (MOTD)8. Plugins9. Database10. LanguagesD. Set pre-defined settings for specific IMAP serversC Turn color onS Save dataQ QuitCommand >> SData saved in config.phpPress enter to continue... <-- ENTERSquirrelMail Configuration : Read: config.php (1.4.0)---------------------------------------------------------Main Menu --1. Organization Preferences2. Server Settings3. Folder Defaults4. General Options5. Themes6. Address Books7. Message of the Day (MOTD)8. Plugins9. Database10. LanguagesD. Set pre-defined settings for specific IMAP serversC Turn color onS Save dataQ QuitВыбрав пункт 10 меню, надо настроить Languages, как на картинке ниже:SquirrelMail Configuration : Read: config.php (1.4.0) --------------------------------------------------------- Language preferences 1. Default Language : ru_RU 2. Default Charset : UTF-8 3. Enable lossy encoding : false R Return to Main Menu C Turn color on S Save data Q Quit Command >> Выйдем из настройки клиента следующей командой:Command >> <-- Q
cd /tmpwget http://downloads.sourceforge.net/ispconfig/ISPConfig-3.0.2.2.tar.gz?use_mirror=tar xvfz ISPConfig-3.0.2.2.tar.gzcd ispconfig3_install/install/
php -q install.php
This will start the ISPConfig 3 installer. The installer will configure all services like postfix, sasl, courier, etc. for you. A manual setup as required for ISPConfig 2 (perfect setup guides) is not nescessary.root@server1:/tmp/ispconfig3_install/install# php -q install.phpPHP Deprecated: Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/imagick.ini on line 1 in Unknown on line 0PHP Deprecated: Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/imap.ini on line 1 in Unknown on line 0PHP Deprecated: Comments starting with '#' are deprecated in /etc/php5/cli/conf.d/mcrypt.ini on line 1 in Unknown on line 0-------------------------------------------------------------------------------- _____ ___________ _____ __ _|_ _/ ___| ___ \ / __ \ / _(_) | | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ | | `--. \ __/ | | / _ \| '_ \| _| |/ _` | _| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | \___/\____/\_| \____/\___/|_| |_|_| |_|\__, | __/ | |___/-------------------------------------------------------------------------------->> Initial configurationOperating System: Debian Squeeze/Sid or compatible Following will be a few questions for primary configuration so be careful. Default values are in [brackets] and can be accepted with <ENTER>. Tap in "quit" (without the quotes) to stop the installer.Select language (en,de) [en]: <-- ENTERInstallation mode (standard,expert) [standard]: <-- ENTERFull qualified hostname (FQDN) of the server, eg server1.domain.tld [server1.example.com]: <-- ENTERMySQL server hostname [localhost]: <-- ENTERMySQL root username [root]: <-- ENTERMySQL root password []: <-- yourrootsqlpasswordMySQL database to create [dbispconfig]: <-- ENTERMySQL charset [utf8]: <-- ENTERGenerating a 2048 bit RSA private key...............+++............................+++writing new private key to 'smtpd.key'-----You are about to be asked to enter information that will be incorporatedinto your certificate request.What you are about to enter is what is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFor some fields there will be a default value,If you enter '.', the field will be left blank.-----Country Name (2 letter code) [AU]: <-- ENTERState or Province Name (full name) [Some-State]: <-- ENTERLocality Name (eg, city) []: <-- ENTEROrganization Name (eg, company) [Internet Widgits Pty Ltd]: <-- ENTEROrganizational Unit Name (eg, section) []: <-- ENTERCommon Name (eg, YOUR name) []: <-- ENTEREmail Address []: <-- ENTERConfiguring JailkitConfiguring SASLConfiguring PAMConfiguring CourierConfiguring SpamassassinConfiguring AmavisdConfiguring GetmailConfiguring PureftpdConfiguring BINDConfiguring ApacheConfiguring vloggerConfiguring Apps vhostConfiguring FirewallInstalling ISPConfigISPConfig Port [8080]: <-- ENTERConfiguring DBServerInstalling Crontabno crontab for rootno crontab for getmailRestarting services ...Rather than invoking init scripts through /etc/init.d, use the service(8)utility, e.g. service mysql restartSince the script you are attempting to invoke has been converted to anUpstart job, you may also use the restart(8) utility, e.g. restart mysqlmysql start/running, process 24840 * Stopping Postfix Mail Transport Agent postfix ...done. * Starting Postfix Mail Transport Agent postfix ...done. * Stopping SASL Authentication Daemon saslauthd ...done. * Starting SASL Authentication Daemon saslauthd ...done.Stopping amavisd: amavisd-new.Starting amavisd: amavisd-new. * Stopping ClamAV daemon clamd ...done. * Starting ClamAV daemon clamd ...done. * Stopping Courier authentication services authdaemond ...done. * Starting Courier authentication services authdaemond ...done. * Stopping Courier IMAP server... ...done. * Starting Courier IMAP server... ...done. * Stopping Courier IMAP-SSL server... ...done. * Starting Courier IMAP-SSL server... ...done. * Stopping Courier POP3 server... ...done. * Starting Courier POP3 server... ...done. * Stopping Courier POP3-SSL server... ...done. * Starting Courier POP3-SSL server... ...done. * Restarting web server apache2 ... waiting .. ...done.Restarting ftp server: Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql:/etc/pure-ftpd/db/mysql.conf -l pam -H -E -b -O clf:/var/log/pure-ftpd/transfer.log -8 UTF-8 -u 1000 -A -BInstallation completed.root@server1:/tmp/ispconfig3_install/install#
php -q uninstall.phpphp -q update.php
options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. forwarders { 80.82.32.9; 80.82.33.65; }; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; };};
$TTL 86400@ IN SOA ns.bol.net. admin.bol.net. ( 0 ; serial, todays date + todays serial # 28800 ; refresh, seconds 7200 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds; NS ns.bol.netns A 192.168.1.100www A 192.168.1.100mail A 192.168.1.100 MX 10 mail.bol.netftp A 192.168.1.100victor A 192.168.1.100archiv A 192.168.1.150
zone "ns.bol.net" { type master; file "/etc/bind/pri.ns.bol.net";};
а теперь вопрос, как это сделать? я уже два дня голову ломаю...что-то намутил - теперь вооообще почте не пашет.. =(Вы можете зайти в Аську? я там вам писал, мой номер 368027583