cpanel_server_setup
Forskelle
Dette viser forskellene mellem den valgte og den nuværende udgave af dokumentet. Gul er linjer der findes i den gamle udgave, og grøn er linjer der findes i den nuværende.
| Begge sider forrige revision Forrige revision Næste revision | Forrige revision | ||
|
cpanel_server_setup [2017/02/22 17:18] noer more |
cpanel_server_setup [2021/01/26 19:43] (nuværende) noer |
||
|---|---|---|---|
| Linje 27: | Linje 27: | ||
| ==== Install cPanel ==== | ==== Install cPanel ==== | ||
| https:// | https:// | ||
| + | |||
| + | Setup services according to the guide | ||
| < | < | ||
| systemctl stop firewalld.service | systemctl stop firewalld.service | ||
| Linje 37: | Linje 39: | ||
| </ | </ | ||
| - | Install cPanel | + | == Install cPanel |
| < | < | ||
| cd /home && curl -o latest -L https:// | cd /home && curl -o latest -L https:// | ||
| </ | </ | ||
| + | |||
| + | ==== Setup cPanel ==== | ||
| + | Install ClamAV using " | ||
| + | |||
| + | Copy configuration from existing cPanel server using " | ||
| + | |||
| + | Update setting "Host to publish in the SRV records for Outlook autodiscover support" | ||
| + | |||
| + | ==== Setup CloudLinux Features ==== | ||
| + | Install LVE Manager | ||
| + | < | ||
| + | lvectl set 10000 --speed=400% --pmem=0 --io=0 --nproc=0 | ||
| + | yum install lvemanager | ||
| + | </ | ||
| + | |||
| + | Copy ''/ | ||
| + | |||
| + | Install CageFS | ||
| + | < | ||
| + | yum install cagefs | ||
| + | / | ||
| + | |||
| + | / | ||
| + | / | ||
| + | / | ||
| + | |||
| + | / | ||
| + | </ | ||
| + | |||
| + | Install MySQL Governor | ||
| + | < | ||
| + | yum install governor-mysql | ||
| + | |||
| + | # Read Documentation about version | ||
| + | / | ||
| + | / | ||
| + | </ | ||
| + | |||
| + | ==== System Setup ==== | ||
| + | |||
| + | Change ''/ | ||
| + | < | ||
| + | Port 223 | ||
| + | </ | ||
| + | |||
| + | Add firewall rule | ||
| + | < | ||
| + | firewall-cmd --permanent --zone=public --add-port=223/ | ||
| + | firewall-cmd --reload | ||
| + | </ | ||
| + | |||
| + | Add group '' | ||
| + | Create file ''/ | ||
| + | < | ||
| + | # Allow members of group ininova to execute any command | ||
| + | %ininova | ||
| + | </ | ||
| + | |||
| + | == Install Puppet == | ||
| + | < | ||
| + | yum install puppet | ||
| + | </ | ||
| + | |||
| + | Now, go to the puppet.hosting.gl and add the server in ''/ | ||
| + | |||
| + | Restart the puppet service with '' | ||
| + | |||
| + | ==== Setup for Hosting.gl ==== | ||
| + | |||
| + | == DNS == | ||
| + | Add hook to unset NSEC3 when DNSSEC is enabled, because otherwise it cannot be transferred to the DNS slave server. | ||
| + | |||
| + | Put script in ''/ | ||
| + | < | ||
| + | # | ||
| + | <?php | ||
| + | |||
| + | // Get decoded input. | ||
| + | $input = get_passed_data(); | ||
| + | |||
| + | // Declare return variables and set their values. | ||
| + | list($result_result, | ||
| + | |||
| + | // Return the return variables. | ||
| + | echo " | ||
| + | |||
| + | // Perform the hooks action, using the decoded input. | ||
| + | function unset_nsec3($input = array()) { | ||
| + | // Insert your actions here. | ||
| + | $domain = $input[' | ||
| + | system(" | ||
| + | |||
| + | // Set success and failure messages. | ||
| + | $result = " | ||
| + | $message = "This is an error message."; | ||
| + | |||
| + | // Return the hook result and message. | ||
| + | return array($result, | ||
| + | } | ||
| + | |||
| + | // Process data from STDIN. | ||
| + | function get_passed_data() { | ||
| + | |||
| + | // Get input from STDIN. | ||
| + | $raw_data; | ||
| + | $stdin_fh = fopen(' | ||
| + | if ( is_resource($stdin_fh) ) { | ||
| + | stream_set_blocking($stdin_fh, | ||
| + | while ( ($line = fgets( $stdin_fh, 1024 )) !== false ) { | ||
| + | $raw_data .= trim($line); | ||
| + | } | ||
| + | fclose($stdin_fh); | ||
| + | } | ||
| + | |||
| + | // Process and JSON-decode the raw output. | ||
| + | if ($raw_data) { | ||
| + | $input_data = json_decode($raw_data, | ||
| + | } else { | ||
| + | $input_data = array(' | ||
| + | } | ||
| + | |||
| + | // Return the output. | ||
| + | return $input_data; | ||
| + | } | ||
| + | </ | ||
| + | |||
| + | Run command to add the hook | ||
| + | < | ||
| + | / | ||
| + | </ | ||
| + | |||
| + | Create new user on '' | ||
| + | |||
| + | Copy the script ''/ | ||
| + | |||
| + | Create ssh key for root | ||
| + | < | ||
| + | ssh-keygen -t rsa -b 4096 -f / | ||
| + | </ | ||
| + | |||
| + | Copy pub-key to '' | ||
| + | |||
| + | Add to ''/ | ||
| + | < | ||
| + | Host master.ns.gl | ||
| + | User cpanel2 | ||
| + | IdentityFile ~/.ssh/id2 | ||
| + | </ | ||
| + | |||
| + | Add cronjob | ||
| + | < | ||
| + | # Sync DNS to master.ns.gl | ||
| + | * * * * * sh / | ||
| + | </ | ||
| + | |||
| + | == RDiff Backup == | ||
| + | Create new user on '' | ||
| + | |||
| + | Copy pub-key to '' | ||
| + | |||
| + | Add to ''/ | ||
| + | < | ||
| + | Host backup1.hosting.gl | ||
| + | User cpanel2 | ||
| + | IdentityFile ~/.ssh/id2 | ||
| + | </ | ||
| + | |||
| + | Copy the script ''/ | ||
| + | |||
| + | == Exim Setup == | ||
| + | Change ciphers | ||
| + | < | ||
| + | # strong but tolerant | ||
| + | tls_require_ciphers = AESGCM: | ||
| + | </ | ||
| + | |||
| + | |||
cpanel_server_setup.1487783930.txt.gz · Sidst ændret: 2017/02/22 17:18 af noer
Med mindre andet angivet, vil indhold på denne wiki blive udgivet under følgende licens: CC Attribution-Share Alike 4.0 International
