====== RackNerd-LAX01-Install-System-Manual ======
# View and change the ''hosts'' file
nano /etc/hosts
# IPv4
127.0.0.1 localhost.localdomain localhost
45.92.156.153 ams01.xev.net.eu.org ams01
74.48.138.241 lax01.xev.net.eu.org lax01
205.234.252.98 lax02.xev.net.eu.org lax02
# IPv6
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
# View and change the ''hostname'' file
nano /etc/hostname
lax01
# View and change the DNS servers ''resolv.conf'' file
nano /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 2001:4860:4860::8888
nameserver 2001:4860:4860::8844
# This provider gives us an adequate vSwap partition
# We will use the default swap partition
# Fix the vSwap-RESUME-UUID errors before upgrading the default OS on this provider
blkid
/dev/vda1: UUID="1e97572a-e3e6-4199-a6b0-65dcdeb433da" BLOCK_SIZE="4096" TYPE="ext4" PARTUUID="caec3c75-01"
/dev/vda2: UUID="c71028b4-b794-4cf2-99bb-cae685fa2da2" TYPE="swap" PARTUUID="caec3c75-02"
nano /etc/initramfs-tools/conf.d/resume
RESUME=UUID=c71028b4-b794-4cf2-99bb-cae685fa2da2
update-initramfs -u -k all
update-initramfs: Generating /boot/initrd.img-5.10.0-8-amd64
# Reboot
systemctl reboot
# Update and Upgrade the system
# When updating, you will be prompted to answer some questions
apt-get -y update
apt-get -y full-upgrade
apt-get -y autoremove
{{:wiki:racknerd-lax01-configure-openssh-server.png|Configure OpenSSH Server}}
# View the network config
ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3c:af:28:eb brd ff:ff:ff:ff:ff:ff
altname enp0s3
altname ens3
inet 74.48.138.241/26 brd 74.48.138.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 2607:f130:0:103:ff:ff:ca4e:20d5/64 scope global
valid_lft forever preferred_lft forever
inet6 2607:f130:0:103:ff:ff:8f59:5e47/64 scope global
valid_lft forever preferred_lft forever
# View the disk config
fdisk -l
Disk /dev/vda: 30 GiB, 32212254720 bytes, 62914560 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xcaec3c75
Device Boot Start End Sectors Size Id Type
/dev/vda1 2048 58717823 58715776 28G 83 Linux
/dev/vda2 58717824 62912127 4194304 2G 82 Linux swap / Solaris
# View the Mem and Swap
free -h
total used free shared buff/cache available
Mem: 1.9Gi 48Mi 1.8Gi 1.0Mi 72Mi 1.8Gi
Swap: 2.0Gi 0B 2.0Gi
# View the swap partitions and files
swapon --show
NAME TYPE SIZE USED PRIO
/dev/vda2 partition 2G 0B -2
# View the hostname
hostname
lax01
# View the full hostname
hostname -f
lax01.xev.net.eu.org
# View the OS version
cat /etc/debian_version
11.10
# Install ISPConfig
wget -O - https://get.ispconfig.org | sh -s -- --use-ftp-ports=40110-40210 --unattended-upgrades --interactive
WARNING! This script will reconfigure your entire server!
It should be run on a freshly installed server and all current configuration that you have done will most likely be lost!
Type 'yes' if you really want to continue: yes
[WARN] Unexpected resolver response: Server: 8.8.8.8 (/lib/os/class.ISPConfigDebianOS.inc.php:1712)
US
California
Los Angeles
Xev Net
Xev Net LAX01
lax01.xev.net.eu.org
webmaster@xev.net.eu.org
Generating a RSA private key
.................................................++++
............................................++++
writing new private key to 'smtpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:California
Locality Name (eg, city) []:Los Angeles
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Xev Net
Organizational Unit Name (eg, section) []:Xev Net LAX01
Common Name (e.g. server FQDN or YOUR name) []:lax01.xev.net.eu.org
Email Address []:webmaster@xev.net.eu.org
Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <-- ENTER
Generating RSA private key, 4096 bit long modulus
.....................++
.......++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]: <-- ENTER
State or Province Name (full name) []: <-- ENTER
Locality Name (eg, city) [Default City]: <-- ENTER
Organization Name (eg, company) [Default Company Ltd]: <-- ENTER
Organizational Unit Name (eg, section) []: <-- ENTER
Common Name (eg, your name or your server's hostname) []: <-- ENTER
Email Address []: <-- ENTER
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: <-- ENTER
An optional company name []: <-- ENTER
writing RSA key
[INFO] Installation ready.
[INFO] Your MySQL root password is: xxxxxxxxxxxxxxxxxxxx
[INFO] Warning: Please delete the log files in /tmp/ispconfig-ai/var/log/setup-* once you don't need them anymore because they contain your passwords!
# Later on, you can update ISPConfig and --force the update even if you already have the newest release
ispconfig_update.sh --force
# Configure ISPConfig using MySQL
# Add client, DNS, message and directives templates
# Use your MySQL root password to connect to MySQL
# Use your SMTP credentials to send emails
wget -O xev_net_install_config.sh "https://docs.xev.net.eu.org/doku.php?do=export_code&id=racknerd-lax01-install-system-auto&codeblock=10"
chmod 700 xev_net_install_config.sh
wget -O mysql_install.sh "https://docs.xev.net.eu.org/doku.php?do=export_code&id=auto-install&codeblock=18"
chmod 700 mysql_install.sh
wget -O logo.png "https://docs.xev.net.eu.org/lib/exe/fetch.php?media=wiki:logo.png"
nano xev_net_install_config.sh
./mysql_install.sh
rm -rfv mysql_install.sh
rm -rfv xev_net_install_config.sh
rm -rfv logo.png
# Configure ISPConfig using SOAP API
# Add and Update IP addresses
# Add client, DNS zone, web sites, ftp accounts and shell account
wget -O xev_net_install_config.sh "https://docs.xev.net.eu.org/doku.php?do=export_code&id=racknerd-lax01-install-system-auto&codeblock=10"
chmod 700 xev_net_install_config.sh
wget -O soap_install.sh "https://docs.xev.net.eu.org/doku.php?do=export_code&id=auto-install&codeblock=19"
chmod 700 soap_install.sh
nano xev_net_install_config.sh
./soap_install.sh
rm -rfv soap_install.sh
rm -rfv xev_net_install_config.sh
# Send email using IPv4 is preferable
# We do not have reverse DNS for IPv6 on some servers
postconf -e "smtp_address_preference=ipv4"
postconf -p "smtp_address_preference"
postconf -p "inet_protocols"
# Install Tor and run it as a system daemon
# Create 5 new hidden onion sites
apt-get -y install tor
wget -O torrc https://docs.xev.net.eu.org/doku.php?do=export_code&id=auto-install&codeblock=15
cp -v torrc /etc/tor/torrc
rm -rfv torrc
echo "\n" >> /etc/tor/torrc
echo "HiddenServiceDir /var/lib/tor/site1_hs/" >> /etc/tor/torrc
echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc
echo "HiddenServiceDir /var/lib/tor/site2_hs/" >> /etc/tor/torrc
echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc
echo "HiddenServiceDir /var/lib/tor/site3_hs/" >> /etc/tor/torrc
echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc
echo "HiddenServiceDir /var/lib/tor/site4_hs/" >> /etc/tor/torrc
echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc
echo "HiddenServiceDir /var/lib/tor/site5_hs/" >> /etc/tor/torrc
echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc
systemctl stop tor
systemctl disable tor
systemctl enable tor
systemctl start tor
systemctl status tor
cat /var/lib/tor/site1_hs/hostname
cat /var/lib/tor/site2_hs/hostname
cat /var/lib/tor/site3_hs/hostname
cat /var/lib/tor/site4_hs/hostname
cat /var/lib/tor/site5_hs/hostname
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion
# Install the ionCube loaders
# Required for Blesta
# There are no loaders for 8.0
wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz -P /usr/local/
tar xfvz /usr/local/ioncube_loaders_lin_x86-64.tar.gz -C /usr/local/
rm -rfv /usr/local/ioncube_loaders_lin_x86-64.tar.gz
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_5.6.so\n$(cat /etc/php/5.6/cgi/php.ini)" > /etc/php/5.6/cgi/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_5.6.so\n$(cat /etc/php/5.6/cli/php.ini)" > /etc/php/5.6/cli/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_5.6.so\n$(cat /etc/php/5.6/fpm/php.ini)" > /etc/php/5.6/fpm/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.0.so\n$(cat /etc/php/7.0/cgi/php.ini)" > /etc/php/7.0/cgi/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.0.so\n$(cat /etc/php/7.0/cli/php.ini)" > /etc/php/7.0/cli/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.0.so\n$(cat /etc/php/7.0/fpm/php.ini)" > /etc/php/7.0/fpm/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.1.so\n$(cat /etc/php/7.1/cgi/php.ini)" > /etc/php/7.1/cgi/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.1.so\n$(cat /etc/php/7.1/cli/php.ini)" > /etc/php/7.1/cli/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.1.so\n$(cat /etc/php/7.1/fpm/php.ini)" > /etc/php/7.1/fpm/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.2.so\n$(cat /etc/php/7.2/cgi/php.ini)" > /etc/php/7.2/cgi/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.2.so\n$(cat /etc/php/7.2/cli/php.ini)" > /etc/php/7.2/cli/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.2.so\n$(cat /etc/php/7.2/fpm/php.ini)" > /etc/php/7.2/fpm/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.3.so\n$(cat /etc/php/7.3/cgi/php.ini)" > /etc/php/7.3/cgi/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.3.so\n$(cat /etc/php/7.3/cli/php.ini)" > /etc/php/7.3/cli/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.3.so\n$(cat /etc/php/7.3/fpm/php.ini)" > /etc/php/7.3/fpm/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.4.so\n$(cat /etc/php/7.4/cgi/php.ini)" > /etc/php/7.4/cgi/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.4.so\n$(cat /etc/php/7.4/cli/php.ini)" > /etc/php/7.4/cli/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.4.so\n$(cat /etc/php/7.4/fpm/php.ini)" > /etc/php/7.4/fpm/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so\n$(cat /etc/php/8.1/cgi/php.ini)" > /etc/php/8.1/cgi/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so\n$(cat /etc/php/8.1/cli/php.ini)" > /etc/php/8.1/cli/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so\n$(cat /etc/php/8.1/fpm/php.ini)" > /etc/php/8.1/fpm/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.2.so\n$(cat /etc/php/8.2/cgi/php.ini)" > /etc/php/8.2/cgi/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.2.so\n$(cat /etc/php/8.2/cli/php.ini)" > /etc/php/8.2/cli/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.2.so\n$(cat /etc/php/8.2/fpm/php.ini)" > /etc/php/8.2/fpm/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.3.so\n$(cat /etc/php/8.3/cgi/php.ini)" > /etc/php/8.3/cgi/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.3.so\n$(cat /etc/php/8.3/cli/php.ini)" > /etc/php/8.3/cli/php.ini
echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.3.so\n$(cat /etc/php/8.3/fpm/php.ini)" > /etc/php/8.3/fpm/php.ini
# View or edit the ''php.ini'' file of the default version of this OS
nano /etc/php/7.4/cgi/php.ini
# Install php-mailparse and php-gmp
# Required for Blesta
apt-get -y install php5.6-mailparse
apt-get -y install php7.0-mailparse
apt-get -y install php7.1-mailparse
apt-get -y install php7.2-mailparse
apt-get -y install php7.3-mailparse
apt-get -y install php7.4-mailparse
apt-get -y install php8.0-mailparse
apt-get -y install php8.1-mailparse
apt-get -y install php8.2-mailparse
apt-get -y install php8.3-mailparse
apt-get -y install php5.6-gmp
apt-get -y install php7.0-gmp
apt-get -y install php7.1-gmp
apt-get -y install php7.2-gmp
apt-get -y install php7.3-gmp
apt-get -y install php7.4-gmp
apt-get -y install php8.0-gmp
apt-get -y install php8.1-gmp
apt-get -y install php8.2-gmp
apt-get -y install php8.3-gmp
# View the php version of the default version of this OS
php -version
PHP 7.4.33 (cli) (built: Jun 6 2024 16:44:50) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with the ionCube PHP Loader + ionCube24 v13.0.4, Copyright (c) 2002-2024, by ionCube Ltd.
with Zend OPcache v7.4.33, Copyright (c), by Zend Technologies
# Install expect and tools for networking and development
# Required for Looking Glass
# Required for our Softaculous custom install
apt-get -y install host mtr iputils-ping traceroute sqlite3
apt-get -y install cmake gcc
apt-get -y install openssl libssl-dev
apt-get -y install expect
# Install ansifilter
# Must build from source for Debian 11 or lower
wget http://andre-simon.de/zip/ansifilter-2.20.tar.bz2
tar xjf ansifilter-2.20.tar.bz2
cd ~/ansifilter-2.20
make help
make
make install
make clean
cd ~
rm -rfv ~/ansifilter-2.20.tar.bz2
rm -rf ~/ansifilter-2.20
# Install Softaculous
# Get rid of the wacky clear command
# A reboot is required for changes to take effect
wget -N https://files.softaculous.com/install.sh
chmod 755 install.sh
sed --in-place '/clear/d' install.sh
./install.sh
rm -rfv install.sh
YOU WILL NEED TO RESTART YOUR SERVER FOR EFFECTS TO TAKE PLACE.
Please REBOOT ASAP as only then will Softaculous be available in the Panel.
Congratulations, Softaculous was installed successfully
Softaculous has been installed at:
Path : /usr/local/softaculous
Scripts Path : /var/softaculous
nano /usr/local/softaculous/php.ini
extension=mysqlnd.so
extension=mysql.so
extension=mysqli.so
extension=curl.so
extension=soap.so
extension=posix.so
extension=json.so
extension=xml.so
extension=ftp.so
extension=mbstring.so
extension=simplexml.so
extension=zip.so
mkdir /usr/local/softaculous/conf/
touch /usr/local/softaculous/conf/custom.ini
nano /usr/local/softaculous/conf/custom.ini
extension=mysqlnd.so
extension=mysql.so
extension=mysqli.so
extension=curl.so
extension=soap.so
extension=posix.so
extension=json.so
extension=xml.so
extension=ftp.so
extension=mbstring.so
extension=simplexml.so
extension=zip.so
# Generate a YABS log
# Test the root partition
curl -sL yabs.sh | bash -s -- -4 | ansifilter | tee /yabs_root_partition.log
rm -rfv /root/geekbench_claim.url
YABS completed in 15 min 19 sec
# Install Looking Glass
# Do install as Looking Glass shell user
# Get rid of the wacky clear command
sudo -i -u $XN_CLIENT_USER$XN_SHELL_LG_USER bash << EOF
echo "I am "$(whoami)
pwd
cd ~/web
wget https://github.com/telephone/LookingGlass/archive/v1.3.0.tar.gz
tar -zxvf v1.3.0.tar.gz --strip-components 1
rm -rf v1.3.0.tar.gz
rm -rf CHANGELOG.txt
rm -rf LICENCE.txt
rm -rf README.md
rm -rf standard_index.html
cd ~/web/LookingGlass
sed --in-place '/clear/d' ~/web/LookingGlass/configure.sh
echo -e "y\n$LG_NAME\n$LG_LG\n$LG_LOCATION\n$LG_TESTIPV4\n$LG_TESTIPV6\n$LG_TESTFILES\n$LG_RATE_LIMIT\n$LG_LIMIT_RATE\n$LG_CHOOSETHEME\n$LG_THEME\n$LG_WEB_SERVER_USERNAME\n$LG_WEB_SERVER_USERGROUP\n" | bash configure.sh
rm -rfv ~/web/LookingGlass/configure.sh
cd ~/web
wget -O index.php "https://docs.xev.net.eu.org/doku.php?do=export_code&id=auto-install&codeblock=17"
cat /yabs_root_partition.log > ~/web/yabs_root_partition.log
cat /yabs_root_partition.log > ~/web/yabs_root_partition_$(date +"%Y-%m-%d").log
EOF
rm -rfv /yabs_root_partition.log
Creating Config.php...
Creating SQLite database...
chown: changing ownership of '/var/www/clients/xxx/xxx/home/xxx/web/LookingGlass': Operation not permitted
chown: changing ownership of 'ratelimit.db': Operation not permitted
Installation is complete
# Finish install
# Remove the ISPConfig setup log which may have passwords in it
echo "Don't forget to write down your passwords"
while read -r line
do
if [[ $line == *"password is"* ]]; then
echo $line
fi
done < /tmp/ispconfig-ai/var/log/setup-*
rm -rfv /tmp/ispconfig-ai/var/log/setup-*
echo "Install finished"
# Reboot
systemctl reboot
~~DISCUSSION~~