Requirements
Diss is supposed to run on a computer that has been freshly installed with Debian GNU/Linux Etch, it requires only the "base system" (and has only been tested that way). It's better if you start off with a fresh install, it's even better if you test this script on an expendable system, i've been testing this on spare servers and lately with VirtualBox which works great.
However it should not interfere with anything not concerned by the programs installed and configured by Diss.
Installation
To install diss you will need to
- unpack diss_v0.8.8.tar.gz
- enter newly created diss directory
- execute the install script
The commands are as follows
# tar zxvf diss_v0.8.8.tar.gz
# cd diss_v0.8.8
# bash install_diss.sh
Using DISS
Once installed you can execute diss.sh and access the menu that will allow you to start the process of actually installing things, you don't need to install everything, you can simply install a LAMP server and not bother with the rest (or use other methods for anything else).
# diss.sh
The menu (see screenshots) should help you get started using DISS to install and configure your server.
How is DISS organized
the DISS menu is split in 2 parts:
- System Management - install and configure different servers (LAMP, Mail Server, Firewall)
- User Management - add/remove users, websites and databases
System Management
This is where you install different parts of DISS such as LAMP or Mail server. The first step is called install_base.sh, all other steps depend on this one as it configures such things like FQDN (a more complete list is shown below). So basically things are cut up so you can install only the parts you need, however there are some dependencies between differents parts, you will be informed of those when choosing options.
User Management
Once you have installed the LAMP server you will be able to add users to your system. This means adding a user WITHOUT a shell access (/bin/false). The main use is for the user to have FTP access to their web directory (system user), web stats, PhpMyadmin, (htaccess and MySQL user). You can then add more websites and/or databases to the account, or you can add more users of course and yes you may delete all of this.
(Some aspects (like deleting completely an account) are not yet implemented.)
Details on "System Management"
More details on what each step does
- install_base.sh - installs and configures some basic crap that could be useful:
- "apt-get update/upgrade" to be up to date
- installs: vim bzip2 ntpdate nmap less openssh-client openssh-server (for those who haven't yet installed ssh :])
- reconfigure locales
- configures ntpdate and adds a crontab
- confirm server IP
- configure FQDN
- update /etc/diss.conf
- install_lamp.sh -installs Apache Mysql Php Proftpd... .
- get input such as: Mysql root password, main user name (will have access to everyone's web stats and more..), main users domain, admin access subdomain and password.
- create web directory (/home/www/html/${CLIENT}/${DOMAIN}) and admin space for the main user
- create directory /home/www/outside-html/ for web data that needs a bit more intimacy
- install: mysql-server phpmyadmin proftpd hddtemp lha unrar openssl apache2 libapache2-mod-php5 php5-mysql telnet php-pear php5-cli php5-curl php5 lftp ncftp munin munin-node phpsysinfo lm-sensors awstats (and all of their dependencies
- create a global htpasswd file, all users will have an account here
- create self signed SSL certificate for apache (usefull for the main admin page)
- configure munin and sensors
- configure the admin webspace
- configure vhost for the main domain (+Apache logs and Awstats)
- configure Proftpd all users should be jailed in their web directory
- update /etc/diss.conf
- print a bunch on info you should remember
- install_mail.sh -installs a ISP style mail server based on workaround.org's tutorial
- create main user (user@domain) - WARNING: this user will have access to Vmail Manager (web interface for managing mail users) with all options !
- install: dovecot-pop3d dovecot-imapd amavisd-new spamassassin clamav-daemon cpio arj zoo nomarch lzop cabextract pax squirrelmail-locales squirrelmail-decode squirrelmail python squirrelmail-compatibility squirrelmail-quicksave squirrelmail-viewashtml patch avelsieve postfix-mysql postfix (and all their dependencies)
- configure the main email software according to the Workaround tutorial with a few workarounds :] (such as per user spam filter settings)
- install Vmail Manager
- configure Squirrelmail and it's plugins (and add a few plugins that are not in Debian repositeries)
- patch Squirrelmail for more privacy (doesn't show users home IP in outgoing mails headers)
- configure a wildcard subdomain virtual host so all users can access Squirellmail from mail.theirdomain.tld and webmail.theirdomain.tld
- configure Awstats for webmail (apache) AND mail (smtp) usage
- install Pysieved because sieve filtering is so cool
- print a bunch on info you should remember
- install_backup.sh - creates a backup script and crons it.
- get info such as ftp server, username, and password.
- ask for an encryption key, the backup will be archived into one big encrypted file
- create a local backup folder (default: /home/backup)
- install_firewall.sh - installs firewall, just in case theirs a fire..
- install arno-iptables-firewall
- open default ports read from /etc/diss/diss.conf (the above scripts add their required ports to diss.conf)
- start the firewall (or not)
- reconfigure_firewall.sh -reconfigure the firewall, allows you to open/close ports and restart firewall
Details on "System Management"
- add_client.sh - add users AND/OR new webspaces
- add_database.sh - add a database for a user
- remove_client.sh - remove a webspace and/or database from a user