Created
November 17, 2019 00:31
-
-
Save anikwai/e296c8c4890eb05246c99bc82b6d0cfc to your computer and use it in GitHub Desktop.
Install ISPConfig 3.x on Debian 9 64Bits
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## Install ISPConfig 3.x on Debian 9 64Bits | |
| ## ISPConfig3 3.x + Apache2 + Debian 9 64Bits | |
| ## VM HD 50GB, swap 2GB, / 20GB, /var/www all | |
| ## Filesystem ext4 | |
| ## Run as root | |
| ## Link: https://www.howtoforge.com/tutorial/perfect-server-debian-9-stretch-apache-bind-dovecot-ispconfig-3-1 | |
| # Check if user has root privileges | |
| if [[ $EUID -ne 0 ]]; then | |
| echo "You must run the script as root or using sudo" | |
| exit 1 | |
| fi | |
| ## Reconfigure Dash | |
| echo "dash dash/sh boolean false" | debconf-set-selections | |
| dpkg-reconfigure -f noninteractive dash > /dev/null 2>&1 | |
| MY_FQDN=$(hostname) | |
| MY_IP=$(ip a s|sed -ne '/127.0.0.1/!{s/^[ \t]*inet[ \t]*\([0-9.]\+\)\/.*$/\1/p}' | tr '\n' ' ') | |
| echo -e "Set Server Name Ex: $MY_FQDN []: \c " | |
| read SERVER_FQDN | |
| echo -e "Set Server IP Ex: $MY_IP []: \c " | |
| read SERVER_IP | |
| echo "" >>/etc/hosts | |
| echo "$SERVER_IP $SERVER_FQDN" >>/etc/hosts | |
| hostnamectl set-hostname $SERVER_FQDN | |
| echo "$SERVER_FQDN" > /proc/sys/kernel/hostname | |
| apt-get -y install lsb-release | |
| apt-get update && apt-get upgrade -y | |
| apt-get -y install net-tools ssh openssh-server ntp ntpdate dirmngr | |
| apt-get -y install postfix postfix-mysql mariadb-client mariadb-server openssl getmail4 | |
| apt-get -y install binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve dovecot-lmtpd sudo | |
| ## To secure the MariaDB / MySQL installation and to disable the test database, run this command: | |
| sed -i 's|bind-address|#bind-address|' /etc/mysql/mariadb.conf.d/50-server.cnf | |
| sed -i 's|# this is only for embedded server|sql_mode=NO_ENGINE_SUBSTITUTION|' /etc/mysql/mariadb.conf.d/50-server.cnf | |
| mysql_secure_installation | |
| service mysql restart | |
| ## Config Postfix /etc/postfix/master.cf | |
| mkdir -p /etc/postfix/backup && cp -aR /etc/postfix/* /etc/postfix/backup/ | |
| sed -i 's|#submission|submission|' /etc/postfix/master.cf | |
| sed -i 's|# -o syslog_name=postfix/submission| -o syslog_name=postfix/submission|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_tls_security_level=encrypt| -o smtpd_tls_security_level=may|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_reject_unlisted_recipient=no| -o smtpd_client_restrictions=permit_sasl_authenticated,reject|' /etc/postfix/master.cf | |
| sed -i 's|#smtps|smtps|' /etc/postfix/master.cf | |
| sed -i 's|# -o syslog_name=postfix/smtps| -o syslog_name=postfix/smtps|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_tls_wrappermode=yes| -o smtpd_tls_wrappermode=yes|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf | |
| sed -i 's|# -o smtpd_reject_unlisted_recipient=no| -o smtpd_client_restrictions=permit_sasl_authenticated,reject|' /etc/postfix/master.cf | |
| ## Restart Postfix and Mysql | |
| service postfix restart | |
| apt-get -y install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract | |
| apt-get -y install apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon | |
| apt-get -y install libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl postgrey | |
| ## The ISPConfig 3 setup uses amavisd which loads the SpamAssassin filter library internally, | |
| ## so we can stop SpamAssassin to free up some RAM: | |
| service spamassassin stop | |
| systemctl disable spamassassin | |
| apt-get -y install apache2 apache2-utils libexpat1 ssl-cert | |
| apt-get -y install apache2-dev build-essential autoconf automake libtool flex bison debhelper binutils | |
| apt-get -y install libapache2-mod-fcgid libapache2-mod-php apache2-suexec-pristine php7.0 | |
| apt-get -y install php7.0-common php7.0-gd php7.0-mysql php7.0-imap php7.0-cli php7.0-cgi php7.0-fpm | |
| apt-get -y install php-pear php7.0-mcrypt mcrypt imagemagick php7.0-curl php7.0-intl php7.0-pspell | |
| apt-get -y install php7.0-recode php7.0-sqlite3 php7.0-tidy php7.0-xmlrpc php7.0-xsl memcached | |
| apt-get -y install php-memcache php-imagick php-gettext php7.0-zip php7.0-mbstring php7.0-soap | |
| service php7.0-fpm restart | |
| systemctl enable php7.0-fpm | |
| apt-get -y install git-core patch | |
| cd /tmp | |
| git clone https://github.com/ByteInternet/libapache-mod-fastcgi.git | |
| cd libapache-mod-fastcgi | |
| patch -p1 < debian/patches/byte-compile-against-apache24.diff | |
| apxs -i -a -o mod_fastcgi.so -c *.c | |
| echo "<IfModule mod_headers.c> | |
| RequestHeader unset Proxy early | |
| </IfModule>" > /etc/apache2/conf-available/httpoxy.conf | |
| a2enmod suexec rewrite ssl actions include dav_fs dav auth_digest cgi headers fastcgi alias actions | |
| a2enconf httpoxy | |
| service apache2 restart | |
| ### Install HHVM | |
| apt-get install -y apt-transport-https software-properties-common | |
| apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xB4112585D386EB94 | |
| add-apt-repository https://dl.hhvm.com/debian | |
| apt-get update && apt-get -y install hhvm | |
| update-rc.d -f hhvm remove | |
| echo 'hhvm.mysql.socket = /var/run/mysqld/mysqld.sock' >> /etc/hhvm/php.ini | |
| ## Install Let's Encrypt | apt-get install -y certbot | |
| mkdir /opt/certbot && cd /opt/certbot | |
| wget https://dl.eff.org/certbot-auto | |
| chmod a+x ./certbot-auto && ./certbot-auto --install-only --non-interactive | |
| apt-get -y install pure-ftpd-common pure-ftpd-mysql quota quotatool | |
| ### Enable Quota /var/www | |
| # sed -i 's|defaults|defaults,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0|' /etc/fstab | |
| # mount -o remount /var/www | |
| # quotacheck -avugm | |
| # quotaon -avug | |
| ## echo 1 > /etc/pure-ftpd/conf/TLS | |
| mkdir -p /etc/ssl/private/ | |
| openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem | |
| chmod 600 /etc/ssl/private/pure-ftpd.pem && service pure-ftpd-mysql restart | |
| apt-get -y install bind9 dnsutils vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl | |
| rm -f /etc/cron.d/awstats | |
| ## Download ISPConfig 3.1.X | |
| cd /tmp | |
| get_isp=https://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz | |
| wget -c ${get_isp} | |
| tar xvfz $(basename ${get_isp}) | |
| cd ispconfig3_install/install && php -q install.php | |
| ## Install PHPMyadmin | |
| ## Para Instalar o PHPMyadmin Execute o Script abaixo | |
| ## https://gist.github.com/jniltinho/9af397c8ddb035a322b75aecce7cdeae | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment