Last updated: 25 Oct 22 22:06:06 (UTC)
Installation d'ISPConfig sur un serveur Debian 11 / NGINX
Tutoriel S01, Catégorie: Administration système et Serveur dédié
ISPConfig est un panneau de configuration pour serveur. (Tu en connais peut-être d’autres de la même catégorie : Plesk, CPanel, Directadmin, Webmin…)
ISPConfig, comme tout autre logiciel de ce type, ne remplace pas le besoin de devoir effectuer quelques opérations de maintenance sur le serveur. Attention à ne pas avoir cette illusion que tout ira parfaitement toujours bien et qu’il n’y aura jamais d’interventions manuelles à faire.
IMPORTANT : ISPConfig va prendre le contrôle total du serveur. Il ne faut pas l’installer sur un serveur qui possède déjà des données ou une installation.
🍪 Temps de cuisson : 20 minutes
1. Connexion au serveur
Depuis ton terminal, connecte-toi au serveur. Si tu es déjà bloqué à cette étape 🙂 alors commence par le tutoriel pour apprendre à te connecter à un serveur Linux.
ssh debian@vps-xxx.vps.ovh.net
ssh debian@vps-xxx.vps.ovh.netPuis on se connecter en tant que administrateur (root) :
sudo su -
sudo su -2. Nommage du serveur
Tu dois renommer le serveur avec un nom utilisant ton propre nom de domaine sinon tu risques d’avoir un problème pour créer un certificat SSL avec le founisseur de certificats Let’s Encrypt.
Donc cela suppose que tu as déjà réglé ta zone DNS pour ajouter un nom pour ce serveur. Si tu êtes bloqué ici, cherche le tutoriel adéquat.
Mon serveur de démo s’appelle root1dmo.netadm.ovh, pense donc à remplacer ce nom par le nom FQDN que tu as donné à ton serveur :
hostnamectl set-hostname <FQDN>
hostnamectl set-hostname <FQDN>3. Pré-installation des services
3.1 Pure-ftpd
DEBIAN_FRONTEND=noninteractive apt-get -q -y install pure-ftpd-mysql
DEBIAN_FRONTEND=noninteractive apt-get -q -y install pure-ftpd-mysql3.1 Postfix
On installe Postfix à la place d’Exim :
DEBIAN_FRONTEND=noninteractive apt-get -q -y install postfix-mysql
DEBIAN_FRONTEND=noninteractive apt-get -q -y install postfix-mysql3.2 MariaDB
DEBIAN_FRONTEND=noninteractive apt-get -q -y install mariadb-server mariadb-client
DEBIAN_FRONTEND=noninteractive apt-get -q -y install mariadb-server mariadb-client3.3 NGINX
DEBIAN_FRONTEND=noninteractive apt-get -q -y install nginx-extras
DEBIAN_FRONTEND=noninteractive apt-get -q -y install nginx-extras3.4 PHP
- php-apcu : cache object
- php-opcache : cache des scripts php pré-compilés
- php-recode : sera déplacé dans PEAR en php 7.4, voir iconv ou mbstring à la place
- php-redis : cache object
- php-tidy : manipulation de fichier html/xhtml/xml
DEBIAN_FRONTEND=noninteractive apt-get -q -y install php php-apcu php-cli php-curl php-fpm php-gd php-imagick php-imap php-intl php-mbstring php-mysql php-opcache php-pear php-pspell php-redis php-soap php-sqlite3 php-tidy php-xml php-xmlrpc php-xsl php-zip php-php-gettext
DEBIAN_FRONTEND=noninteractive apt-get -q -y install php php-apcu php-cli php-curl php-fpm php-gd php-imagick php-imap php-intl php-mbstring php-mysql php-opcache php-pear php-pspell php-redis php-soap php-sqlite3 php-tidy php-xml php-xmlrpc php-xsl php-zip php-php-gettext4. Installation d’ISPConfig
4.1 Téléchargement
cd /tmp wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz tar xfz ISPConfig-3-stable.tar.gz cd ispconfig3_install/install/
cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install/4.2 Installation
php -q install.php
php -q install.phpQuand il y a un texte entre crochet et rien ensuite sur la même ligne, c’est que j’ai simplement validé le choix par défaut par entrée.
--------------------------------------------------------------------------------
_____ ___________ _____ __ _ ____
|_ _/ ___| ___ \ / __ \ / _(_) /__ \
| | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ _/ /
| | `--. \ __/ | | / _ \| '_ \| _| |/ _` | |_ |
_| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | ___\ \
\___/\____/\_| \____/\___/|_| |_|_| |_|\__, | \____/
__/ |
|___/
--------------------------------------------------------------------------------
>> Initial configuration
Operating System: Debian 11.0 (Bullseye) or compatible
Following will be a few questions for primary configuration so be careful.
Default values are in [brackets] and can be accepted with <ENTER>.
Tap in "quit" (without the quotes) to stop the installer.
Select language (en,de) [en]:
Installation mode (standard,expert) [standard]: expert
Full qualified hostname (FQDN) of the server, eg server1.domain.tld [fqdn]:
MySQL server hostname [localhost]:
MySQL server port [3306]:
MySQL root username [root]:
MySQL root password []:
MySQL database to create [dbispconfig]:
MySQL charset [utf8]:
The next two questions are about the internal ISPConfig database user and password.
It is recommended to accept the defaults which are 'ispconfig' as username and a random password.
If you use a different password, use only numbers and chars for the password.
ISPConfig mysql database username [ispconfig]:
ISPConfig mysql database password [xxx]:
Shall this server join an existing ISPConfig multiserver setup (y,n) [n]:
Adding ISPConfig server record to database.
Configure Mail (y,n) [y]: n
[WARN] autodetect for Jailkit failed
Force configure Jailkit (y,n) [n]:
Skipping Jailkit
[WARN] autodetect for pureftpd failed
Force configure pureftpd (y,n) [n]: y
Configuring Pureftpd
sh: 1: cannot create /etc/pure-ftpd/conf/ChrootEveryone: Directory nonexistent
sh: 1: cannot create /etc/pure-ftpd/conf/BrokenClientsCompatibility: Directory nonexistent
sh: 1: cannot create /etc/pure-ftpd/conf/DisplayDotFiles: Directory nonexistent
sh: 1: cannot create /etc/pure-ftpd/conf/DontResolve: Directory nonexistent
Configure DNS Server (y,n) [y]: n
The Web Server option has to be enabled when you want run a web server or when this node shall host the ISPConfig interface.
Configure Web Server (y,n) [y]:
Configuring nginx
[WARN] autodetect for OpenVZ failed
Force configure OpenVZ (y,n) [n]:
Skipping OpenVZ
Configuring AppArmor
Configure Firewall Server (y,n) [y]:
Configuring Bastille Firewall
[WARN] autodetect for Metronome XMPP Server failed
Force configure Metronome XMPP Server (y,n) [n]:
Skipping Metronome XMPP Server
[WARN] autodetect for Fail2ban failed
Force configure Fail2ban (y,n) [n]: y
Configuring Fail2ban
Install ISPConfig Web Interface (y,n) [y]:
Installing ISPConfig
ISPConfig Port [8080]:
Admin password [xxx]:
Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:
Checking / creating certificate for fqdn
Using certificate path /root/.acme.sh/fqdn
sh: 1: cannot open /dev/tcp/127.0.0.1/80: No such file
Using nginx for certificate validation
acme.sh is installed, overriding certificate path to use /root/.acme.sh/fqdn
Symlink ISPConfig SSL certs to Postfix? (y,n) [y]:
Configuring Apps vhost
Configuring DBServer
Installing ISPConfig crontab
Detect IP addresses
Restarting services ...
Installation completed.--------------------------------------------------------------------------------
_____ ___________ _____ __ _ ____
|_ _/ ___| ___ \ / __ \ / _(_) /__ \
| | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ _/ /
| | `--. \ __/ | | / _ \| '_ \| _| |/ _` | |_ |
_| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | ___\ \
\___/\____/\_| \____/\___/|_| |_|_| |_|\__, | \____/
__/ |
|___/
--------------------------------------------------------------------------------
>> Initial configuration
Operating System: Debian 11.0 (Bullseye) or compatible
Following will be a few questions for primary configuration so be careful.
Default values are in [brackets] and can be accepted with <ENTER>.
Tap in "quit" (without the quotes) to stop the installer.
Select language (en,de) [en]:
Installation mode (standard,expert) [standard]: expert
Full qualified hostname (FQDN) of the server, eg server1.domain.tld [fqdn]:
MySQL server hostname [localhost]:
MySQL server port [3306]:
MySQL root username [root]:
MySQL root password []:
MySQL database to create [dbispconfig]:
MySQL charset [utf8]:
The next two questions are about the internal ISPConfig database user and password.
It is recommended to accept the defaults which are 'ispconfig' as username and a random password.
If you use a different password, use only numbers and chars for the password.
ISPConfig mysql database username [ispconfig]:
ISPConfig mysql database password [xxx]:
Shall this server join an existing ISPConfig multiserver setup (y,n) [n]:
Adding ISPConfig server record to database.
Configure Mail (y,n) [y]: n
[WARN] autodetect for Jailkit failed
Force configure Jailkit (y,n) [n]:
Skipping Jailkit
[WARN] autodetect for pureftpd failed
Force configure pureftpd (y,n) [n]: y
Configuring Pureftpd
sh: 1: cannot create /etc/pure-ftpd/conf/ChrootEveryone: Directory nonexistent
sh: 1: cannot create /etc/pure-ftpd/conf/BrokenClientsCompatibility: Directory nonexistent
sh: 1: cannot create /etc/pure-ftpd/conf/DisplayDotFiles: Directory nonexistent
sh: 1: cannot create /etc/pure-ftpd/conf/DontResolve: Directory nonexistent
Configure DNS Server (y,n) [y]: n
The Web Server option has to be enabled when you want run a web server or when this node shall host the ISPConfig interface.
Configure Web Server (y,n) [y]:
Configuring nginx
[WARN] autodetect for OpenVZ failed
Force configure OpenVZ (y,n) [n]:
Skipping OpenVZ
Configuring AppArmor
Configure Firewall Server (y,n) [y]:
Configuring Bastille Firewall
[WARN] autodetect for Metronome XMPP Server failed
Force configure Metronome XMPP Server (y,n) [n]:
Skipping Metronome XMPP Server
[WARN] autodetect for Fail2ban failed
Force configure Fail2ban (y,n) [n]: y
Configuring Fail2ban
Install ISPConfig Web Interface (y,n) [y]:
Installing ISPConfig
ISPConfig Port [8080]:
Admin password [xxx]:
Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:
Checking / creating certificate for fqdn
Using certificate path /root/.acme.sh/fqdn
sh: 1: cannot open /dev/tcp/127.0.0.1/80: No such file
Using nginx for certificate validation
acme.sh is installed, overriding certificate path to use /root/.acme.sh/fqdn
Symlink ISPConfig SSL certs to Postfix? (y,n) [y]:
Configuring Apps vhost
Configuring DBServer
Installing ISPConfig crontab
Detect IP addresses
Restarting services ...
Installation completed.4.3 Accès Web
Maintenant avec ton navigateur, accéde à l’URL d’ISPConfig (remplace le nom et garde le numéro de port) : https://monserveur.mondomain.com:8080
Le mot de passe été indiqué dans l’installation d’ISPConfig. Il faudra le changer juste après la connexion.