Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Install ISPConfig 3.x on Debian 8/9 64Bits
#!/bin/bash
## Install ISPConfig 3.x on Debian 8/9 64Bits
## ISPConfig3 3.x + Apache2 + Debian 8/9 64Bits
## VM HD 50GB, swap 2GB, / 20GB, /var/www all
## Filesystem ext4
## Run as root
## Link: https://www.howtoforge.com/tutorial/perfect-server-debian-8-4-jessie-apache-bind-dovecot-ispconfig-3-1/
# Check if user has root privileges
if [[ $EUID -ne 0 ]]; then
echo "You must run the script as root or using sudo"
exit 1
fi
## Reconfigure Dash
echo "dash dash/sh boolean false" | debconf-set-selections
dpkg-reconfigure -f noninteractive dash > /dev/null 2>&1
MY_FQDN=$(hostname)
MY_IP=$(ip a s|sed -ne '/127.0.0.1/!{s/^[ \t]*inet[ \t]*\([0-9.]\+\)\/.*$/\1/p}' | tr '\n' ' ')
echo -e "Set Server Name Ex: $MY_FQDN []: \c "
read SERVER_FQDN
echo -e "Set Server IP Ex: $MY_IP []: \c "
read SERVER_IP
echo "" >>/etc/hosts
echo "$SERVER_IP $SERVER_FQDN" >>/etc/hosts
hostnamectl set-hostname $SERVER_FQDN
echo "$SERVER_FQDN" > /proc/sys/kernel/hostname
apt-get -y install lsb-release
mv /etc/apt/sources.list /etc/apt/sources.list_$$.bkp
echo "deb http://ftp.br.debian.org/debian/ $(lsb_release -sc) main contrib non-free
deb-src http://ftp.br.debian.org/debian/ $(lsb_release -sc) main contrib non-free
deb http://security.debian.org/ $(lsb_release -sc)/updates main contrib non-free
deb-src http://security.debian.org/ $(lsb_release -sc)/updates main contrib non-free
# updates, previously known as 'volatile'
deb http://ftp.br.debian.org/debian/ $(lsb_release -sc)-updates main contrib non-free
deb-src http://ftp.br.debian.org/debian/ $(lsb_release -sc)-updates main contrib non-free" > /etc/apt/sources.list
apt-get update && apt-get upgrade -y
apt-get -y install net-tools ssh openssh-server ntp ntpdate dirmngr
apt-get -y install postfix postfix-mysql mariadb-client mariadb-server openssl getmail4
apt-get -y install binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve dovecot-lmtpd sudo
## To secure the MariaDB / MySQL installation and to disable the test database, run this command:
sed -i 's|bind-address|#bind-address|' /etc/mysql/mariadb.conf.d/50-server.cnf
sed -i 's|# this is only for embedded server|sql_mode=NO_ENGINE_SUBSTITUTION|' /etc/mysql/mariadb.conf.d/50-server.cnf
mysql_secure_installation
service mysql restart
## Config Postfix /etc/postfix/master.cf
mkdir -p /etc/postfix/backup && cp -aR /etc/postfix/* /etc/postfix/backup/
sed -i 's|#submission|submission|' /etc/postfix/master.cf
sed -i 's|# -o syslog_name=postfix/submission| -o syslog_name=postfix/submission|' /etc/postfix/master.cf
sed -i 's|# -o smtpd_tls_security_level=encrypt| -o smtpd_tls_security_level=may|' /etc/postfix/master.cf
sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf
sed -i 's|# -o smtpd_reject_unlisted_recipient=no| -o smtpd_client_restrictions=permit_sasl_authenticated,reject|' /etc/postfix/master.cf
sed -i 's|#smtps|smtps|' /etc/postfix/master.cf
sed -i 's|# -o syslog_name=postfix/smtps| -o syslog_name=postfix/smtps|' /etc/postfix/master.cf
sed -i 's|# -o smtpd_tls_wrappermode=yes| -o smtpd_tls_wrappermode=yes|' /etc/postfix/master.cf
sed -i 's|# -o smtpd_sasl_auth_enable=yes| -o smtpd_sasl_auth_enable=yes|' /etc/postfix/master.cf
sed -i 's|# -o smtpd_reject_unlisted_recipient=no| -o smtpd_client_restrictions=permit_sasl_authenticated,reject|' /etc/postfix/master.cf
## Restart Postfix and Mysql
service postfix restart
apt-get -y install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract
apt-get -y install apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon
apt-get -y install libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl postgrey
## The ISPConfig 3 setup uses amavisd which loads the SpamAssassin filter library internally,
## so we can stop SpamAssassin to free up some RAM:
service spamassassin stop
systemctl disable spamassassin
apt-get -y install apache2 apache2-utils libexpat1 ssl-cert
apt-get -y install apache2-dev build-essential autoconf automake libtool flex bison debhelper binutils
apt-get -y install libapache2-mod-fcgid php-pear mcrypt imagemagick memcached
if [ "$(lsb_release -sc)" = "stretch" ]; then
apt-get -y install apache2 apache2-data libapache2-mpm-itk
apt-get -y install libapache2-mod-php apache2-suexec-pristine php php-common php-gd php-mysql php-imap php-cli php-cgi
apt-get -y install php-mcrypt php-imagick php-memcache php-memcached php-pspell php-mbstring
apt-get -y install php-curl php-intl php-recode php-sqlite3 php-tidy php-xmlrpc php-xml
apt-get -y install php-fpm
else
apt-get -y install apache2.2-common apache2-mpm-prefork
apt-get -y install libapache2-mod-php5 apache2-suexec php5 php5-common php5-gd php5-mysql php5-imap php5-cli php5-cgi
apt-get -y install php-auth php5-mcrypt php5-imagick php5-memcache php5-memcached php5-pspell
apt-get -y install php5-curl php5-intl php5-recode php5-sqlite php5-tidy php5-xmlrpc php5-xsl
apt-get -y install php-auth
apt-get -y install libapache2-mod-fastcgi php5-fpm php5-xcache
fi
if [ "$(lsb_release -sc)" = "stretch" ]; then
apt-get -y install git-core patch
cd /tmp
git clone https://github.com/ByteInternet/libapache-mod-fastcgi.git
cd libapache-mod-fastcgi
patch -p1 < debian/patches/byte-compile-against-apache24.diff
apxs -i -a -o mod_fastcgi.so -c *.c
fi
echo "<IfModule mod_headers.c>
RequestHeader unset Proxy early
</IfModule>" > /etc/apache2/conf-available/httpoxy.conf
a2enmod suexec rewrite ssl actions include dav_fs dav auth_digest cgi headers fastcgi alias actions
a2enconf httpoxy
service apache2 restart
### Install HHVM
apt-get install -y apt-transport-https software-properties-common
apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xB4112585D386EB94
add-apt-repository https://dl.hhvm.com/debian
apt-get update && apt-get -y install hhvm
update-rc.d -f hhvm remove
echo 'hhvm.mysql.socket = /var/run/mysqld/mysqld.sock' >> /etc/hhvm/php.ini
## Install Let's Encrypt | apt-get install -y certbot
mkdir /opt/certbot && cd /opt/certbot
wget https://dl.eff.org/certbot-auto
chmod a+x ./certbot-auto && ./certbot-auto
apt-get -y install pure-ftpd-common pure-ftpd-mysql quota quotatool
### Enable Quota /var/www
# sed -i 's|defaults|defaults,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0|' /etc/fstab
# mount -o remount /var/www
# quotacheck -avugm
# quotaon -avug
## echo 1 > /etc/pure-ftpd/conf/TLS
mkdir -p /etc/ssl/private/
openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
chmod 600 /etc/ssl/private/pure-ftpd.pem && service pure-ftpd-mysql restart
apt-get -y install bind9 dnsutils vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl
rm -f /etc/cron.d/awstats
## Download ISPConfig 3.1.X
cd /tmp
get_isp=https://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
wget -c ${get_isp}
tar xvfz $(basename ${get_isp})
cd ispconfig3_install/install && php -q install.php
## Install PHPMyadmin
## Para Instalar o PHPMyadmin Execute o Script abaixo
## https://gist.github.com/jniltinho/9af397c8ddb035a322b75aecce7cdeae
## Fix Dovecot
#if [ "$(lsb_release -sc)" != "stretch" ]; then
# sed -i 's|ssl_protocols = !SSLv2 !SSLv3|ssl_protocols = !SSLv3|' /etc/dovecot/dovecot.conf
# service dovecot restart
#fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment