How to Centos

Config : VPSLINK DNS
Config 1
Yum + mySQL + APACHE2 + php + SLL + Dovecot + Postfix SLL + SPAM + SSH using Key + Webmin on SSL + system backup

Config 2
Yum + mySQL + LIGHTTPD + php + SLL + Dovecot + Postfix SLL + SPAM + SSH using Key + Webmin on SSL + system backup

Config : TinyDNS
Config 1
Yum + mySQL + APACHE2 + php + SLL + Dovecot + Postfix SLL + SPAM + SSH using Key + Webmin on SSL + system backup

Config 2
Yum + mySQL + LIGHTTPD + php + SLL + Dovecot + Postfix SLL + SPAM + SSH using Key + Webmin on SSL + system backup

Config : CP Lite

Status: Working on Lighttpd, Lighttpd SSL, PHP, Dovecot, Postfix, Postfix SSL, Spam, SSH using Key, Webmin on SSL, System Backup
Updated Date: 06 October 2006

This Wiki will provide you with all you need to get your VPS setup with full internet capabilities, including web and email.

This How To assumes the following:

1. You DO NOT want to maintain your own DNS servers and therefore will be using VPSLink DNS.
2. You do not want use Apache2 and therefore will use Lighttpd server with PHP. However, you can continue to use Apache2 if you wish.
3. You will run your own mail servers (Postfix and Dovecot IMAP/POP3 Server).
4. This is a fresh VPS, so your have just installed Centos.
5. You specified your domain name when you signed up for your VPSLink.
6. You have a VPS Link 3 or above. It maybe possible to follow the Wiki on lower VPSs, but you do run the risk of memory errors.
   
   

Note: If you get disconnected from the Internet while installing software via Webmin, do not attempt to login again. Simply wait approximately 10-15 minutes for the system to install. Otherwise you will get transaction errors..

DNS

Before we begin, we need to ensure all our DNS settings are correct.

Login to http://cp.vpslink.com/.

Click on Manage DNS.

Enter your domain name into the 'Zone' field. You can leave the rest of the fields set to their default or you can change them to suit your needs. The settings provided should be fine for most websites. Click 'Create Zone'.

Now click on "View Zone" next to your domain name and enter the follow (Delete all of them and ensure only the following remain):
Replace antipunk.net with your domain and the IP address with your IP address.

Once you have created your new domains, you will need to click on Go Back and then on Update Zone.

Now we need to ensure there is a reverse DNS for your domain.

Login to https://www.vpslink.com/support/myaccount/login.php.

Select Reverse DNS Request.

Now enter your domain name next to the IP Address listed above. This will take approx 24-48 hours as its a manually done by VPS staff.

Once your domain is pointing to your VPS, if you go to yourdomain.com, your will see the Apache2 Test Page.

YUM

Currently, Centos does not have the Yum package installed which is required to add/remove packages. To install SSH to your VPS and download Yum:

MIRROR=http://centos.mirror.vpslink.com/centos-4/4.4/os/i386/CentOS/RPMS
rpm -Uvh \
$MIRROR/libxml2-python-2.6.16-6.i386.rpm   \
$MIRROR/python-elementtree-1.2.6-4.2.1.i386.rpm  \
$MIRROR/python-sqlite-1.1.7-1.2.i386.rpm  \
$MIRROR/rpm-python-4.3.3-18_nonptl.i386.rpm  \
$MIRROR/python-urlgrabber-2.9.8-2.noarch.rpm  \
$MIRROR/yum-2.4.3-1.c4.noarch.rpm \
$MIRROR/sqlite-3.3.3-1.2.i386.rpm \
$MIRROR/rpm-4.3.3-18_nonptl.i386.rpm \
$MIRROR/centos-release-4-4.2.i386.rpm 

We now have yum installed. You might have problems with centos-release version, If such occurs remove "$MIRROR/centos-release-4-4.2.i386.rpm"

VPSLink have a local Centos mirror to help ensure a speedy update, Before you start to edit the config files, ensure you keep a backup copy of the original:

cp /etc/yum.conf /etc/yum.conf.backup

Now we can edit /etc/yum.conf

Paste the following at the bottom of the file replacing # PUT YOUR REPOS HERE OR IN separate files named file.repo

# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d

[base]
name=VPSLink CentOS-$releasever - Base
baseurl=http://centos.mirror.vpslink.com/centos/$releasever/os/$basearch/
enabled=1
gpgcheck=1

[update]
name=VPSLink CentOS-$releasever - Updates
baseurl=http://centos.mirror.vpslink.com/centos/$releasever/updates/$basearch/
gpgcheck=1
enabled=1

[addons]
name=VPSLink CentOS-$releasever - Addons
baseurl=http://centos.mirror.vpslink.com/centos/$releasever/addons/$basearch/
gpgcheck=1
enabled=1

[extras]
name=VPSLink CentOS-$releasever - Extras
baseurl=http://centos.mirror.vpslink.com/centos/$releasever/extras/$basearch/
gpgcheck=1
enabled=1

[centosplus]
name=VPSLink CentOS-$releasever - Plus
baseurl=http://centos.mirror.vpslink.com/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0

[contrib]
name=VPSLink CentOS-$releasever - Contrib
baseurl=http://centos.mirror.vpslink.com/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=0

To stop duplicate repositories, rename /etc/yum.repos.d/CentOS-Base.repo:

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup

Now simply update the system:

yum update

I would run it a few times just to make sure your Centos VPS is fully updated.

Now I would take this opportunity to strip your VPS to uninstall stuff you don't need.

To list all installed software: A note: just because something is installed does not mean it is running and using RAM. Your are simply saving disk space.

yum list installed

To check what is running:

ps -A

Or you can use top:

top

To remove software:

yum remove <item from list>

By default, the Centos template includes BIND DNS server and as we will be using VPSLinks DNS, we can remove this:

yum remove bind

As we will be using Postfix, we can remove sendmail to ensure no conflicts:

yum remove sendmail

httpd

By default Centos has Apache2 installed with....

<PATHS + PHP INFO HERE>

Also, as we will not be using Apache, lets remove this:

yum remove httpd

Webmin

To manage the server, we will use the Webmin control panel. Make sure your back in your home directory

cd $home

Now download Webmin:

wget http://superb-west.dl.sourceforge.net/sourceforge/webadmin/webmin-1.270-1.noarch.rpm

And install it:

rpm -U webmin-1.270-1.noarch.rpm

Update Webmin

The above will install a slightly old webmin, so lets update that.

goto http://yourdomain.com:10000/ or https://yourdomain.com:10000/

Login with your root username and password.

Goto Webmin Configuration->Upgrade Webmin then click on Latest version from www.webmin.com and ensure GnuPG signature on package? is checked.
Then click on Upgrade Webmin. This will download and update Webmin. For future reference, click on upgrade once ever few weeks.

Note this does take a while to be patient! If you stop it, you will get transaction lock errors...

If there are any updates, you will get a message saying click here to update...

ENSURE YOU LOGOUT AND LOG BACK IN FOR THE NEW UPDATES TO WORK!

Now I'm not a big fan of the current theme so lets go minimal graphics and save some bandwidth.

(From the main screen)
Webmin Configuration->Webmin Themes

Select From ftp or http URL and paste:

http://www.strand.id.au/webminfiles/simple-0.02.wbt

and then click Install Theme

Again, takes a while to work its magic so please wait...

Now click Return to themes list and change Current theme to Simple Webmin-Theme.

Note, for more themes goto http://webadminmodules.sourceforge.net/?page=Themes and copy the HTTP link next to the one you want and follow the above.

Now click on Webmin Index.

By default, webmin works on port 10000. However, for enhanced security, you should change this. To do this, click on Webmin Configuration->Ports and Addresses and change the Listen on port. Additionally, if you have a fixed IP address, you can enter it here and ensure only your computer/IP address can access webmin.

TO DO: REMOVE UNUSED MODULES.

Webmin SSH

A very useful function is Webmins' built in SSH/Telnet Login applet. To get it working, select SSH/Telnet Login from the main screen.

By default, it will NOT work, so we need to change the modules config a little... Click on Module Config (Top Left).

Change "Hostname to connect.." to yourdomain.com.

Note: If at some future point, you change your SSH port, you will need to edit this module and change the port number.

Anyway, click save. This will reload the module and when you put your username and password, will login. I would suggest you do not use this unless you really need to as by default webmin does not run over https.

Also, ALWAYS ensure you logout by clicking on Webmin Index, then logout.

System Time

By default, the VPS time si set to where the servers are held. This can be rather annoying if you live somewhere else.

To change this, SSH back to your VPS

All the different time zones are in /usr/share/zoneinfo.

As I am UK, I will change the time zone to GB.

First, remove the current time:

rm /etc/localtime

Then change the time:

ln -s /usr/share/zoneinfo/GB /etc/localtime

For the changes to take place, you will need to logout and reboot the VPS (I would use the https://cp.vpslink.com to reboot your VPS.). Do this now if you changed your time.

SSH Security

By default, SSH runs on port 22. This means it is easy for "software hacks" to be performed. You should change this to another higher port.

Login to Webmin->SSH Server->Networking. Now choose a port (the higher the better), and change the Listen on port. Don't forget to check the box. Click Save. Now click on Stop Server, then Start Server.

Don't forget to change the port details in 5 Webmin SSH above.

CHANGE THIS TO SSH KEY THEREFORE STOPING ALL ANONYMOUS SSH TO SERVER....

MySQL

Log back into Webmin. Click on MySQL Database Server. Then "click here" from

The MySQL administration program package can be automatically installed by Webmin. Click here to have it downloaded and installed using YUM.

Again, this will take a while, so please be patient.

Now click on Return to MySQL Database Server and then Start MySQL Server to test its running. This will load the server and all should be well. Now we need to tweek it to save some memory, so click on Stop MySQL Server and SSH to your VPS.

MySQL Optimisation

All mysql settings are stored in /etc/my.cnf.
Before editing, we will back it up:

cp /etc/my.cnf /etc/my.cnf.backup

Edit /etc/my.cnf and paste the following:

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1

skip-locking
# skip innodb if you don't need it
skip-innodb
# skip networking, bdb, ndbcluster suggested by Mark
skip-networking
skip-bdb
skip-ndbcluster
#size the buffers etc. down a bit
key_buffer = 16K
max_allowed_packet = 1M
table_cache = 4
sort_buffer_size = 64K
read_buffer_size = 256K
read_rnd_buffer_size = 256K
net_buffer_length = 2K
thread_stack = 64K
    
[mysql.server]
user=mysql
basedir=/var/lib

[mysqld_safe]
err-log=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

[mysqldump]
quick
max_allowed_packet = 16M

mysql]
no-auto-rehash
socket = /var/lib/mysql/mysql.sock

# these checks should be fine with just these resources, will increase later if not
[isamchk]
key_buffer = 1M
sort_buffer_size = 64K

[myisamchk]
key_buffer = 1M
sort_buffer_size = 64K

[mysqlhotcopy]
interactive-timeout

Now you can go ahead and start the server via Webmin (MySQL Database Server->Start MySQL Server).

Dovecot

WORKING ON CORRECT INSTRUCTIONS...
We may need to manually edit the /etc/postfix/main.cf....

Postfix

WORKING ON CORRECT INSTRUCTIONS... DO NOT FOLLOW BELOW...

Postfix is a Mail Transfer Agent and will receive all email sent to yourdomain.com.

To install, click on Postfix Configuration on the main Webmin screen. Then click on "Click here to have it downloaded and installed using YUM". Once installed, click on "Return to Postfix Configuration".

To ensure your Postfix install is working, click on Start Postfix. If everything is Ok, Postfix should start with no errors. Now click on Stop Postfix and Logout (Webmin Index->Logout).

By default, Postfix will not receive mail for your domain.

Now we need to configure Postfix to receive mail for your domain.

SSH to yourdomain.com and backup the two main Postfix configuration files:

cp /etc/postfix/main.cf /etc/postfix/main.cf.backup

and

cp /etc/postfix/master.cf /etc/postfix/master.cf.backup

Now edit /etc/postfix/main.cf, locate the following and make the necessary changes:

#myhostname = host.domain.tld

-> Remove # and change host.domain.tld to yourdomain.com

#inet_interfaces = $myhostname, localhost

-> Remove # and

inet_interfaces = localhost

-> Add a # at the beginniging of the parameter

Spam

WORKING ON CORRECT INSTRUCTIONS...

System Backup

Back up entire config files including webmin. VPSLink providing backup???

Biography/Links (TO DO: link by footnotes...)

DNS, sleddog http://forums.vpslink.com/showthread.php?t=266
Yum, borgo http://forums.vpslink.com/showthread.php?t=164
Local mirror, sleddog http://forums.vpslink.com/showthread.php?t=23
Webmin, bfp http://forums.vpslink.com/showthread.php?t=14
Webmin theme, sleddog, bfp http://forums.vpslink.com/showthread.php?t=258
System Time, pablasso http://forums.vpslink.com/showthread.php?t=271
Mysql, DanMB, http://forums.vpslink.com/showthread.php?t=175
MySQL Optisation, Alfarin http://forums.vpslink.com/showpost.php?p=318&postcount=3