This installation of ispCP on centos
|Linux Distros||CentOS 5.4|
This installation of ispCP ω has three major sections: Pre-Install Preparation, Install, and Post-Install Configuration. The installation should take 30-60 minutes.
This documentation was written for CentOS 5, specifically 5.4. While you might be able to install on earlier versions, you may encounter difficulties or differences. In addition, this guide uses the YUM tool to install packages. If you normally use a different tool, you will need to modify the instructions to fit your system.
The instructions are based on a minimum installation of CentOS with no optional packages marked during OS install. If you selected additional options during the install process, some extra server services may need to be disabled to avoid interfering with the packages used by ispCP ω.
The install instructions attempt to keep system changes to a minimum, so these instructions should also work under Red Hat Enterprise Linux 5. If you encounter differences, please notify the maintainer.
The install instructions should be done under the root account.
Warning This documentation is undergoing rewriting. It may be inaccurate in some parts, or leave steps out. This note will be removed when the documentation has been brought back up to quality.
There is no must-have specification for systems running ispCP ω. The following are recommended minimums.
Pentium III or K6-4 with 500 MHz
512 MB RAM
100 MB free disk space for ispCP ω itself
A supported Linux distribution – this guide is for CentOS 5
Required software packages are listed in docs/CentOS/centos-packages.
The very first thing you should do is make sure your base Linux install is fully updated. To do so, simply run
as root. If there was a kernel upgrade, you will want to reboot before continuing.
The CentOS repositories do not include all the software needed to run icpCP ω. You will need to add two repositories to your system to install everything you need.
EPEL contains most of the additional packages needed.
You should install this repository following the linked instructions.
Remi Collet maintains a repository of updated packages for Fedora and CentOS/RHEL. We need his repository to install updated PHP and MySQL packages as CentOS 5 comes with PHP 5.1 and we need PHP 5.2 at a minimum.
First, install the repository following the linked instructions.
The repository installs in a disabled state. We now want to enable the repository and only include the packages we want from it. To do this, edit the file /etc/yum.repos.d/remi.repo. In the file, under the [remi] heading, change the value of enabled from 0 to 1, then add the following line at the bottom of that section:
includepkgs=mysql* php* sqlite*
RPMForge is needed for one package that none of the other repositories currently has.
First, install the repository following the linked instructions.
We do not want all the packages from RPMForge as it replaces a good deal of the system. To avoid this, edit the file /etc/yum.repos.d/rpmforge.repo. In the file, add the following line at the end:
includepkgs=postgrey clamav clamd amavisd-new clamav-data clamav-filesystem clamav-lib clamav-server-sysv zoo unrar lha ripole clamav-db
yum remove clamav-* yum install p7zip
then install the following packages
yum install clamav clamd amavisd-new
and run this commands :
mkdir -p /var/spamassassin/bayes chown -R amavis. /var/spamassassin/bayes
In /etc/mail/spamassassin/local.cf change the following parameters to this:
use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 bayes_auto_learn_threshold_nonspam 1 bayes_auto_learn_threshold_spam 7.5 bayes_path /var/spamassassin/bayes/bayes bayes_file_mode 0777 score FH_DATE_PAST_20XX 0 score DNS_FROM_OPENWHOIS 0 ok_languages all ok_locales all
Run the following command:
cd /etc/postfix openssl req -x509 -nodes -days 1850 -newkey rsa:2048 -keyout privkey.pem -out cert.pem
change the service configuration:
chkconfig amavisd on /etc/init.d/postfix restart /etc/init.d/amavisd restart
There are a few pieces of software you will need to download individually that aren’t in any major repositories.
Michael Fleming maintains RPMs of Courier-IMAP at his website, thatfleminggent.com.
You will need to download the latest RPMs of courier-imap, courier-authlib, and courier-authlib-userdb from his site at the following locations:
RPMs for policyd-weight can be found at the project’s SourceForge Files area
SELinux will need to be disabled if it is enabled. To disable, run
as root. To ensure that it stays disabled between reboots, edit the file /etc/selinux/config and change the value of SELINUX to disabled.
If you have not already, download the icpCP ω package and extract it. Once extracted, change into the directory to prepare for the next steps.
A list of packages required by this software is located in docs/CentOS/centos-packages and can be used to easily install the packages you need by running the following command:
yum install `cat ./docs/CentOS/centos-packages`
Note: Running this command will install both x86_64 and i3/5/686 packages on x86_64 installs for all packages that have both architectures in the repository! To avoid, either add
exclude=*.i386 *.i586 *.i686
for your yum repository configuration files, or install the packages listed in the file one-by-one, making sure to specify the package name in the format packagename.x86_64.There is also one Perl package you will need to install as there is no RPM for it. This is as simple as running the command
perl -MCPAN -e 'install Term::ReadPassword'
as root. If you have not run CPAN before, you will be prompted for manual configuration. You can simply say no and the install will continue.Next, install the Courier and policyd RPMs you downloaded. You can use the following commands in the directory where you downloaded the RPMs:
rpm -Uvh courier-* rpm -Uvh policyd-weight-*
CentOS installs Sendmail by default, but icpCP ω uses Postfix. Simply run the command
yum remove sendmail
to remove Sendmail and have Centos switch to the Postfix which was just installed.
Courier needs a user and group account configured to run, and the following commands run as root will create them:
groupadd -g 3000 courier useradd -u 3000 -c 'Courier Mail Server' -d /dev/null -g courier -d /bin/false courier
MySQL will also need to be configured. First, make sure it is running. If it is not, you can run the command
service mysqld start
to start it. Now, run the command
and set the root password and other options. Remember the root password you set, it will be needed later.As one last thing, we need to clean out Apache’s conf.d directory for the new configuration files that will be installed. Simply run the following command to move the existing conf.d directory to a backup location:
mv /etc/httpd/conf.d /etc/httpd/conf.d-disabled
icpCP ω keeps domain configuration in a file named named-ispcp.conf. We need to link that to named.conf for the DNS service to start. We also need to make a few links for zones to be managed correctly. Simply run the following commands:
mv /var/named/data /var/named/data-disabled ln -s /var/named/chroot/var/named/data /var/named/data echo 'include "/etc/named-ispcp.conf";' >> /var/named/chroot/etc/named.conf
For the following process, you will need to be in your extracted icpCP ω directory, the MySQL service will need to be running, and you will want to run all commands as root.
Look over configs/centos/ispcp.conf and adjust any values to match your server.
To build the software, simply run the command:
make -f Makefile.centos
The software will be built for CentOS and the install structure will be staged at /tmp/ispcp.
If you have not yet, now is a good time to make backups of your server. The following steps make fundamental changes to your system configuration.
To install icpCP ω from the staging area, run the following commands:
cp -RLf /tmp/ispcp/* /
Now that the files are copied, we need to configure icpCP ω. To configure things, simply run the following commands:
cd /var/www/ispcp/engine/setup perl ispcp-setup
Note: During setup, you will be asked if you are using fastcgi or fcgid. You will want to choose the option for fcgid (shortcut key “f” on the prompt).
Now that icpCP ω is installed, we have to configure a few services still.
We need to create the SASL database for authenticating mail users and configure SASL authenitcation. First, we create the SASL database with the following commands:
touch /etc/sasldb2 mkdir -p /var/spool/postfix/etc cp /etc/sasldb2 /var/spool/postfix/etc
To allow authentication, edit /usr/lib/sasl2/smtpd.conf and replace the contents with the following:
pwcheck_method: auxprop auxprop_plugin: sasldb mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5
The Apache webserver needs to be configured to read website configuration in the directory /etc/httpd/vhosts/. To establish this, run the following command:
echo 'include vhosts/*.conf' >> /etc/httpd/conf/httpd.conf
By default, Postgrey runs on a socket. We want it to run on port 60000. Edit the file /etc/init.d/postgrey and change the line:
Several services need to be set to run on boot. To do this, run the following commands:
chkconfig --level 345 httpd on chkconfig --level 345 mysqld on chkconfig --level 345 ispcp_network on chkconfig --level 345 ispcp_daemon on chkconfig --level 345 amavisd on chkconfig --level 345 named on chkconfig --level 345 proftpd on chkconfig --level 345 postgrey on chkconfig --level 345 spamassassin on
If you want to start the services without a reboot, run the following commands:
service httpd start service mysqld start service ispcp_network start service ispcp_daemon start service amavisd start service named start service proftpd start service postgrey start service spamassassin start
The default permissions for the temporary directory of the control panel need to be adjusted. Please run the following command:
chmod 775 /var/www/ispcp/gui/phptmp
Once you have things working properly, you might want to delete the staging environment for icpCP ω. To do so, run the following command:
rm -R /tmp/ispcp