Current time: 01-25-2022, 08:19 AM Hello There, Guest! (LoginRegister)


Post Reply 
[HowTo] ispcp under client domain
Author Message
truzone Offline
Newbie
*

Posts: 7
Joined: May 2008
Reputation: 0
Post: #1
[HowTo] ispcp under client domain
Hello

I looked for the forum and documentation and I didn't find it.

Your server is server.example.com
The ispcp URL is admin.server.example.com or server.example.com ....

When you create an account, ispcp create redirection:

http://www.clientdomain.com/ftp => server.example.com/ftp

Your client have to log in using the server url and not with her own domain. With this howto the client can:

- Use the ispcp under the url panel.clientdomain.com
- Use the squirrel under the url panel.clientdomain.com/webmail
- Use the roundcube under the url panel.clientdomain.com/mail *
- Use the phpmyadmin under the url panel.clientdomain.com/pma
- Use the filemanager under the url panel.clientdomain.com/ftp
- Use the Maia Mailguard under the url panel.clientdomain.com/antispam **

And all under http or https ***

* How install rouncube: http://www.isp-control.net/ispcp/wiki/howto_RoundCube
** How install Maia Mailguard: http://www.isp-control.net/documentation..._omega_rc3
*** How create and use your own SSL in apache and another services: http://www.isp-control.net/documentation...e_services

When a new user is added, the ispcp create the apache and bind entryes. The idea is modify the templates that ispcp use to do it. With the changes we add at the dns zone the subdomain panel.clientdomain.com and in the apache entry we generate 3 virtualhost:

1 => Access to panel.clientdomain.com by port 80
2 => Access to panel.clientdomain.com by port 443 with SSL
3 => The original entry of ispcp

Edit /etc/ispcp/bind/parts/db_e.tpl
Code:
vi /etc/ispcp/bind/parts/db_e.tpl

At the end we add

Code:
panel           IN              CNAME           www

The result

Code:
$TTL 12H
$ORIGIN {DMN_NAME}.
@               IN              SOA             ns1.{DMN_NAME}. postmaster.{DMN_NAME}. (
; dmn [{DMN_NAME}] timestamp entry BEGIN.
                {TIMESTAMP}     ; Serial
; dmn [{DMN_NAME}] timestamp entry END.
                8H              ; Refresh
                15M             ; Retry
                4W              ; Expire
                3H              ; Minimum TTL
)
                IN              NS              ns1.{DMN_NAME}.
                IN              NS              ns2.{DMN_NAME}.
                IN              MX      10      mail.{DMN_NAME}.

{DMN_NAME}.     IN              A               {DMN_IP}
www             IN              A               {DMN_IP}
{DMN_NAME}.     IN              TXT             "v=spf1 a mx ip4:{DMN_IP} ~all"
localhost       IN              A               127.0.0.1
mail            IN              A               {BASE_SERVER_IP}
ns1             IN              A               {BASE_SERVER_IP}
ns2             IN              A               {SECONDARY_DNS_IP}
; CNAME for mail transfer
imap            IN              CNAME           mail
pop             IN              CNAME           mail
pop3            IN              CNAME           mail
relay           IN              CNAME           mail
smtp            IN              CNAME           mail
; CNAME for web transfer
ftp             IN              CNAME           www
; sub [{SUB_NAME}] entry BEGIN.
; sub [{SUB_NAME}] entry END.

panel           IN              CNAME           www

save and exit

Code:
:w
:q

Edit /etc/ispcp/apache/parts/dmn_entry.tpl
Code:
vi /etc/ispcp/apache/parts/dmn_entry.tpl

At the beginning we add the code for http://panel.clientdomain.com

Code:
# ispcp start
<VirtualHost {DMN_IP}:80>

    <IfModule suexec_module>
           SuexecUserGroup vu2000 vu2000
    </IfModule>

    ServerAdmin     webmaster@{DMN_NAME}
    DocumentRoot    /var/www/ispcp/gui

    ServerName      panel.{DMN_NAME}

    ErrorLog        /var/log/apache2/users/{BASE_SERVER_VHOST}-error.log
    TransferLog     /var/log/apache2/users/{BASE_SERVER_VHOST}-access.log

    CustomLog       /var/log/apache2/{BASE_SERVER_VHOST}.org-traf.log traff
    CustomLog       /var/log/apache2/{BASE_SERVER_VHOST}.org-combined.log combined

    Alias /errors   /var/www/ispcp/gui/errordocs/

    ErrorDocument 401 /errors/401.html
    ErrorDocument 403 /errors/403.html
    ErrorDocument 404 /errors/404.html
    ErrorDocument 500 /errors/500.html
    ErrorDocument 503 /errors/503.html

    Alias /pma      /var/www/ispcp/gui/tools/pma/
    Alias /webmail  /var/www/ispcp/gui/tools/webmail/
    Alias /ftp      /var/www/ispcp/gui/tools/filemanager/
    Alias /antispam     /var/www/ispcp/gui/tools/antispam/
    Alias /mail /var/www/ispcp/gui/tools/roundcube

    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
    
    <Directory /var/www/ispcp/gui>
        Options -Indexes Includes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    <IfModule mod_fastcgi.c>
        ScriptAlias /php4/ /var/www/fcgi/master/
        ScriptAlias /php5/ /var/www/fcgi/master/
        <Directory "/var/www/fcgi/master">
            AllowOverride None
            Options +ExecCGI MultiViews -Indexes
            Order allow,deny
            Allow from all
        </Directory>
    </IfModule>

    <IfModule mod_php4.c>
        <Directory /var/www/ispcp/gui>
            php_admin_value open_basedir "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"
            php_admin_value session.save_path "/var/www/ispcp/gui/phptmp/"
        </Directory>
    </IfModule>
    <IfModule mod_php5.c>
        <Directory /var/www/ispcp/gui>
            php_admin_value open_basedir "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"
            php_admin_value session.save_path "/var/www/ispcp/gui/phptmp/"
        </Directory>
    </IfModule>

</VirtualHost>
# ispcp end

And now paste the code for https://panel.clientdomain.com

Code:
# ispcp start SSL
<VirtualHost {DMN_IP}:443>

     #
     # SSL Start
     #
     SSLEngine On
     SSLCertificateFile /etc/apache2/ssl/apache.cert.pem
     SSLCertificateKeyFile /etc/apache2/ssl/apache.key.pem
     #
     # SSL End
     #

    <IfModule suexec_module>
           SuexecUserGroup vu2000 vu2000
    </IfModule>

    ServerAdmin     webmaster@{DMN_NAME}
    DocumentRoot    /var/www/ispcp/gui

    ServerName      panel.{DMN_NAME}

    ErrorLog        /var/log/apache2/users/{BASE_SERVER_VHOST}-error.log
    TransferLog     /var/log/apache2/users/{BASE_SERVER_VHOST}-access.log

    CustomLog       /var/log/apache2/{BASE_SERVER_VHOST}.org-traf.log traff
    CustomLog       /var/log/apache2/{BASE_SERVER_VHOST}.org-combined.log combined

    Alias /errors   /var/www/ispcp/gui/errordocs/

    ErrorDocument 401 /errors/401.html
    ErrorDocument 403 /errors/403.html
    ErrorDocument 404 /errors/404.html
    ErrorDocument 500 /errors/500.html
    ErrorDocument 503 /errors/503.html

    Alias /pma      /var/www/ispcp/gui/tools/pma/
    Alias /webmail  /var/www/ispcp/gui/tools/webmail/
    Alias /ftp      /var/www/ispcp/gui/tools/filemanager/
    Alias /antispam     /var/www/ispcp/gui/tools/antispam/
    Alias /mail /var/www/ispcp/gui/tools/roundcube

    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
    
    <Directory /var/www/ispcp/gui>
        Options -Indexes Includes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    <IfModule mod_fastcgi.c>
        ScriptAlias /php4/ /var/www/fcgi/master/
        ScriptAlias /php5/ /var/www/fcgi/master/
        <Directory "/var/www/fcgi/master">
            AllowOverride None
            Options +ExecCGI MultiViews -Indexes
            Order allow,deny
            Allow from all
        </Directory>
    </IfModule>

    <IfModule mod_php4.c>
        <Directory /var/www/ispcp/gui>
            php_admin_value open_basedir "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"
            php_admin_value session.save_path "/var/www/ispcp/gui/phptmp/"
        </Directory>
    </IfModule>
    <IfModule mod_php5.c>
        <Directory /var/www/ispcp/gui>
            php_admin_value open_basedir "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"
            php_admin_value session.save_path "/var/www/ispcp/gui/phptmp/"
        </Directory>
    </IfModule>

</VirtualHost>
# ispcp end SSL

save and exit

Code:
:w
:q

In the added code you can see this:

Code:
<IfModule suexec_module>
           SuexecUserGroup vu2000 vu2000
    </IfModule>

vu2000 is the user and group of master account. I suppose that in all ispcp the master user & group is vu2000 but you can edit /etc/apache2/sites-enabled/00_master.conf to see it.

And now, we have to add the Nameserver with port 443 so we edit /etc/ispcp/apache/parts/vh_entry.tpl

Code:
vi /etc/ispcp/apache/parts/vh_entry.tpl

After

Code:
NameVirtualHost {IP}:80

we add

Code:
NameVirtualHost {IP}:443

save and exit

Code:
:w
:q

All done!

If you already have accounts, you must do the changes in the respective files.

Example: existing domain: pepe.com

You have to edit /etc/apache2/sites-enabled/ispcp.conf and /var/cache/bind/pepe.com.db

Code:
vi /var/cache/bind/pepe.com.db

At the end add:

Code:
panel           IN              CNAME           www

save and exit

Code:
:w
:q

Code:
/etc/apache2/sites-enabled/ispcp.conf

Find:

Code:
NameVirtualHost YOUR IP:80

add after

Code:
NameVirtualHost YOUR IP:443

Search

Code:
# httpd [pepe.com] sub entry BEGIN.

add before:

Code:
# ispcp start
<VirtualHost YOUR IP:80>

    <IfModule suexec_module>
           SuexecUserGroup vu2000 vu2000
    </IfModule>

    ServerAdmin     webmaster@pepe.com
    DocumentRoot    /var/www/ispcp/gui

    ServerName      panel.pepe.com

    ErrorLog        /var/log/apache2/users/server.example.com-error.log
    TransferLog     /var/log/apache2/users/server.example.com-access.log

    CustomLog       /var/log/apache2/server.example.com.org-traf.log traff
    CustomLog       /var/log/apache2/server.example.com.org-combined.log combined

    Alias /errors   /var/www/ispcp/gui/errordocs/

    ErrorDocument 401 /errors/401.html
    ErrorDocument 403 /errors/403.html
    ErrorDocument 404 /errors/404.html
    ErrorDocument 500 /errors/500.html
    ErrorDocument 503 /errors/503.html

    Alias /mysql      /var/www/ispcp/gui/tools/pma/
    Alias /webmail  /var/www/ispcp/gui/tools/webmail/
    Alias /ftp      /var/www/ispcp/gui/tools/filemanager/
    Alias /antispam     /var/www/ispcp/gui/tools/antispam/
    Alias /mail /var/www/ispcp/gui/tools/roundcube

    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
    
    <Directory /var/www/ispcp/gui>
        Options -Indexes Includes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    <IfModule mod_fastcgi.c>
        ScriptAlias /php4/ /var/www/fcgi/master/
        ScriptAlias /php5/ /var/www/fcgi/master/
        <Directory "/var/www/fcgi/master">
            AllowOverride None
            Options +ExecCGI MultiViews -Indexes
            Order allow,deny
            Allow from all
        </Directory>
    </IfModule>

    <IfModule mod_php4.c>
        <Directory /var/www/ispcp/gui>
            php_admin_value open_basedir "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"
            php_admin_value session.save_path "/var/www/ispcp/gui/phptmp/"
        </Directory>
    </IfModule>
    <IfModule mod_php5.c>
        <Directory /var/www/ispcp/gui>
            php_admin_value open_basedir "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"
            php_admin_value session.save_path "/var/www/ispcp/gui/phptmp/"
        </Directory>
    </IfModule>

</VirtualHost>
# ispcp end

# ispcp start SSL
<VirtualHost YOUR IP:443>

     #
     # SSL Start
     #
     SSLEngine On
     SSLCertificateFile /etc/apache2/ssl/apache.cert.pem
     SSLCertificateKeyFile /etc/apache2/ssl/apache.key.pem
     #
     # SSL End
     #

    <IfModule suexec_module>
           SuexecUserGroup vu2000 vu2000
    </IfModule>

    ServerAdmin     webmaster@pepe.com
    DocumentRoot    /var/www/ispcp/gui

    ServerName      panel.pepe.com

    ErrorLog        /var/log/apache2/users/server.example.com-error.log
    TransferLog     /var/log/apache2/users/server.example.com-access.log

    CustomLog       /var/log/apache2/server.example.com.org-traf.log traff
    CustomLog       /var/log/apache2/server.example.com.org-combined.log combined

    Alias /errors   /var/www/ispcp/gui/errordocs/

    ErrorDocument 401 /errors/401.html
    ErrorDocument 403 /errors/403.html
    ErrorDocument 404 /errors/404.html
    ErrorDocument 500 /errors/500.html
    ErrorDocument 503 /errors/503.html

    Alias /pma      /var/www/ispcp/gui/tools/pma/
    Alias /webmail  /var/www/ispcp/gui/tools/webmail/
    Alias /ftp      /var/www/ispcp/gui/tools/filemanager/
    Alias /antispam     /var/www/ispcp/gui/tools/antispam/
    Alias /mail /var/www/ispcp/gui/tools/roundcube

    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
    
    <Directory /var/www/ispcp/gui>
        Options -Indexes Includes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    <IfModule mod_fastcgi.c>
        ScriptAlias /php4/ /var/www/fcgi/master/
        ScriptAlias /php5/ /var/www/fcgi/master/
        <Directory "/var/www/fcgi/master">
            AllowOverride None
            Options +ExecCGI MultiViews -Indexes
            Order allow,deny
            Allow from all
        </Directory>
    </IfModule>

    <IfModule mod_php4.c>
        <Directory /var/www/ispcp/gui>
            php_admin_value open_basedir "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"
            php_admin_value session.save_path "/var/www/ispcp/gui/phptmp/"
        </Directory>
    </IfModule>
    <IfModule mod_php5.c>
        <Directory /var/www/ispcp/gui>
            php_admin_value open_basedir "/var/www/ispcp/gui/:/etc/ispcp/:/var/run/ispcp.lock:/proc/:/bin/df:/bin/mount:/var/log/rkhunter.log:/var/log/chkrootkit.log:/usr/share/php/"
            php_admin_value session.save_path "/var/www/ispcp/gui/phptmp/"
        </Directory>
    </IfModule>

</VirtualHost>
# ispcp end SSL

save and exit

Code:
:w
:q

restart services

Code:
/etc/init.d/apache2 restart
/etc/init.d/bind9 restart

You can access to ispc under the url http://panel.pepe.com or https://panel.pepe.com and at the same time you can be root in http://server.example.com

I suppose that exists another better form but this method runs ok

bye
(This post was last modified: 11-25-2008 03:10 AM by BeNe.)
05-23-2008 02:38 PM
Find all posts by this user Quote this message in a reply
truzone Offline
Newbie
*

Posts: 7
Joined: May 2008
Reputation: 0
Post: #2
RE: ispcp under client domain
It's necessary copy /etc/apache2/sites-enabled/ispcp.conf to /etc/ispcp/apache/working/ispcp.conf before add, delete or modify some account
05-26-2008 09:48 AM
Find all posts by this user Quote this message in a reply
pgentoo Offline
Member
*****
Dev Team

Posts: 326
Joined: Mar 2007
Reputation: 0
Post: #3
RE: ispcp under client domain
Seeing as not every site has a ssl certificate, i think a better option would be to forward http://panel.clientdomain.com to https://admin.serverdomain.com.

That way you can just setup a bunch of extra aliases in the main admin.serverdomain.com vhost (panel.clientdomain.com, panel.clientdomain2.com, etc), and just register those subdomains in dns.

This would still give the clients easy access to their panel, mail, ftp, etc... With a url that is based on their domain (so they can remember it!), but with less config changes, and no https worries.

Thoughts?
05-30-2008 08:22 AM
Find all posts by this user Quote this message in a reply
Top44 Offline
Member
***

Posts: 271
Joined: Sep 2007
Reputation: 1
Post: #4
RE: ispcp under client domain
Quote:It's necessary copy /etc/apache2/sites-enabled/ispcp.conf to /etc/ispcp/apache/working/ispcp.conf before add, delete or modify some account

Do you mean a Existing Account or if you add an account ?[/quote]
06-20-2008 08:31 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)