Current time: 12-23-2024, 05:50 PM Hello There, Guest! (LoginRegister)


Post Reply 
Newbie Q: Is ispCP Omega the right tool for me?
Author Message
pete Offline
Junior Member
*

Posts: 14
Joined: Dec 2009
Reputation: 0
Post: #1
Newbie Q: Is ispCP Omega the right tool for me?
I have a Virtual Private Server (VPS) with its own public IP address running Ubuntu 9.10. I have ssh root user access.

I did hunt for documentation, but the topics I was interested in aren't covered yet.

My aim is to use the server to:
  • host two domains (let's call them a.com and b.com)
  • each domain has a website (a.com static, b.com dynamic/php)
  • b.com uses a MySQL database and has a CMS part
  • the content of a.com is updated via ftp
  • there are e-mail addresses for both domains which maybe real, aliases or forwards

Should be easy to add remove e-mail accounts, aliases or forwards as well as add new domains. Also, I'm very familiar with Windows but do struggle with Linux.

Is it worthwhile to learn ispCP or is it overkill for me? If worthwhile, what of the above can it do for me?
12-15-2009 01:21 PM
Find all posts by this user Quote this message in a reply
motokochan Offline
Member
***

Posts: 274
Joined: Jul 2008
Reputation: 1
Post: #2
RE: Newbie Q: Is ispCP Omega the right tool for me?
To be honest, with only two sites any control panel is overkill in my opinion. However, I'm quite experienced with manual administration.

ispCP Omega can handle all the items you mentioned that you want to do, so it should work fine for your needs. The only two major things missing in my opinion, are support for SSL-enabled sites (this is planned for the 1.1.0 release) and crontab editing. If you don't know what either are, or know and don't use them, you should be fine.

Since you are unfamiliar with Linux administration, you might want to ask a trusted friend that has a greater comfort level to install this for you. It's fairly straightforward, but there are many little "gotchas" in the process that might be problematic for your experience level. If you don't know someone, you're welcome to try the install yourself and ask questions on this site.
12-15-2009 01:40 PM
Visit this user's website Find all posts by this user Quote this message in a reply
pete Offline
Junior Member
*

Posts: 14
Joined: Dec 2009
Reputation: 0
Post: #3
RE: Newbie Q: Is ispCP Omega the right tool for me?
I like your 'however' in the first paragraph. Since I'm the exact opposite, ispCP might be a good tool for me Smile.

Anyway, against your probably very wise judgement (thank you), I went ahead and installed icpCP. To my surprise, a screen poped up in the end so I must have gotten the odd thing right right.

Still, I have a few issues:

- When I log-on to WebMail with the e-mail address of a user from one of the resellers i setup (gosh, took me a while to figure out that a reseller is a domain), i can get access and all that but I can't send an e-mail. I get a "Server replied: 111 Can't open SMTP stream" error. What the heck?

- When I use phpadmin, it tells me that I can't create an SQL database. MySQL is running and I can use the MySQL interpreter and see that, for example ispCP has no problem writing to it, so I must have been missing something.

- I haven't got a clue where to find the "master records" my registrar wants so before they get their DNS to point to that new server. Master what?

- of course, I'd love to test my http, pop3 and ftp services for the domains I configured before I change my registrars DNS. Can this be done?

- I didn't understand at all what was ment by:
Code:
Next you are asked to enter a "fully qualified hostname" (FQHN).
        For more infos read http://en.wikipedia.org/wiki/FQDN.
so I entered a silly name followed by one of the domains I want to host. Does it matter?

- Less critical but still of interest to me: spam filter for e-mail and making sure that the SMTP server works and is secure (doesn't relay mail).

Other than that, I think this is an awesome tool!
12-15-2009 06:38 PM
Find all posts by this user Quote this message in a reply
motokochan Offline
Member
***

Posts: 274
Joined: Jul 2008
Reputation: 1
Post: #4
RE: Newbie Q: Is ispCP Omega the right tool for me?
(12-15-2009 06:38 PM)pete Wrote:  Anyway, against your probably very wise judgement (thank you), I went ahead and installed icpCP. To my surprise, a screen poped up in the end so I must have gotten the odd thing right right.

Glad to hear it went well.


(12-15-2009 06:38 PM)pete Wrote:  - When I log-on to WebMail with the e-mail address of a user from one of the resellers i setup (gosh, took me a while to figure out that a reseller is a domain), i can get access and all that but I can't send an e-mail. I get a "Server replied: 111 Can't open SMTP stream" error. What the heck?

Probably an issue with Postfix (the MTA). Check the contents of /var/log/maillog (I'm fairly sure Ubuntu creates that log file). Look for error messages near the end, or try to send and look for error messages that show at that exact time.

By the way, a reseller isn't a domain, it's a reseller (there isn't a way I know of to collapse the admin and reseller functions, which would be nice for self-hosting). Domains are linked with users.

Think of it this way. The admin manages the server and resellers, the reseller manages users, and the users manage a domain.


(12-15-2009 06:38 PM)pete Wrote:  When I use phpadmin, it tells me that I can't create an SQL database. MySQL is running and I can use the MySQL interpreter and see that, for example ispCP has no problem writing to it, so I must have been missing something.

That's valid. Normal users can't create databases. You can create new databases by adding them under the user interface for the site.


(12-15-2009 06:38 PM)pete Wrote:  I haven't got a clue where to find the "master records" my registrar wants so before they get their DNS to point to that new server. Master what?

Haven't heard that term before. They are probably talking about the NS records for the domain. By default, this tool creates an ns1.example.com and ns2.example.com (replace example.com with the actual domain) for each site with the IP of that server. You will probably want to provide those names and the IP.


(12-15-2009 06:38 PM)pete Wrote:  of course, I'd love to test my http, pop3 and ftp services for the domains I configured before I change my registrars DNS. Can this be done?

This is kinda easy if you just connect by IP. For HTTP, you'd need to add an entry in your hosts file. Depending on the OS you are browsing on, it could be in a few different locations.


(12-15-2009 06:38 PM)pete Wrote:  I didn't understand at all what was ment by:
Code:
Next you are asked to enter a "fully qualified hostname" (FQHN).
        For more infos read http://en.wikipedia.org/wiki/FQDN.
so I entered a silly name followed by one of the domains I want to host. Does it matter?

A bit. An FQDN is the DNS name of the server as it can be reached publicly. You access the control panel by the admin name, and all the server configuration strings report back that name. This means you'll need to make sure it resolves and that the reverse IP (PTR) of the server reports back that name.


(12-15-2009 06:38 PM)pete Wrote:  Less critical but still of interest to me: spam filter for e-mail and making sure that the SMTP server works and is secure (doesn't relay mail).

Basic spam filtering is already included (via policy-weightd, AMaViSd-new, and SpamAssassin), and you can manually configure the settings, although that requires editing a few files. Unauthorized relaying should also be disabled by default.
12-16-2009 01:37 AM
Visit this user's website Find all posts by this user Quote this message in a reply
pete Offline
Junior Member
*

Posts: 14
Joined: Dec 2009
Reputation: 0
Post: #5
RE: Newbie Q: Is ispCP Omega the right tool for me?
You're great value motokochan, I already owe you a few pints. Why didn't I think of adding the domain to my hosts file myself? That was a brilliant suggestion, thanks.

Anyway, with this in place I managed to test many of the things I was after. I now find that postfix is not actually running.

I tried to start it but got an error. I found some document on the net telling me to run postfix set-permissions if this error occurs. So I did, but with no luck.

Here is the transcript:
Code:
root@serifos:/etc/init.d# postfix start
postsuper: fatal: scan_dir_push: open directory defer: Permission denied
postfix/postfix-script: fatal: Postfix integrity check failed!
root@serifos:/etc/init.d# postfix set-permissions
chown: cannot access `/usr/lib/postfix/dict_cdb.so': No such file or directory
root@serifos:/etc/init.d# postfix start
postfix/postfix-script: warning: not owned by postfix: /var/lib/postfix/./master.lock
postfix/postfix-script: starting the Postfix mail system
root@serifos:/etc/init.d# ps -elf | grep postfix
0 S root     15657  5893  0  78   0 -   758 pipe_w 20:19 pts/0    00:00:00 grep postfix
root@serifos:/etc/init.d# postfix stop
postfix/postfix-script: fatal: the Postfix mail system is not running
I assume until postfix is running, neither pop3 not smtp will work on that machine.

Wrt Master Records, my domain registrar holds these details (for one of my domain) which I need to update:

mail record (MX)
secondary MX

and then there are more entries that I can add manually that look like:

XXXXXXX.blah.co.nz YYYY ZZZZZZZZZZZZZ

XXX is just some text field
YYY is a single select (IPv4, CNAME, TXT, IPv6)
ZZZ is again just text

A couple of existing entries show:

google2ff4084676c0289 CNAME goolgle.com.
mail CNAME ghs.goolgle.com.

I presume I have to remove these to bypass google.

I'll have to fiddle with the other things, but ispCP has already saved me lots of time and agony.
In the meantime, thanks for some other helpful soul, I punched these statements into the console:

Code:
chown postfix.postfix -R /var/lib/postfix
postfix start

and voila, postfix runs now. Even better, when I look at webmail I see messages that were sent by ispCP when I created users and I can now send a message from webmail and receive it.

Trying to be clever (but no doubt making myself look extra stupid instead) I added the following to my hosts file:

1.12.123.234 blah.co.nz mail.blah.co.nz

I was hoping that by doing this and installing an SMTP server on my local machine I could send mail to:

somebody@blah.co.nz

and it would show up in webmail and I could also use a pop3 clinet (outlook) to retrieve the mail. While my SMTP server shows that it is sending mail to somebody@blah.co.nz, it still get's delivered to gmail.

I wonder how I can properly test this?
(This post was last modified: 12-16-2009 06:59 AM by pete.)
12-16-2009 06:33 AM
Find all posts by this user Quote this message in a reply
motokochan Offline
Member
***

Posts: 274
Joined: Jul 2008
Reputation: 1
Post: #6
RE: Newbie Q: Is ispCP Omega the right tool for me?
(12-16-2009 06:33 AM)pete Wrote:  You're great value motokochan, I already owe you a few pints. Why didn't I think of adding the domain to my hosts file myself? That was a brilliant suggestion, thanks.

I'm a tea drinker, but thanks for the thought.


(12-16-2009 06:33 AM)pete Wrote:  Trying to be clever (but no doubt making myself look extra stupid instead) I added the following to my hosts file:

1.12.123.234 blah.co.nz mail.blah.co.nz

I was hoping that by doing this and installing an SMTP server on my local machine I could send mail to:

somebody@blah.co.nz

and it would show up in webmail and I could also use a pop3 clinet (outlook) to retrieve the mail. While my SMTP server shows that it is sending mail to somebody@blah.co.nz, it still get's delivered to gmail.

I wonder how I can properly test this?

The hosts entry looks okay, assuming you put your server's real IP and name in there.

Outside hosts will continue delivering to Google's servers until you change the MX records on the domain. The easiest test you can run is to create an account with all the settings for that server, and make sure to send to that domain on that server. That should cause a local delivery to take place.

If you want to test remote delivery, I could manually send a test e-mail to an account if you PM me the IP of the server and an e-mail address you want the mail to go to. (I'm very experienced with using telnet to talk SMTP directly.)
12-16-2009 08:42 AM
Visit this user's website Find all posts by this user Quote this message in a reply
pete Offline
Junior Member
*

Posts: 14
Joined: Dec 2009
Reputation: 0
Post: #7
RE: Newbie Q: Is ispCP Omega the right tool for me?
K, a pint of tea 4 u and a cup of beer 4 me :S

(12-15-2009 01:40 PM)motokochan Wrote:  Outside hosts will continue delivering to Google's servers until you change the MX records on the domain.

(In the following, I changed the real IP address and the domain name to something fictive.)

In the meantime I did change the MX entry at my domain registrar:

Master Record (MX): mail.blah.co.nz.

I have a DNS config file /etc/bind/blah.co.nz.db (I'm sure ispCP created this) which looks like that:
Code:
$TTL 12H
$ORIGIN blah.co.nz.
@               IN              SOA             ns1.blah.co.nz. postmaster.blah.co.nz. (
; dmn [blah.co.nz] timestamp entry BEGIN.
                2009121500     ; Serial
; dmn [blah.co.nz] timestamp entry END.
                8H              ; Refresh
                30M             ; Retry
                4W              ; Expire
                3H              ; Minimum TTL
)
                IN              NS              ns1.blah.co.nz.
                IN              NS              ns2.blah.co.nz.
                IN              MX      10      mail.blah.co.nz.

blah.co.nz.     IN              A               1.2.3.4
www             IN              A               1.2.3.4
blah.co.nz.     IN              TXT             "v=spf1 a mx ip4:1.2.3.4 ip4:1.2.3.4 ~all"
localhost       IN              A               127.0.0.1
mail            IN              A               1.2.3.4
ns1             IN              A               1.2.3.4
ns2             IN              A               1.2.3.4
; CNAME for VHCS compatibility
ns              IN              CNAME           ns1
; CNAME for mail transfer
imap            IN              CNAME           mail
pop             IN              CNAME           mail
pop3            IN              CNAME           mail
relay           IN              CNAME           mail
smtp            IN              CNAME           mail
; CNAME for web transfer
ftp             IN              CNAME           www
; sub [{SUB_NAME}] entry BEGIN.
; sub [{SUB_NAME}] entry END.

; dns [{MANUAL_DNS_ID}] entry BEGIN.
; dns [{MANUAL_DNS_ID}] entry END.

I can ping blah.co.nz and get the correct IP address.

If I go to http://pingability.com and enter blah.co.nz, I get this little interesting snippet:

Mail Server: mail.blah.co.nz
Server Name mail.blah.co.nz
IP null
Location null
Mail Server For *@blah.co.nz
MX Priority 10
Connect Response Time NA
Server 'Hello' Line
Open Relay? Not tested
RDNS Entry NA
Mail Server Info
Info Type Message
Error The MX record value 'mail.blah.co.nz' does not have an IP Address (A) record. You should add one.
12-16-2009 09:44 AM
Find all posts by this user Quote this message in a reply
motokochan Offline
Member
***

Posts: 274
Joined: Jul 2008
Reputation: 1
Post: #8
RE: Newbie Q: Is ispCP Omega the right tool for me?
Yeah, you also need to add the A record if you're using an external service for DNS. Just copy the entries from that zone file.

By the way, you'll probably want to remove the account on Google Apps once you're all set up. If not, mail from their servers will not be delivered to your server.
12-16-2009 10:05 AM
Visit this user's website Find all posts by this user Quote this message in a reply
pete Offline
Junior Member
*

Posts: 14
Joined: Dec 2009
Reputation: 0
Post: #9
RE: Newbie Q: Is ispCP Omega the right tool for me?
I "think" I added an A record. But now my mail-log shows this when I try to send e-mail from gmail to my new mailbox:

Code:
Dec 16 02:41:39 serifos postfix/policyd-weight[9578]: weighted check:  NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_HELO_IP=-2 (check from: .hbweddingshow. - helo: .skyhigh.actrix. - helo-domain: .actrix.)  FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1; <client=203.96.16.175> <helo=skyhigh.actrix.co.nz> <from=pete@hbweddingshow.co.nz> <to=pete@hbweddingshow.co.nz>; rate: -5.5
Dec 16 02:41:39 serifos postfix/policyd-weight[9578]: decided action=PREPEND X-policyd-weight:  NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 CL_IP_EQ_HELO_IP=-2 (check from: .hbweddingshow. - helo: .skyhigh.actrix. - helo-domain: .actrix.)  FROM/MX_MATCHES_NOT_HELO(DOMAIN)=1; rate: -5.5; <client=203.96.16.175> <helo=skyhigh.actrix.co.nz> <from=pete@hbweddingshow.co.nz> <to=pete@hbweddingshow.co.nz>; delay: 1s
Dec 16 02:41:39 serifos postfix/smtpd[19674]: warning: connect to 127.0.0.1:60000: Connection refused
Dec 16 02:41:39 serifos postfix/smtpd[19674]: warning: problem talking to server 127.0.0.1:60000: Connection refused
Dec 16 02:41:40 serifos postfix/smtpd[19674]: warning: connect to 127.0.0.1:60000: Connection refused
Dec 16 02:41:40 serifos postfix/smtpd[19674]: warning: problem talking to server 127.0.0.1:60000: Connection refused
Dec 16 02:41:40 serifos postfix/smtpd[19674]: NOQUEUE: reject: RCPT from skyhigh.actrix.co.nz[203.96.16.175]: 451 4.3.5 Server configuration problem; from=<pete@hbweddingshow.co.nz> to=<pete@hbweddingshow.co.nz> proto=ESMTP helo=<skyhigh.actrix.co.nz>
Dec 16 02:41:40 serifos postfix/smtpd[19674]: disconnect from skyhigh.actrix.co.nz[203.96.16.175]

I think I have to switch to tea too.
I struggled with the above for a while before I decided to ask here, just to find the answer myself after posting my question.

This article helped me:http://www.global-domination.org/forum/viewtopic.php?t=293

However, it didn't work as stated so I did it a bit different:

In the file /etc/init.d/postgrey look for this line of code:

Code:
POSTGREY_OPTS="--pidfile=$PIDFILE --daemonize $POSTGREY_OPTS"

and change it to:
Code:
POSTGREY_OPTS="--pidfile=$PIDFILE --daemonize $POSTGREY_OPTS --inet=60000"

once changed, do what lin-art suggested:
"service postgrey restart"
and a "netstat -nlpa | grep 60000" should show a tcp port 60000..
now that I think i'm there, I have 2 more questions:

1) Initially, I could only get to the ispCP admin site using the VPS IP address (remember, not knowing what I was doing I chose serifos.elegancenz.co.nz as my FQHN so that my admin sites URL turns out to be admin.serifos.elegancenz.co.nz). So I created another A record with my registrar so that this URL resolves.

So far so good but, when I try to get to WebMail for elegancenz.co.nz, I have to use the ugly URL: http://admin.serifos.elegancenz.co.nz/we.../login.php
When what I'd really like to use would be something like:
http://webmail.elegancenz.co.nz
or for another domain
http://webmail.hbweddingshow.co.nz

Can this be done?

2) So far all is more or less OK but I'd like to back things up. I vaguely remember (which proves I'm not much into tea) that ispCP offered some backup options (and I think I chose Domain), but I have no idea what they mean or do. It would be fantastic if I could pull a differential backup (say once a week) from the server and if that backup were such that if I had to I could rebuild a virgin VPS in minutes rather than days.

Any thoughts on this?


- what puzzles me is how I could simplifyeed to get to the ispCP, the only way that works is via IP address
(This post was last modified: 12-16-2009 02:03 PM by pete.)
12-16-2009 01:08 PM
Find all posts by this user Quote this message in a reply
motokochan Offline
Member
***

Posts: 274
Joined: Jul 2008
Reputation: 1
Post: #10
RE: Newbie Q: Is ispCP Omega the right tool for me?
Hopefully I'll be able to cover the issues...

(12-16-2009 01:08 PM)pete Wrote:  So far so good but, when I try to get to WebMail for elegancenz.co.nz, I have to use the ugly URL: http://admin.serifos.elegancenz.co.nz/we.../login.php
When what I'd really like to use would be something like:
http://webmail.elegancenz.co.nz
or for another domain
http://webmail.hbweddingshow.co.nz

Can this be done?

See either:
Create a subdomain webmail for all your domains to access the webmail or Create panel.domain.tld, pma.domain.tld, webftp.domain.tld, and webmail.domain.tld subdomains to access ispCP's main panel and the different ispCP tools

The HowTo section in the wiki (Documentation link at top of the page) is a good read.


(12-16-2009 01:08 PM)pete Wrote:  2) So far all is more or less OK but I'd like to back things up. I vaguely remember (which proves I'm not much into tea) that ispCP offered some backup options (and I think I chose Domain), but I have no idea what they mean or do. It would be fantastic if I could pull a differential backup (say once a week) from the server and if that backup were such that if I had to I could rebuild a virgin VPS in minutes rather than days.

Any thoughts on this?

There is a backup option in 1.0.3, but I haven't played with it. (I have RackSpace backing up the whole server nightly.) I'd look through the various topics here for information on that feature.


(12-16-2009 01:08 PM)pete Wrote:  - what puzzles me is how I could simplifyeed to get to the ispCP, the only way that works is via IP address

It works by IP because it's the first Virtual Host in the configuration. Apache will use the first entry if nothing else matches (It's a handy feature in many cases). If you used the configuration defaults, the panel will use the name "admin.servername.example.com", so make sure that resolves to the IP of the server.
(This post was last modified: 12-16-2009 04:14 PM by motokochan.)
12-16-2009 04:12 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)