Home » Blogs » paul's blog

Basic server setup - part 1

Submitted by paul on Fri, 29/01/2010 - 01:22
Posted in

This is how i first setup my server so it has basic functions like Apache web server (SSL-capable), Postfix mail server with SMTP-AUTH and TLS, BIND DNS server, Proftpd FTP server, MySQL server, Dovecot POP3/IMAP, Quota, Firewall, etc. Most of this has setup is based off various different tutorials i've used.

As my server is hosted in a Data centre they install the base system (CentOS 5.x) for me but if you have physical access you can do this yourself, you just need to grab the 1x dvd or 6x cd images mirror list here

Then boot from the disc you just created and follow the instructions on screen, i will say i manually set the hostname, IP, gateway and dns servers. For this blog i will use hostname= server1.example.com, IP= 192.168.0.200, gateway= 192.168.0.1 and two DNS servers= 192.168.0.50 and 192.168.0.60.

When you get to the screen to select what software to install i tick "server" and untick everything else, then check "Customize now".
On the next screen i select the package groups i want to install. I select "Editors, Text-based Internet, Development Libraries, Development Tools, DNS Name Server, FTP Server, Mail Server, MySQL Database, Server Configuration Tools, Web Server, Administration Tools, Base, and System Tools" untick all other package groups and click "Next" follow the rest of the on screen instruction.

After the machine reboots you should see the "setup agent" here i disable the firewall (only for now) and disable SELinux (permanently - causes to many problems for me) then exit the "setup agent" and login as root and reboot the system to apply the changes, i use the command "shutdown -r now".

Now for the fun part editing files and getting a basic working setup.
First i edit "/etc/hosts" and make it look like this

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
192.168.0.200           server1.example.com server1
::1             localhost6.localdomain6 localhost6

Then i import the GPG keys for software packages

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*

Then i update the system

yum update

Then install some packages we will need (some may already be installed)

yum install fetchmail wget bzip2 unzip zip nmap openssl lynx fileutils ncftp gcc gcc-c++

Next i install Bind9 in a chroot jail

yum install bind-chroot

then

chmod 755 /var/named/
chmod 775 /var/named/chroot/
chmod 775 /var/named/chroot/var/
chmod 775 /var/named/chroot/var/named/
chmod 775 /var/named/chroot/var/run/
chmod 777 /var/named/chroot/var/run/named/
cd /var/named/chroot/var/named/
ln -s ../../ chroot
cp /usr/share/doc/bind-9.3.4/sample/var/named/named.local /var/named/chroot/var/named/named.local
cp /usr/share/doc/bind-9.3.4/sample/var/named/named.root /var/named/chroot/var/named/named.root
touch /var/named/chroot/etc/named.conf
chkconfig --levels 235 named on
/etc/init.d/named start

Now i install Mysql

yum install mysql mysql-devel mysql-server

now we make Mysql start every time the server does 

chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start

now edit "/etc/my.cnf" and comment out the option "skip-networking"
should look like this

#skip-networking

Restart Mysql

/etc/init.d/mysqld restart

Then set a password for the root Mysql user

mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword

Now i install Quota (if you changed the partitioning scheme from default modify to your needs)

yum install quota

Edit "/etc/fstab" and add ",usrquota,grpquota" to the "/" partition (/dev/VolGroup00/LogVol00)
should look like this

/dev/VolGroup00/LogVol00 /                       ext3    defaults,usrquota,grpquota        1 1
LABEL=/boot             /boot                   ext3    defaults        1 2
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
/dev/VolGroup00/LogVol01 swap                    swap    defaults        0 0

then enable Quota

touch /aquota.user /aquota.group
chmod 600 /aquota.*
mount -o remount /
quotacheck -avugm
quotaon -avug

I'll finish the rest of the install off in part 2.

czarist