Server

Securing your ISPConfig 3 managed mailserver with a valid Let’s Encrypt SSL certificate (certbot)

You can normally just name your server something nice in the beginning of the install but i recommend to proceed this route as works better once you start scaling your servers and add multiple email servers.

Under Sites, click “Add new website”. Set mail.example.com as domain. Disable Auto-Subdomain, and check the Let’s Encrypt checkbox.

After this you can add your other hostnames as alias domains, by going to the aliasdomain list and clicking

“Add new aliasdomain”. Select smtp.example.com as domain, and mail.example.com as parent website.

With this will be able to have clients login into gmail smtp using this domain or if they want to pay extra you can create one specific for their company domain like mail.domain.com

Disable Auto-Subdomain and save the new record
Verify that the certificate is in place. You can do this with a tool like https://www.sslshopper.com/ssl-checker.html

Replacing the certificate with the Let’s Encrypt certificate

All your doing here is using the ssl you created in ispconfig to now be used by postfix – you can also buy an ssl and paste the values in the ispconfig. ( From testing my email servers on multiple sites the ssl dont matter just as long as the handshake etc… matches so the free one works fine no need to spend money)

cd /etc/postfix/
mv smtpd.cert smtpd.cert-$(date +"%y%m%d%H%M%S").bak
mv smtpd.key smtpd.key-$(date +"%y%m%d%H%M%S").bak
ln -s /etc/letsencrypt/live/mail.example.com/fullchain.pem smtpd.cert
ln -s /etc/letsencrypt/live/mail.example.com/privkey.pem smtpd.key
systemctl restart postfix
systemctl restart dovecot

Set up a automatic renewal script

nano /etc/init.d/le_mailserver_restart.sh

Paste this in that file (replace mail.example.com with the hostname you used):
#!/bin/sh
### BEGIN INIT INFO
# Provides: LE MAILSERVER CERT AUTO UPDATER
# Required-Start: $local_fs $network
# Required-Stop: $local_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: LE MAILSERVER CERT AUTO UPDATER
# Description: Restart mail server automatically when a new Let's Encrypt certificate is issued.
### END INIT INFO
systemctl restart postfix
systemctl restart dovecot
apt install incron
chmod +x /etc/init.d/le_mailserver_restart.sh
echo "root" >> /etc/incron.allow

incrontab -e

Add this (again, replace mail.example.com with the hostname you used) to the file:

/etc/letsencrypt/archive/mail.example.com/ IN_MODIFY /etc/init.d/le_mailserver_restart.sh
Read More!

Apache Reverse Proxy for Docker Website or App in Ispconfig

Create a domain in ispconfig how your normally would with ssl

make sure you have proxy http enabled

sudo a2enmod proxy_http
ServerName domain.com
ProxyPass /.well-known !
ProxyPass “/” “http://DockerIp:DockerPort/”
ProxyPassReverse “/” “http://DockerIp:DockerPort/”
RedirectMatch ^/$ https://domain.com
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.com/privkey.pem

Replace http://DokcerIp:DockerPort/ with your info

domain.com with your domain or sub domain name

Read More!

Install LAMP (Linux Apache Mysql PHP) Web Server on Raspberry Pi

Install Apache

  • Open a terminal window by selecting Accessories > Terminal from the menu.
  • Install the apache2 package by typing the following command into the terminal and pressing Enter:
sudo apt-get install apache2 -y

Go to your host name or ip for example mine is http://quepaso and apache

if you dont know your ip do – ip a on the terminal.

Install Apache

sudo apt-get install php -y

create a php file to test

cd /var/www/clients/client2/web10/web
sudo nano index.php
<?php phpinfo(); ?>
sudo service apache2 restart

Install MariaDB

sudo apt-get install mariadb-server php-mysql -y
sudo mysql_secure_installation
sudo service apache2 restart

Read More!

WordPress Transfer MySql Queries

UPDATE wp_options SET option_value = replace(option_value, 'http://www.oldurl', 'http://www.newurl') WHERE option_name = 'home' OR option_name = 'siteurl';

UPDATE wp_posts SET guid = replace(guid, 'http://www.oldurl','http://www.newurl');

UPDATE wp_posts SET post_content = replace(post_content, 'http://www.oldurl', 'http://www.newurl');

UPDATE wp_postmeta SET meta_value = replace(meta_value,'http://www.oldurl','http://www.newurl');

Command Line

mysql -u root -p databasename
mysql> UPDATE wp_options SET option_value = replace(option_value, 'http://www.oldurl', 'http://www.newurl') WHERE option_name = 'home' OR option_name = 'siteurl';
mysql> UPDATE wp_posts SET guid = replace(guid, 'http://www.oldurl','http://www.newurl');
mysql> UPDATE wp_posts SET post_content = replace(post_content, 'http://www.oldurl', 'http://www.newurl');
mysql> UPDATE wp_postmeta SET meta_value = replace(meta_value,'http://www.oldurl','http://www.newurl');
Read More!

Install Composer in Debian 10 Buster to Use with Ispconfig and Jailkit

You must have ispconfig installed and jailkit.

Install Composer – hash updated May 2, 2021

cd ~
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === '756890a4488ce9024fc62c56153228907f1545c228516cbf63f885e036d37e9a59d27d63f46af1d4d07ee0f76181c7d3') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=/usr/local/bin --filename=composer

php -r "unlink('composer-setup.php');"

Add code to jailkit to use as shell user

Add to /etc/jailkit/jk_init.ini

[php]
comment = the php interpreter and libraries
executables = /usr/bin/php, /usr/bin/php7.3
directories = /usr/lib/php, /usr/share/php, /usr/share/php, /usr/share/php-geshi, /etc/php,/usr/share/zoneinfo, /etc/snmp, /usr/share/snmp
includesections = env

[env]
comment = environment variables
executables = /usr/bin/env

[composer]
comment = Dependency Manager for PHP
executables = /usr/local/bin/composer
#directories = /usr/share/composer
includesections = php, uidbasics, netbasics

Once that is completed

Go to System – Server Config – Select Server you want jailkit on

add php and composer to Jailkit chroot app sections:

Read More!

Install Composer in Debian 10 Buster

If you need to install composer in debian this is quick an easy to use globally. Works with Digitalocean as well as ispconfig.

Hash updated May 2, 2021

cd ~
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === '756890a4488ce9024fc62c56153228907f1545c228516cbf63f885e036d37e9a59d27d63f46af1d4d07ee0f76181c7d3') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

php composer-setup.php --install-dir=/usr/local/bin --filename=composer

php -r "unlink('composer-setup.php');"
Read More!

Ispconfig Jailkit php, composer, mysql, drush, composer, node, ruby, compass

Install components

Install Composer

sudo apt-get install composer

Install Node.js and NPM

sudo apt install nodejs

Install Ruby and Gem

sudo apt install ruby-full

Install Compass

sudo gem install compass

After you have installed the required libraries we need to update the commands in the jailkit init file.

sudo nano /etc/jailkit/jk_init.ini

[php]
comment = the php interpreter and libraries
executables = /usr/bin/php,/usr/bin/php5.6,/usr/bin/php7.0,/usr/bin/php7.1
directories = /usr/lib/php, /usr/share/php, /usr/share/php5, /etc/php, /usr/share/php-geshi, /usr/share/zoneinfo, /etc/snmp, /usr/share/snmp
includesections = env

[env]
comment = environment variables
executables = /usr/bin/env

[mysql-client]
comment = mysql client
executables = /usr/bin/mysql, /usr/bin/mysqldump
paths = /usr/lib/libmysqlclient.so

[drush]
comment = drush (drupal command line)
executables = /usr/local/bin/drush
includesections = php, mysql-client, uidbasics, netbasics
directories = /etc/ssl/certs, /usr/share/ca-certificates

[composer]
comment = composer
executables = /usr/local/bin/composer
includesections = php, uidbasics, netbasics

[node]
comment = NodeJS
executables = /usr/bin/npm, /usr/bin/node, /usr/bin/nodejs
directories = /usr/lib/node_modules

[ruby]
comment = Ruby
executable = /usr/bin/ruby, /usr/bin/gem, /usr/bin/gem2.3
directories = /usr/lib/ruby, /usr/lib/x86_64-linux-gnu/ruby, /var/lib/gems, /usr/share/rubygems-integration

[compass]
comment = Compass
executables = /usr/bin/compass
includesections = ruby
directories = /usr/share/compass

If user and site is created already

jk_init -c /etc/jailkit/jk_init.ini -f -k -j /var/www/clients/client1/web1 php node mysql-client drush 

Go to system -> server config with ( php git composer node ruby compass )

Read More!

Install Virtual Machine Manager(libvirt) in Manjaro

STEP 1: Launch Terminal and enter the following command to install KVM and necessary dependencies.

sudo pacman -S virt-manager qemu vde2 ebtables dnsmasq bridge-utils openbsd-netcat
STEP 2: The next two steps are very important and often ignored by many users. Make sure to complete it else, you will get error “adduser: The group `libvirtd’ does not exist” when you run the Virtual Machine Manager after installation is complete!

Enable the service by entering the below command:

sudo systemctl enable libvirtd.service
STEP 3: Start the service using below command:

sudo systemctl start libvirtd.service

sudo groupadd --system libvirt
sudo usermod -a -G libvirt $(whoami)
newgrp libvirt
//Verify that user is added to libvirt group.
id $(whoami)

Open the file /etc/libvirt/libvirtd.conf for editing.

sudo vim /etc/libvirt/libvirtd.conf
Set the UNIX domain socket group ownership to libvirt, (around line 100)
unix_sock_group = "libvirt"
Set the UNIX socket permissions for the R/W socket (around line 102)

unix_sock_rw_perms = "0770"
Restart libvirt daemon after making the change.

sudo systemctl restart libvirtd.service
Read More!

Need Help With Code?