Script For Automatically Setting Up A Perfect Server On OpenSUSE 11.4 And Installing ISPConfig 3

, and in the end it also installs ISPConfig 3.

Please note: do not execute this script on an already working server, because this script may overwrite configuration files and break the running system. It is only meant to be used on a fresh installation of OpenSUSE 11.4.

If you are installing on OpenSUSE 11.2 or OpenSUSE 11.3, please be sure to use another version of this script (also available on www.howtoforge.com).

There are few things missing from the tutorial, as I have found it. I have made a script, based on the tutorial, that prepares a system, and which contains several steps that, if not done, leave the system unfinished in some way.

Notable additions:

fail2ban configurationSuSEfirewall2 enabled
Pure-ftpd configuration change (allow renames, change passive ports and permissions) Postfix certificate generation Apache SSL certificate generation, and switching ISPConfig to HTTPSFix of NameVirtualHost apache config with OpenSUSE (important for Apache to recognize multiple domains from ISPConfig) Setup of rdiff-backup with cron Fixed dovecot configuration to enable SSL and support courier-compatibilityFixed pam_mysql to work on 64-bit systemsFixed amavis to find clamd socketInstalled eAcceleratorFixed apache custom errors pathInstall and configure awstatsConfigure apache and awstats to use mod_logio for correct bandwidth measurement

The script is imperfect in the fact that it requires manual entries twice - when mysql_secure_install is run, and when ispconfig_update_svn is run. (I use svn, because ISPConfig latest SVN looks much nicer, but one can type stable as well - on production systems, you should use stable!)

Do

zypper update

and

reboot

before running this script.

Also better change host name (file HOSTNAME) manually with yast2 before running this script, so that OpenSUSE will put a proper name into Postfix configuration.

This script requires two manual actions:

First - when mysql_secure_install is run.
Second - for ISPConfig3 update, if SVN update is chosen, one may need to say 'y' to enable SSL, while for all other options - one can choose a default value by just pressing ENTER.

You should change the following variables in the script before you run it:

THIS_PLATFORM: Either x86_64 or i586.

MYSQLROOTPASS: Please change MYSQLROOTPASS, and be sure to enter it verbatim during the installation of mysql_secure_install.

MY_HOSTNAME, MY_DOMAIN: Change this to your server name. By default it's configured to server1.mydomain.com. If your web site hosts a complete domain, such as domain.com, still leave something for MY_HOSTNAME. server1 or host is a good name.

ISPCONFIG_TAR_GZ: Make sure that ISPCONFIG_TAR_GZ holds the latest available ISPConfig 3 version. Beware, that automatic piping to answer all the questions is set up to work with ISPConfig 3.0.3.3, and you may need to change that part of the script, if ISPConfig is of a later version.

Save the script on your server (e.g. /root/opensuse_ispconfig3.sh):

vi /root/opensuse_ispconfig3.sh

#!/bin/sh

# OpenSUSE 11.4 Perfect Server ISPConfig script by George Yohng (georgesc#oss3d.com)
# Script Version 2.1

# Do zypper update and reboot before running this script

# Also better change host name manually with yast2 before running this script.

# This script requires two manual actions.

# First - when mysql_secure_install is running. One should type a new mysql password, the same as here
# Second - for ISPConfig3 update. One should type 'svn' when the update type is asked
# For both of scripts, all other options are default, one can just press ENTER.


# Also, please change MYSQLROOTPASS below, and be sure to enter it verbatim
# during the installation of mysql_secure_install.

# Important: When setting an MX entry, point it to mail.yourdomain.com rather than
# just to yourdomain.com, and create a CNAME entry for mail. Otherwise it doesn't
# seem to work somehow.

# Platform is x86_64 or i586

THIS_PLATFORM

View the Original article

Setting Up An Android App Build Environment With Eclipse, Android SDK, PhoneGap (Ubuntu 11.04)

Eclipse and the prerequisites for the Android SDK and PhoneGap can be installed as follows:

sudo apt-get install openjdk-6-jdk eclipse ruby rubygems ruby-dev libnokogiri-ruby git ant libxml2 libxml2-dev libxslt1-dev

If you are on a 64bit system, you also need to install the following two packages:

sudo apt-get install lib32stdc

View the Original article

Setting Up A Spam-Proof Home Email Server (The Somewhat Alternate Way) (Debian Squeeze)

(some poorly designed websites do not recognizes the www. as valid email address, for those I just leave it away).

For people I use a format like that: "email.john.doe

View the Original article

Setting Up FTP^H^H^H SFTP In A Hurry For File Uploads Using OpenSSH

Secure file transfer gets too little attention, perhaps because it is too easy. For secure file transfer without the need of special programs or clients, nothing more is needed than to have the OpenSSH server installed and running. It has a built-in SFTP subsystem that is available to any account that can log in. In other words, for basic SFTP access, nothing needs to be done other than have an account accessible via SSH.
Again, for basic SFTP uploads and downloads, nothing in the default OpenSSH installation needs to be changed.  It's already there, ready to be used.
Removing shell access while still allowing SFTP access is a simple as three steps, if OpenSSH server is already installed.
Create a user group, e.g. sftponlyAdd users to that groupAdd a corresponding Match directive to sshd's configuration in /etc/ssh/sshd_config: Subsystem sftp internal-sftp
Match Group sftponly
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp
Making a chroot jail of the SFTP users' home directories is also as easy to set up in OpenSSH.
Create a user group, e.g. sftponlyAdd users to that groupAdd a corresponding Match directive to sshd's configuration in /etc/ssh/sshd_config: Subsystem sftp internal-sftp
Match Group sftponly
ChrootDirectory %h
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp
It's that easy.
The name "FTP" is often misused to mean file transfer using a special client. However, it is a specific protocol.
Plain FTP is insecure. The entire session, from username and password at the beginning, to data transfer at the end, is done without encryption. All accounts that use it can be considered compromised. It is the protocol itself that is insecure. FTP also requires adding and configuring special server software, whereas most servers usually have SSH, and thus SFTP, up and running.
FTP tunneled over SSL/TLS is FTPS. In contrast, SFTP is a new protocol designed from the ground up for secure file transfer. FTPS requires even more setup than FTP, whereas SFTP is running out of the box wherever there is an OpenSSH server.
Without extra effort, SFTP is already available wherever an OpenSSH server is running. With minimal changes, shell access can be turned off for SFTP users and even chrooted.

View the original article here

Setting up an Android app build environment with Eclipse, Android SDK, PhoneGap (Debian squeeze)

 

This tutorial describes how you can set up a development environment for building Android applications on a Debian squeeze desktop with Eclipse, Android SDK, and PhoneGap. Device tested describe how to build Android apps from the command line with the PhoneGap and the GUI with Eclipse and PhoneGap and how in an Android emulator and a real Android. PhoneGap, you can use your Android applications with Web technologies such as HTML, to develop CSS and JavaScript (e.g. with JavaScript libraries such as jQuery/Keds) and it is these Web apps in native Android apps (in fact, PhoneGap supports multiple platforms such as such as AndroidiPhone), Palm, Windows Mobile, Symbian, so that you can use the same sources to create apps for multiple platforms).

 

 

Read more on HowtoForge set as a favorite of this email-ThisComments (0)

View the Original article

Setting Up An Android App Build Environment With Eclipse, Android SDK, PhoneGap (Ubuntu 10.10)

This tutorial describes how you can set up an development environment for building Android apps on an Ubuntu 10.10 desktop using Eclipse, the Android SDK, and PhoneGap. I will describe how to build Android apps from the command line with PhoneGap and from the GUI with Eclipse and PhoneGap and how to test them in an Android emulator and on a real Android device. PhoneGap allows you to develop your Android applications using web technologies such as HTML, CSS, and JavaScript (e.g. with JavaScript libraries such as jQuery/jQTouch), and it will turn these web apps into native Android apps (in fact, PhoneGap supports multiple platforms such as Android, iPhone, Palm, Windows Mobile, Symbian, so you can use the same sources to create apps for multiple platforms).

I do not issue any guarantee that this will work for you!

 

1 Preliminary Note

I will not explain how to develop an Android app using HTML, CSS, and JavaScript. You can find lots of tutorials about this on the Internet, e.g. this one:

Tutorial: A simple Twitter client with JQTouch

In fact, I'm using a slightly modified version of the Twitter client described in the link to build a Twitter app in this tutorial.

 

2 Installing Eclipse And Prerequisites For The Android SDK/PhoneGap

First open a terminal (Applications > Accessories > Terminal):

View the Original article