# View and change the hosts file
nano /etc/hosts
# IPv4 127.0.0.1 localhost.localdomain localhost 45.92.156.153 ams01.xev.net.eu.org ams01 74.48.138.241 lax01.xev.net.eu.org lax01 205.234.252.98 lax02.xev.net.eu.org lax02 # IPv6 ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters
# View and change the hostname file
nano /etc/hostname
lax02
# View and change the DNS servers resolv.conf file
# This file is empty on this provider
nano /etc/resolv.conf
# This provider provides us with an extremely small vSwap partition # Replace the swap partition with a new swap file
fallocate -l 1.5G /swapfile chmod 600 /swapfile mkswap /swapfile swapon /swapfile swapoff /dev/vda2
# Add the swap file to the fstab to persist after reboot # Leave the swap partition unused # A reboot is required for changes to take effect
nano /etc/fstab
# /dev/vda2 swap swap defaults 0 0 /swapfile swap swap defaults 0 0
# Reboot
systemctl reboot
# Update and Upgrade the system
apt-get -y update apt-get -y full-upgrade apt-get -y autoremove
# View the network config
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:16:3e:6a:be:53 brd ff:ff:ff:ff:ff:ff
altname enp0s3
altname ens3
inet 205.234.252.98/24 brd 205.234.252.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 2402:d0c0:13:c9c8::2/64 scope global
valid_lft forever preferred_lft forever
inet6 2402:d0c0:13:c9c8::10/64 scope global
valid_lft forever preferred_lft forever
inet6 2402:d0c0:13:c9c8::21/64 scope global
valid_lft forever preferred_lft forever
# View the disk config
fdisk -l
Disk /dev/vda: 15 GiB, 16106127360 bytes, 31457280 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x5a24e6d7 Device Boot Start End Sectors Size Id Type /dev/vda1 * 2048 30932992 30930945 14.7G 83 Linux /dev/vda2 30932993 31457279 524287 256M 82 Linux swap / Solaris
# View the Mem and Swap
free -h
total used free shared buff/cache available Mem: 964Mi 314Mi 219Mi 11Mi 430Mi 496Mi Swap: 1.5Gi 526Mi 1.0Gi
# View the swap partitions and files
swapon --show
NAME TYPE SIZE USED PRIO /swapfile file 1.5G 526.1M -2
# View the hostname
hostname
lax02
# View the full hostname
hostname -f
lax02.xev.net.eu.org
# View the OS version
cat /etc/debian_version
11.10
# Install ISPConfig
wget -O - https://get.ispconfig.org | sh -s -- --use-ftp-ports=40110-40210 --unattended-upgrades --interactive
WARNING! This script will reconfigure your entire server! It should be run on a freshly installed server and all current configuration that you have done will most likely be lost! Type 'yes' if you really want to continue: yes
US California Los Angeles Xev Net Xev Net LAX02 lax02.xev.net.eu.org webmaster@xev.net.eu.org
Generating a RSA private key .............................................++++ .........................................++++ writing new private key to 'smtpd.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:US State or Province Name (full name) [Some-State]:California Locality Name (eg, city) []:Los Angeles Organization Name (eg, company) [Internet Widgits Pty Ltd]:Xev Net Organizational Unit Name (eg, section) []:Xev Net LAX02 Common Name (e.g. server FQDN or YOUR name) []:lax02.xev.net.eu.org Email Address []:webmaster@xev.net.eu.org
Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <-- ENTER Generating RSA private key, 4096 bit long modulus .....................++ .......++ e is 65537 (0x10001) You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]: <-- ENTER State or Province Name (full name) []: <-- ENTER Locality Name (eg, city) [Default City]: <-- ENTER Organization Name (eg, company) [Default Company Ltd]: <-- ENTER Organizational Unit Name (eg, section) []: <-- ENTER Common Name (eg, your name or your server's hostname) []: <-- ENTER Email Address []: <-- ENTER Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: <-- ENTER An optional company name []: <-- ENTER writing RSA key
[INFO] Installation ready. [INFO] Your MySQL root password is: xxxxxxxxxxxxxxxxxxxx [INFO] Warning: Please delete the log files in /tmp/ispconfig-ai/var/log/setup-* once you don't need them anymore because they contain your passwords!
# Later on, you can update ISPConfig and –force the update even if you already have the newest release
ispconfig_update.sh --force
# Configure ISPConfig using MySQL # Add client, DNS, message and directives templates # Use your MySQL root password to connect to MySQL # Use your SMTP credentials to send emails
wget -O xev_net_install_config.sh "https://docs.xev.net.eu.org/doku.php?do=export_code&id=hosteons-lax02-install-system-auto&codeblock=10" chmod 700 xev_net_install_config.sh wget -O mysql_install.sh "https://docs.xev.net.eu.org/doku.php?do=export_code&id=auto-install&codeblock=18" chmod 700 mysql_install.sh wget -O logo.png "https://docs.xev.net.eu.org/lib/exe/fetch.php?media=wiki:logo.png"
nano xev_net_install_config.sh
./mysql_install.sh
rm -rfv mysql_install.sh rm -rfv xev_net_install_config.sh rm -rfv logo.png
# Configure ISPConfig using SOAP API # Add and Update IP addresses # Add client, DNS zone, web sites, ftp accounts and shell account
wget -O xev_net_install_config.sh "https://docs.xev.net.eu.org/doku.php?do=export_code&id=hosteons-lax02-install-system-auto&codeblock=10" chmod 700 xev_net_install_config.sh wget -O soap_install.sh "https://docs.xev.net.eu.org/doku.php?do=export_code&id=auto-install&codeblock=19" chmod 700 soap_install.sh
nano xev_net_install_config.sh
./soap_install.sh
rm -rfv soap_install.sh rm -rfv xev_net_install_config.sh
# Send email using IPv4 is preferable # We do not have reverse DNS for IPv6 on some servers
postconf -e "smtp_address_preference=ipv4" postconf -p "smtp_address_preference" postconf -p "inet_protocols"
# Install Tor and run it as a system daemon # Create 5 new hidden onion sites
apt-get -y install tor wget -O torrc https://docs.xev.net.eu.org/doku.php?do=export_code&id=auto-install&codeblock=15 cp -v torrc /etc/tor/torrc rm -rfv torrc
echo "\n" >> /etc/tor/torrc echo "HiddenServiceDir /var/lib/tor/site1_hs/" >> /etc/tor/torrc echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc echo "HiddenServiceDir /var/lib/tor/site2_hs/" >> /etc/tor/torrc echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc echo "HiddenServiceDir /var/lib/tor/site3_hs/" >> /etc/tor/torrc echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc echo "HiddenServiceDir /var/lib/tor/site4_hs/" >> /etc/tor/torrc echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc echo "HiddenServiceDir /var/lib/tor/site5_hs/" >> /etc/tor/torrc echo "HiddenServicePort 80 127.0.0.1:80" >> /etc/tor/torrc
systemctl stop tor systemctl disable tor systemctl enable tor systemctl start tor systemctl status tor
cat /var/lib/tor/site1_hs/hostname cat /var/lib/tor/site2_hs/hostname cat /var/lib/tor/site3_hs/hostname cat /var/lib/tor/site4_hs/hostname cat /var/lib/tor/site5_hs/hostname
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion
# Install the ionCube loaders # Required for Blesta # There are no loaders for 8.0
wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz -P /usr/local/ tar xfvz /usr/local/ioncube_loaders_lin_x86-64.tar.gz -C /usr/local/ rm -rfv /usr/local/ioncube_loaders_lin_x86-64.tar.gz echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_5.6.so\n$(cat /etc/php/5.6/cgi/php.ini)" > /etc/php/5.6/cgi/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_5.6.so\n$(cat /etc/php/5.6/cli/php.ini)" > /etc/php/5.6/cli/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_5.6.so\n$(cat /etc/php/5.6/fpm/php.ini)" > /etc/php/5.6/fpm/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.0.so\n$(cat /etc/php/7.0/cgi/php.ini)" > /etc/php/7.0/cgi/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.0.so\n$(cat /etc/php/7.0/cli/php.ini)" > /etc/php/7.0/cli/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.0.so\n$(cat /etc/php/7.0/fpm/php.ini)" > /etc/php/7.0/fpm/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.1.so\n$(cat /etc/php/7.1/cgi/php.ini)" > /etc/php/7.1/cgi/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.1.so\n$(cat /etc/php/7.1/cli/php.ini)" > /etc/php/7.1/cli/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.1.so\n$(cat /etc/php/7.1/fpm/php.ini)" > /etc/php/7.1/fpm/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.2.so\n$(cat /etc/php/7.2/cgi/php.ini)" > /etc/php/7.2/cgi/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.2.so\n$(cat /etc/php/7.2/cli/php.ini)" > /etc/php/7.2/cli/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.2.so\n$(cat /etc/php/7.2/fpm/php.ini)" > /etc/php/7.2/fpm/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.3.so\n$(cat /etc/php/7.3/cgi/php.ini)" > /etc/php/7.3/cgi/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.3.so\n$(cat /etc/php/7.3/cli/php.ini)" > /etc/php/7.3/cli/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.3.so\n$(cat /etc/php/7.3/fpm/php.ini)" > /etc/php/7.3/fpm/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.4.so\n$(cat /etc/php/7.4/cgi/php.ini)" > /etc/php/7.4/cgi/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.4.so\n$(cat /etc/php/7.4/cli/php.ini)" > /etc/php/7.4/cli/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.4.so\n$(cat /etc/php/7.4/fpm/php.ini)" > /etc/php/7.4/fpm/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so\n$(cat /etc/php/8.1/cgi/php.ini)" > /etc/php/8.1/cgi/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so\n$(cat /etc/php/8.1/cli/php.ini)" > /etc/php/8.1/cli/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.1.so\n$(cat /etc/php/8.1/fpm/php.ini)" > /etc/php/8.1/fpm/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.2.so\n$(cat /etc/php/8.2/cgi/php.ini)" > /etc/php/8.2/cgi/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.2.so\n$(cat /etc/php/8.2/cli/php.ini)" > /etc/php/8.2/cli/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.2.so\n$(cat /etc/php/8.2/fpm/php.ini)" > /etc/php/8.2/fpm/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.3.so\n$(cat /etc/php/8.3/cgi/php.ini)" > /etc/php/8.3/cgi/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.3.so\n$(cat /etc/php/8.3/cli/php.ini)" > /etc/php/8.3/cli/php.ini echo -e "zend_extension = /usr/local/ioncube/ioncube_loader_lin_8.3.so\n$(cat /etc/php/8.3/fpm/php.ini)" > /etc/php/8.3/fpm/php.ini
# View or edit the php.ini file of the default version of this OS
nano /etc/php/7.4/cgi/php.ini
# Install php-mailparse and php-gmp # Required for Blesta
apt-get -y install php5.6-mailparse apt-get -y install php7.0-mailparse apt-get -y install php7.1-mailparse apt-get -y install php7.2-mailparse apt-get -y install php7.3-mailparse apt-get -y install php7.4-mailparse apt-get -y install php8.0-mailparse apt-get -y install php8.1-mailparse apt-get -y install php8.2-mailparse apt-get -y install php8.3-mailparse apt-get -y install php5.6-gmp apt-get -y install php7.0-gmp apt-get -y install php7.1-gmp apt-get -y install php7.2-gmp apt-get -y install php7.3-gmp apt-get -y install php7.4-gmp apt-get -y install php8.0-gmp apt-get -y install php8.1-gmp apt-get -y install php8.2-gmp apt-get -y install php8.3-gmp
# View the php version of the default version of this OS
php -version
PHP 7.4.33 (cli) (built: Apr 22 2024 09:38:53) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with the ionCube PHP Loader + ionCube24 v13.0.4, Copyright (c) 2002-2024, by ionCube Ltd.
with Zend OPcache v7.4.33, Copyright (c), by Zend Technologies
# Install expect and tools for networking and development # Required for Looking Glass # Required for our Softaculous custom install
apt-get -y install host mtr iputils-ping traceroute sqlite3 apt-get -y install cmake gcc apt-get -y install openssl libssl-dev apt-get -y install expect
# Install ansifilter # Must build from source for Debian 11 or lower
wget http://andre-simon.de/zip/ansifilter-2.20.tar.bz2 tar xjf ansifilter-2.20.tar.bz2 cd ~/ansifilter-2.20 make help make make install make clean cd ~ rm -rfv ~/ansifilter-2.20.tar.bz2 rm -rf ~/ansifilter-2.20
# Install Softaculous # Get rid of the wacky clear command # A reboot is required for changes to take effect
wget -N https://files.softaculous.com/install.sh chmod 755 install.sh sed --in-place '/clear/d' install.sh ./install.sh rm -rfv install.sh
YOU WILL NEED TO RESTART YOUR SERVER FOR EFFECTS TO TAKE PLACE. Please REBOOT ASAP as only then will Softaculous be available in the Panel. Congratulations, Softaculous was installed successfully Softaculous has been installed at: Path : /usr/local/softaculous Scripts Path : /var/softaculous
nano /usr/local/softaculous/php.ini
extension=mysqlnd.so extension=mysql.so extension=mysqli.so extension=curl.so extension=soap.so extension=posix.so extension=json.so extension=xml.so extension=ftp.so extension=mbstring.so extension=simplexml.so extension=zip.so
mkdir /usr/local/softaculous/conf/ touch /usr/local/softaculous/conf/custom.ini nano /usr/local/softaculous/conf/custom.ini
extension=mysqlnd.so extension=mysql.so extension=mysqli.so extension=curl.so extension=soap.so extension=posix.so extension=json.so extension=xml.so extension=ftp.so extension=mbstring.so extension=simplexml.so extension=zip.so
# Generate a YABS log # Test the root partition
curl -sL yabs.sh | bash -s -- -4 | ansifilter | tee /yabs_root_partition.log rm -rfv /root/geekbench_claim.url
YABS completed in 11 min 10 sec
# Install Looking Glass # Do install as Looking Glass shell user # Get rid of the wacky clear command
sudo -i -u $XN_CLIENT_USER$XN_SHELL_LG_USER bash << EOF echo "I am "$(whoami) pwd cd ~/web wget https://github.com/telephone/LookingGlass/archive/v1.3.0.tar.gz tar -zxvf v1.3.0.tar.gz --strip-components 1 rm -rf v1.3.0.tar.gz rm -rf CHANGELOG.txt rm -rf LICENCE.txt rm -rf README.md rm -rf standard_index.html cd ~/web/LookingGlass sed --in-place '/clear/d' ~/web/LookingGlass/configure.sh echo -e "y\n$LG_NAME\n$LG_LG\n$LG_LOCATION\n$LG_TESTIPV4\n$LG_TESTIPV6\n$LG_TESTFILES\n$LG_RATE_LIMIT\n$LG_LIMIT_RATE\n$LG_CHOOSETHEME\n$LG_THEME\n$LG_WEB_SERVER_USERNAME\n$LG_WEB_SERVER_USERGROUP\n" | bash configure.sh rm -rfv ~/web/LookingGlass/configure.sh cd ~/web wget -O index.php "https://docs.xev.net.eu.org/doku.php?do=export_code&id=auto-install&codeblock=17" cat /yabs_root_partition.log > ~/web/yabs_root_partition.log cat /yabs_root_partition.log > ~/web/yabs_root_partition_$(date +"%Y-%m-%d").log EOF rm -rfv /yabs_root_partition.log
Creating Config.php... Creating SQLite database... chown: changing ownership of '/var/www/clients/xxx/xxx/home/xxx/web/LookingGlass': Operation not permitted chown: changing ownership of 'ratelimit.db': Operation not permitted Installation is complete
# Finish install # Remove the ISPConfig setup log which may have passwords in it
echo "Don't forget to write down your passwords"
while read -r line
do
if [[ $line == *"password is"* ]]; then
echo $line
fi
done < /tmp/ispconfig-ai/var/log/setup-*
rm -rfv /tmp/ispconfig-ai/var/log/setup-*
echo "Install finished"
# Reboot
systemctl reboot