Perfect server to automate ISPConfig 3 installation on Debian 10 and Ubuntu 20.04
This tutorial will guide you to install your own ISPConfig 3 single server settings using the ISPConfig automatic installation program. The installer follows the old Perfect Server guidelines, but is more modular and easy to follow. If you want to set up a multi-server setup with a dedicated server for each service, please refer to the “Perfect Multiserver” guide.
1. Log in to the server
Log in or run as root
Become the root user on the server before continuing. importantNote: You must use’su-‘ instead of’su’, otherwise Debian will set your PATH variable to an error.
2. Configure the host name and host
The hostname of the server should be a subdomain, such as “server1.example.com”. Do not use a domain name without a subdomain part (such as “example.com”) as the hostname, as this will cause problems in future settings. First, you should check the hostname in /etc/hosts and change it if necessary. The line should read: “IP address-space-full hostname, including domain-space-subdomain part”. For our hostname server1.example.com, the file should look like this (some lines may be different, each hosting provider may be different):
127.0.0.1 localhost.localdomain localhost# This line should be changed to the correct servername:127.0.1.1 server1.example.com server1 # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters
Then edit the /etc/hostname file:
In our case, it should only contain the subdomain part:
Finally, reboot the server to apply the changes:
Log in again and use the following command to check if the hostname is now correct:
The output should look like this:
[email protected]:~$ hostnameserver1[email protected]:~$ hostname -fserver1.example.com
You must also establish a DNS record pointing to your server with your DNS provider. The subdomain should have an A (and/or AAAA) record pointing to your public IP.
3. Run the automatic installer
Now, we can run the automatic installer. The basic setup includes the following packages (and of course their dependencies): Apache2, PHP (version 5.6-8.0), MariaDB, Postfix, Dovecot, Rspamd, BIND, Jailkit, Roundcube, PHPMyAdmin, Mailman, Webalizer, AWStats and GoAccess. You can easily choose not to use certain features or install other services by passing parameters to the installer. You can use the following command to view all parameters:
wget -O - https://get.ispconfig.org | sh -s -- --help
Now you can run the script with parameters. For example, if you want to use passive FTP + unattended upgrade port range for regular installation, run:
wget -O - https://get.ispconfig.org | sh -s --
After a while, you will see:
WARNING! This script will reconfigure your complete server!It should be run on a freshly installed server and all current configuration that you have done will most likely be lost!Type 'yes' if you really want to continue:
Answer “yes” and press Enter. Now, the installer will start.
After the installation program is completed, the ISPConfig administrator and MySQL root password will be displayed, as shown below:
[INFO] Your ISPConfig admin password is: 5GvfSSSYsdfdYC[INFO] Your MySQL root password is: kkAkft82d!kafMwqxdtYs
Make sure to write down this information for future use.
4. Set up the firewall
The last thing to do is to set up our firewall.
Log in to the ISPConfig UI, and then go to “System” -> “Firewall”. Then click “Add New Firewall Record”.
For general settings, it looks like this:
The necessary ports for each service are:
Network: 20, 21, 22, 80, 443 and 40110: 40210 (all TCP, no UDP)
Mail: 110, 143, 465, 587, 993 and 995 (all TCP, no UDP)
DNS: 53 (TCP and UDP)
Panel: 8080 and 8081 (all TCP, no UDP)
Your server is now set up and ready to use.You can log in https://server1.example.com:8080
5. Advanced options
The automatic installer has various command line options to fine-tune the settings. For example, you can choose between Apache and Nginx web servers and which services to install on the system. The command line parameters are:
Usage: ispc3-ai.sh  [...] This script automatically installs all needed packages for an ISPConfig 3 setup using the guidelines from the "Perfect Server Setup" howtos on www.howtoforge.com. Possible arguments are: --help Show this help page --debug Enable verbose logging (logs each command with the exit code) --channel Choose the channel to use for ISPConfig. --channel=<stable|dev> "stable" is the latest ISPConfig release available on www.ispconfig.org "dev" is the latest stable-branch from the ISPConfig git repository: https://git.ispconfig.org/ispconfig/ispconfig3/tree/stable-3.1 -> The dev channel might contain bugs and less-tested features and should only be used in production by very experienced users. --lang Use language for ISPConfig installation. Specify with --lang=en|de (only en (English) and de (German) supported currently). --interactive Don't install ISPConfig in non-interactive mode. This is needed if you want to use expert mode, e. g. to install a slave server that shall be integrated into an existing multiserver setup. --use-nginx Use nginx webserver instead of apache2 --use-amavis Use amavis instead of rspamd for mail filtering --use-unbound Use unbound instead of bind9 for local resolving. Only allowed if --no-dns is set. --use-php Use specific PHP versions, comma separated, instead of installing multiple PHP, e.g. --use-php=7.4,8.0 (5.6, 7.0, 7.1, 7.2, 7.3, 7.4 and 8.0 available). --use-php=system disables the sury repository and just installs the system's default PHP version. ommiting the argument (use all versions) --use-ftp-ports This option sets the passive port range for pure-ftpd. You have to specify the port range separated by hyphen, e. g. --use-ftp-ports=40110-40210. If not provided the passive port range will not be configured. --use-certbot Use Certbot instead of acme.sh for issuing Let's Encrypt certificates. Not adviced unless you are migrating from a old server that uses Certbot. --no-web Do not use ISPConfig on this server to manage webserver setting and don't install nginx/apache or pureftpd. This will also prevent installing an ISPConfig UI and implies --no-roundcube as well as --no-pma --no-mail Do not use ISPConfig on this server to manage mailserver settings. This will install postfix for sending system mails, but not dovecot and not configure any settings for ISPConfig mail. It implies --no-mailman. --no-dns Do not use ISPConfig on this server to manage DNS entries. Bind will be installed for local DNS caching / resolving only. --no-local-dns Do not install local DNS caching / resolving via bind. --no-firewall Do not install ufw and tell ISPConfig to not manage firewall settings on this server. --no-roundcube Do not install roundcube webmail. --roundcube Install Roundcube even when --no-mail is used. Manual configuration of Roundcube config is needed. --no-pma Do not install PHPMyAdmin on this server. --no-mailman Do not install Mailman mailing list manager. --no-quota Disable file system quota --no-ntp Disable NTP setup --unattended-upgrades Install UnattendedUpgrades. You can add extra arguments for automatic cleanup and automatic reboots when necessary with --unattended-upgrades=autoclean,reboot (or only one of them). --i-know-what-i-am-doing Prevent the autoinstaller to ask for confirmation before continuing to reconfigure the server.
For example, to install an installer such as “Perfect Server” using Nginx instead of Apache, use the following command:
wget -O - https://get.ispconfig.org | sh -s -- --use-nginx
Or install Nginx web server without email and DNS services:
wget -O - https://get.ispconfig.org | sh -s -- --use-nginx --no-dns --no-mail
Your setup is now complete!
You can support ISPConfig by purchasing our manual: https://www.ispconfig.org/documentation/
The following links are some useful tutorials/pointers for further setup:
- Setup mail (rDNS, SPF, DKIM): https://www.howtoforge.com/how-to-install-an-email-server-with-ispconfig-on-debian-10/
- Adjust Roundcube: https://www.howtoforge.com/community/threads/tweaking-the-roundcube-settings.86387/
- Set up automatic configuration (automatic configuration of your email client): https://schaal-it.com/ispconfig-automail/
- Improve the security of PHPMyAdmin and rspamd interface: https://www.howtoforge.com/community/threads/improving-the-security-of-phpmyadmin-and-rspamd-ui.86544/
- Code repository and issue tracker for ISPConfig automatic installer: https://git.ispconfig.org/thom/ispconfig-autoinstaller
If you have any questions, please ask on the forum.