Monday, September 24, 2007

UK2 server setup

I've not long purchased another server from and installed Plesk 8.2 on it with Spam Guardian. It's interesting how I refine the install on each occasion, and this is probably as slick as it can get without being completely automated.

check the open ports on the server
login as root

Basic server setup

Once the email from UK2 has arrived with confirmation of the server, log into the server as root, change the password and upgrade all the current packages (be aware of previous kernel updates that have caused kernel-panics at boot:
nano /etc/apt/sources.list

deb etch main
deb-src etch main

deb etch/updates main contrib
deb-src etch/updates main contrib

apt-get update
apt-get upgrade
Upgrade out of date packages and setup the sudo function
apt-get install sudo
nano /etc/sudoers
Add the line %admin ALL=(ALL) ALL to the bottom of the file. Now add some real users and a group called admin; add users to the admin group if they are sudoers.
adduser username
groupadd admin
usermod -G admin username
Setup some other basic packages and admin tasks
apt-get install joe lynx
joe /etc/motd - Welcome to...
joe /etc/ssh/sshd_config - PermitRootLogin no
sudo /etc/init.d/ssh restart
Setup the hosts file (/etc/hosts)
Logout of the root account and setup passwordless login to the new server
ssh-keygen -t rsa - follow the hints (don't enter a passphrase)
ssh-copy-id -i ~/.ssh/ username@host
Log into your new account and check that you aren't prompted for a password.

change hostname (/etc/hostname)
install webmin
sudo dpkg -i webmin...
  • copy over installers
  • install plesk
  • login (admin:setup)
  • change password
  • change hostname
  • check watchdog and change email address
  • review licence
Other Plesk jobs on blog
  • munin
  • maxclients
  • imap connections
  • spamguardian
  • totalbackup
(where /usr/bin/bzip2 doesn't exist and bzip2 has been installed, it may be in /bin/bzip2 - create a symlink)

Set time servers
apt-get install ntp ntp-server ntp-simple
nano /etc/ntp.conf
add server ( and
/etc/init.d/ntp-server restart
ntpq (peer)

install the new ssl certificate or renew it through the instantssl web interface
set it as the default certificate for all IP addresses on the machine
make it the default certificate
remove the plesk ssl certificate

  • motd
  • sources.list
  • hosts
  • hostname
  • ntp.conf

No comments: