Dediabn LAMP ISPConfig Fresh Install , Not Resolving Domain Correctly

Hey hey, great tutorial, great product! I will happily pay out $25 bucks bi-annually to do my my part. I am having a little trouble getting going, so ...

I believe the problem is in my /etc/hosts file, but I could be absolutely wrong. I will first briefly describe 2 errors that I made while following the tutorial, just in case they are significant:

Firstly, I followed this tutorial from "The Perfect Server Series"
https://www.howtoforge.com/perfect-...onfig-3-1/#-install-apache-web-server-and-php

Everything went as expected, except I neglected to up the A records with my registrar, prior to server installation (I know, "rookie". ). However, after I completed the tutorial, I created 3 A records for the domain
www - public ip
@ - public ip
server1 - public ip

Then, I followed these instructions to re-install SSL certificate.
https://www.faqforge.com/linux/how-to-renew-the-ispconfig-3-ssl-certificate/

Specifically:
cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xvfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install
php -q update.php

The second error, that I made was not opening all the necessary ports in my hosting companies default firewall prior to installation. After, a bit of searching I found this list of ports:
https://www.faqforge.com/linux/whic...g-3-server-and-shall-be-open-in-the-firewall/

QUICK TIP:
From a very, very "fresh pair of eyes" perspective in your tutorials first section "1 Preliminary Note" , you guys really, really should mention properly setting up the A records for the server installation and at least the minimum firewall ports necessary to be opened for ISPConfig to work. Also, a link to postix alternate configurations for servers whose port 25 have been blocked by providers woud be helpful (which will be my next question, once I get the domains to resolve correctly). I am on an alibaba vps server, with port 25 blocked, like many others.

Now, my actual problem:

From reading section 1 "Preliminary Note", I perhaps incorrectly assumed that your IP address "192.168.0.100" correlated, with the "internal ip" , rather than the "public ip" of my vps server, so I set up my /etc/hosts file in the following manner:

# cat /etc/hosts
127.0.0.1 localhost
XXX.XX.XX.XXX (private IP) server1.someotherdomain.com server1 <--- should this be public IP instead?
XXX.XX.XX.XXX (dynamically created by alibaba) iZj6c30dygwd70c0nb4rd6Z iZj6c30dygwd70c0nb4rd6Z
XXX.XX.XX.XXX (dynamically created by alibaba) iZbp12wkrm0rubq1pf189vZ iZbp12wkrm0rubq1pf189vZ

# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

EOF


What I can currently see:

http(s)://server1.someotherdomain.com/ both fail to resolve
http(s)://server1.someotherdomain.com:8080 both fail to resolve
http(s)://www.someotherdomain.com both fail to resolve

With regards to DNS settings:

Alibaba DNS, offfers to glue dns settings. So I have a DNS Host via alibaba and created
ns1.someotherdomain.com
ns2.someotherdomain.com

and my domain name points at these nameservers.

If my above mistakes "broke" something significantly just let me, and I will reset and start over with the correct A records set. If there is a quick fix, very much appreciate it.

thx

 

And yes... I am actually reading the manual now

 

I prefer to stay as anonymous as possible in a public forum. default habit.. Is it necessary?

From original post. I did not configure the Bind Nameservers yet... Do you have a link I can use for reference or should I dive into the manual?

I changed the /etc/hosts and restarted the server. but, no luck.

 

Also, is there a 3.2 version of manual coming out as well?

 

the nameserver addresses that I am currently using are coming from my hosting company's nameserver, they offer a "glue dns" service that allows me to make a nameserver on their service that reflects my company's name.

I will pm you shortly.

 

Gotcha.. you are champ. Thanks. Time to have a chat with alibaba.

 

My signature has link to DNS tutorial, it has info on how to troubleshoot name service problems.

 

Ok.. figured out the DNS problems and can actually access ispconfig homepage now. Yay!

A couple more "noob" questions.

In step 13 "13 Install PureFTPd and Quota" of the tutorial, I installed a SSL certificate. This was, of course, before I fixed the DNS problem / created A records. Do I need to reinstall the certificate? Or is this a non-issue?

Upon visiting the https://server1.someotherdomain.com:8080 I, of course, got the firefox self-signed certificate warning. I am accustom to this on my local machine when developing websites. However, in the future, when I am actually hosting clients, this would be undesirable. I assume that I will need to install a different SSL certificate later, correct?

Thanks.. that is literally my next task.

 

Does the certificate work? If it works, why reinstall? If it does not work, when DNS works properly the certificate creation should work and you get a good certificate and browsers stop complaining. Use

Code:

ispconfig_update.sh --force

If LE certificate can not be created, follow https://www.howtoforge.com/community/threads/please-read-before-posting.58408/

 

I executed the above command and reinstalled the certificate. But the browser is still complaining (tested with chrome this time).

https://i.imgur.com/HBzqdg6.png

 

Exactly what is it complaining?
Did LE certificate get created successfully?

 

Screenshot
https://i.imgur.com/HBzqdg6.png
yes created successfully

 

Sorry.... wasn't reading close enough when I re-installed...
Turns out it failed...
screenshot
https://i.imgur.com/rcctOxU.png

 

Running test script now

 

Here's the report

Code:

# cat htf_report.txt | more

##### SERVER #####
IP-address (as per hostname): ***.***.***.***
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Debian GNU/Linux 10 (buster)
 
[INFO] uptime:  15:03:22 up 18:45,  1 user,  load average: 0.06, 0.16, 0.16
 
[INFO] memory:
              total        used        free      shared  buff/cache   available
Mem:          3.9Gi       1.6Gi       850Mi        10Mi       1.4Gi       2.0Gi
Swap:            0B          0B          0B
 
[INFO] systemd failed services status:
  UNIT            LOAD   ACTIVE SUB    DESCRIPTION                   
● dovecot.service loaded failed failed Dovecot IMAP/POP3 email server

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.

1 loaded units listed. Pass --all to see loaded but inactive units, too.
To show all installed unit files use 'systemctl list-unit-files'.

[INFO] ISPConfig is installed.

##### ISPCONFIG #####
ISPConfig version is 3.2.4


##### VERSION CHECK #####

[INFO] php (cli) version is 7.3.27-1~deb10u1

##### PORT CHECK #####

[WARN] Port 143 (IMAP server) seems NOT to be listening
[WARN] Port 993 (IMAP server SSL) seems NOT to be listening
[WARN] Port 110 (POP3 server) seems NOT to be listening
[WARN] Port 995 (POP3 server SSL) seems NOT to be listening
[WARN] Port 22 (SSH server) seems NOT to be listening

##### MAIL SERVER CHECK #####


##### RUNNING SERVER PROCESSES #####

[INFO] I found the following web server(s):
    Apache 2 (PID 11202)
[INFO] I found the following mail server(s):
    Postfix (PID 11113)
[WARN] I could not determine which pop3 server is running.
[WARN] I could not determine which imap server is running.
[INFO] I found the following ftp server(s):
    PureFTP (PID 11271)

##### LISTENING PORTS #####
(only        ()
Local        (Address)
[anywhere]:465        (11113/master)
***.***.***.***:53        (11280/named)
[localhost]:53        (11280/named)
[anywhere]:21        (11271/pure-ftpd)
[anywhere]:470        (709/sshd)
[localhost]:953        (11280/named)
[anywhere]:25        (11113/master)
[localhost]:10023        (1010/postgrey)
[localhost]:10024        (11151/amavisd-new)
[localhost]:10025        (11113/master)
[localhost]:10026        (11151/amavisd-new)
[localhost]:10027        (11113/master)
[anywhere]:587        (11113/master)
[localhost]:11211        (619/memcached)
*:*:*:*::*:8081        (11202/apache2)
*:*:*:*::*:465        (11113/master)
*:*:*:*::*:53        (11280/named)
*:*:*:*::*:21        (11271/pure-ftpd)
*:*:*:*::*:953        (11280/named)
*:*:*:*::*:25        (11113/master)
*:*:*:*::*:443        (11202/apache2)
*:*:*:*::*:10023        (1010/postgrey)
*:*:*:*::*:10024        (11151/amavisd-new)
*:*:*:*::*:10026        (11151/amavisd-new)
*:*:*:*::*:3306        (10822/mysqld)
*:*:*:*::*:587        (11113/master)
*:*:*:*::*:8080        (11202/apache2)
*:*:*:*::*:80        (11202/apache2)




##### IPTABLES #####
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination    

 

https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/

No such log...

Code:

root@server1:~# cat /root/.acme.sh/acme.sh.log
cat: /root/.acme.sh/acme.sh.log: No such file or directory
root@server1:~# cd /root/.acme.sh/
root@server1:~/.acme.sh# ls
account.conf  acme.sh  acme.sh.env  ca    deploy    dnsapi    http.header  notify  server1.someotherdomain.com

 

I read the LE FAQ.

None of common reasons for failure applied to me. Yes, I trieded the check "Skip Let's Encrypt check" solution and that didn't work. So I put ISPConfig into debug mode, ran the update script to generate a new SSL certificate.

I also ran:

Code:

/usr/local/ispconfig/server/server.sh

Here's the output: (Says network "Network configuration disabled in server settings.") Other than that my novice eyes didn't see anything.

Code:

root@server1:~/.acme.sh# /usr/local/ispconfig/server/server.sh
08.04.2021-16:36 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'.
08.04.2021-16:36 - DEBUG - Found 4 changes, starting update process.
08.04.2021-16:36 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Network configuration disabled in server settings.
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Calling function 'server_update' from plugin 'rspamd_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'server_services_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Calling function 'server_update' from plugin 'webserver_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Processed datalog_id 8
08.04.2021-16:36 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Network configuration disabled in server settings.
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Calling function 'server_update' from plugin 'rspamd_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'server_services_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Calling function 'server_update' from plugin 'webserver_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Processed datalog_id 9
08.04.2021-16:36 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Network configuration disabled in server settings.
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Calling function 'server_update' from plugin 'rspamd_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'server_services_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Calling function 'server_update' from plugin 'webserver_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Processed datalog_id 10
08.04.2021-16:36 - DEBUG - Calling function 'server_ip' from plugin 'apache2_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Writing the conf file: /etc/apache2/sites-available/ispconfig.conf
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'apps_vhost_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'apache2ctl' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'network_settings_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Network configuration disabled in server settings.
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'postfix_server_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - safe_exec cmd: which 'dovecot' 2> /dev/null - return code: 0
08.04.2021-16:36 - DEBUG - Calling function 'server_update' from plugin 'rspamd_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Calling function 'update' from plugin 'server_services_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Calling function 'server_update' from plugin 'webserver_plugin' raised by event 'server_update'.
08.04.2021-16:36 - DEBUG - Processed datalog_id 11
08.04.2021-16:36 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
08.04.2021-16:36 - DEBUG - Restarting httpd: systemctl restart apache2.service
08.04.2021-16:36 - DEBUG - Calling function 'restartPostfix' from module 'mail_module'.
08.04.2021-16:36 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
finished server.php.