Hello All, I am a newbie with ISP config - if you can answer a few questions please... I already own a server that has been running for over 2 years on Fedora and Plesk, but Plesk's new licensing scheme is rubbish. I want to install a new server and I identified ISP Config as the most advanced Server Management Panel for my needs. Server Hardware: AMD Quad, 4 GB RAM, 2x 320GB hot swap HDDs on Raid 1 I plan to install Cent OS 5 (because of the long support cycles) and a classic LAMP. Question 1: should I go with ISP Config 2 or 3 ? Question 2: I planned the following partitioning, is that ok for CentOS 5 / ISP Config: 100 MB boot 5 GB root 1 GB /tmp 100 GB /home 15 GB /usr 30 GB /var the rest on /opt Question 3: are there other things, or stumbling blocks I should consider before proceeding with CentOS/ISPConfig? Thank you for your help.
Q1: http://howtoforge.com/forums/showthread.php?t=31925 Q3: Consider using Debian as ISPConfig is best optimized for Debian and its derivates as Ubuntu (8.04 LTS is personal recommendation)
Many thanks for the link and your observation about Debian, Mr. X I had 2 reasons to prefer CentOS over Debian. 1- The first reason are the support cycles. CentOS guarantees a minimum of 5 years between the release and EOL, while for Debian this can vary. Sarge for example, lasted less than 3 years, which is definitely too short for my taste. But then, I don't know how easy it is to upgrade Debian? What did it take to migrate from Sarge to Etch or from Woody to Etch? Or from Etch to Lenny? My server is in a datacenter, so I would like to avoid having to put CDs in the tray and stuff like that. The migration should also be fairly quick and easy so that I can avoid interrupting the service for too long. In any situation, the easiest is still not to be forced to migrate. 2- Availability of help Sometimes I see myself confronted with rare errors I never have seen before, or I need to achieve something on the server which I have never done before. In those cases, an internet search usually helps, and if I am lucky, the needed commands are also described. I had a Debian installation before, and must say only about half of those internet hints really work on Debian. Most of them are written for RHEL, and since CentOS has the same structure as RHEL, all this help fpr RHEL can be used directly on CentOS too. The same is true for Fedora, I had a Fedora installation for testing, and it was quite nice to be able to use all that massive knowledge that's available. When I had Debian, I often had the error "command not found" "file not found" etc. because it is quite different from RHEL. Finding an equivalent on Debian can be quite frustrating, because there simply is less material available on the internet. Then the userbase of Debian can be a little snotty at times. Especially a large group of german server admins whose opinion is "if you don't know how to do it, you are not worthy". They like "things done right by the right people" and will not always help you (even I am a native german speaker). The culture is quite different from the english community which tries to get things done. But that's why the german debianites are better at security. So... it is apparent I *would like* to stick with CentOS, but then I have no idea what kind of trouble I will be in because of doing so? On the box of ISPConfig it says CentOS 5 is supported. Could you please explain what kind of problems I could have by going the CentOS route?
http://www.howtoforge.com/how-to-upgrade-a-debian-etch-system-server-and-desktop-to-debian-lenny In my experience it's exactly the opposite - most documents seem to be written for Debian and its derivatives. I know what you mean, but I don't think that has anything to do with Debian. Just ignore stupid comments or use forums that try help everyone with respect and in a friendly manner. Normally there shouldn't be any problems, but we're testing mainly on Debian, so it's possible that if we change code or add new features, the changes don't work as expected on CentOS.
damn you! LOL now I am all undecisive... it is funny that your opinion on availability of help is exactly opposite to mine! hm. last time I looked was 3 years ago, I must admit. the debian upgrade looked easy enough. -> do you know where I can find a roadmap for the debian project? I looked on their site, but didn't find anything. I guess that since I plan to use ISPconfig, I should use Debian too. I'll head to the bookstore and buy one of those heavy Debian bibles. I just ordered the server hardware. It will be here next monday at latest. about ISPConfig 2 vs. ISPConfig 3: I think I understood the current differences between the two. I think I'll go with ver. 3, since ISPConfig 3 will be developed further and receive new features. BTW, does the partitioning in my first post look good? Thank you very much for your help. Be ready for more stupid questions as I advance in my project
Re: partitioning. As all sizes are way bigger than needed (ISPconfig uses hardly anything), do what you need for other purposes. My reality has changed from sizing a lot of fine-grained partitions exactly to (about): 1 large partition for /, including usr, opt, hopefully boot and possibly also tmp (depending on use). 1 large(r) partition for /home, depending on use for the box. 1 partition for /var, depending on needs, but almost always seems to small.. ;-) Perhaps a partition for /var/www. No more, it's not worth the hassle IMHO, although LVM and ZFS are changing this (again). BTW: it's a fun thing to mount /home, perhaps /var/www, but especially /tmp noexec.. a lot of scripts and updates stop working, but it makes your system a whole lot more resilient to cr/hackers. Paul
ok, thanks for the info! I got some connecting questions though: - what are standard locations for logs and mail queues on ISPConfig & Debian ? I got some high traffic sites on which I need to keep an eye on some things. Yes, for security, my current install has /tmp mounted with noexec nosuid. but not /home! why would I do that, I want my scripts to work. PHP-upload function points to /tmp Uploads are all only pics, so what I do is resize them by 1% before moving them to another directory. Have you already seen a resized rootkit? it is not pretty! LOL I also do have mod_security active, which does a good job in adding a security layer, mainly against SQL injections.
Both versions are developed independently and will receive patches in the future as far as I understand what developers are declaring. Basically: ISPConfig 3 is more suited for servers with many virtual web sites while ISPConfig 2 is good for server that will host no more than 10 web sites.
The server's still not here. I checked Amazon for current Debian books in english focused on webservers. Disturbingly, I found none. So I ordered a german book that is advertised as being up to date for Etch and Sarge: "Linux-Server mit Debian GNU/Linux" by Eric Amberg Looks good - waiting on the server to see how it will prove itself. P.S. as soon as the server is here, I'll go ahead with http://www.howtoforge.com/perfect-server-debian-lenny-ispconfig3
Don’t know why you ordered a book but if that works for you then it’s ok. Personally I found solutions for all my problems on this forum. I have 2 tips for you if you never installed linux server or linux before: 1. Take extra care when typing commands. If you can it the best to use SSH console and install everything remotely because you can copy/paste commands. I’ve lost few days on finding an error that was just one letter in one configuration file. http://www.howtoforge.com/forums/showthread.php?t=27780 2. Right everything that you’ve done: passwords and usernames, answers to all questions so you know what have you done and where to look for errors. The best thing is to print out whole how-to so you can write down settings where you made them.
I ordered the book because only following internet advice causes "tunnel vision". I then only know what's in the howtos but I ignore everything else. A (good) book makes sure I get a good overview of all relevant topics. Thanks for your advice. #1 is a sure thing #2 good idea!
Actually you are right about knowledge that you will get following internet how-to’s but that again “if it’s not broken, don’t fix it” rule means that if you managed to setup your server in a way that satisfies all your needs than you don’t need to know much more than that. If problem occurs you will find a solution much faster on internet then in a book. But then again, if you plan to become an advanced administrator book is the best way there is.
