Perfect Server Automated ISPConfig 3 Installation on Ubuntu 20.04

Discussion in 'Installation/Configuration' started by Tastiger, May 5, 2021.

  1. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Just reporting same warning on clean install on Ubuntu 20.04.4 (install on two separate vm's). For the time being, I choose to ignore the warning as I assume this only happen in Ubuntu 20.04 but I will investigate later when I am freer. I need to get some tests done just before the fasting month started after today's sunset.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    And what is the warning message?
     
  3. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    It is exactly the same as quoted in the opening post.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    And which exact command line options did you use for the installer?
     
  5. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Code:
    wget -O - https://get.ispconfig.org | sh -s -- --use-nginx --no-dns --no-mail --use-ftp-ports=40110-40210 --unattended-upgrades
     
  6. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    I have done some investigations as promised but I couldn't find fault with the server installation so I guess something changed while installing ISPConfig using the auto installer. The relevant code:
    Code:
                ISPConfigLog::info('Checking local dns resolver.', true);
                $cmd = 'nslookup denic.de | grep Server';
                $result = $this->exec($cmd);
                if($result === false) {
                    throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
                } elseif(strpos($result, '127.0.0.1') === false) {
                    ISPConfigLog::warn('Unexpected resolver response: ' . $result, true);
                }
    
    So the test I have done is run this "nslookup denic.de | grep Server" command before ISPConfig installation using the auto installer and the result is: "
    Unfortunately, during the installation, the warning appears and running the same command again after the installation shows:
    It seems that ISPConfig auto installer was the one actually creating and inserting that in /etc/resolvconf/resolv.conf.d/head which is just above the earlier mentioned code:
    Code:
            if(ISPConfig::shallInstall('local-dns')) {
                if(!is_dir('/etc/resolvconf/resolv.conf.d')) {
                    mkdir('/etc/resolvconf/resolv.conf.d', 0755);
                }
                $this->addLines('/etc/resolvconf/resolv.conf.d/head', 'nameserver 127.0.0.1', false);
                $cmd = 'resolvconf -u 2>&1';
                $result = $this->exec($cmd);
                if($result === false) {
                    throw new ISPConfigOSException('Command ' . $cmd . ' failed.');
                }
    
    A line containing "nameserver 127.0.0.1" was also added in /etc/resolv.conf file:
    Code:
    nameserver 127.0.0.1
    nameserver 127.0.0.53
    options edns0 trust-ad
    
    So what was actually intended by the above creation and insertion and by the check and its warning after that? This was never required in the Perfect Server Tutorials that I have manually followed before.
     
    Last edited: Apr 5, 2022
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    I guess we just have to change the line:
    Code:
    } elseif(strpos($result, '127.0.0.1') === false) {
    to:
    Code:
    } elseif(strpos($result, '127.0.0.1') === false && strpos($result, '127.0.0.53') === false) {
    as both IPs mean that the local resolver is used as far as I know.
     
  8. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Noted that that may resolve the issue.

    It seems like the purpose is to create local dns resolver, but I only thought that is the case when there is bind installed, not otherwise.So, is bind needed / preferred to be installed or not in order to use this effectively?

    In any event I read that the "changes" may be suitable to Ubuntu 16.04, but they may not be suitable or complete to Ubuntu 18.04 and above; and that the changes should be in /etc/systemd/resolved.conf by adding "DNS=127.0.0.1" in the [Resolve] section and restart systemd-resolved to set the global DNS server for Ubuntu 18.04 and above.

    Or if one wishes to configure per-link DNS server then one should do it at network level by adding "DNS=127.0.0.1" to the network file (for those who is stil using it) or netplan by adding "127.0.0.1" on top of its nameserver address list and apply them.

    In any event, do we need this in ISPConfig server like is it mandatory / required or just highly recommended?
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    You installed BIND, please see the description of command-line options of the installer. The option "--no-dns", that you have chosen, configures your system with BIND as local resolver but not to use BIND as DNS server in ISPConfig.

    See:

    So everything is fine, the only thing that needs to be changed is the code line I mentioned as it does not detect the local resolver correctly. There might be other ways to configure resolving besides editing the resolver configuration but using a resolv.conf include is working fine, so we should keep that.
     
  10. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    So with --no-dns BIND is installed but only as local resolver, so one have to choose --no-local-dns if does not want it to be installed. I will stay with BIND as local resolver then.

    I leave how to add that 127.0.0.1 to the developer preference as I do not have a good comprehension about it yet. So long it is working good, there should be no problem with me either.
     
  11. Mark Rhyne

    Mark Rhyne New Member

    Howdy. I have many issues. (Some not related to computers :)

    Sorry to butt in on this but it seems likely that I'm suffering from Ubuntu 20.04.5 LTS being a problem at this date. I fully suspect that DNS resolution is a problem.

    su – {In Ubuntu gives:}
    Password:
    su: Authentication failure
    (I used sudo -s)

    Differences in instructions in -- /etc/hosts

    howtoforge.com/tutorial/ubuntu-20.04-focal-fossa-server/

    127.0.0.1 localhost
    192.168.0.100 server1.example.com server1

    howtoforge.com/ispconfig-autoinstall-debian-ubuntu/

    127.0.0.1 localhost.localdomain localhost
    # This line should be changed to the correct servername:
    127.0.1.1 server1.example.com server1

    forum.howtoforge.com/threads/lets-encrypt-ssl-certificate-not-installing-inside-ispconfig-during-installation-dns-server-issue.86547/

    #16 which seems to suggest the public IP.

    Install using - wget -O - h ttp s://get.ispconfig.org | sh -s -- --use-nginx –no-dns

    gives : [WARN] Unexpected resolver response: Server: 127.0.0.53 (/lib/os/class.ISPConfigDebianOS.inc.php:869)

    but makes the following error disappear when just using : wget -O - h ttp s://get.ispconfig.org | sh -s

    Server's public ip(s) (***.***.***.***) not found in A/AAAA records for server.example.com: 127.0.1.1

    Getting through the install either way gets everything looking like its working (Lets encrypt,website,ssh) but Email cant be sent or received externally. (Opening email and can send between the same domain)
    Note ahrasis did not install email option.


    I recently ran the update script on a working 4yo Ubuntu 20.04.5 server and emails except internal ones also stopped working. Forcing me to open a Gmail. So I know the DNS records were correct.

    Something may be dreadfully wrong with Ubuntu 20.04.5 LTS auto and manual install (I tried).

    I do hope you could kindly try a clean installation following your own instructions yourself to see the problem. If I have wasted any of your time I am sorry.
     
  12. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Sorry but I am not sure our problems are related as your main problems seems to be your email system, plus your update using update script caused you some problem to your internal mailing.

    May be wait for the developers or any expert mail users to respond since I only use relay for my emails.
     
  13. Mark Rhyne

    Mark Rhyne New Member

    Actually it looks like I might have solved it..
    Problem 1. The two tutorials are slightly inconsistent leading me tho edit /etc/hosts with
    # This line should be changed to the correct servername:
    127.0.1.1 server1.example.com server1
    This should say # This line should be changed to the correct server name and Lan IP address (for consistency it should be not 127 but 192 etc like in the minimal install. Yes my mistake....but I'm not too smart and was mislead thinking 127.0.1.1 was important internal thingo.)

    And for years I have had an A record as just server1 with no problems....
    Editing the DNS A record to server1.example.com
    So something changed in an update here there or anywhere..

    I'm hoping to make the changes to the 4yo server and see if email comes to life (Just the A record for this one as the Lan Ip is right)

    Thank you, while I haven't thoroughly tested yet it looks good. I changed to debian 10 BTW

    Mark {And yes this thread actually helped.}
     
    ahrasis likes this.
  14. till

    till Super Moderator Staff Member ISPConfig Developer

    I just did a test install on Ubuntu 20.04 using your command:

    wget -O - https://get.ispconfig.org | sh -s -- --use-nginx --no-dns

    and the installation went fine. Here is the install output:

    Code:
    root@server1:/# cat /etc/os-release
    NAME="Ubuntu"
    VERSION="20.04.5 LTS (Focal Fossa)"
    ID=ubuntu
    ID_LIKE=debian
    PRETTY_NAME="Ubuntu 20.04.5 LTS"
    VERSION_ID="20.04"
    HOME_URL="https://www.ubuntu.com/"
    SUPPORT_URL="https://help.ubuntu.com/"
    BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
    PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
    VERSION_CODENAME=focal
    UBUNTU_CODENAME=focal
    root@server1:/# wget -O - https://get.ispconfig.org | sh -s -- --use-nginx --no-dns
    --2022-09-07 06:43:58--  https://get.ispconfig.org/
    Resolving get.ispconfig.org (get.ispconfig.org)... 2606:4700:20::ac43:4b70, 2606:4700:20::681a:af6, 2606:4700:20::681a:bf6, ...
    Connecting to get.ispconfig.org (get.ispconfig.org)|2606:4700:20::ac43:4b70|:443... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 2003 (2.0K) [application/octet-stream]
    Saving to: ‘STDOUT’
    
    -                                               100%[====================================================================================================>]   1.96K  --.-KB/s    in 0s
    
    2022-09-07 06:43:58 (17.6 MB/s) - written to stdout [2003/2003]
    
    PHP cli missing, trying to install.
    Selecting previously unselected package php-common.
    (Reading database ... 110504 files and directories currently installed.)
    [..... snip ....]
    Processing triggers for php7.4-cli (7.4.3-4ubuntu2.13) ...
    WARNING! This script will reconfigure your complete server!
    It should be run on a freshly installed server and all current configuration that you have done will most likely be lost!
    Type 'yes' if you really want to continue: yes
    [INFO] Starting perfect server setup for Ubuntu 20.04.5 LTS
    [INFO] Checking hostname.
    [INFO] Configuring apt repositories.
    [INFO] Updating packages
    [INFO] Updated packages
    [INFO] Installing packages ssh, openssh-server, nano, vim-nox, lsb-release, apt-transport-https, ca-certificates, wget, git, gnupg, software-properties-common, curl, ntp
    [INFO] Installed packages ssh, openssh-server, nano, vim-nox, lsb-release, apt-transport-https, ca-certificates, wget, git, gnupg, software-properties-common, curl, ntp
    [INFO] Activating rspamd repository.
    [INFO] Activating sury php repository.
    [INFO] Activating GoAccess repository.
    [INFO] Updating packages (after enabling 3rd party repos).
    [INFO] Updated packages
    [INFO] Default shell is currently dash.
    [INFO] Setting bash as default shell.
    [INFO] Default shell is now bash.
    [INFO] Installing packages dbconfig-common, postfix, postfix-mysql, postfix-doc, mariadb-client, mariadb-server, openssl, getmail4, rkhunter, binutils, sudo
    [INFO] Installed packages dbconfig-common, postfix, postfix-mysql, postfix-doc, mariadb-client, mariadb-server, openssl, getmail4, rkhunter, binutils, sudo
    [INFO] Installing packages dovecot-imapd, dovecot-pop3d, dovecot-mysql, dovecot-sieve, dovecot-managesieved, dovecot-lmtpd
    [INFO] Installed packages dovecot-imapd, dovecot-pop3d, dovecot-mysql, dovecot-sieve, dovecot-managesieved, dovecot-lmtpd
    [INFO] Generating mySQL password.
    [INFO] Writing MySQL config files.
    [INFO] Configuring postfix.
    [INFO] Restarting postfix
    [INFO] Installing packages software-properties-common, dnsutils, resolvconf, clamav, clamav-daemon, clamav-docs, zip, unzip, bzip2, xz-utils, lzip, rar, arj, nomarch, lzop, cabextract, apt-listchanges, libnet-ldap-perl, libauthen-sasl-perl, daemon, libio-string-perl, libio-socket-ssl-perl, libnet-ident-perl, libnet-dns-perl, libdbd-mysql-perl, bind9, rspamd, redis-server, postgrey, p7zip, p7zip-full, unrar-free, lrzip
    [INFO] Installed packages software-properties-common, dnsutils, resolvconf, clamav, clamav-daemon, clamav-docs, zip, unzip, bzip2, xz-utils, lzip, rar, arj, nomarch, lzop, cabextract, apt-listchanges, libnet-ldap-perl, libauthen-sasl-perl, daemon, libio-string-perl, libio-socket-ssl-perl, libnet-ident-perl, libnet-dns-perl, libdbd-mysql-perl, bind9, rspamd, redis-server, postgrey, p7zip, p7zip-full, unrar-free, lrzip
    [INFO] Stopping Rspamd.
    [INFO] (Re)starting Bind.
    [INFO] Disabling spamassassin daemon.
    ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
    ERROR: initialize: libfreshclam init failed.
    ERROR: Initialization error!
    [INFO] Checking local dns resolver.
    [INFO] Installing packages nginx-full, fcgiwrap
    [INFO] Installed packages nginx-full, fcgiwrap
    Failed to disable unit: Unit file apache2.service does not exist.
    [INFO] Installing packages php-pear, php-memcache, php-imagick, mcrypt, imagemagick, libruby, memcached, php-apcu, jailkit, php5.6, php5.6-common, php5.6-gd, php5.6-mysql, php5.6-imap, php5.6-cli, php5.6-mcrypt, php5.6-curl, php5.6-intl, php5.6-pspell, php5.6-recode, php5.6-sqlite3, php5.6-tidy, php5.6-xmlrpc, php5.6-xsl, php5.6-zip, php5.6-mbstring, php5.6-soap, php5.6-opcache, php5.6-cgi, php5.6-fpm, php7.0, php7.0-common, php7.0-gd, php7.0-mysql, php7.0-imap, php7.0-cli, php7.0-mcrypt, php7.0-curl, php7.0-intl, php7.0-pspell, php7.0-recode, php7.0-sqlite3, php7.0-tidy, php7.0-xmlrpc, php7.0-xsl, php7.0-zip, php7.0-mbstring, php7.0-soap, php7.0-opcache, php7.0-cgi, php7.0-fpm, php7.1, php7.1-common, php7.1-gd, php7.1-mysql, php7.1-imap, php7.1-cli, php7.1-mcrypt, php7.1-curl, php7.1-intl, php7.1-pspell, php7.1-recode, php7.1-sqlite3, php7.1-tidy, php7.1-xmlrpc, php7.1-xsl, php7.1-zip, php7.1-mbstring, php7.1-soap, php7.1-opcache, php7.1-cgi, php7.1-fpm, php7.2, php7.2-common, php7.2-gd, php7.2-mysql, php7.2-imap, php7.2-cli, php7.2-curl, php7.2-intl, php7.2-pspell, php7.2-recode, php7.2-sqlite3, php7.2-tidy, php7.2-xmlrpc, php7.2-xsl, php7.2-zip, php7.2-mbstring, php7.2-soap, php7.2-opcache, php7.2-cgi, php7.2-fpm, php7.3, php7.3-common, php7.3-gd, php7.3-mysql, php7.3-imap, php7.3-cli, php7.3-curl, php7.3-intl, php7.3-pspell, php7.3-recode, php7.3-sqlite3, php7.3-tidy, php7.3-xmlrpc, php7.3-xsl, php7.3-zip, php7.3-mbstring, php7.3-soap, php7.3-opcache, php7.3-cgi, php7.3-fpm, php7.4, php7.4-common, php7.4-gd, php7.4-mysql, php7.4-imap, php7.4-cli, php7.4-curl, php7.4-intl, php7.4-pspell, php7.4-sqlite3, php7.4-tidy, php7.4-xmlrpc, php7.4-xsl, php7.4-zip, php7.4-mbstring, php7.4-soap, php7.4-opcache, php7.4-cgi, php7.4-fpm, php8.0, php8.0-common, php8.0-gd, php8.0-mysql, php8.0-imap, php8.0-cli, php8.0-curl, php8.0-intl, php8.0-pspell, php8.0-sqlite3, php8.0-tidy, php8.0-xsl, php8.0-zip, php8.0-mbstring, php8.0-soap, php8.0-opcache, php8.0-cgi, php8.0-fpm, php8.1, php8.1-common, php8.1-gd, php8.1-mysql, php8.1-imap, php8.1-cli, php8.1-curl, php8.1-intl, php8.1-pspell, php8.1-sqlite3, php8.1-tidy, php8.1-xsl, php8.1-zip, php8.1-mbstring, php8.1-soap, php8.1-opcache, php8.1-cgi, php8.1-fpm
    [INFO] Installed packages php-pear, php-memcache, php-imagick, mcrypt, imagemagick, libruby, memcached, php-apcu, jailkit, php5.6, php5.6-common, php5.6-gd, php5.6-mysql, php5.6-imap, php5.6-cli, php5.6-mcrypt, php5.6-curl, php5.6-intl, php5.6-pspell, php5.6-recode, php5.6-sqlite3, php5.6-tidy, php5.6-xmlrpc, php5.6-xsl, php5.6-zip, php5.6-mbstring, php5.6-soap, php5.6-opcache, php5.6-cgi, php5.6-fpm, php7.0, php7.0-common, php7.0-gd, php7.0-mysql, php7.0-imap, php7.0-cli, php7.0-mcrypt, php7.0-curl, php7.0-intl, php7.0-pspell, php7.0-recode, php7.0-sqlite3, php7.0-tidy, php7.0-xmlrpc, php7.0-xsl, php7.0-zip, php7.0-mbstring, php7.0-soap, php7.0-opcache, php7.0-cgi, php7.0-fpm, php7.1, php7.1-common, php7.1-gd, php7.1-mysql, php7.1-imap, php7.1-cli, php7.1-mcrypt, php7.1-curl, php7.1-intl, php7.1-pspell, php7.1-recode, php7.1-sqlite3, php7.1-tidy, php7.1-xmlrpc, php7.1-xsl, php7.1-zip, php7.1-mbstring, php7.1-soap, php7.1-opcache, php7.1-cgi, php7.1-fpm, php7.2, php7.2-common, php7.2-gd, php7.2-mysql, php7.2-imap, php7.2-cli, php7.2-curl, php7.2-intl, php7.2-pspell, php7.2-recode, php7.2-sqlite3, php7.2-tidy, php7.2-xmlrpc, php7.2-xsl, php7.2-zip, php7.2-mbstring, php7.2-soap, php7.2-opcache, php7.2-cgi, php7.2-fpm, php7.3, php7.3-common, php7.3-gd, php7.3-mysql, php7.3-imap, php7.3-cli, php7.3-curl, php7.3-intl, php7.3-pspell, php7.3-recode, php7.3-sqlite3, php7.3-tidy, php7.3-xmlrpc, php7.3-xsl, php7.3-zip, php7.3-mbstring, php7.3-soap, php7.3-opcache, php7.3-cgi, php7.3-fpm, php7.4, php7.4-common, php7.4-gd, php7.4-mysql, php7.4-imap, php7.4-cli, php7.4-curl, php7.4-intl, php7.4-pspell, php7.4-sqlite3, php7.4-tidy, php7.4-xmlrpc, php7.4-xsl, php7.4-zip, php7.4-mbstring, php7.4-soap, php7.4-opcache, php7.4-cgi, php7.4-fpm, php8.0, php8.0-common, php8.0-gd, php8.0-mysql, php8.0-imap, php8.0-cli, php8.0-curl, php8.0-intl, php8.0-pspell, php8.0-sqlite3, php8.0-tidy, php8.0-xsl, php8.0-zip, php8.0-mbstring, php8.0-soap, php8.0-opcache, php8.0-cgi, php8.0-fpm, php8.1, php8.1-common, php8.1-gd, php8.1-mysql, php8.1-imap, php8.1-cli, php8.1-curl, php8.1-intl, php8.1-pspell, php8.1-sqlite3, php8.1-tidy, php8.1-xsl, php8.1-zip, php8.1-mbstring, php8.1-soap, php8.1-opcache, php8.1-cgi, php8.1-fpm
    [INFO] Setting default system php version.
    [INFO] Installing phpMyAdmin
    [INFO] Installing acme.sh (Let's Encrypt).
    [INFO] acme.sh (Let's Encrypt) installed.
    [INFO] Installing Mailman
    [INFO] Installing packages mailman
    [INFO] Installed packages mailman
    [INFO] Installing packages quota, quotatool, haveged, geoip-database, libclass-dbi-mysql-perl, libtimedate-perl, build-essential, autoconf, automake, libtool, flex, bison, debhelper, binutils
    [INFO] Installed packages quota, quotatool, haveged, geoip-database, libclass-dbi-mysql-perl, libtimedate-perl, build-essential, autoconf, automake, libtool, flex, bison, debhelper, binutils
    [INFO] Adding quota to fstab.
    [INFO] Installing packages pure-ftpd-common, pure-ftpd-mysql, webalizer, awstats, goaccess
    [INFO] Installed packages pure-ftpd-common, pure-ftpd-mysql, webalizer, awstats, goaccess
    [INFO] Enabling TLS for pureftpd
    [INFO] Disabling awstats cron.
    [INFO] Installing packages fail2ban, ufw
    [INFO] Installed packages fail2ban, ufw
    [INFO] Installing roundcube.
    [INFO] Installing packages roundcube, roundcube-core, roundcube-mysql, roundcube-plugins
    [INFO] Installed packages roundcube, roundcube-core, roundcube-mysql, roundcube-plugins
    [INFO] Installing ISPConfig3.
    [INFO] Adding PHP version(s) to ISPConfig.
    [INFO] Checking all services are running.
    [INFO] mysql: OK
    [INFO] clamav-daemon: OK
    [INFO] postfix: OK
    [INFO] bind9: OK
    [INFO] pureftpd: OK
    [INFO] nginx: OK
    [INFO] rspamd: OK
    [INFO] redis-server: OK
    [INFO] dovecot: OK
    [INFO] Installation ready.
    [INFO] Your Mailman password is: E5k4bzEeJY8z
    [INFO] Your ISPConfig admin password is: PpbM7PvyU1ZuVNM
    [INFO] Your MySQL root password is: BrvSMKYgaDR92GseubAN
    [INFO] Warning: Please delete the log files in /tmp/ispconfig-ai/var/log/setup-* once you don't need them anymore because they contain your passwords!
    root@server1:/#
    The error regarding clamav is ok, Clamav is sometimes not ready immedeately.

    There are two issues though, one is specific to Ubuntu 20.04 and does not affect Debian installations:

    https://git.ispconfig.org/ispconfig/ispconfig-autoinstaller/-/issues/78

    Solution is in the issue report.

    And the other issue is due to the use of Nginx, solution is in the issue report as well:

    https://git.ispconfig.org/ispconfig/ispconfig-autoinstaller/-/issues/79
     
    ahrasis likes this.

Share This Page