Ubuntu 22.04 + ISPconfig on Oracle ARM64 >> Install Issues

Discussion in 'ISPConfig 3 Priority Support' started by peterpetr, Dec 18, 2024.

Tags:
  1. peterpetr

    peterpetr Member HowtoForge Supporter

    Hello ISPconfig Support,
    I was happy to see that the Perfect Server Automated ICPconfig 3 Auto-Installer now supports ARM64.
    I used these instructions: https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/
    The Oracle VM did not have Quota Support so I installed that with Till's help. Thank you.
    I had to re-run the ISPconfig install command several times per the support Thread with Till a few days ago.
    ISPconfig was then Installed. All services indicated as "OK".

    Problem: Since the above described ISPconfig install completed, I am having trouble accessing the Login page as follows:
    https://u22o.mydomain.com:8080.
    The A Record in DNS is correct. I'm able to access the VM's terminal via SSH
    Here is the info requested by you for trouble shooting Threads:
    Code:
    OS Version on ARM64 Oracle VM.
root@u22o:/etc/nginx/sites-available# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 22.04.5 LTS
Release:        22.04
Codename:       jammy
    And:
    Code:
    PHP Version
root@u22o:/etc/nginx/sites-available# php -v
PHP 8.1.31 (cli) (built: Nov 21 2024 13:10:15) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.31, Copyright (c) Zend Technologies
    with Zend OPcache v8.1.31, Copyright (c), by Zend Technologies

Web Server:
NGINX (as installed by the ISPconfig Auto-Installer)
    And:
    Code:
    root@u22o:/etc/nginx/sites-available# wget -q -O htf-common-issues.php "http://gitplace.net/pixcept/ispconfig-tools/raw/stable/htf-common-issues.php" && php -q htf-common-issues.php

##### SCRIPT FINISHED #####
Results can be found in htf_report.txt
To view results use your favourite text editor or type 'cat htf_report.txt | more' on the server console.

If you want to see the non-anonymized output start the script with --debug as parameter (php -q htf-common-issues.php --debug).

root@u22o:/etc/nginx/sites-available#
root@u22o:/etc/nginx/sites-available# cat htf_report.txt | more

##### SERVER #####
IP-address (as per hostname): [localhost]
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Ubuntu 22.04.5 LTS

[INFO] uptime:  12:37:47 up  2:26,  2 users,  load average: 0.00, 0.00, 0.00

[INFO] memory:
               total        used        free      shared  buff/cache   available
Mem:            23Gi       1.8Gi        20Gi        54Mi       1.5Gi        21Gi
Swap:             0B          0B          0B

[INFO] systemd failed services status:
  UNIT                                                       LOAD   ACTIVE SUB    DESCRIPTION
● quotaon.service                                            loaded failed failed Enable File System Quotas
● snap.lxd.activate.service                                  loaded failed failed Service for snap application lxd.activate
● snap.oracle-cloud-agent.oracle-cloud-agent-updater.service loaded failed failed Service for snap application oracle-cloud-agent.o
racle-cloud-agent-updater
● snap.oracle-cloud-agent.oracle-cloud-agent.service         loaded failed failed Service for snap application oracle-cloud-agent.o
racle-cloud-agent

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.
4 loaded units listed.

[INFO] ISPConfig is installed.

##### ISPCONFIG #####
ISPConfig version is 3.2.12p1


##### VERSION CHECK #####

[INFO] php (cli) version is 8.1.31
[INFO] php-cgi (used for cgi php in default vhost!) is version 8.1.31

##### PORT CHECK #####

[WARN] Port 443 (Webserver SSL) seems NOT to be listening

##### MAIL SERVER CHECK #####


##### RUNNING SERVER PROCESSES #####

[INFO] I found the following web server(s):
        Unknown process (nginx:) (PID 999)
[INFO] I found the following mail server(s):
        Postfix (PID 1715)
[INFO] I found the following pop3 server(s):
        Dovecot (PID 699)
[INFO] I found the following imap server(s):
        Dovecot (PID 699)
[INFO] I found the following ftp server(s):
        PureFTP (PID 1302)

##### LISTENING PORTS #####
(only           ()
Local           (Address)
[localhost]:11211               (708/memcached)
[localhost]:11332               (847/rspamd:)
[localhost]:11333               (847/rspamd:)
[localhost]:11334               (847/rspamd:)
***.***.***.***:53              (650/systemd-resolve)
[localhost]:10023               (1007/postgrey)
[localhost]:6379                (732/redis-server)
***.***.***.***:53              (764/named)
***.***.***.***:53              (764/named)
***.***.***.***:53              (764/named)
***.***.***.***:53              (764/named)
[anywhere]:4190         (699/dovecot)
[anywhere]:8080         (999/nginx:)
[anywhere]:8081         (999/nginx:)
[localhost]:6010                (1824/sshd:)
[anywhere]:995          (699/dovecot)
[anywhere]:993          (699/dovecot)
[anywhere]:587          (1715/master)
[anywhere]:465          (1715/master)
[anywhere]:143          (699/dovecot)
[anywhere]:25           (1715/master)
[anywhere]:22           (836/sshd:)
[anywhere]:21           (1302/pure-ftpd)
[anywhere]:80           (999/nginx:)
[anywhere]:110          (699/dovecot)
[anywhere]:111          (1/init)
[localhost]:953         (764/named)
[localhost]:953         (764/named)
[localhost]:953         (764/named)
[localhost]:953         (764/named)
[anywhere]:3306         (918/mariadbd)
[localhost]:53          (764/named)
[localhost]:53          (764/named)
[localhost]:53          (764/named)
[localhost]:53          (764/named)
*:*:*:*::*:6379         (732/redis-server)
*:*:*:*::*:6010         (1824/sshd:)
*:*:*:*::*:53           (764/named)
*:*:*:*::*:53           (764/named)
*:*:*:*::*:53           (764/named)
*:*:*:*::*:53           (764/named)
*:*:*:*::*:953          (764/named)
*:*:*:*::*:953          (764/named)
*:*:*:*::*:953          (764/named)
*:*:*:*::*:953          (764/named)
*:*:*:*::*17ff:fe01:1db2:53             (764/named)
*:*:*:*::*17ff:fe01:1db2:53             (764/named)
*:*:*:*::*17ff:fe01:1db2:53             (764/named)
*:*:*:*::*17ff:fe01:1db2:53             (764/named)
*:*:*:*::*:4190         (699/dovecot)
*:*:*:*::*:8080         (999/nginx:)
*:*:*:*::*:8081         (999/nginx:)
*:*:*:*::*:995          (699/dovecot)
*:*:*:*::*:993          (699/dovecot)
*:*:*:*::*:587          (1715/master)
*:*:*:*::*:465          (1715/master)
[localhost]43           (699/dovecot)
*:*:*:*::*:25           (1715/master)
*:*:*:*::*:22           (836/sshd:)
*:*:*:*::*:21           (1302/pure-ftpd)
*:*:*:*::*:80           (999/nginx:)
[localhost]10           (699/dovecot)
[localhost]11           (1/init)
*:*:*:*::*:3306         (918/mariadbd)




##### IPTABLES #####
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
f2b-sshd   tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
ACCEPT     all  --  [anywhere]/0            [anywhere]/0            state RELATED,ESTABLISHED
ACCEPT     icmp --  [anywhere]/0            [anywhere]/0
ACCEPT     all  --  [anywhere]/0            [anywhere]/0
ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp spt:123
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            state NEW tcp dpt:22
REJECT     all  --  [anywhere]/0            [anywhere]/0            reject-with icmp-host-prohibited
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8080
ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:443



Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  [anywhere]/0            [anywhere]/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
InstanceServices  all  --  [anywhere]/0            ***.***.***.***/16

Chain InstanceServices (1 references)
target     prot opt source               destination
ACCEPT     tcp  --  [anywhere]/0            ***.***.***.***          owner UID match 0 tcp dpt:3260 /* See the Oracle-Provided Imag
es section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     tcp  --  [anywhere]/0            ***.***.***.***/24       owner UID match 0 tcp dpt:3260 /* See the Oracle-Provided Imag
es section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     tcp  --  [anywhere]/0            ***.***.***.***/24       owner UID match 0 tcp dpt:3260 /* See the Oracle-Provided Imag
es section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     tcp  --  [anywhere]/0            ***.***.***.***/24       owner UID match 0 tcp dpt:3260 /* See the Oracle-Provided Imag
es section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     tcp  --  [anywhere]/0            ***.***.***.***          tcp dpt:80 /* See the Oracle-Provided Images section in the Or
acle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:53 /* See the Oracle-Provided Images section in the Oracle
 Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     tcp  --  [anywhere]/0            ***.***.***.***      tcp dpt:53 /* See the Oracle-Provided Images section in the Oracle
 Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     tcp  --  [anywhere]/0            ***.***.***.***          owner UID match 0 tcp dpt:80 /* See the Oracle-Provided Images
 section in the Oracle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     tcp  --  [anywhere]/0            ***.***.***.***          tcp dpt:80 /* See the Oracle-Provided Images section in the Or
acle Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     tcp  --  [anywhere]/0            ***.***.***.***      tcp dpt:80 /* See the Oracle-Provided Images section in the Oracle
 Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:67 /* See the Oracle-Provided Images section in the Oracle
 Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:69 /* See the Oracle-Provided Images section in the Oracle
 Cloud Infrastructure documentation for security impact of modifying or removing this rule */
ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:123 /* See the Oracle-Provided Images section in the Oracl
e Cloud Infrastructure documentation for security impact of modifying or removing this rule */
REJECT     tcp  --  [anywhere]/0            ***.***.***.***/16       tcp /* See the Oracle-Provided Images section in the Oracle Cl
oud Infrastructure documentation for security impact of modifying or removing this rule */ reject-with tcp-reset
REJECT     udp  --  [anywhere]/0            ***.***.***.***/16       udp /* See the Oracle-Provided Images section in the Oracle Cl
oud Infrastructure documentation for security impact of modifying or removing this rule */ reject-with icmp-port-unreachable

Chain f2b-sshd (1 references)
target     prot opt source               destination
RETURN     all  --  [anywhere]/0            [anywhere]/0

##### LET'S ENCRYPT #####
acme.sh is installed in /root/.acme.sh/acme.sh

root@u22o:/etc/nginx/sites-available#
    I am hoping that this ARM based Ubuntu v22.04 VM (provided by Oracle Cloud Services) can support ISPconfig.
    Please advise if you need any further info or actions by me?

    Many thanks,
    Peter
     
    peterpetr, Dec 18, 2024
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Your server runs the ISPConfig login page on port 8080. So which trouble do you have and which exact error message do you get in the browser? I guess that Oracle likely runs an external firewall in its data center, and this firewall blocks port 8080, so you must open the port in the Oracle firewall.
     
    till, Dec 18, 2024
    #2
  3. peterpetr

    peterpetr Member HowtoForge Supporter

    Hi Till,
    I try to open the ISPconfig login page with the following URL:
    Using a Chrome web browser, here's the web page returned:
    Code:
    This site can’t be reached
u22o.mydomain.com took too long to respond.
Try:

Checking the connection
Checking the proxy and the firewall
Running Windows Network Diagnostics
ERR_CONNECTION_TIMED_OUT
    In the Oracle network config, I have added the following Ingress Rules (highlighted in yellow) to allow ports: 80, 443, and 8080:
    [​IMG]

    In summary, I am not able to view the login page for ISPconfig on this ARM64 based Ubuntu v22.04 with the latest ISPconfig.
    I am hoping your review of the contents of the output file: cat htf_report.txt
    that I posted in this thread above can identify what's wrong with my config.
    Thank you for your assistance with this.
    P.
     
    peterpetr, Dec 19, 2024
    #3
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The result is fine and shows that ISPConfig is working, and the ISPConfig UI is available on port 8080. But you can further verify this, run:

    wget --no-check-certificate https://localhost:8080

    on your server. It should download a file index.html. Then run:

    grep ispconfig index.html

    if it returns something like:


    Code:
    root@server1:~# grep ispconfig index.html
  <link rel='stylesheet' href='../themes/default/assets/stylesheets/ispconfig.css?ver=3.2' />
  <script src='../themes/default/assets/javascripts/ispconfig.js'></script>
  <script type="text/javascript" src="../js/jquery.ispconfigsearch.js"></script>
    then the GUI os working fine.

    The error you receive indicates that iracle cloud still blocks the ISPConfig GUI with a firewall. You might want to reach out to oraclke support and let them configure their firewall for you.
     
    till, Dec 19, 2024
    #4

Share This Page