Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 12/04/2007
This tutorial shows how to set up a CentOS 5.1 based server that offers all services needed by ISPs and web hosters: Apache web server (SSL-capable), Postfix mail server with SMTP-AUTH and TLS, BIND DNS server, Proftpd FTP server, MySQL server, Dovecot POP3/IMAP, Quota, Firewall, etc. This tutorial is written for the 32-bit version of CentOS 5.1, but should apply to the 64-bit version with very little modifications as well.
I will use the following software:
- Web Server: Apache 2.2 with PHP 5.1.6
- Database Server: MySQL 5.0
- Mail Server: Postfix
- DNS Server: BIND9 (chrooted)
- FTP Server: Proftpd
- POP3/IMAP server: Dovecot
- Webalizer for web site statistics
In the end you should have a system that works reliably, and if you like you can install the free webhosting control panel ISPConfig (i.e., ISPConfig runs on it out of the box).
I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
To install such a system you will need the following:
- Download the CentOS 5.1 DVD or the six CentOS 5.1 CDs from a mirror next to you (the list of mirrors can be found here: http://isoredirect.centos.org/centos/5/isos/i386/).
- a fast internet connection.
2 Preliminary Note
In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 and the gateway 192.168.0.1. These settings might differ for you, so you have to replace them where appropriate.
3 Install The Base System
Boot from your first CentOS 5.1 CD (CD 1) or the CentOS 5.1 DVD. Press <ENTER> at the boot prompt:
It can take a long time to test the installation media so we skip this test here:
The welcome screen of the CentOS installer appears. Click on Next:
Choose your language next:
Select your keyboard layout:
I’m installing CentOS 5.1 on a fresh system, so I answer Yes to the question Would you like to initialize this drive, erasing ALL DATA?
Now we must select a partitioning scheme for our installation. For simplicity’s sake I select Remove linux partitions on selected drives and create default layout. This will result in a small /boot and a large / partition as well as a swap partition. Of course, you’re free to partition your hard drive however you like it. Then I hit Next:
Answer the following question (Are you sure you want to do this?) with Yes:
On to the network settings. The default setting here is to configure the network interfaces with DHCP, but we are installing a server, so static IP addresses are not a bad idea… Click on the Edit button at the top right.
In the window that pops up uncheck Use dynamic IP configuration (DHCP) and Enable IPv6 support and give your network card a static IP address (in this tutorial I’m using the IP address 192.168.0.100 for demonstration purposes) and a suitable netmask (e.g. 255.255.255.0; if you are not sure about the right values, http://www.subnetmask.info might help you):
Set the hostname manually, e.g. server1.example.com, and enter a gateway (e.g. 192.168.0.1) and up to two DNS servers (e.g. 188.8.131.52 and 184.108.40.206):
Choose your time zone:
Give root a password:
Now we select the software we want to install. Select nothing but Server (uncheck everything else). Also don’t check Packages from CentOS Extras. Then check Customize now, and click on Next:
Now we must select the package groups we want to install. Select Editors, Text-based Internet, Development Libraries, Development Tools, DNS Name Server, FTP Server, Mail Server, MySQL Database, Server Configuration Tools, Web Server, Administration Tools, Base, and System Tools (unselect all other package groups) and click on Next:
The installer checks the dependencies of the selected packages:
Click on Next to start the installation:
The hard drive is being formatted:
The installation begins. This will take a few minutes:
Finally, the installation is complete, and you can remove your CD or DVD from the computer and reboot it:
After the reboot, you will see this screen. Select Firewall configuration and hit Run Tool:
I want to install ISPConfig at the end of this tutorial which comes with its own firewall. That’s why I disable the default CentOS firewall now. Of course, you are free to leave it on and configure it to your needs (but then you shouldn’t use any other firewall later on as it will most probably interfere with the CentOS firewall).
SELinux is a security extension of CentOS that should provide extended security. In my opinion you don’t need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn’t working as expected, and then you find out that everything was ok, only SELinux was causing the problem). Therefore I disable it, too (this is a must if you want to install ISPConfig later on). Hit OK afterwards:
Then leave the Setup Agent by selecting Exit:
Then log in as root and reboot the system so that your changes can be applied:
shutdown -r now
Now, on to the configuration…