script to install cherokee,postfix,dovecot etc. Enjoy!

After spending weeks tinkering and reformatting a hundred times or so I have perfected a script which does the following:

1. Updates Centos 5.3 64 bit to 5.4

2. Updates ip to static, updates hostname, hosts etc

3. Installs 64 bit versions of mysql 5.145 and PHP 5.3.2 and phpmyadmin

4. Downloads, compiles and installs the latest stable cherokee.

5. Installs postfix, dovecot, postfixadmin & squirrelmail.

6. Updates various config files so the above are all set to go.

End result is a working ready to go cherokee web server and postfix/dovecot based mail server with postfixadmin and squirrelmail.

INSTRUCTIONS

1. Make a fresh install of Centos 5.3 64bit and boot it.

2. vim setnet.sh

3. copy & paste the code below into file.

4. Save and chmod 755 setnet.sh

5. ./setnet.sh e.g. ./setnet.sh serv.crap.com sillypassword

Script takes around 10 minutes to run and ends with prompting you for the mysql setup (root password etc), and the cert creation. Go with the defaults and its fine. Then follow the simple instructions and its all set to go. Whole business should take well under 30 minutes from fresh Centos install to working server.

CAVEATS

It will only work on a fresh install of Centos 5.3 64 bit. Anything else unlikely to succeed. It relies on common but non default repos like remi and dag which may change in the future. Similarly, new versions of software might and probably will break the script. However at this point in time, the above script works 100% and is the result of weeks of searching and tweaking and fiddling.

The reason I've done this is that I can test it thoroughly on my test linode and when I'm ready I can update my main linode with downtime drastically reduced as opposed to installing all the packages manually. I thought I'd share the results of my labor in case it's helpful to anyone else out there.

Comments and suggestions welcome!

#!/bin/bash
if [ $# -eq 0 ];
then
  echo -e "USAGE: ./setnet.pl <host.domainname><postfix password="">\n\ne.g. ./setnet.pl host.domain.com yourpassword\n";
  exit;
fi
IP=`ifconfig eth0 | grep 'inet addr:'| cut -d: -f2 | awk '{ print $1}'`;
MASK=`ifconfig eth0 | grep 'inet addr:' | cut -d: -f4 | awk '{ print $1}'`;
GW=`route -n | grep 'UG[ \t]' | awk '{print $2}'`;
HOST=${1%%.*};
DOMAIN=${1#*.};
FULLNAME=$1;
PW=$2;
hostname -v $HOST;
echo -e "Updating /etc/hosts ($IP)";
echo -e "\n$IP\t$FULLNAME $HOST\n" >> /etc/hosts;

ETH0="/etc/sysconfig/network-scripts/ifcfg-eth0";
echo -e "Updating $ETH0";

echo DEVICE=eth0 > $ETH0;
echo BOOTPROTO=static >> $ETH0;
echo ONBOOT=yes >> $ETH0;
echo PEERDNS=no >> $ETH0;
echo IPADDR=$IP >> $ETH0;
echo NETMASK=$MASK >> $ETH0;
echo GATEWAY=$GW >> $ETH0;

set x `cat /etc/resolv.conf | grep 'nameserver[ \t]' | awk '{print $2}'`;
service network restart;
echo -e "Updating /etc/resolv.conf";
echo domain members.linode.com > /etc/resolv.conf;
echo search members.linode.com >> /etc/resolv.conf;
echo nameserver $2 >> /etc/resolv.conf;
echo nameserver $3 >> /etc/resolv.conf;
echo options rotate >> /etc/resolv.conf;
##################################################UPDATING & INSTALLING REPOS
yum -y update yum;yum -y install glibc.x86_64 wget;yum -y remove iptables glibc.i686;yum -y update *.x86_64

#wget http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-3.noarch.rpm
#rpm -Uvh epel-release-5*.rpm
#cd /etc/yum.repos.d
#wget http://rpms.famillecollet.com/remi-enterprise.repo

echo "Updating yum repos (/etc/yum.repos.d/)";
repos='/etc/yum.repos.d/epel.repo';
echo '[epel]' > $repos;
echo 'name=Extra Packages for Enterprise Linux 5 - $basearch' >> $repos;
echo '#baseurl=http://download.fedoraproject.org/pub/epel/5/$basearch' >> $repos;
echo 'mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-5&arch=$basearch' >> $repos;
echo 'failovermethod=priority' >> $repos;
echo 'enabled=1' >> $repos;
echo 'gpgcheck=0' >> $repos;

repos='/etc/yum.repos.d/remi.repo';
echo '[remi]' > $repos;
echo 'name=Les RPM de remi pour Enterpise Linux $releasever - $basearch' >> $repos;
echo 'baseurl=http://rpms.famillecollet.com/enterprise/$releasever/remi/$basearch/' >> $repos;
echo 'http://iut-info.univ-reims.fr/remirpms/enterprise/$releasever/remi/$basearch/' >> $repos;
echo 'enabled=1' >> $repos;
echo 'gpgcheck=0' >> $repos;
#gpgkey=http://rpms.famillecollet.com/RPM-GPG-KEY-remi
echo 'failovermethod=priority' >>$repos;

repos='/etc/yum.repos.d/dag.repo';
echo '[dag]' > $repos;
echo 'name=Dag RPM Repository for Red Hat Enterprise Linux' >> $repos;
echo 'baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag' >> $repos;
echo 'gpgcheck=0' >> $repos;
echo 'enabled=0' >> $repos;

sed -i '/\[centosplus\]/,/\[/ s/enabled=0/enabled=1/' /etc/yum.repos.d/CentOS-Base.repo;

##########################################################INSTALLING MYSQL, PHP et al
yum -y install mysql-server.x86_64 mysql-devel.x86_64 php.x86_64 gcc.x86_64 gcc44.x86_64 gcc-c++.x86_64 automake gettext.x86_64 GeoIP-devel.x86_64 rrdtool-devel.x86_64 php-mysql make automake
yum -y --enablerepo=dag install ffmpeg-devel
##########################################################INSTALLING CHEROKEE
wget http://www.cherokee-project.com/cherokee-latest-tarball
tar -zxvf cherokee-*
cd cherokee*
./configure --localstatedir=/var --prefix=/usr --sysconfdir=/etc --with-wwwroot=/var/www
make
make install

ldconfig -X

echo '#!/bin/sh
#
# Contrib to RedHat Fedora Based Systems by: carlotez at gmail.com
# chkconfig: 2345 95 05
# description: Starts and stops the Cherokee light Web Server system
#
# Source function library
. /etc/rc.d/init.d/functions

NAME=cherokee
BASE=/usr/sbin/$NAME
DAEMON="-d"
CONF="/etc/cherokee/cherokee.conf"
PIDFILE="/var/run/$NAME.pid"

# Check that $BASE exists.
[ -f $BASE ] || exit 0

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

RETVAL=0
# See how we were called.
case "$1" in
  start)
        if [ -n "`/sbin/pidof $NAME`" ]; then
                echo -n $"$NAME: already running"
                echo ""
                exit $RETVAL
        fi
        echo -n "Starting Cherokee service: "
        $BASE -C $CONF $DAEMON pidfile $PIDFILE
        sleep 1
        action "" /sbin/pidof $NAME
        RETVAL=$?
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/cherokee
        ;;
   stop)
        echo -n "Shutting down Cherokee service: "
        killproc $BASE
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/cherokee
        ;;
   restart|reload)
        $0 stop
        $0 start
        RETVAL=$?
        ;;
   status)
        status $BASE
        RETVAL=$?
        ;;
   *)
        echo "Usage: $NAME {start|stop|restart|reload|status}"
        exit 1
esac
exit $RETVAL' > /etc/init.d/cherokee
chmod 755 /etc/init.d/cherokee
###############################################################INSTALLING PHPMYADMIN, DOVECOT, POSTFIX et al
yum -y install phpmyadmin dovecot squirrelmail cyrus-sasl-devel.x86_64 cyrus-sasl-*.x86_64 subversion.x86_64 php-imap.x86_64 postgresql.x86_64
yum -y install postfix.x86_64 --disablerepo=base

touch /etc/postfix/virtual_regexp
mkdir /home/vmail
chmod 770 /home/vmail
chown postfix:postfix /home/vmail
###############################################################/etc/postfix/main.cf
postconf -e "myhostname = $FULLNAME"
postconf -e "mydomain = $DOMAIN"
postconf -e 'inet_interfaces = all'
postconf -e "mynetworks = $IP/32, 127.0.0.0/8"
postconf -e 'relay_domains = $mydestination'
postconf -e 'recipient_delimiter = +'
postconf -e 'delay_warning_time = 4'
postconf -e 'virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf,regexp:/etc/postfix/virtual_regexp'
postconf -e 'virtual_gid_maps = static:89'
postconf -e 'virtual_mailbox_base = /home/vmail'
postconf -e 'virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains_maps.cf'
postconf -e 'virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf'
postconf -e 'virtual_minimum_uid = 89'
postconf -e 'virtual_transport = virtual'
postconf -e 'virtual_uid_maps = static:89'
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'smtpd_sasl_local_domain = $myhostname'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.pem'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/smtpd.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
postconf -e 'smtpd_helo_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_non_fqdn_hostname'
postconf -e 'smtpd_sender_restrictions = reject_non_fqdn_sender,reject_unknown_sender_domain'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,reject_non_fqdn_recipient,reject_unknown_recipient_domain'
postconf -e 'smtpd_helo_required = yes'
postconf -e 'disable_vrfy_command = yes'
postconf -e 'smtpd_data_restrictions = reject_unauth_pipelining'
##################################################################################/etc/postfix/master.cf
sed -i "s/#smtps     inet  n       -       n       -       -       smtpd/smtps     inet  n       -       n       -       -       smtpd\n  -o smtpd_tls_wrappermode=yes\n  -o smtpd_sasl_auth_enable=yes/g" /etc/postfix/master.cf
sed -i "s/pickup    fifo  n       -       n       60      1       pickup/pickup    fifo  n       -       n       60      1       pickup\n  -o content_filter=\n  -o receive_override_options=no_header_body_checks/g" /etc/postfix/master.cf
################################################################################/etc/postfix/mysql-virtual_alias_maps.cf
echo hosts = localhost > /etc/postfix/mysql-virtual_alias_maps.cf > /etc/postfix/mysql-virtual_alias_maps.cf
echo user = postfix >> /etc/postfix/mysql-virtual_alias_maps.cf >> /etc/postfix/mysql-virtual_alias_maps.cf
echo password = $PW >> /etc/postfix/mysql-virtual_alias_maps.cf >> /etc/postfix/mysql-virtual_alias_maps.cf
echo dbname = postfix >> /etc/postfix/mysql-virtual_alias_maps.cf >> /etc/postfix/mysql-virtual_alias_maps.cf
echo table = alias >> /etc/postfix/mysql-virtual_alias_maps.cf >> /etc/postfix/mysql-virtual_alias_maps.cf
echo select_field = goto >> /etc/postfix/mysql-virtual_alias_maps.cf >> /etc/postfix/mysql-virtual_alias_maps.cf
echo where_field = address >> /etc/postfix/mysql-virtual_alias_maps.cf >> /etc/postfix/mysql-virtual_alias_maps.cf
################################################################################/etc/postfix/mysql-virtual_domains_maps.cf
echo hosts = localhost > /etc/postfix/mysql-virtual_domains_maps.cf
echo user = postfix >> /etc/postfix/mysql-virtual_domains_maps.cf
echo password = $PW >> /etc/postfix/mysql-virtual_domains_maps.cf
echo dbname = postfix >> /etc/postfix/mysql-virtual_domains_maps.cf
echo table = domain >> /etc/postfix/mysql-virtual_domains_maps.cf
echo select_field = domain >> /etc/postfix/mysql-virtual_domains_maps.cf
echo where_field = domain >> /etc/postfix/mysql-virtual_domains_maps.cf
echo "additional_conditions = and backupmx = '0' and active = '1'" >> /etc/postfix/mysql-virtual_domains_maps.cf
################################################################################/etc/postfix/mysql-virtual_mailbox_maps.cf
echo hosts = localhost > /etc/postfix/mysql-virtual_mailbox_maps.cf
echo user = postfix >> /etc/postfix/mysql-virtual_mailbox_maps.cf
echo password = $PW >> /etc/postfix/mysql-virtual_mailbox_maps.cf
echo dbname = postfix >> /etc/postfix/mysql-virtual_mailbox_maps.cf
echo table = mailbox >> /etc/postfix/mysql-virtual_mailbox_maps.cf
echo select_field = maildir >> /etc/postfix/mysql-virtual_mailbox_maps.cf
echo where_field = username >> /etc/postfix/mysql-virtual_mailbox_maps.cf
################################################################################/usr/lib64/sasl2/smtpd.conf
echo pwcheck_method: auxprop > /usr/lib64/sasl2/smtpd.conf
echo mech_list: PLAIN LOGIN >> /usr/lib64/sasl2/smtpd.conf
echo auxprop_plugin: sql >> /usr/lib64/sasl2/smtpd.conf
echo sql_verbose: yes >> /usr/lib64/sasl2/smtpd.conf
echo sql_engine: mysql >> /usr/lib64/sasl2/smtpd.conf
echo sql_hostnames: localhost >> /usr/lib64/sasl2/smtpd.conf
echo sql_user: postfix >> /usr/lib64/sasl2/smtpd.conf
echo sql_passwd: $PW >> /usr/lib64/sasl2/smtpd.conf
echo sql_database: postfix >> /usr/lib64/sasl2/smtpd.conf
echo "sql_select: select password from mailbox where username = '%u@%r'" >> /usr/lib64/sasl2/smtpd.conf
################################################################################/etc/dovecot.conf
echo auth default { > /etc/dovecot.conf
echo   userdb sql { >> /etc/dovecot.conf
echo     args = /etc/dovecot-mysql.conf >> /etc/dovecot.conf
echo   } >> /etc/dovecot.conf
echo   passdb sql { >> /etc/dovecot.conf
echo     args = /etc/dovecot-mysql.conf >> /etc/dovecot.conf
echo   } >> /etc/dovecot.conf
echo } >> /etc/dovecot.conf
echo first_valid_uid = 89 >> /etc/dovecot.conf
echo default_mail_env = maildir:/home/vmail/%d/%n >> /etc/dovecot.conf
echo protocols =  imaps imap pop3s pop3 >> /etc/dovecot.conf
echo ssl_cert_file = /etc/postfix/ssl/smtpd.pem >> /etc/dovecot.conf
echo ssl_key_file = /etc/postfix/ssl/smtpd.pem >> /etc/dovecot.conf
################################################################################/etc/dovecot-mysql.conf
echo driver = mysql > /etc/dovecot-mysql.conf
echo connect = host=localhost dbname=postfix user=postfix password=$PW >> /etc/dovecot-mysql.conf
echo default_pass_scheme = PLAIN >> /etc/dovecot-mysql.conf
echo "password_query = SELECT password FROM mailbox WHERE username = '%u'" >> /etc/dovecot-mysql.conf
echo "user_query = SELECT maildir, 89 AS uid, 89 AS gid FROM mailbox WHERE username = '%u'" >> /etc/dovecot-mysql.conf
#############################################################################INSTALLING POSTFIXADMIN

svn co https://postfixadmin.svn.sourceforge.net/svnroot/postfixadmin/trunk postfixadmin
mv postfixadmin /usr/share/

sed -i "s/CONF\['configured'\] = false/CONF\['configured'\] = true/g" /usr/share/postfixadmin/config.inc.php
sed -i "s/CONF\['postfix_admin_url'\] = ''/CONF\['postfix_admin_url'\] = '\/mailadmin\/'/g" /usr/share/postfixadmin/config.inc.php
sed -i "s/CONF\['database_type'\] = 'mysql'/CONF\['database_type'\] = 'mysqli'/" /usr/share/postfixadmin/config.inc.php
sed -i "s/CONF\['database_password'\] = 'postfixadmin'/CONF\['database_password'\] = '"$PW"'/" /usr/share/postfixadmin/config.inc.php
sed -i "s/CONF\['domain_path'\] = 'NO'/CONF\['domain_path'\] = 'YES'/" /usr/share/postfixadmin/config.inc.php
sed -i "s/CONF\['domain_in_mailbox'\] = 'YES'/CONF\['domain_in_mailbox'\] = 'NO'/" /usr/share/postfixadmin/config.inc.php
sed -i "s/CONF\['encrypt'\] = 'md5crypt'/CONF\['encrypt'\] = 'cleartext'/" /usr/share/postfixadmin/config.inc.php

/etc/init.d/mysqld start
mysql -uroot --password= -e "CREATE DATABASE postfix;"
mysql -uroot --password= -e "CREATE USER 'postfix'@'localhost' IDENTIFIED BY '"$PW"';"
mysql -uroot --password= -e "GRANT ALL PRIVILEGES ON postfix . * TO 'postfix'@'localhost';"

/usr/bin/mysql_secure_installation
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl
openssl req -new -x509 -nodes -out smtpd.pem -keyout smtpd.pem -days 3650

chkconfig dovecot on
chkconfig cherokee on
chkconfig mysqld on
/etc/init.d/postfix start
/etc/init.d/dovecot start

echo -e "\n\nAlmost done... RUN cherokee-admin -u -b AND  GO TO http://$IP:9090/ and configure CHEROKEE. Setup PHP & PHPMYADMIN using the wizards";
echo -e "Set the document root to /usr/share/phpMyAdmin and the handler to List & Send.";
echo -e "Clone phpmyadmin as webmail and mailadmin using document roots of /usr/share/squirrelmail and /usr/share/postfixadmin respectively."
echo -e "Ensure php is above them with final NOT checked.\n";

echo -e "Run the setup.php script in a web browser. http://$DOMAIN/mailadmin/setup.php";
echo -e "If everything shows OK then create an admin user (update /usr/share/postfixadmin/config.inc.php with the generated hash)";
echo -e "and log in to http://$DOMAIN/mailadmin.\n";

echo -e "Test squirrelmail with http://$DOMAIN/webmail/src/configtest.php"
echo -e "If it's all good, You should be able to login to your mailserver http://$DOMAIN/webmail"
echo -e "Remember your username is in the format: user@domain.com\n"</postfix></host.domainname> 

7 Replies

Since the largest Linode is well under 4 gig, why take the memory overhead hit by running 64bit?

//just curious

64 bit is not just about being able to use more memory. There are some small performance improvements when 64 bit code is run on a 64 bit server. Most noticeable with complex sql queries - which my site does. I know it tends to be memory hungry however running cherokee instead of apache means I can successfully run a 64 bit server on a 360 linode.

I'm still testing and fiddling with cherokee but I'm pretty much blown away :D Pages load faster especially with database queries and current memory usage is 71MB Not bad for a 64 bit full blown web and mail server. Of course a bunch of concurrent requests will load it a lot more but its way ahead of my 720 linode running all 32 bit apps.

Don't mean to sound like a fanboy but I'm mightily impressed with cherokee. Easy peasy to setup and configure with a very nice web panel. Faster than apache but with way less memory usage. IMHO 64 bit does seem to help performance wise.

I wish someone would do this for Debian 32bit. I've always had a hard time with email servers and am not comfortable moving sensitive emails over to Gmail.

@ybop:

I'm still testing and fiddling with cherokee but I'm pretty much blown away :D Pages load faster especially with database queries and current memory usage is 71MB Not bad for a 64 bit full blown web and mail server. Of course a bunch of concurrent requests will load it a lot more but its way ahead of my 720 linode running all 32 bit apps.

On your 32-bit server, are you running cherokee there also, or apache?

I was running cherokee. The biggest difference between the 32 and the 64 seems to in large mysql queries. Much faster under 64. Even if it was only a tiny bit faster, I'd still use the 64 as for my purposes, there is no downside.

Running cherokee with 5 sites total page views around 4000 a day, memory usage rarely goes above 200. I might drop the 720 down to a 360 at some stage but will see how it goes.

If you haven't already, OP, you could make this a Stackscript and make it public, and make it easier to deploy. Your use case is why we designed Stackscripts in the first place. Check this out for more information:

http://www.linode.com/stackscripts/

@jed:

If you haven't already, OP, you could make this a Stackscript and make it public, and make it easier to deploy. Your use case is why we designed Stackscripts in the first place. Check this out for more information:

http://www.linode.com/stackscripts/

I might look at doing this at some stage but one problem is that the script depends on numerous sources that or may not be available indefinitely. But when I get time, will see what I can do. If anyone else wants to have a go, be my guest :)

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct