Fresh install help

I am about to do a fresh install of Virtualmin now that I have purchased pro and I have some questions.

First off, the FQDN comment has been made all over, but the page you link to on the install page is broken.

(this page does not exist) http://www.virtualmin.com/documentation/installation/fqdn

(linked from here) http://www.virtualmin.com/download.html

I'm unclear what to use for my host's FQDN at this point and searching the issues and forums isn't getting me the full explanation of what I should use.

Do I make up something? Or do I use the first domain that I will be hosting? Previously I used something like DVIWEB.LOCAL but I'm not sure that this is recommended.

Second, I'm not sure if I need DNS (bind) running and I know I don't use things like WebDAV so I'd like to clean some of that up so I don't have to worry about exploits or forgotten back doors with services I don't use. So a little newbie help there would be appreciated.

For the DNS point, my domains are registered with GoDaddy and I use their DNS. So on my box do I even need bind running?

I will be connecting to the web server via SAMBA for one directory share - I'm not sure if that overlaps with WebDAV or not.

Status: 
Active

Comments

Yeah, you'd want some sort of name in the hostname.domain.tld format that resolves to your server... that would be your FQDN.

It's up to you what you'd use... a hosting provider would often use their company's domain name and some sort of arbitrary hostname. Perhaps "web1.your_company_domain.tld", for example.

Whatever you choose -- you can set that by running this command on your server as root prior to running the install.sh script:

hostname YOUR_HOSTNAME.DOMAIN.TLD

After that, the installer should be able to pick up and correctly set your hostname in the various config files.

When your installation is complete, it sounds like you may want to review the enabled features and make sure they all apply to your setup. You can view those by going into System Settings -> Features and Plugins.

In your case, you may want to disable the DAV and BIND DNS Domain features. You may want to continue to run the BIND daemon, as it would provide DNS caching for you, but you don't actually need the BIND feature enabled in Virtualmin.

So if I'm hosting a domain "dvigroup.net" it would be fine to use "dviweb.dvigroup.net" as the FQDN?

I think I've read that it is good then to make sure I have external DNS resolving that address as well, so in my case, adding an A record to my GoDaddy hosted DNS?

And if all that tracks, then during my install of Ubuntu (that I'm about to start) when I get to a question of choosing a host name, do I put in the FQDN there, or is it going to give me a host name and domain name question separately that it combines to make the FQDN?

I've installed Debian in the past, but this is my first time installing Ubuntu.

So if I'm hosting a domain "dvigroup.net" it would be fine to use "dviweb.dvigroup.net" as the FQDN?

Yup!

You can use absolutely anything as the FQDN, it just needs to be in the format "hostname.domain.tld", and it needs to resolve to your server's IP address.

adding an A record to my GoDaddy hosted DNS?

Correct, you'd also want to pop that into your DNS setup at GoDaddy.

or is it going to give me a host name and domain name question separately that it combines to make the FQDN?

I unfortunately don't recall what it asks you during the installation... but I suspect the right thing to do would be to enter the FQDN when it asks for your hostname.

Prior to installing Virtualmin, you can verify that it has an FQDN for the hostname by running the command "hostname" on the command line.

Perfect. So now is the hard part, maybe...

I have a running Debian Virtualmin box with 15 domains running on it now and I'm trying to decide how best to migrate them. I need to use the same box so there will be down time but I will be using a new hard drive.

I have Virtualmin running backups, so I have tar.gz files for each domain in a backup directory on the current hard drive but have a few questions about restoring things.

First, I'll unplug the old hard drive and install the new hard drive and do the fresh install of Ubuntu, then run the install script to get Virtualmin set up. (setting the new host name and the old IPs I had). So at that point I would have a vanilla install with no domains.

Should I then customize things the way I want (turning off Bind and WebDAV and whatever else I don't need) and then add each domain back manually - and then restore the backup file?

Or Should I use the Virtualmin backup file itself, restore that, then restore each domain file and will that then set the domains back up and pull all their files back in?

I'm just not sure of the best way to get everything back in its proper place (mail, SQL databases, etc...)

Yeah, migrating to a new server (or new installation) should be super-easy.

Just generate Virtualmin backups for all your Virtual Servers, put those backups in a safe place, perform your installation, make any changes to Virtualmin, and then restore those backups using Virtualmin. It'll handle putting all your files, databases, and such just like they were.

I noticed that Virtualmin makes a backup file of it's own (virtualmin.tar.gz) should I restore this file first, or do I need to do that one at all since I'll have a new fresh install?

I would assume that the backup file for Virtualmin itself might not apply since I'm not only going to be several versions newer but also with some custom things removed this time around.

The virtualmin.tar.gz contains Virtualmin settings such as your Server Templates and Account plans, any tweaks you've made to the Features and Plugins and Virtualmin Configuration, and the like.

If you'd like to keep the changes you've made thus far, go ahead and restore that... then just review your settings when your done to make sure it all looks good.

Or, if you'd like a fresh start, don't restore that, and you can generate it all from scratch.

Perfect.

Thank you so much for your input. This has been a pleasant surprise from what I usually get when looking for help in the "linux world".

I've run linux web servers for years, but I've only gotten into it as far as I needed to for things to work thus far. So I often forget some of the basics that linux-types take for granted. (Like where in the heck are things installed and where are those config files)

Hopefully things will go smoothly and I'll be running on the new server before the weekend is through.

OK, this is a mix of ubuntu and virtualmin I think, but maybe you'll know...

Is there anywhere documented the IP addresses that ubuntu uses? I just tried to run the setup script for virtualmin and it failed because I'm currently blocking all overseas IPs and it couldn't download the packages it needs. I'm in the US and do not do any business with anyone overseas in any way and it's proven a pretty effective way to block spam and cut down on attacks. Obviously I couldn't do this if I was a hosting provider and there are long discussions about whether doing this is good or dumb, but since it's my little group of domains I've lived well this way.

BUT of course ubuntu is overseas so I need to open them up. I have a few IPs based on the failure notices and their general web entry, but if I could get a block that they use I could add them specifically to my white list.

Hmm, I'm not aware of a list of all Ubuntu IP's. It's possible that, in randomly selecting a mirror, it's selecting an overseas mirror from which to download your packages.

If it allows you to select a mirror, you could specifically choose a US-based mirror.

A list of Ubuntu mirrors, grouped by country, is available here:

https://launchpad.net/ubuntu/+cdmirrors

I don't know if this is still relevant, but I'll add my two EURO cents anyway. ;)

I unfortunately don't recall what it asks you during the installation... but I suspect the right thing to do would be to enter the FQDN when it asks for your hostname.

Ubuntu will separately ask for a hostname and then for a domain name during installation. In your case, you'd put "dviweb" as hostname and "dvigroup.net" as domain name.

And be aware that it currently is a little tricky if you plan to host "dvigroup.net" including DNS under Vmin control, since Vmin currently does not expect to be managing the domain in which the host itself is located. If you plan to do that, you need to manually add some NS and A records to the zone file. In an upcoming Vmin version, this issue is supposed to get fixed.

I just tried to run the setup script for virtualmin and it failed because I'm currently blocking all overseas IPs and it couldn't download the packages it needs.

What about opening up all IPs, at least during installation, in outgoing direction? You can still block all non-U.S. ones incoming. Thus you still block spam and attacks, but will allow requests to download packages and stuff from anywhere. That is assuming you're using a stateful packet filter that will allow incoming replies that refer to previously permitted outgoing requests - but mostly any packet filter should behave that way.

Thank you guys for your input!

My install went fine after I opened up the block of IPs that Ubuntu was trying to get to. I do have a stateful router/firewall in place (MikroTik) and could easily set it to allow my outbound requests overseas, but the reason I'm blocking outbound overseas as well as inbound is to even block DNS requests or MX requests that my mail server might try to make to contact a foreign mail server. I may revisit that at a later date, but at the moment the two way blocking is in place and I just need to adjust my sources so I'm only looking at US mirrors, or I need to find a final IP block to allow for Ubuntu system stuff.

I'm not using DNS on my box - I'm using GoDaddy hosted DNS. So I don't have bind enabled for any of my sites, and may remove bind entirely as long as it's not needed for anything locally.

So far my transition has gone well except for a couple glitches with SSL sites. Previously when I added an SSL site to a domain it required me to set a new IP. When I imported my backup of a site with both 80 and 442 sites into the new VirtualMin though it only imported the non-ssl site settings. It imported the files in the filesystem, and made entries in apache, but the VirtualMin config showed no SSL site enabled.

I've been playing with that and it seems that now a unique IP isn't required? Either way, I'm trying to get the SSL side working at the moment. That seems to be my only hiccup so far. The two SSL sites I have simply do not respond at all when I attempt to browse to them.

A few thoughts about the SSL sites: Firstly, the port is 443. I suppose you just made a typo there, but I'm mentioning it in case you actually opened up the wrong port in your firewall or something. :)

Then: Also Virtualmin requires a dedicated IP for an SSL site. While actually there meanwhile is an extension to HTTP available that circumvents the "hostname needed before SSL setup needed before hostname" problem, it is still not standard and Vmin does not support it.

Did you have the SSL Sites plugin enabled before importing the sites? If not, that might be the reason why it's not active. If yes, just activating the feature for the site might help.

Yes, 442 was just a typo. smile

I have two sites with SSL enabled and one of them imported just fine. The other is causing me some pain.

I found a glitch though and I'm re-importing site now. I had created a placeholder domain to test with and my restore was running into conflicts with permissions or something I think because Virtualmin didn't import my SQL databases and it made a new user directory that wasn't correct.

I removed that domain and the placeholder settings and am re-importing.

I have a network interface confusion right now though too. Can you help sort that out?

my file that I understand should define network interfaces doesn't match what I see in virtualmin.

/etc/network/interfaces
Only has lo in it.

/etc/network/interfaces~ has more info, but sill not quite right.

Can you shed some light on where virtualmin gets and puts network interface information?

I see all my current active interfaces correctly in the web interface in virtualmin, but I cannot see those settings in any flat file yet. Although I only see correct information in the active tab, the active at boot tab only shows the lo interface.

To elaborate...

This is what Virtualmin shows as active: Name Type IP Address Netmask Status
eth0 Ethernet 192.168.10.10 255.255.255.0 Up eth0:1 Ethernet (Virtual) 192.168.10.20 255.255.255.0 Up eth0:2 Ethernet (Virtualmin) 192.168.10.30 255.255.255.0 Up lo Loopback 127.0.0.1 255.0.0.0 Up

This is what Virtualmin shows as active at boot: Name Type IP Address Netmask Activate at boot?
lo Loopback Automatic Automatic Yes

This is my /etc/network/interfaces file: auto lo eth0:1 iface lo inet loopback

This is my /etc/network/interfaces~ file: auto lo eth0:1 iface lo inet loopback

iface eth0:1 inet static address 192.168.10.20 netmask 255.255.255.0 broadcast 192.168.10.255 network 192.168.10.0

Something is awry...

Got that sorted out. Between virtualmin and the ubuntu network manager things were out of whack. I was able to put in place a working config file and the other things fell in line.

The last thing I'm trying to do is to restore all my databases. I had created databases outside of the hosts that I have set up and I have the .sql backup files but need to restore them all back into the system.

Is there an easy way to do that?

You may want to try creating those databases from within Virtualmin, so that Virtualmin is able to manage (and backup) the data within those. And then, restore the data in your .sql files into the databases you create.

Would that do what you're after?

About the network interfaces: My assumption is that Webmin retrieves the list of active interfaces and its settings using the ifconfig command, and the list of boot-time settings from /etc/network/interfaces.

That would match with what you saw Webmin report in its networking module I think.

Since you already cleared that issue, I suppose there's no need to go and turn on Webmin's debug logging to find out if my assumption is correct. ;)

Yeah, I think the network issue was just that. It's cleared up now though so I'm good.

The database issue is still a little strange. I did make the databases from within Vritualmin, but just not under any of the domains I have hosted. Maybe if I had done a restore of the Virtualmin file itself they would be in there? but since I was starting clean with an entirely new version and feature set, I only imported the domain backups - not the actual Virtualmin backup.

I think in the future I'll just make new databases as part of one of my domains - that way they are included in the domain backup.

Right now everything is running very well as far as I can tell. Although with Ubuntu and the new Virtualmin, I do see much more RAM in use. Not a big deal, but it's running about 500 M in use when before it was only about 200-300 I think. The machine is a dual core 2G with a gig of RAM though so it's fine.

I really appreciate the input! Thank you so much.

Unless something breaks, consider this customer satisfied. smile

I did make the databases from within Vritualmin, but just not under any of the domains I have hosted. Maybe if I had done a restore of the Virtualmin file itself they would be in there?

Well, the databases would need to be created so that they're associated with a specific Virtual Server... you can do that by going into "Edit Databases" after choosing a domain from the drop-down on the top-left.

That's the only way they'd be included in the Virtual Server backups.

Right now everything is running very well as far as I can tell. Although with Ubuntu and the new Virtualmin, I do see much more RAM in use.

A few of thoughts about that -- don't forget that if you're using a 64 bit distribution, you would definitely see increased RAM usage.

Also, if you aren't using some features, such as "Mailman", you could always shut off those services. Mailman seems to require quite a bit of RAM, and a lot of folks can get away with using the smaller "phplist" application for their needs.

Lastly, whenever you review how much RAM is being used, don't forget to account for what's being cached. If you run a "free -m", you'll get a view of how much RAM you're using. But whatever you see in the column "cached", you might as well just add that onto what's free. That's just memory that the Linux kernel is borrowing (to use as cache) until it's otherwise needed by an application :-)

The "Import Database" tab under Edit Databases might be of assistance here too, since... "This form allows you to bring existing manually created databases on the system under the ownership of this virtual server." :)

Also, if I'm not mistaken, I don't think Virtualmin can actually create a database that is not associated with a vserver. I suppose archaic meant that he created a database with the Webmin MySQL module?

The two bits of software Virtualmin and Webmin are, even though they are tightly integrated, actually separate sets of functionality. :) Or rather, Virtualmin is a set of sophisticated modules for Webmin, cleverly disguised. ;) It can be confusing at times.