Tired of paying someone to setup your server? Want a quick way to setup thousands of domains? Read on…
I have made a quick guide on how to setup a server specifically for MFA sites from start to finish. The server will consist of,
- Web server – Apache
- Database – mySQL
- Scripting Language – PHP
- FTP Daemon – vsFTPD
- DNS Server – Bind
We are going to assume you are using centOS and have yum available. This should only be used on a fresh install. So lets begin,
Installing Services
To make this quick we are just going to use the RPM’s available from the depositories. At the shell prompt execute,
yum -y install httpd httpd-devel mysql mysql-server mysql-devel vsftpd bind bind-libs bind-utils php php-cli
Now that the services are installed it’s time to configure them.
Configure Apache
Depending on which centOS version you are using you will either have apache 1.x (centos4) or apache 2.x (centos5) we are going to assume apache 2.x however as the change are only minor config changes they are the same anyway.
Rather than opening and configuring we will just do a quick replacement on the file for the NameVirtualHost and to include a single file in which we will keep all the vhosts.
perl -pi -e 's/#NameVirtualHost \*:80/NameVirtualHost \*:80\ninclude conf\/domains.conf/g' /etc/httpd/conf/httpd.conf
This will edit the config for you and if you view the config you should see something like this
Configure DNS
When configuring the DNS we are only going to setup 1 domain which will be the primary nameservers, we will use masterdomain.com as an example throughout. There will not be any domains actually setup other than the primary nameserver domain as these will be setup later with the script we build.
Setup the standard configuration (recreating as centOS 5 does not provide /etc/named.conf)
cat >/etc/named.conf <<EOM
// Default named.conf generated by AdminGeekZ
//Add your machines IP if you wish to use this server as the resolvers
acl "trusted" {127.0.0.1;};
options {
version "Bind";
allow-recursion { trusted; };
allow-notify { trusted; };
allow-transfer { trusted; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
};
include "/etc/rndc.key";
EOM
Now setup the nameservers we will be using the following for our example,
– ns1.masterdomain.com -> 10.1.1.1
– ns2.masterdomain.com -> 10.2.2.2
cat >/var/named/masterdomain.com.db <<EOM
$TTL 6200
@ 6200 IN SOA ns1.masterdomain.com. server.masterdomain.com. (
2006070312
6200
7200
1419200
6200
)
masterdomain.com. 6200 IN NS ns1.masterdomain.com.
masterdomain.com. 6200 IN NS ns2.masterdomain.com.
masterdomain.com. 6200 IN MX 5 mail.masterdomain.com.
mail 6200 IN CNAME masterdomain.com.
www 6200 IN CNAME masterdomain.com.
ns1 6200 IN A 10.1.1.1
ns2 6200 IN A 10.2.2.2
masterdomain.com. 6200 IN A 10.1.1.1
EOM
#Now add the domain to the named configuration
cat >>/etc/named.conf <<EOM
zone "masterdomain.com" {
type master;
file "/var/named/masterdomain.com.db";
};
EOM
#Now restart bind
/etc/init.d/named restart
Now we create a dns zone template, this is for our bulk setup script later.
cat >/etc/template.named <<EOM
$TTL 6200
@ 6200 IN SOA ns1.cdomain.com. server.cdomain.com. (
2006070312
6200
7200
1419200
6200
)
cdomain.com. 6200 IN NS ns1.masterdomain.com.
cdomain.com. 6200 IN NS ns2.masterdomain.com.
cdomain.com. 6200 IN MX 5 mail.cdomain.com.
mail 6200 IN CNAME cdomain.com.
www 6200 IN CNAME cdomain.com.
cdomain.com. 6200 IN A 10.1.1.1
EOM
Your /etc/named.conf should look something like this now,
That’s all that is required for this section of bind now.
Setting up FTP/SSH Account
For ease of use we will have all domains managed by one FTP account of the username node which accesses /home/httpd/domains
mkdir -p /home/httpd/domains
adduser -d /home/httpd/domains node
echo "my??password12" | passwd node --stdin
You will have to chown and chmod this directory later for extra security.
Creating Setup Script
We will now use a script which can be used to add domains easily, this will use the base we already setup earlier.
The Script
cat >/root/setup.sh <<EOF
#!/bin/bash
if [ -z "$1" ]; then
echo -n "Syntax: setup.sh domain.com"
exit 0
fi
if [ ! -d "/home/httpd/domains/\$1" ]
then
mkdir /home/httpd/domains/\$1
cat >>/etc/httpd/conf/domains.conf <<EOM
<VirtualHost *:80>
ServerAdmin sysadmin@admingeekz.com
ServerName server.masterdomain.com
ServerName \$1
ServerAlias www.\$1
DocumentRoot /home/httpd/domains/\$1
</VirtualHost>
EOM
cat >>/etc/named.conf <<EOM
zone "\$1" {
type master;
file "/var/named/\$1.db";
};
EOM
cp -f /etc/template.named /etc/buffernamed
replace "cdomain.com" "\$1" -- /etc/buffernamed
mv /etc/buffernamed /var/named/\$1.db
chown named:named /var/named/\$1.db
chown -R node:node /home/httpd/domains/\$1
/etc/init.d/named reload
/etc/init.d/httpd reload
echo "Added \$1 has been setup"
else
echo "\$1 is already setup"
exit 0
fi
EOF
chmod 700 /root/setup.sh
That’s the script created and to add a domain you simply run
/root/setup.sh domain.com
Bulk Adding Domains
Now that everything is setup and ready the last part is to bulk add all of your domains. To do this we are going to have them in a list (without www.) so have a file called domains.txt which should look something like this,
google.com
msn.com
yahoo.com
When you have your list and want to setup the domains first comment out the apache and named reload lines from the /root/setup.sh script to make this go much faster (you can reload once completed) and then loop through the domains by using something like this,
for i in `cat domains.txt`;do /root/setup.sh $i;done
Once completed reload named and apache
/etc/init.d/named reload
/etc/init.d/apache reload
Final Touches
Now that your server is setup and you can add domains easily the last thing to do is to start all the services and make sure they start on boot. You may wish to optimize the server aswell as any other misc tweaks (Such as adding index.php to the DirectoryIndex).
/etc/init.d/httpd restart
/etc/init.d/mysqld restart
/etc/init.d/vsftpd restart
/etc/init.d/named restart
chkconfig httpd on
chkconfig mysqld on
chkconfig vsftpd on
chkconfig named on
Summary
We setup the following,
- 3 Domains (google.com/msn.com/yahoo.com) for both dns and web
- A master FTP account (username: node / password: my??password12)
- 1 master nameserver (masterdomain.com) which all domains use
If you followed this from start to finish you should now have a fully working server for your MFA sites where you can add new domains easily and manage all the domains from one account.