Archive for September, 2016

Notes for setting up a new virtual server at 1&1

Been a long time 1 and 1 customer, moving off a creaky old dedicated machine to a VPS. It’s not quite all configured to work out of the box. This is CentOS 7 & Plesk 12.5. Things to do:

  • Modify 1&1 firewall to open port 8447 (needed for Plesk). Open up other ports you need. Probably at least 587 for SMTP submission
  • Set the machine name (not clear to what though…I used 1&1’s name as that seemed like a safe choice)
  • Add the PTR record (from the cloud network panel) to match the above
  • Add a SPF record to the DNS for the IP addresses and machine name (just to cover all the bases)
  • Spamhaus picked up on the mail server EHLO name mismatch right away (as I didn’t realize it right away) so check for blacklists (as well as you never know who had the IP before you)
  • Install Plesk migration tool (as I was moving from a different machine so needed this to move the domains)
  • Decided to only allow FTPS (or SFTP as left SSH open as well)
  • vhosts.conf may not have transferred, check it
  • Older Gallery 2 install that was migrated to the new system broke in move due to permissions (turn on Gallery debug in it’s conf file to diagnose). Was permissions problem on gdata
  • System won’t have gcc, etc. See http://www.scalescale.com/tips/nginx/install-gcc-development-tools-centos-7/
  • mailman is 2.1.15 which lacks a workaround for the (awful) DMARC that some big sites run. Looking to install current mailman 2.1.23. python-devel is needed (along with normal gcc, etc.)
    • Upgrade directions: https://wiki.list.org/DOC/4.80%20How%20do%20I%20upgrade%20from%20Mailman%202.1.x%20to%20a%20later%20Mailman%202.1.y%3F
    • Build directions: https://www.gnu.org/software/mailman/mailman-install/building.html
    • Build new mailman
    • ./configure --prefix=/usr/lib/mailman --with-var-prefix=/var/lib/mailman --with-cgi-gid=apache
      • the gid would seem to need to be apache, even though in the older install from Plesk I see filesĀ  owned by root. Not sure I understand exactly who’s doing what, but if gid is root you get an error saying the script is being run as apache. The defaul uid is mailman, which is correct for this install.
    • make
    • (stop mailman)
    • make install
    • (start mailman)
    • and it dies on use: IOError: [Errno 13] Permission denied: ‘/var/lib/mailman/logs/error’
    • change that file owner to apache, and later I just made it o+rw as at this point who cares. But fails still IOError: [Errno 13] Permission denied: ‘/var/lib/mailman/lists/list-test/config.pck
    • and there’s still something not right, though the admin interface worked for a bit. Looks like the list dirs in /var/lib/mailman/lists are the cause, but not clear what the answer is. On the old system the dirs are chown root and the files are chown mailman, but that was Plesk 11. But cgi-id of root is definitely wrong. Tried this SELinux related fix but no difference: https://wiki.list.org/DOC/SELinux%20errors%20after%20upgrade%20-%20RedHat
    • anyhow, just run mailman’s check_perms -f to fix the stuff.

 

Wednesday, September 28th, 2016 Servers & Internet No Comments

Running on the new server

This is a pointless post to see if the new server works.

Tuesday, September 27th, 2016 Uncategorized No Comments