Install DirectAdmin on Amazon AWS A-Z Guide

This guide shows you how to install and configure DirectAdmin on Amazon EC2.

Prerequisites

Active AWS Account.
AWS Security Group open on ports 80,995,143,465,53,2222,443,35000-35999,110,1194,993,22,21,25,53,587
Basic linux knowledge
DirectAdmin Licnese

Lunch EC2 instance

Go to EC2 Dashboard, and click “Lunch Instance” button:

Choose an CentOS 7 (AMI):

Choose any Instance Type that suit your needs, add storage, configure Security Group then lunch your server:

Installation

To begin, login to your AWS EC2 serevr via SSH

1. Update your CentOS and install some basic programs

sudo yum -y update
sudo yum -y install nano wget perl

1 2	sudo yum -y update sudo yum -y install nano wget perl

2. Enable SSH for root account

sudo nano /etc/ssh/sshd_config

1	sudo nano /etc/ssh/sshd_config

Set PermitRootLogin yes
Set AllowTcpForwarding no

Edit this the authorized_keys to allow login via root account

sudo nano /root/.ssh/authorized_keys

1	sudo nano /root/.ssh/authorized_keys

Then delete the lines at the begining of the file that say “COMMAND….” until you get to the words ssh-rsa

Restart SSH

sudo service sshd restart

1	sudo service sshd restart

3. Set your hostname

Assume that I’m using the domain hosting.xyz, and you want your server hostname set to server1.hosting.xyz

hostnamectl set-hostname server1.hosting.xyz

1	hostnamectl set-hostname server1.hosting.xyz

Check if the /etc/hostname shows the hostname

nano /etc/hostname

1	nano /etc/hostname

We also edit /etc/hosts to make the hostname point to the server IP

nano /etc/hosts

1	nano /etc/hosts

then add xxx.xxx.xxx.xxx server1.hosting.xyz at the end where xxx.xxx.xxx.xxx is your server public IP

AWS will reset the hostname everytime the server reboot, so we need to fix this.

nano /etc/cloud/cloud.cfg

1	nano /etc/cloud/cloud.cfg

and add preserve_hostname: true below the syslog_fix_perms

Then reboot the server

reboot

reboot

4. Activate Quotas

On CentOS 7, xfs is used by default and Quotas are not activated, so you need to enable them manually

nano /etc/default/grub

1	nano /etc/default/grub

add quota options rootflags=usrquota,grpquota into the end of GRUB_CMDLINE_LINUX line, it will look like this

GRUB_CMDLINE_LINUX="rd.lvm.lv=centos/swap vconsole.font=latarcyrheb-sun16 ... rootflags=usrquota,grpquota"

1	GRUB_CMDLINE_LINUX="rd.lvm.lv=centos/swap vconsole.font=latarcyrheb-sun16 ... rootflags=usrquota,grpquota"

Make a backup

cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.back

1	cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.back

Generate a new configuration file:

grub2-mkconfig -o /boot/grub2/grub.cfg

1	grub2-mkconfig -o /boot/grub2/grub.cfg

Restart the server, the root directory will be mounted with required options. We can check by running this command

mount | grep '/'

1	mount \| grep '/'

/dev/xvda1 on / type xfs (rw,relatime,attr2,inode64,usrquota,grpquota)

1	/dev/xvda1 on / type xfs (rw,relatime,attr2,inode64,usrquota,grpquota)

5. Add network eth0:0
By default, AWS EC2 use private IP for eth0, to install DirectAdmin, we need to use the public IP

nano /etc/sysconfig/network-scripts/ifcfg-eth0:0

1	nano /etc/sysconfig/network-scripts/ifcfg-eth0:0

Enter the following content

DEVICE=eth0:0
BOOTPROTO=none
ONPARENT=yes
IPADDR=xxx.xxx.xxx.xxx NETMASK=255.255.255.0 ONBOOT=yes

DEVICE=eth0:0

BOOTPROTO=none

ONPARENT=yes

IPADDR=xxx.xxx.xxx.xxx NETMASK=255.255.255.0 ONBOOT=yes

where xxx.xxx.xxx.xxx is your AWS Public IP, then restart the network

/etc/init.d/network restart

1	/etc/init.d/network restart

If you wish to you IPv6, set your eth0 live below:

IPV6INIT="yes"
IPV6ADDR=2600:1f16:xxxxxxxxxxxx

1 2	IPV6INIT="yes" IPV6ADDR=2600:1f16:xxxxxxxxxxxx

6. Setup DirectAdmin

echo 1 &gt; /root/.lan
wget http://www.directadmin.com/setup.sh
chmod 755 setup.sh
./setup.sh

echo 1 > /root/.lan

wget http://www.directadmin.com/setup.sh

chmod 755 setup.sh

./setup.sh

And follow the instructions. Note when you asked for the network, enter eth0:0

Configuration

Since EC2 runs on a LAN/NAT and behind the firewall, we need to do some config.

Enable LAN

nano /usr/local/directadmin/conf/directadmin.conf

1	nano /usr/local/directadmin/conf/directadmin.conf

Add this value lan_ip=yyy.yyy.yyy.yyy where yyy.yyy.yyy.yyy is your AWS Private IP
Link the Private IP to your Public IP using the DA Linked IP feature

Add the LAN IP to DA’s IP manager. Don’t assign it to any Users or Domains.
View the details of the external IP: Admin Level -> IP Manager -> Click the public/external IP.
Link the internal IP to the external IP: Select the LAN IP from the drop down.
Only select Apache, do not select DNS

Restart DirectAdmin

Open ports for FTP

If you use ProFTPD, edit it’s configure file:

nano /etc/proftpd.conf

1	nano /etc/proftpd.conf

Add after PassivePorts: MasqueradeAddress xxx.xxx.xxx.xxx where xxx.xxx.xxx.xxx is your AWS Public IP

Add rule to the iptables

iptables -I INPUT -p tcp --dport 35000:35999 -j ACCEPT

1	iptables -I INPUT -p tcp --dport 35000:35999 -j ACCEPT

nano /usr/libexec/iptables/iptables.init

1	nano /usr/libexec/iptables/iptables.init

add $IPTABLES -A INPUT -p tcp –dport 35000:35999 -j ACCEPT below the ftp section, like this

#########################
# ftp
$IPTABLES -A INPUT -p tcp --dport 21 -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 35000:35999 -j ACCEPT

#########################

# ftp

$IPTABLES -A INPUT -p tcp --dport 21 -j ACCEPT

$IPTABLES -A INPUT -p tcp --dport 35000:35999 -j ACCEPT

For optimize performance and improve security, see this guide.

Install DirectAdmin on Amazon AWS A-Z Guide

Prerequisites

Lunch EC2 instance

Installation

Configuration

jamesblackvn

Trả lời Hủy