CentOS 8.x Control Web panel Initial configuration

From Notes_Wiki

Home > CentOS > CentOS 8.x > CentOS 8.x email servers > CentOS 8.x Control Web panel > Initial configuration

Once installed initial configuration of CWP can be done as follows:

  1. After Web login on https://<server-fqdn-or-ip>:2031/, click "Set Root Email" and update "Admin Email"
    Ideally also select "Forward server system emails" checkbox
  2. If you are planning to host emails then
    1. Configure RDNS entries as per https://www.linode.com/docs/guides/configure-your-linode-for-reverse-dns/
    2. Open support ticket and request for email sending limitations removal. https://cloud.linode.com/support/tickets?type=closed&drawerOpen=true
  3. In CWP go to "Server Settings" -> "Change Date & Time"
    Select correct timezone
    Click on "Apply this date and time below" against Your browser date & time
    Click "Change Date & Time"
  4. Click on "/usr/local/php/php.ini" and the other php71/php.ini link
    1. In both files search for date.timezone setting and set it to 
      date.timezone = "Asia/Kolkata"
    2. Save file
  5. Go to PHP Settings -> PHP Version switcher. Select latest version. ("8.1.3" at time of this writing). Validate options esp. pgsql support and click "Save and build"
    We should get path to monitor progress such as "tail -f /var/log/php-rebuild.log". SSH to server and use the same to monitor installation progress.
    Monitoring the full progress would slow down the installation. Ideally have a look at log for a short while. Ctlr+c. Then open again.
  6. Go to PHP Settings -> PHP Info and you should see selected version
  7. Go to CWP Settings -> Backup configuration.
    Ensure backups are enabled.
    Ensure MySQL backup and Backup all users are selected
    Click "Save changes"
  8. Go to Dashboard -> Mail services. Start all mail related services
  9. Create 2GB swap file using CentOS 7.x adding swap space using file
  10. Also configure Storing date / time along with commands in history
  11. Change SSH port as follows.
    1. Go to Dashboard and click link which takes to edit '/etc/ssh/sshd_config file
    2. Under #port 22 add line such as 
      Port 36548
      Use other port based on your choice instead of 36548 given as example here
    3. Restart ssh service by going to Dashboard and clicking restart against SSH service.
  12. Enable and configure firewall
    1. Go to Dashboard -> Firewall. Click on "Enable firewall"
    2. "On right side under ports list" click Configure
    3. In page opened for editing /etc/csf/csf.conf update values for
      TCP_IN
      Append SSHd port such as 36548 used in above example steps
      PORTS_sshd
      Replace with correct SSHD port such as 36548 used in above steps
    4. Restart firewall
    5. At dashboard validate that you can see the new port as part of TCP_IN ports listed on right side
    6. From a different machine (Different public IP) where there is no login into CWP web admin page, try to ssh to server over the configured port.
      Note CWP configures an IP tables exception for the IP from which we do admin(root) login into the web dashboard. Hence we need to test firewall rules from some other machine.
  13. Configure backup for server using rsnapshot and test one full backup. Take backup of at least /etc, /backup, /root, /home and /var 
    backup          root@<server-ip-or-fqdn>:/etc/     <server-ip-or-fqdn>/       +ssh_args=-p 36548
    

    backup          root@<server-ip-or-fqdn>:/backup/  <server-ip-or-fqdn>/       +ssh_args=-p 36548
    

    backup          root@<server-ip-or-fqdn>:/home/    <server-ip-or-fqdn>/       +ssh_args=-p 36548
    

    backup          root@<server-ip-or-fqdn>:/root/    <server-ip-or-fqdn>/       +ssh_args=-p 36548
    

    backup          root@<server-ip-or-fqdn>:/var/     <server-ip-or-fqdn>/       +ssh_args=-p 36548
    The backup port mentioned in ssh_args should match the port on which SSH service is listening.
  14. yum -y install logwatch
  15. Edit root alias in /etc/aliases file and run 
    newaliases
  16. Test whether logwatch email is getting send properly or not by running 
    /etc/cron.daily/0logwatch
  17. Go to bell icon and look at notifications.
  18. Go to Terminal from dashboard and try 
    yum -y update
  19. Install byobu 
    dnf -y install byobu
  20. If using as ssh tunnel (proxytunnel / corkscrew), add ssh port 8443 and allow same via firewall also. In such cases in firewall main configuration set: 
    LF_EMAIL_ALERT = "0"
    And restart lfd. Without this if we have SSH listening on 8443 there would be too many blocked IP alert emails. The same can also be done if SSH is left listening on port 22 for some reason.



Home > CentOS > CentOS 8.x > CentOS 8.x email servers > CentOS 8.x Control Web panel > Initial configuration

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=CentOS_8.x_Control_Web_panel_Initial_configuration&oldid=6401"