Perfect Debian Install

From LinuxServerTech

Jump to: navigation, search


Step-by-step Installation for Sarge

Perform a standard netinst. During this time, the only changes from "normal" are to partition the hard disk. For security, small partitions may be created for /tmp, and many people recommend partitions for /var and /var/log. I generally use the following partitions:

/ 10G
swap Memory Size or Memory Size*2
/tmp 1G (it can be as small as 500M on normal systems)
/home Remainder of disk space

/var is generally small (200M) but remember that MySQL stores its files in /var/lib, so it can grow quite easily if you have large databases. /var/log is around 100-200M, but on an active web server I have seen up to 10G. However, I generally place weblogs in /home somewhere, so I can use the lower number. When the install is done, reboot and the package manager will appear. You can simply select a "Mail Server" and let it do the installation. Now, get rid of some junk that doesn't need to be on a server: 

apt-get remove lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig
update-rc.d -f exim remove
update-inetd --remove daytime
update-inetd --remove telnet
update-inetd --remove time
update-inetd --remove finger
update-inetd --remove talk
update-inetd --remove ntalk
update-inetd --remove ftp
update-inetd --remove discard

Now, install some packages we will need. 

apt-get install wget bzip2 rdate fetchmail libdb3++-dev unzip zip ncftp xlispstat libarchive-zip-perl zlib1g-dev libpopt-dev nmap openssl lynx fileutils bind9 mysql-server mysql-client libmysqlclient12-dev postfix postfix-tls libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl courier-imap courier-imap-ssl courier-pop courier-pop-ssl apache2 apache2-doc libapache2-mod-php4 libapache2-mod-perl2 php4 php4-cli php4-common php4-curl php4-dev php4-domxml php4-gd php4-imap php4-ldap php4-mcal php4-mhash php4-mysql php4-odbc php4-pear php4-xslt curl libwww-perl imagemagick proftpd webalizer ntpdate

Following is an add-in that Rod just put in here. This whole article needs to be cleaned up. 

deb http://www.backports.org/debian/ sarge-backports main non-free contrib
apt-get -t sarge-backports install linux-image-2.6.16-2-k7
apt-get install kernel-image-2.6-k7 kernel-doc-2.6.8 kernel-source-2.6.8 libncurses-dev kernel-package
update-rc.d -f exim remove
update-inetd --remove daytime
update-inetd --remove telnet
update-inetd --remove time
update-inetd --remove finger
update-inetd --remove talk
update-inetd --remove ntalk
update-inetd --remove ftp
update-inetd --remove discard
apt-get --purge remove lpr nfs-common portmap pidentd pcmcia-cs pppoe pppoeconf ppp pppconfig 
apt-get -y install sudo joe lvm2 wget bzip2 rdate fetchmail libdb3++-dev unzip zip ncftp xlispstat libarchive-zip-perl zlib1g-dev libpopt-dev nmap openssl lynx fileutils ntp ntpdate 
# Bind
apt-get -y install bind9
# Apache (two lines)
apt-get -y install proftpd webalizer apache2 apache2-doc libapache2-mod-php4 libapache2-mod-perl2 php4 php4-cli php4-common php4-curl php4-dev php4-domxml php4-gd php4-imap php4-ldap php4-mcal php4-mhash php4-mysql php4-odbc php4-pear php4-xslt curl libwww-perl imagemagick libdate-calc-perl libtimedate-perl perlmagick
# MySQL
apt-get -y mysql-server mysql-client libmysqlclient12-dev 
# e-mail
apt-get -y install postfix postfix-tls libsasl2 sasl2-bin libsasl2-modules courier-imap courier-imap-ssl courier-pop courier-pop-ssl
# samba
apt-get -y install samba samba-doc 
# Configure Postfix
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart
lvextend -L+1G /dev/myvg/homevol
e2fsck -f /dev/myvg/homevol
resize2fs /dev/myvg/homevol
Retrieved from "http://wiki.linuxservertech.com/index.php/Perfect_Debian_Install"