where fluff meets grit
Plesk
Tips and tricks and fixes for the server control panel software from SWSoft.
Plesk passwords and all that Jazz
021 hours ago
by Jonathan Adjei
in Plesk
I’ve been using the mysql console tip for years from this blog post by Brian Resig (maintaining a few legacy sites), and struggled to find it this time. In fear of losing it entirely, I’m copying it here. I’ll thank myself one day I’m sure!
mysql -u admin -p`cat /etc/psa/.psa.shadow` psa -e “SELECT accounts.id, mail.mail_name, accounts.password, domains.name FROM domains LEFT JOIN mail ON domains.id = mail.dom_id LEFT JOIN accounts ON mail.account_id = accounts.id where mail_name=’ENTER MAIL NAME HERE’ “
Plesk and Qmail into Virtualmin and Postfix
22 years ago
Biggest headache!
I’ve spent hours trying to get the Maildir storage of a Postfix install working on a Virtualmin box that had been migrated from Plesk.
There a few critical steps to get everything working. There are lots of references out there, but none covered all my issues at once. All these bits might need setting or just verifying to make it all happy, and this is done on a CentOS 5 box.
Ultra critical points for me were step 1 (6th line), step 6, step 7, step 9 and the last few command line instructions (especially the 1st line).
- Webmin -> Webmin -> Usermin Configuration -> Usermin Module Configuration -> Read mail
Mail storage format for Inbox = Remote IMAP server
Sendmail mail file location = /var/spool/mail
Qmail or MH directory location = Subdirectory under home directory
Qmail or MH directory in home directory = Maildir
POP3 or IMAP server name = localhost (this might need to be typed explicitly)
Sendmail command = /usr/lib/sendmail
Default hostname for From: address = From real hostname
Allow editing of From: address = yes
From: address mapping file = /etc/postfix/virtual
Address mapping file format = Address to username(virtusertable) - Webmin -> Webmin Configuration -> Webmin Modules
Install Postfix
Remove Sendmail - Webmin -> Servers -> Postix Mail Server -> General Options
What domain to use in outbound mail = Use hostname
What domains to receive mail for = $myhostname, localhost.$mydomain, localhost, localhost.localdomain
Send outgoing mail via host = Deliver directly
Default database type = hash
Internet hostname of this mail system = Default (provided by system)
Local internet domain name = Default (provided by system)
Local networks = Default (all attached networks) - Webmin -> Servers -> Postix Mail Server -> Mail Aliases
Alias databases used by the local delivery agent = hash:/etc/aliases
Alias databases built by “newaliases” command = hash:/etc/aliases - Webmin -> Servers -> Postfix Mail Server -> Virtual Domains
Domain mapping lookup tables = hash:/etc/postfix/virtual
Domains to perform virtual mapping for = From domain mapping tables - Webmin -> Servers -> Postfix Mail Server -> Local Delivery
Home-relative pathname of user mailbox file = Maildir/ - Webmin -> Servers -> Procmail Mail Filter
Set variable DEFAULT to $HOME/Maildir/
Set variable ORGMAIL to $HOME/Maildir/ - Webmin -> Networking -> Networking Configuration -> Hostname and DNS Client
Hostname = localhost.localdomain - Webmin -> Networking -> Networking Configuration -> Host Addresses
127.0.0.1 = localhost, localhost.localdomain
<your external IP address> = <FQDN> (eg. 80.70.60.50 = example.com)
Then click ‘Apply Configuration’
The last few steps are best done from the root command line…
hostname (eg. hostname mail.example.com) mkdir -p /etc/skel/Maildir/new mkdir -p /etc/skel/Maildir/cur mkdir -p /etc/skel/Maildir/tmp wget -c http://www.qmail.org/convert-and-create chmod +x convert-and-create ./convert-and-create postmap /etc/postfix/virtual newaliases service postfix restart
Few extra pointers ..
you need
host `hostname`
to give you the <hostname.FQDN> and external IP address (take note of the backticks, not apostrophes)…
mail.example.com has address 80.70.60.50
and looking inside /etc/hosts, you should see the 2nd line as your external IP address and just the <FQDN>…
127.0.0.0.1 localhost localhost.localdomain 80.70.60.50 example.com
You’re looking for the results of
postconf -n
to look something like this
alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_interfaces = all mail_owner = postfix mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, localhost.localdomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sender_bcc_maps = hash:/etc/postfix/bcc sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual
Anyway, hope that helps .. you can wake up and leave now if you like.
References:
http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/Postfix+mbox+to+Maildir+conversion
http://bliki.rimuhosting.com/space/knowledgebase/linux/mail/postfix+notes
http://www.postfix.org/DEBUG_README.html
Fetching mail with fetchmail
03 years ago
During a domain transfer, while DNS was still propogating I needed to retrieve mail from the old server to the new.
I did so thusly…
# yum install fetchmail
$ touch .fetchmailrc
$ chmod 600 .fetchmailc
I then added the following lines to .fetchmailrc
poll with proto POP3
user there with password "" is "" here
Then once ensuring you can POP3 out of the server (port 110) through the firewall, you can just run ‘fetchmail’ from the command line to grab the mail.
Topping it off with a cronjob for the duration of DNS propogation would probably be a sensible finish.
References:
http://theos.in/news/howto-configure-fetchmail-linux-or-unix-client-program-to-fetch-emails/
http://www.catb.org/~esr/fetchmail/fetchmail-FAQ.html
Plesk Hard disk quotas
24 years ago
I had to enable quota support to my hard disk mounts on one of my new Plesk boxes today. This lets Plesk manage how much space is given to whomever… very necessary for a virtual hosting box.
I found these instructions on the Plesk forum, but not all in one place, hence…
Add ‘usrquota’ to the options in fstab. Mine looked like this before and after…
before
/dev/md0 / ext3 defaults 1 1
after
/dev/md0 / ext3 defaults,usrquota 1 1
Then run these to get quotas working…
# mount -o remount /
# quotaoff -av
# quotacheck -avum
# quotaon -av
..and that should be you good to go.
You might also need to ensure the quote management tools package is installed for your system.
On mine, this was
yum install quota
Server build notes
04 years ago
Part 1
Retrieve the full license key from Plesk using the web control panel License Manager.
Backup and download the key.
# cp /etc/psa/psa.key /var/www/vhosts/<domain>/httpdocs/
Visit http://<domain>/psa.key
Part 2
Then run the offline installer script…
wget -q -O - http://www.atomicorp.com/installers/aooi |sh
or tweak it slightly…
# wget http://3es.atomicrocketturtle.com/tests/aooi-installer.sh
# chmod +x aooi-installer.sh
Edit the script
# vi aooi-installer.sh
:%s/www.gtlib.gatech.edu/mirror.linux.duke.edu/g
:wq
Run the install
# ./aooi-installer.sh
Open a serial console and watch what happens during reboots etc.
Part 3
Login as root with password ‘atomic555′
Change the root password
# passwd
Copy my firewall scripts to server and customise with new machinename
/root/fw.on
/root/fw.off
/root/getfw.sh
/etc/rc.d/rc.firewall_off
Make them all executable
# chmod +x /root/fw.on /root/fw.on /root/fw.off /root/getfw.sh /etc/rc.d/rc.firewall_off
Write and install an iptables firewall
# ./getfw.sh
Part 4
Install latest Plesk (don’t use auto-installer psa_installer_v3.2.0_build070705.20_os_CentOS_4.3_x86_64 – busted)
# wget http://download1.swsoft.com/Plesk/Plesk8.2/CentOS4.3/psa_installer_v3.1.2_build070321.17_os_CentOS_4_x86_64
# chmod +x psa_installer_v3.1.2_build070321.17_os_CentOS_4_x86_64
# ./psa_installer_v3.1.2_build070321.17_os_CentOS_4_x86_64
You can login to plesk at https://<domain>:8443/
user: admin
pass: setup
Once you’ve logged in change your password
Part 5
Add yourself a user account so you don’t have to login as root
# useradd <username>
# passwd <username>
If you’re going to be using the Plesk migration manager, add your new user to the ‘wheel’ group and enable sudo
# usermod -a -G wheel <username>
uncomment %wheel line in /etc/sudoers
Part 6
Update yum to use atomic channel and run an update
# wget -q -O - http://www.atomicorp.com/installers/atomic.sh | sh
# yum update
If it complains about dependencies involving php-pear
# yum install php-pear
# yum update
Part 7
Make sure you are using all the latest conf files. Use my ‘rpmnew.sh’ manager script to speed the job.
Make sure httpd service is running (probably have to move /etc/php.d/ioncube-loader.ini)
Part 8
Buy and install ASL channel
# wget -q -O - http://www.atomicorp.com/installers/install-asl.sh |sh
Further tweaks
Set kernel to attempt reboot (panic) on oops
Plesk, 1and1 and CentOS
04 years ago
I’m currently building a new server for a client and am finding great success using the top notch tools from atomic rocket turtle. (Atomic Corp)
By using Scott’s AOOI script I have managed to install CentOS 4.4 on one of 1and1′s Business Server IIs along with PHP 5 and mysql 5. Taking a backup of the Plesk key before doing so, I was able to install a fresh Plesk 8.2 and have a bang up to date, future proofed box with all the features of the 1and1 build (64 bit, dual core, RAID1 etc.).
- Login as root and then…
# wget http://3es.atomicrocketturtle.com/tests/aooi-installer.sh
# chmod +x aooi-installer.sh - I actually needed to mod the script a little to get it to run happily as the mirror for the CentOS image was defunct
Open aooi-installer.sh in vi (or equivalent) and replace the url
www.gtlib.gatech.edu
with
mirror.linux.duke.edu
save and start the install
# ./aooi-installer.sh - A good way of getting a feel for what should be happening and when can be had from the excellent video provided by Scott.
It shows two consoles open.. one running the install script, and one logged in from the serial console (superb 1and1 feature) keeping a running commentary on what is happening on the box.
http://www.atomicrocketturtle.com/tutorials/aooi-v6-tutorial.ogg
The guys over at Atomic Corp are doing some really great work on hardening web servers based on Plesk, and I can’t recommend their ASL – Atomic Secured Linux subscription yum channel enough.
FTP in a Plesk stylee
05 years ago
I found myself wanting to create an extra FTP user for one of my Plesk machines that would only have access to a subdirectory of one of the machine’s domains.
It turns out this isn’t as tricky as I made it!
If you create a new OS user giving them the same user ID number as the primary FTP user and the Plesk group ‘psacln’, they have the same privileges. Giving them a home directory of the subdirectory instead of the primary user’s home directory chroots them inside it.. perfect.
1. Determine the uid number of the primary user (bob)
# cat /etc/passwd | grep bob
bob:x:10021:10001::/home/httpd/vhosts/bob.org:/bin/false
2. Create the new user with the same uid number, group, and shell (if you wish) but with a new home directory.
# useradd -u 10021 -o -d /home/httpd/vhosts/bob.org/httpdocs/bobs_subdir -g psacln -s /bin/false bob
# passwd bob
Give them a password and you’re done!
Thanks to this post on the SWSoft forums
http://forum.swsoft.com/showthread.php?postid=118777
mysql_fix_privilege_tables doesn't work on Plesk machines?
05 years ago
The reason for this upgrade script failing for Plesk machines is due to Plesk changing the mysql ‘root’ account into ‘admin’.
To get the script to run successfully, you can simply open up the file /usr/bin/mysql_fix_privilege_tables and change the ‘user=”root” to user=”admin”.
Then start the script passing the parameter –password=xxx where xxx is your Plesk admin account’s password.
/usr/bin/mysql_fix_privilege_tables --password=xxx Super
Newly installed SSL certificates not being used on PLesk
05 years ago
I’ve come across this a couple of times and thought it worth adding here, so I’m more likely to remember next time.
You need to comment out or delete the default Virtualhost config in this file…
/etc/httpd/conf.d/ssl.conf
Look for the section starting with this…
VirtualHost _default_:443
This is the SWSoft knowlegdebase article that details the solution.
Restoring individual files from Plesk backups
55 years ago
I had to extract a single database record from a Plesk backup today. The backup utility within Plesk 7.5.4 is not intended for accessing like this. It’s designed to restore a whole domain at once rather than getting hold of mistakenly deleted items, but with a few tools and a modicum (JCB) of patience, it can be done.
The backup file is a mime-encoded, part gzipped file which contains an xml file as an index.
You first need to unencode it using something like ripmime.
Download the latest stable version, unzip and install it following the instructions in the contained ‘INSTALL’ file.
# wget http://pldaniels.com/ripmime/ripmime-1.4.0.7.tar.gz
# tar -zxvf ripmime-1.4.0.7.tar.gz
# cd ripmime-1.4.0.7
# make
# make install
Then you can unencode your backup file. Move to a location where you have plenty of space to work… typically a user’s home directory, and start the unencoding.
On my server ‘backupfile’ was stored as ‘/var/lib/psa/dumps/domain.tld/domain.tld_yyyyy.mm.dd_hh.mm’
# cd ~username
# mkdir restoredir
# cd restoredir
# ripmime -i backupfile -v --name-by-type --postfix
This should create a fair few files in the directory ‘restoredir’. They will be named according to their contents, and you can see whether the files are gzipped or not using the ‘file’ command. All application-x-dir files are tar.gz files of the backed up directories. Hopefully this will be enough for you to determine the files you are after. You can also open up the text-xml1 file to help with ascertaining the correct files.
# file *
# cat text-xml1
Once you’re settled on the ones you want.. in my case ‘application-x-mysql-dump55′.. you can rename them to have the correct file extension and unzip them.
# mv application-x-mysql-dump55 application-x-mysql-dump55.gz
# gzip -d application-x-mysql-dump55.gz
Hope this works out for you.. it proved handy for me anyway.
References:
Original tip in a SWSoft discussion thread
http://forum.swsoft.com/showthread.php?threadid=23669
ripMIME – unencodes MIME files
http://pldaniels.com/ripmime/ripmime-1.4.0.7.tar.gz