{"id":325639,"date":"2021-06-29T03:00:27","date_gmt":"2021-06-29T03:00:27","guid":{"rendered":"http:\/\/savepearlharbor.com\/?p=325639"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=325639","title":{"rendered":"\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 Ispconfig3 \u043d\u0430 ubuntu 20.04 (nginx+php-fpm+mysql)"},"content":{"rendered":"\n<div class=\"post__text post__text_v2\" id=\"post-content-body\">\n<p>ISPConfig &#8212; \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u0430\u044f \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u043e\u043c \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0438\u0437 \u043e\u0434\u043d\u043e\u0439 \u043f\u0430\u043d\u0435\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \u042d\u0442\u043e \u043e\u0434\u0438\u043d \u0438\u0437 \u043b\u0443\u0447\u0448\u0438\u0445 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0432\u0435\u0431-\u0441\u0442\u0443\u0434\u0438\u0439, \u0445\u043e\u0441\u0442\u0438\u043d\u0433-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439, \u0430 \u0442\u0430\u043a \u0436\u0435 \u0434\u043b\u044f \u0432\u0441\u0435\u0445, \u043a\u0442\u043e \u0438\u0449\u0435\u0442 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u0443\u044e \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u043e\u043c \u0441 \u0448\u0438\u0440\u043e\u043a\u0438\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c. <\/p>\n<p>\u0412 \u0441\u0435\u0442\u0438 \u0435\u0441\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043d\u0430 OpenSuSe, Fedora, CentOS, Debian \u0438 Ubuntu \u0440\u0430\u0437\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043d\u043e\u0432\u043e\u0439 \u041e\u0421 \u0438\u0437 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u044e\u0442, \u043d\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e\u0434 ubuntu 20.04 \u0441 nginx \u043f\u043e\u0447\u0435\u043c\u0443-\u0442\u043e \u0432\u044b\u043f\u0430\u043b\u0430 \u0438\u0437 \u0447\u0438\u0441\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445. \u0421\u0430\u043c\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u044d\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c.<\/p>\n<h2>\u0423\u0431\u0435\u0434\u0438\u043c\u0441\u044f, \u0447\u0442\u043e \u043d\u0430\u0448\u0430 \u041e\u0421 \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430 <\/h2>\n<p>\u0423\u0431\u0435\u0434\u0438\u043c\u0441\u044f, \u0447\u0442\u043e \u043d\u0430 \u043d\u0430\u0448\u0435\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0432\u0441\u0435\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d ssh \u043a\u043b\u0438\u0435\u043d\u0442 \u0438 vim (\u0438\u043b\u0438 \u043b\u044e\u0431\u043e\u0439 \u0434\u0440\u0443\u0433\u043e\u0439 \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0439 \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0432\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0443\u0434\u043e\u0431\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c), \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u044b\u0439 ip, hosts, hostname \u0438 \u043b\u043e\u043a\u0430\u043b\u0438. <\/p>\n<p>\u0414\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, ssh \u0438 \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u043e\u0433\u043e \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u044b:<br \/><strong><em>sudo -s<br \/>apt update &amp;&amp; apt upgrade -y &amp;&amp; apt autoremove -y &amp;&amp; apt install -y ssh openssh-server nano vim-nox<\/em><\/strong><\/p>\n<p><em>\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u044b\u0439 ip, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u0443\u043a\u0430\u0436\u0435\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438:<br \/><\/em><strong>vi \/etc\/netplan\/00-installer-config.yaml<\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/netplan\/00-installer-config.yaml<\/summary>\n<div class=\"spoiler__content\">\n<p><em>network:<br \/>&nbsp; version: 2<br \/>&nbsp; renderer: networkd<br \/>&nbsp; ethernets:<br \/>&nbsp; &nbsp; eth0:<br \/>&nbsp; &nbsp; &nbsp; dhcp4: no<br \/>&nbsp; &nbsp; &nbsp; addresses: [185.104.112.249\/24]<br \/>&nbsp; &nbsp; &nbsp; gateway4: 185.104.112.1<br \/>&nbsp; &nbsp; &nbsp; nameservers:<br \/>&nbsp; &nbsp; &nbsp; &nbsp; addresses: [8.8.8.8, 8.8.4.4]<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u043c \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439<br \/><strong><em>netplan try&nbsp;<br \/><\/em><\/strong>\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0441\u043b\u0438 \u0432\u0441\u0435 \u0445\u043e\u0440\u043e\u0448\u043e \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u0432\u0435\u0440\u043d\u0430, \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f \u043d\u0430\u0434\u043f\u0438\u0441\u044c \u0441 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u0434\u043b\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043d\u0430\u0436\u0430\u0442\u044c \u043a\u043b\u0430\u0432\u0438\u0448\u0443 <em>ENTER,<\/em> \u0435\u0441\u043b\u0438 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0438 120 \u0441\u0435\u043a\u0443\u043d\u0434 \u043c\u044b \u043d\u0435 \u0441\u043e\u0433\u043b\u0430\u0441\u0438\u043c\u0441\u044f &#8212; \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f:<\/p>\n<details class=\"spoiler\">\n<summary>netplan try<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@host:~# netplan try<br \/>Warning: Stopping systemd-networkd.service, but it can still be activated by:<br \/>&nbsp; systemd-networkd.socket<br \/>Do you want to keep these settings?<br \/>Press ENTER before the timeout to accept the new configuration<br \/>Changes will revert in 116 seconds<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u0422\u0430\u043a\u0436\u0435  \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u043c\u043e\u0436\u043d\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u044b&nbsp;<br \/><strong><em>netplan apply<\/em><\/strong><br \/>\u041e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b hosts \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439<br \/><strong>vi \/etc\/hosts<br \/><\/strong>\u0438 \u0443\u0431\u0435\u0434\u0438\u043c\u0441\u044f \u0432 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0441\u0442\u0440\u043e\u043a\u0438 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0435\u0439 \u043d\u0430 \u043d\u0430\u0448 \u0441\u0435\u0440\u0432\u0435\u0440, \u043a\u0430\u043a \u043f\u043e \u0438\u043c\u0435\u043d\u0438 \u0445\u043e\u0441\u0442\u0430,&nbsp; \u0442\u0430\u043a \u043f\u043e \u0438\u043c\u0435\u043d\u0438 \u0445\u043e\u0441\u0442\u0430 \u0438 \u0434\u043e\u043c\u0435\u043d\u0443 (ispnginx &#8212; \u0438\u043c\u044f \u0445\u043e\u0441\u0442\u0430, <a href=\"http:\/\/xn--at-a-k6d.ru\" rel=\"noopener noreferrer nofollow\">\u0441at-a.ru<\/a> &#8212; \u0434\u043e\u043c\u0435\u043d\u0430):<\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/hosts<\/summary>\n<div class=\"spoiler__content\">\n<p><em>127.0.0.1 &nbsp; &nbsp; &nbsp; localhost.localdomain &nbsp; localhost<br \/>185.104.112.249 <\/em><a href=\"http:\/\/ispnginx.cat-a.ru\" rel=\"noopener noreferrer nofollow\"><em>ispnginx.cat-a.ru<\/em><\/a><em> ispnginx<br \/>::1 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; localhost6.localdomain6 localhost6<br \/># The following lines are desirable for IPv6 capable hosts<br \/>::1 &nbsp; &nbsp; localhost ip6-localhost ip6-loopback<br \/>fe00::0 ip6-localnet<br \/>ff02::1 ip6-allnodes<br \/>ff02::2 ip6-allrouters<br \/>ff02::3 ip6-allhosts<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0445\u043e\u0441\u0442\u043d\u0435\u0439\u043c, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u044b:<br \/><strong><em>echo ispnginx &gt; \/etc\/hostname &amp;&amp; hostname ispnginx<br \/><\/em><\/strong>\u0438\u043b\u0438<br \/><strong><em>hostnamectl set-hostname ispnginx<br \/><\/em><\/strong>\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u043c, \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u0441\u044f \u043b\u0438 hostname \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u043c\u0438:&nbsp;<br \/><strong><em>hostname&nbsp;<br \/>hostname -f<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\u0412\u044b\u0432\u043e\u0434 \u0434\u043e\u043b\u0436\u0435\u043d \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0442\u0430\u043a<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@host:~# hostname<br \/>ispnginx<br \/>root@host:~# hostname -f<br \/>ispnginx.cat-a.ru<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u043b\u043e\u043a\u0430\u043b\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432:<br \/><strong><em>dpkg-reconfigure locales<br \/><\/em><\/strong>\u0412\u044b\u0431\u0438\u0440\u0430\u0435\u043c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 en_US.UTF-8 \u0438 ru_RU.UTF-8, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440 &#8212; \u043e\u043d \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d \u043a \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 Ispconfig<\/p>\n<h2>\u0418\u0437\u043c\u0435\u043d\u0438\u043c \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e<\/h2>\n<p>\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \/bin\/sh &#8212; \u0441\u0438\u043c\u043b\u0438\u043d\u043a \/bin\/dash, \u043d\u043e \u043d\u0430\u043c \u043d\u0443\u0436\u043d\u043e \/bin\/bash, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043c:<br \/><strong><em>dpkg-reconfigure dash<br \/><\/em><\/strong>\u0412 \u043e\u0442\u043a\u0440\u044b\u0432\u0448\u0435\u043c\u0441\u044f \u043e\u043a\u043d\u0435 \u0432\u044b\u0431\u0438\u0440\u0430\u0435\u043c &#171;No&#187;<\/p>\n<figure class=\"full-width\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/habrastorage.org\/getpro\/habr\/upload_files\/e89\/1e0\/c19\/e891e0c199731a4eb10698d599e680c4.png\" width=\"2076\" height=\"516\"><figcaption><\/figcaption><\/figure>\n<h2>\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u043c \u0438 \u0443\u0434\u0430\u043b\u0438\u043c apparmor<\/h2>\n<p><strong><em>service apparmor stop &amp;&amp; update-rc.d -f apparmor remove &amp;&amp; apt-get remove apparmor apparmor-utils<\/em><\/strong><\/p>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c ntp&nbsp;<\/h2>\n<p><strong><em>apt install -y ntp ntpdate<\/em><\/strong><\/p>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Postfix, Dovecot, MySQL, phpMyAdmin, rkhunter, Binutils<\/h2>\n<p>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Postfix, Dovecot, MySQL, rkhunter \u0438 binutils \u0441 \u043f\u043e\u043c\u043e\u0448\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u044b:<strong><em><br \/>apt install -y postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve dovecot-lmtpd&nbsp; sudo patch<\/em><\/strong><\/p>\n<p>\u041a\u043e\u0433\u0434\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a \u043f\u043e\u043f\u0440\u043e\u0441\u0438\u0442 \u0443\u043a\u0430\u0437\u0430\u0442\u044c  \u043a\u0430\u043a\u0443\u044e \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c Internet Site, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 System mail name \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c hostname<br \/><em>General type of mail configuration: <\/em><strong><em>&lt;&#8212; Internet Site<br \/><\/em><\/strong><em>System mail name: &lt;&#8212; <\/em><strong><em>server1.example.com<\/em><\/strong><em><br \/>\u041e\u0442\u043a\u0440\u043e\u0435\u043c<\/em> TLS\/SSL \u0438 submission \u043f\u043e\u0440\u0442\u044b \u0432 Postfix, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b <em>\/etc\/postfix\/master.cf<\/em><br \/><strong><em>vi \/etc\/postfix\/master.cf<br \/><\/em><\/strong>\u0438 \u0440\u0430\u0441\u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u0435\u043c \u0441\u0435\u043a\u0446\u0438\u0438 submission,&nbsp;&nbsp;smtps, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e \u043f\u0435\u0440\u0432\u044b\u0435 3 \u0441\u0442\u0440\u043e\u0447\u043a\u0438 \u0432 \u043a\u0430\u0436\u0434\u043e\u0439 \u0441\u0435\u043a\u0446\u0438\u0438 \u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u043c \u043a \u043e\u0431\u0435\u0438\u043c&nbsp; \u0441\u0435\u043a\u0446\u0438\u044f\u043c \u0441\u0442\u0440\u043e\u043a\u0443 (\u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u0435\u043c 2 \u043f\u0440\u043e\u0431\u0435\u043b\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0441\u0442\u0440\u043e\u043a\u0438):&nbsp;<br \/>-o smtpd_client_restrictions=permit_sasl_authenticated,reject<\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/postfix\/master.cf \u0434\u043e\u043b\u0436\u0435\u043d \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u0442\u044c \u0442\u0430\u043a:<\/summary>\n<div class=\"spoiler__content\">\n<p><em>smtp&nbsp; &nbsp; &nbsp; inet&nbsp; n &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; smtpd<br \/>#smtp&nbsp; &nbsp; &nbsp; inet&nbsp; n &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; 1 &nbsp; &nbsp; &nbsp; postscreen<br \/>#smtpd &nbsp; &nbsp; pass&nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; smtpd<br \/>#dnsblog &nbsp; unix&nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; 0 &nbsp; &nbsp; &nbsp; dnsblog<br \/>#tlsproxy&nbsp; unix&nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; 0 &nbsp; &nbsp; &nbsp; tlsproxy<br \/>submission inet n &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; smtpd<br \/>&nbsp; -o syslog_name=postfix\/submission<br \/>&nbsp; -o smtpd_tls_security_level=encrypt<br \/>&nbsp; -o smtpd_sasl_auth_enable=yes<br \/>&nbsp; -o smtpd_client_restrictions=permit_sasl_authenticated,reject<br \/>#&nbsp; -o smtpd_tls_auth_only=yes<br \/>#&nbsp; -o smtpd_reject_unlisted_recipient=no<br \/>#&nbsp; -o smtpd_client_restrictions=$mua_client_restrictions<br \/>#&nbsp; -o smtpd_helo_restrictions=$mua_helo_restrictions<br \/>#&nbsp; -o smtpd_sender_restrictions=$mua_sender_restrictions<br \/>#&nbsp; -o smtpd_recipient_restrictions=<br \/>#&nbsp; -o smtpd_relay_restrictions=permit_sasl_authenticated,reject<br \/>#&nbsp; -o milter_macro_daemon_name=ORIGINATING<br \/>smtps &nbsp; &nbsp; inet&nbsp; n &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; smtpd<br \/>&nbsp; -o syslog_name=postfix\/smtps<br \/>&nbsp; -o smtpd_tls_wrappermode=yes<br \/>&nbsp; -o smtpd_sasl_auth_enable=yes<br \/>&nbsp; -o smtpd_client_restrictions=permit_sasl_authenticated,reject<br \/>#&nbsp; -o smtpd_reject_unlisted_recipient=no<br \/>#&nbsp; -o smtpd_client_restrictions=$mua_client_restrictions<br \/>#&nbsp; -o smtpd_helo_restrictions=$mua_helo_restrictions<br \/>#&nbsp; -o smtpd_sender_restrictions=$mua_sender_restrictions<br \/>#&nbsp; -o smtpd_recipient_restrictions=<br \/>#&nbsp; -o smtpd_relay_restrictions=permit_sasl_authenticated,reject<br \/>#&nbsp; -o milter_macro_daemon_name=ORIGINATING<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u0412\u044b\u043f\u043e\u043b\u043d\u0438\u043c \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 postfix&nbsp;<br \/><strong><em>service postfix restart<br \/><\/em><\/strong>\u0427\u0442\u043e\u0431\u044b \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u044b\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043e \u043e\u0442\u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u0443\u0435\u043c \u0444\u0430\u0439\u043b \/etc\/mysql\/mysql.conf.d\/mysqld.cnf \u0438 \u0437\u0430\u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u0435\u043c \u0441\u0442\u043e\u043a\u0438:&nbsp;<br \/>bind-address &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = 127.0.0.1<br \/>mysqlx-bind-address&nbsp; &nbsp; = 127.0.0.1<br \/>\u041d\u0438\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043c \u0441\u0442\u0440\u043e\u043a\u0443:<br \/>mysqlx=OFF<\/p>\n<p><strong><em>vi \/etc\/mysql\/mysql.conf.d\/mysqld.cnf<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/mysql\/mysql.conf.d\/mysqld.cnf<\/summary>\n<div class=\"spoiler__content\">\n<p><em>[mysqld]<br \/>#<br \/># * Basic Settings<br \/>#<br \/>user&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = mysql<br \/># pid-file&nbsp; &nbsp; &nbsp; = \/var\/run\/mysqld\/mysqld.pid<br \/># socket&nbsp; &nbsp; &nbsp; &nbsp; = \/var\/run\/mysqld\/mysqld.sock<br \/># port&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = 3306<br \/># datadir &nbsp; &nbsp; &nbsp; = \/var\/lib\/mysql<br \/># If MySQL is running as a replication slave, this should be<br \/># changed. Ref https:\/\/dev.mysql.com\/doc\/refman\/8.0\/en\/server-system-variables.html#sysvar_tmpdir<br \/># tmpdir&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = \/tmp<br \/>#<br \/># Instead of skip-networking the default is now to listen only on<br \/># localhost which is more compatible and is not less secure.<br \/>#bind-address &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = 127.0.0.1<br \/>#mysqlx-bind-address&nbsp; &nbsp; = 127.0.0.1<br \/>mysqlx=OFF<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043c mysql \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u043c, \u0447\u0442\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a mysql \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439:<br \/><strong><em>service mysql restart &amp;&amp; netstat -tap | grep mysql<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\u0412\u044b\u0432\u043e\u0434 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u0435\u043d \u0434\u0430\u043d\u043d\u043e\u043c\u0443:<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@ispnginx:~# netstat -tap | grep mysql<br \/>tcp6 &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 [::]:mysql&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; [::]:*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN&nbsp; &nbsp; &nbsp; 18513\/mysqld<br \/>root@ispnginx:~#<\/em><\/p>\n<\/div>\n<\/details>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Amavisd-new, SpamAssassin, and Clamav<\/h2>\n<p>\u0412\u044b\u043f\u043e\u043b\u043d\u0438\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439:<br \/><strong><em>apt install -y amavisd-new spamassassin clamav clamav-daemon unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl postgrey<br \/><\/em><\/strong>\u0442.\u043a. amavisd, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0444\u0438\u043b\u044c\u0442\u0440\u044b SpamAssassin, \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c SpamAssassin \u0434\u043b\u044f \u044d\u043a\u043e\u043d\u043e\u043c\u0438\u0438 \u043f\u0430\u043c\u044f\u0442\u0438<br \/><strong><em>service spamassassin stop<br \/>update-rc.d -f spamassassin remove<br \/><\/em><\/strong>\u0417\u0430\u043f\u0443\u0441\u0442\u0438\u043c ClamAV&nbsp;<br \/><strong><em>freshclam<br \/>service clamav-daemon start<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\u041e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u0438 \u043f\u0435\u0440\u0432\u043e\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u0443\u0435\u043c<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@ispnginx:~# service spamassassin stop<br \/>root@ispnginx:~# update-rc.d -f spamassassin remove<br \/>root@ispnginx:~# freshclam<br \/>WARNING: Ignoring deprecated option SafeBrowsing at \/etc\/clamav\/freshclam.conf:22<br \/>ERROR: \/var\/log\/clamav\/freshclam.log is locked by another process<br \/>ERROR: Problem with internal logger (UpdateLogFile = \/var\/log\/clamav\/freshclam.log).<br \/>ERROR: initialize: libfreshclam init failed.<br \/>ERROR: Initialization error!<br \/>root@ispnginx:~# service clamav-daemon start<br \/>root@ispnginx:~#<\/em><\/p>\n<\/div>\n<\/details>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Nginx, PHP 7.4 (PHP-FPM), and Fcgiwrap<\/h2>\n<p>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c nginx<br \/><strong><em>apt-get install nginx<\/em><\/strong><\/p>\n<p>\u041e\u0431\u0440\u0430\u0449\u0430\u0442\u044c\u0441\u044f \u043a \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u0443 \u043c\u044b \u0431\u0443\u0434\u0435\u043c \u0447\u0435\u0440\u0435\u0437&nbsp;PHP-FPM (FastCGI Process Manager), \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0435\u0433\u043e:<br \/><strong><em>apt-get -y install php7.4-fpm<\/em><\/strong><\/p>\n<p>\u041f\u043e\u0438\u0449\u0435\u043c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 php:<br \/><strong><em>apt-cache search php7.4<\/em><\/strong><\/p>\n<p>\u0412\u044b\u0431\u0435\u0440\u0435\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c:<br \/><strong><em>apt install -y php7.4-common php7.4 php7.4-gd php7.4-mysql php7.4-imap php7.4-cli php7.4-cgi php7.4-curl php7.4-pspell php7.4-intl php7.4-sqlite3 php7.4-tidy php7.4-xml php7.4-xmlrpc php7.4-zip php7.4-xsl php7.4-mbstring php7.4-soap php-pear mcrypt imagemagick libruby memcached php-memcache php-imagick php-soap php-apcu<\/em><\/strong><\/p>\n<p>\u041e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b&nbsp;<br \/> <strong>vi \/etc\/php\/7.4\/fpm\/php.ini<br \/><\/strong>\u0418 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c&nbsp;cgi.fix_pathinfo=0,&nbsp;your timezone, short_open_tag= On<\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/php\/7.4\/fpm\/php.ini<\/summary>\n<div class=\"spoiler__content\">\n<p><em>[&#8230;]<br \/>cgi.fix_pathinfo=<\/em><strong><em>0<br \/><\/em><\/strong><em>[&#8230;]<br \/>date.timezone=&#187;Europe\/Moscow&#187;<br \/>[&#8230;]<br \/>short_open_tag = On<br \/>[&#8230;]<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u043c PHP-FPM:<br \/><strong><em>service php7.4-fpm reload<br \/><\/em><\/strong>\u0427\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443 CGI \u0432 nginx, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Fcgiwrap:<br \/><strong><em>apt-get -y install fcgiwrap<\/em><\/strong><\/p>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c phpmyadmin<\/h2>\n<p><strong><em>apt-get -y install phpmyadmin&nbsp;php-mbstring&nbsp;<br \/><\/em><\/strong>\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a \u0441\u043f\u0440\u043e\u0441\u0438\u0442 \u043f\u043e\u0434 \u043a\u0430\u043a\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c pma, \u043d\u043e \u0438\u0437 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0442\u043e\u043b\u044c\u043a\u043e apache \u0438 lighthttpd, \u043f\u043e\u0442\u043e\u043c\u0443 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0432\u044b\u0431\u0438\u0440\u0430\u0435\u043c :<\/p>\n<figure class=\"full-width\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/habrastorage.org\/getpro\/habr\/upload_files\/405\/9bc\/01b\/4059bc01b517ebe1d82080de7f4e70e7.png\" width=\"1374\" height=\"496\"><figcaption><\/figcaption><\/figure>\n<p>\u0422\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0432\u043e\u043f\u0440\u043e\u0441 \u043e\u0431 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043f\u0430\u0440\u043e\u043b\u044f MySQL application password for phpmyadmin:&nbsp;&lt;&#8212; Press Enter<\/p>\n<figure class=\"full-width\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/habrastorage.org\/getpro\/habr\/upload_files\/1d7\/528\/f0b\/1d7528f0ba7f36a329aa598efd7ae190.png\" width=\"1962\" height=\"408\"><figcaption><\/figcaption><\/figure>\n<p>\u0414\u0430\u043b\u0435\u0435 \u0441\u043e\u0433\u043b\u0430\u0448\u0430\u0435\u043c\u0441\u044f&nbsp;<br \/>Configure database for phpmyadmin with dbconfig-common? <strong>&lt;&#8212; Yes<\/strong><\/p>\n<figure class=\"full-width\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/habrastorage.org\/getpro\/habr\/upload_files\/76e\/cfa\/9f7\/76ecfa9f7029acb8c175783aca555162.png\" width=\"3330\" height=\"534\"><figcaption><\/figcaption><\/figure>\n<h2> \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Let&#8217;s Encrypt, PureFTPd \u0438 Quota<\/h2>\n<p><strong><em>apt install -y  certbot pure-ftpd-common pure-ftpd-mysql quota quotatool<\/em><\/strong><\/p>\n<p>\u041e\u0442\u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u0443\u0435\u043c&nbsp;\u0444\u0430\u0439\u043b <em>\/etc\/default\/pure-ftpd-common <\/em>\u0438 \u0443\u0431\u0435\u0434\u0438\u043c\u0441\u044f, \u0447\u0442\u043e start mode =&nbsp;<em>standalone<\/em>&nbsp;\u0438&nbsp;<em>VIRTUALCHROOT=true<\/em><br \/><strong><em>vi \/etc\/default\/pure-ftpd-common<br \/><\/em><\/strong>\u0412\u043a\u043b\u044e\u0447\u0438\u043c FTPS \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439<br \/><strong><em>echo 1 &gt; \/etc\/pure-ftpd\/conf\/TLS<br \/><\/em><\/strong>\u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e \u0434\u043b\u044f \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432<br \/><strong><em>mkdir -p \/etc\/ssl\/private\/<br \/><\/em><\/strong>\u0418 \u0441\u0435\u0433\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u043c \u0441\u0430\u043c SSL \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442<br \/><strong><em>openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout \/etc\/ssl\/private\/pure-ftpd.pem -out \/etc\/ssl\/private\/pure-ftpd.pem<br \/><\/em><\/strong>\u041f\u043e\u043c\u0435\u043d\u044f\u0435\u043c \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0444\u0430\u0439\u043b:<br \/><strong><em>chmod 600 \/etc\/ssl\/private\/pure-ftpd.pem<br \/><\/em><\/strong>\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043c PureFTPd:<br \/><strong><em>service pure-ftpd-mysql restart<\/em><\/strong><\/p>\n<p>\u041e\u0442\u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u0443\u0435\u043c&nbsp;\u0444\u0430\u0439\u043b \/etc\/fstab. \u041c\u043e\u0439 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0442\u0430\u043a (\u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u043c&nbsp;,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0&nbsp;\u043a \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0442\u043e\u0447\u043a\u0435 \u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f):<br \/><strong>vi<\/strong> <strong>\/etc\/fstab<\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/fstab<\/summary>\n<div class=\"spoiler__content\">\n<p># \/etc\/fstab: static file system information.<br \/>#<br \/># Use &#8216;blkid&#8217; to print the universally unique identifier for a<br \/># device; this may be used with UUID= as a more robust way to name devices<br \/># that works even if disks are added and removed. See fstab(5).<br \/>#<br \/># &lt;file system&gt; &lt;mount point&gt; &nbsp; &lt;type&gt;&nbsp; &lt;options&gt; &nbsp; &nbsp; &nbsp; &lt;dump&gt;&nbsp; &lt;pass&gt;<br \/># \/ was on \/dev\/vda1 during curtin installation<br \/>\/dev\/disk\/by-uuid\/1ea0d83c-2954-45aa-9e4d-3a80d5fa031f \/ ext4 defaults,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 0 0<br \/>\/swap.img &nbsp; &nbsp; &nbsp; none&nbsp; &nbsp; swap&nbsp; &nbsp; sw&nbsp; &nbsp; &nbsp; 0 &nbsp; &nbsp; &nbsp; 0<\/p>\n<\/div>\n<\/details>\n<p>\u0412\u043a\u043b\u044e\u0447\u0430\u0435\u043c quota:<br \/><strong><em>mount -o remount \/<br \/>quotacheck -avugm<br \/>quotaon -avug<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>quota<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@ispnginx:~# mount -o remount <br \/>quotacheck -avugm<br \/>quotacheck: Scanning \/dev\/vda1 [\/] done<br \/>quotacheck: Cannot stat old user quota file \/\/quota.user: No such file or directory. Usage will not be subtracted.<br \/>quotacheck: Cannot stat old group quota file \/\/quota.group: No such file or directory. Usage will not be subtracted.<br \/>quotacheck: Cannot stat old user quota file \/\/quota.user: No such file or directory. Usage will not be subtracted.<br \/>quotacheck: Cannot stat old group quota file \/\/quota.group: No such file or directory. Usage will not be subtracted.<br \/>quotacheck: Checked 13965 directories and 88306 files<br \/>quotacheck: Old file not found.<br \/>quotacheck: Old file not found.<br \/>root@ispnginx:~# quotaon -avug<br \/>\/dev\/vda1 [\/]: group quotas turned on<br \/>\/dev\/vda1 [\/]: user quotas turned on<\/em><\/p>\n<\/div>\n<\/details>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Vlogger, Webalizer, AWStats and GoAccess<\/h2>\n<p><strong><em>apt install -y vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl<br \/><\/em><\/strong>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044e\u044e \u0432\u0435\u0440\u0441\u0438\u044e GoAccess \u0438\u0437 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430:<br \/><strong><em>echo &#171;deb https:\/\/deb.goaccess.io\/ $(lsb_release -cs) main&#187; | tee -a \/etc\/apt\/sources.list.d\/goaccess.list<br \/>wget -O &#8212; https:\/\/deb.goaccess.io\/gnugpg.key | apt-key &#8212;keyring \/etc\/apt\/trusted.gpg.d\/goaccess.gpg add &#8212;<br \/>apt update<br \/>apt install goaccess<br \/><\/em><\/strong>\u041e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b&nbsp;\/etc\/cron.d\/awstats&nbsp;<br \/><strong>v<em>i \/etc\/cron.d\/awstats<br \/><\/em><\/strong>\u0418 \u0437\u0430\u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u0435\u043c \u0432\u0441\u0435 \u0435\u0433\u043e \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435<\/p>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Jailkit fail2ban and UFW<\/h2>\n<p><strong><em>apt install -y jailkit fail2ban<br \/><\/em><\/strong><em>\u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u043d\u0430\u0431\u043e\u0440 \u043f\u0440\u0430\u0432\u0438\u043b<br \/><\/em><strong><em>vi \/etc\/fail2ban\/jail.local<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/fail2ban\/jail.local<\/summary>\n<div class=\"spoiler__content\">\n<p><em>[pure-ftpd]<br \/>enabled&nbsp; = true<br \/>port &nbsp; &nbsp; = ftp<br \/>filter &nbsp; = pure-ftpd<br \/>logpath&nbsp; = \/var\/log\/syslog<br \/>maxretry = 3<\/em><\/p>\n<p><em>[dovecot]<br \/>enabled = true<br \/>filter = dovecot<br \/>action = iptables-multiport[name=dovecot-pop3imap, port=&#187;pop3,pop3s,imap,imaps&#187;, protocol=tcp]<br \/>logpath = \/var\/log\/mail.log<br \/>maxretry = 5<\/em><\/p>\n<p><em>[postfix]<br \/>enabled&nbsp; = true<br \/>port &nbsp; &nbsp; = smtp<br \/>filter &nbsp; = postfix<br \/>logpath&nbsp; = \/var<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043c fail2ban:<br \/><strong><em>service fail2ban restart<br \/><\/em><\/strong>\u0414\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 UFW \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043c:<br \/><strong><em>apt install -y ufw<\/em><\/strong><\/p>\n<h2>\u041f\u043e\u0441\u0442\u0430\u0432\u0438\u043c Roundcube Webmail<\/h2>\n<p><strong><em>apt install -y roundcube roundcube-core roundcube-mysql roundcube-plugins roundcube-plugins-extra javascript-common libjs-jquery-mousewheel php-net-sieve tinymce<br \/><\/em><\/strong>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a \u0441\u043f\u0440\u043e\u0441\u0438\u0442:<br \/>Configure database for roundcube with dbconfig-common? &lt;&#8212; Yes<br \/>MySQL application password for roundcube: &lt;&#8212; Press enter<\/p>\n<figure class=\"\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/habrastorage.org\/getpro\/habr\/upload_files\/371\/7e2\/eab\/3717e2eabbc202afd87b262e6fd0ffaf.png\" alt=\"Configure database for roundcube with dbconfig-common? &lt;-- Yes\" title=\"Configure database for roundcube with dbconfig-common? &lt;-- Yes\" width=\"3308\" height=\"508\"><figcaption>Configure database for roundcube with dbconfig-common? &lt;&#8212; Yes<\/figcaption><\/figure>\n<figure class=\"full-width\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/habrastorage.org\/getpro\/habr\/upload_files\/9d2\/876\/bee\/9d2876bee232884ba18622754ab8b8fc.png\" alt=\"MySQL application password for roundcube: &lt;-- Press enter\" title=\"MySQL application password for roundcube: &lt;-- Press enter\" width=\"1960\" height=\"408\"><figcaption>MySQL application password for roundcube: &lt;&#8212; Press enter<\/figcaption><\/figure>\n<p>\u041e\u0442\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u0438\u0440\u0443\u0435\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e RoundCube&nbsp;config.inc.php:<br \/><strong><em>vi \/etc\/roundcube\/config.inc.php<br \/><\/em><\/strong>\u0418 \u043f\u043e\u043c\u0435\u043d\u044f\u0435\u043c the default host \u043d\u0430 localhost:<br \/>$config[&#8216;default_host&#8217;] = &#8216;localhost&#8217;;<br \/>\u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0441\u0441\u044b\u043b\u043a\u0443 \u0447\u0442\u043e\u0431\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e SquirrelMail configuration \u0432 ISPConfig \u0434\u043b\u044f Roundcube:<br \/><strong><em>ln -s \/usr\/share\/roundcube \/usr\/share\/squirrelmail<\/em><\/strong><\/p>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c ISPConfig 3.2<\/h2>\n<p>\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043c nginx<br \/><strong><em>service nginx restart<br \/><\/em><\/strong>\u0421\u043a\u0430\u0447\u0430\u0435\u043c \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434:<br \/><strong><em>cd \/tmp&nbsp;<br \/>wget -O ispconfig.tar.gz https:\/\/www.ispconfig.org\/downloads\/ISPConfig-3-stable.tar.gz<br \/>tar xfz ispconfig.tar.gz<br \/>cd ispconfig3*\/install\/<br \/>php -q install.php<\/em><\/strong><\/p>\n<p>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043f\u043e\u0434\u0441\u043a\u0430\u0437\u043a\u0430\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a\u0430:<\/p>\n<details class=\"spoiler\">\n<summary>\u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@ispnginx:\/tmp\/ispconfig3_install\/install# php -q install.php<br \/>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;<br \/>&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;&#8212;<br \/>&gt;&gt; Initial configuration<br \/>Operating System: Ubuntu 20.04.2 LTS (Focal Fossa)<br \/>&nbsp; &nbsp; Following will be a few questions for primary configuration so be careful.<br \/>&nbsp; &nbsp; Default values are in [brackets] and can be accepted with &lt;ENTER&gt;.<br \/>&nbsp; &nbsp; Tap in &#171;quit&#187; (without the quotes) to stop the installer.<br \/>Select language (en,de) [en]:<br \/>Installation mode (standard,expert) [standard]:<br \/>Full qualified hostname (FQDN) of the server, eg server1.domain.tld&nbsp; [ispnginx.cat-a.ru]:<br \/>MySQL server hostname [localhost]:<br \/>MySQL server port [3306]:<br \/>MySQL root username [root]:<br \/>MySQL root password []:<br \/>MySQL database to create [dbispconfig]:<br \/>MySQL charset [utf8]:<br \/>Configuring Postgrey<br \/>Configuring Postfix<br \/>Generating a RSA private key<br \/>&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;++++<br \/>&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;++++<br \/>writing new private key to &#8216;smtpd.key&#8217;<br \/>&#8212;&#8212;<br \/>You are about to be asked to enter information that will be incorporated<br \/>into your certificate request.<br \/>What you are about to enter is what is called a Distinguished Name or a DN.<br \/>There are quite a few fields but you can leave some blank<br \/>For some fields there will be a default value,<br \/>If you enter &#8216;.&#8217;, the field will be left blank.<br \/>&#8212;&#8212;<br \/>Country Name (2 letter code) [AU]:RU<br \/>State or Province Name (full name) [Some-State]:Spb<br \/>Locality Name (eg, city) []:Spb<br \/>Organization Name (eg, company) [Internet Widgits Pty Ltd]:cat-a<br \/>Organizational Unit Name (eg, section) []:it<br \/>Common Name (e.g. server FQDN or YOUR name) []:ispnginx.cat-a.ru<br \/>Email Address []:admin@cat-a.ru<br \/>[INFO] service Mailman not detected<br \/>Configuring Dovecot<br \/>Creating new DHParams file, this takes several minutes. Do not interrupt the script.<br \/>Configuring Spamassassin<br \/>Configuring Amavisd<br \/>[INFO] service Rspamd not detected<br \/>Configuring Getmail<br \/>Configuring Jailkit<br \/>Configuring Pureftpd<br \/>[INFO] service BIND not detected<br \/>[INFO] service MyDNS not detected<br \/>Configuring nginx<br \/>[INFO] service OpenVZ not detected<br \/>Configuring Ubuntu Firewall<br \/>[INFO] service Metronome XMPP Server not detected<br \/>Configuring Fail2ban<br \/>Installing ISPConfig<br \/>ISPConfig Port [8080]:<br \/>Admin password [fb07e95d]:<br \/>Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: y<br \/>Checking \/ creating certificate for ispnginx.cat-a.ru<br \/>Using certificate path \/etc\/letsencrypt\/live\/ispnginx.cat-a.ru<br \/>&#8212;2021-05-29 05:51:24&#8212;&nbsp; https:\/\/get.acme.sh\/<br \/>Resolving get.acme.sh (get.acme.sh)&#8230; 104.21.34.62, 172.67.199.16, 2606:4700:3031::ac43:c710, &#8230;<br \/>Connecting to get.acme.sh (get.acme.sh)|104.21.34.62|:443&#8230; connected.<br \/>HTTP request sent, awaiting response&#8230; 200 OK<br \/>Length: unspecified [text\/html]<br \/>Saving to: \u2018STDOUT\u2019<br \/>&#8212; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; [ &lt;=&gt;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; ] &nbsp; &nbsp; 937&nbsp; &#8212;.-KB\/s&nbsp; &nbsp; in 0s<br \/>2021-05-29 05:51:25 (3.73 MB\/s) &#8212; written to stdout [937]<br \/>Installed acme.sh and using it for certificate creation during install.<br \/>Using nginx for certificate validation<br \/>acme.sh is installed, overriding certificate path to use \/root\/.acme.sh\/ispnginx.cat-a.ru<br \/>Symlink ISPConfig SSL certs to Postfix? (y,n) [y]: y<br \/>Symlink ISPConfig SSL certs to Pure-FTPd? Creating dhparam file may take some time. (y,n) [y]: y<br \/>Generating DH parameters, 2048 bit long safe prime, generator 2<br \/>This is going to take a long time<br \/>&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;..<br \/>Configuring Apps vhost<br \/>Configuring DBServer<br \/>Installing ISPConfig crontab<br \/>no crontab for getmail<br \/>Detect IP addresses<br \/>Restarting services &#8230;<br \/>Installation completed.<br \/>root@ispnginx:\/tmp\/ispconfig3_install\/install#<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043d\u0430\u0448\u0430 \u043f\u0430\u043d\u0435\u043b\u044c \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043d\u0430 8080 \u043f\u043e\u0440\u0442\u0443. \u0410\u0432\u0442\u043e\u0440\u0438\u0437\u0443\u0435\u043c\u0441\u044f, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0430\u0440\u043e\u043b\u044c, \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0439 \u043f\u0440\u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435:<\/p>\n<figure class=\"full-width\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/habrastorage.org\/getpro\/habr\/upload_files\/685\/34d\/e86\/68534de860be4a228e76d0a663b51ff7.png\" width=\"2058\" height=\"1424\"><figcaption><\/figcaption><\/figure>\n<figure class=\"full-width\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/habrastorage.org\/getpro\/habr\/upload_files\/718\/34f\/15f\/71834f15fefc68e81d198f68394f2768.png\" width=\"2712\" height=\"1792\"><figcaption><\/figcaption><\/figure>\n<\/div>\n<p> \u0441\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b \u0441\u0442\u0430\u0442\u044c\u0438 <a href=\"https:\/\/habr.com\/ru\/post\/565138\/\"> https:\/\/habr.com\/ru\/post\/565138\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"\n<div class=\"post__text post__text_v2\" id=\"post-content-body\">\n<p>ISPConfig &#8212; \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u0430\u044f \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u043e\u043c \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0438\u0437 \u043e\u0434\u043d\u043e\u0439 \u043f\u0430\u043d\u0435\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \u042d\u0442\u043e \u043e\u0434\u0438\u043d \u0438\u0437 \u043b\u0443\u0447\u0448\u0438\u0445 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0432\u0435\u0431-\u0441\u0442\u0443\u0434\u0438\u0439, \u0445\u043e\u0441\u0442\u0438\u043d\u0433-\u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439, \u0430 \u0442\u0430\u043a \u0436\u0435 \u0434\u043b\u044f \u0432\u0441\u0435\u0445, \u043a\u0442\u043e \u0438\u0449\u0435\u0442 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u0443\u044e \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u043e\u043c \u0441 \u0448\u0438\u0440\u043e\u043a\u0438\u043c \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c. <\/p>\n<p>\u0412 \u0441\u0435\u0442\u0438 \u0435\u0441\u0442\u044c \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043f\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043d\u0430 OpenSuSe, Fedora, CentOS, Debian \u0438 Ubuntu \u0440\u0430\u0437\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u043d\u043e\u0432\u043e\u0439 \u041e\u0421 \u0438\u0437 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u044e\u0442, \u043d\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044f \u043f\u043e\u0434 ubuntu 20.04 \u0441 nginx \u043f\u043e\u0447\u0435\u043c\u0443-\u0442\u043e \u0432\u044b\u043f\u0430\u043b\u0430 \u0438\u0437 \u0447\u0438\u0441\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445. \u0421\u0430\u043c\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u044d\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c.<\/p>\n<h2>\u0423\u0431\u0435\u0434\u0438\u043c\u0441\u044f, \u0447\u0442\u043e \u043d\u0430\u0448\u0430 \u041e\u0421 \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0430 <\/h2>\n<p>\u0423\u0431\u0435\u0434\u0438\u043c\u0441\u044f, \u0447\u0442\u043e \u043d\u0430 \u043d\u0430\u0448\u0435\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u044b \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0432\u0441\u0435\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d ssh \u043a\u043b\u0438\u0435\u043d\u0442 \u0438 vim (\u0438\u043b\u0438 \u043b\u044e\u0431\u043e\u0439 \u0434\u0440\u0443\u0433\u043e\u0439 \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0439 \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0432\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0443\u0434\u043e\u0431\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c), \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u044b\u0439 ip, hosts, hostname \u0438 \u043b\u043e\u043a\u0430\u043b\u0438. <\/p>\n<p>\u0414\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, ssh \u0438 \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u043e\u0433\u043e \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u044b:<br \/><strong><em>sudo -s<br \/>apt update &amp;&amp; apt upgrade -y &amp;&amp; apt autoremove -y &amp;&amp; apt install -y ssh openssh-server nano vim-nox<\/em><\/strong><\/p>\n<p><em>\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u0441\u0442\u0430\u0442\u0438\u0447\u043d\u044b\u0439 ip, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u0443\u043a\u0430\u0436\u0435\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438:<br \/><\/em><strong>vi \/etc\/netplan\/00-installer-config.yaml<\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/netplan\/00-installer-config.yaml<\/summary>\n<div class=\"spoiler__content\">\n<p><em>network:<br \/>&nbsp; version: 2<br \/>&nbsp; renderer: networkd<br \/>&nbsp; ethernets:<br \/>&nbsp; &nbsp; eth0:<br \/>&nbsp; &nbsp; &nbsp; dhcp4: no<br \/>&nbsp; &nbsp; &nbsp; addresses: [185.104.112.249\/24]<br \/>&nbsp; &nbsp; &nbsp; gateway4: 185.104.112.1<br \/>&nbsp; &nbsp; &nbsp; nameservers:<br \/>&nbsp; &nbsp; &nbsp; &nbsp; addresses: [8.8.8.8, 8.8.4.4]<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u043c \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439<br \/><strong><em>netplan try&nbsp;<br \/><\/em><\/strong>\u0412 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0441\u043b\u0438 \u0432\u0441\u0435 \u0445\u043e\u0440\u043e\u0448\u043e \u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u0432\u0435\u0440\u043d\u0430, \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f \u043d\u0430\u0434\u043f\u0438\u0441\u044c \u0441 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u0434\u043b\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043d\u0430\u0436\u0430\u0442\u044c \u043a\u043b\u0430\u0432\u0438\u0448\u0443 <em>ENTER,<\/em> \u0435\u0441\u043b\u0438 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0438 120 \u0441\u0435\u043a\u0443\u043d\u0434 \u043c\u044b \u043d\u0435 \u0441\u043e\u0433\u043b\u0430\u0441\u0438\u043c\u0441\u044f &#8212; \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f:<\/p>\n<details class=\"spoiler\">\n<summary>netplan try<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@host:~# netplan try<br \/>Warning: Stopping systemd-networkd.service, but it can still be activated by:<br \/>&nbsp; systemd-networkd.socket<br \/>Do you want to keep these settings?<br \/>Press ENTER before the timeout to accept the new configuration<br \/>Changes will revert in 116 seconds<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u0422\u0430\u043a\u0436\u0435  \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u043c\u043e\u0436\u043d\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u044b&nbsp;<br \/><strong><em>netplan apply<\/em><\/strong><br \/>\u041e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b hosts \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439<br \/><strong>vi \/etc\/hosts<br \/><\/strong>\u0438 \u0443\u0431\u0435\u0434\u0438\u043c\u0441\u044f \u0432 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0441\u0442\u0440\u043e\u043a\u0438 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0449\u0435\u0439 \u043d\u0430 \u043d\u0430\u0448 \u0441\u0435\u0440\u0432\u0435\u0440, \u043a\u0430\u043a \u043f\u043e \u0438\u043c\u0435\u043d\u0438 \u0445\u043e\u0441\u0442\u0430,&nbsp; \u0442\u0430\u043a \u043f\u043e \u0438\u043c\u0435\u043d\u0438 \u0445\u043e\u0441\u0442\u0430 \u0438 \u0434\u043e\u043c\u0435\u043d\u0443 (ispnginx &#8212; \u0438\u043c\u044f \u0445\u043e\u0441\u0442\u0430, <a href=\"http:\/\/xn--at-a-k6d.ru\" rel=\"noopener noreferrer nofollow\">\u0441at-a.ru<\/a> &#8212; \u0434\u043e\u043c\u0435\u043d\u0430):<\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/hosts<\/summary>\n<div class=\"spoiler__content\">\n<p><em>127.0.0.1 &nbsp; &nbsp; &nbsp; localhost.localdomain &nbsp; localhost<br \/>185.104.112.249 <\/em><a href=\"http:\/\/ispnginx.cat-a.ru\" rel=\"noopener noreferrer nofollow\"><em>ispnginx.cat-a.ru<\/em><\/a><em> ispnginx<br \/>::1 &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; localhost6.localdomain6 localhost6<br \/># The following lines are desirable for IPv6 capable hosts<br \/>::1 &nbsp; &nbsp; localhost ip6-localhost ip6-loopback<br \/>fe00::0 ip6-localnet<br \/>ff02::1 ip6-allnodes<br \/>ff02::2 ip6-allrouters<br \/>ff02::3 ip6-allhosts<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0445\u043e\u0441\u0442\u043d\u0435\u0439\u043c, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u044b:<br \/><strong><em>echo ispnginx &gt; \/etc\/hostname &amp;&amp; hostname ispnginx<br \/><\/em><\/strong>\u0438\u043b\u0438<br \/><strong><em>hostnamectl set-hostname ispnginx<br \/><\/em><\/strong>\u041f\u0440\u043e\u0432\u0435\u0440\u0438\u043c, \u0438\u0437\u043c\u0435\u043d\u0438\u043b\u0441\u044f \u043b\u0438 hostname \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u043c\u0438:&nbsp;<br \/><strong><em>hostname&nbsp;<br \/>hostname -f<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\u0412\u044b\u0432\u043e\u0434 \u0434\u043e\u043b\u0436\u0435\u043d \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0442\u0430\u043a<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@host:~# hostname<br \/>ispnginx<br \/>root@host:~# hostname -f<br \/>ispnginx.cat-a.ru<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041d\u0430\u0441\u0442\u0440\u043e\u0438\u043c \u043b\u043e\u043a\u0430\u043b\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432:<br \/><strong><em>dpkg-reconfigure locales<br \/><\/em><\/strong>\u0412\u044b\u0431\u0438\u0440\u0430\u0435\u043c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 en_US.UTF-8 \u0438 ru_RU.UTF-8, \u043f\u043e\u0441\u043b\u0435 \u0447\u0435\u0433\u043e \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440 &#8212; \u043e\u043d \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d \u043a \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 Ispconfig<\/p>\n<h2>\u0418\u0437\u043c\u0435\u043d\u0438\u043c \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e<\/h2>\n<p>\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \/bin\/sh &#8212; \u0441\u0438\u043c\u043b\u0438\u043d\u043a \/bin\/dash, \u043d\u043e \u043d\u0430\u043c \u043d\u0443\u0436\u043d\u043e \/bin\/bash, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u043c:<br \/><strong><em>dpkg-reconfigure dash<br \/><\/em><\/strong>\u0412 \u043e\u0442\u043a\u0440\u044b\u0432\u0448\u0435\u043c\u0441\u044f \u043e\u043a\u043d\u0435 \u0432\u044b\u0431\u0438\u0440\u0430\u0435\u043c &#171;No&#187;<\/p>\n<figure class=\"full-width\"><figcaption><\/figcaption><\/figure>\n<h2>\u0412\u044b\u043a\u043b\u044e\u0447\u0438\u043c \u0438 \u0443\u0434\u0430\u043b\u0438\u043c apparmor<\/h2>\n<p><strong><em>service apparmor stop &amp;&amp; update-rc.d -f apparmor remove &amp;&amp; apt-get remove apparmor apparmor-utils<\/em><\/strong><\/p>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c ntp&nbsp;<\/h2>\n<p><strong><em>apt install -y ntp ntpdate<\/em><\/strong><\/p>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Postfix, Dovecot, MySQL, phpMyAdmin, rkhunter, Binutils<\/h2>\n<p>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Postfix, Dovecot, MySQL, rkhunter \u0438 binutils \u0441 \u043f\u043e\u043c\u043e\u0448\u044c\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u044b:<strong><em><br \/>apt install -y postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve dovecot-lmtpd&nbsp; sudo patch<\/em><\/strong><\/p>\n<p>\u041a\u043e\u0433\u0434\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a \u043f\u043e\u043f\u0440\u043e\u0441\u0438\u0442 \u0443\u043a\u0430\u0437\u0430\u0442\u044c  \u043a\u0430\u043a\u0443\u044e \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c Internet Site, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 System mail name \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c hostname<br \/><em>General type of mail configuration: <\/em><strong><em>&lt;&#8212; Internet Site<br \/><\/em><\/strong><em>System mail name: &lt;&#8212; <\/em><strong><em>server1.example.com<\/em><\/strong><em><br \/>\u041e\u0442\u043a\u0440\u043e\u0435\u043c<\/em> TLS\/SSL \u0438 submission \u043f\u043e\u0440\u0442\u044b \u0432 Postfix, \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u043e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b <em>\/etc\/postfix\/master.cf<\/em><br \/><strong><em>vi \/etc\/postfix\/master.cf<br \/><\/em><\/strong>\u0438 \u0440\u0430\u0441\u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u0435\u043c \u0441\u0435\u043a\u0446\u0438\u0438 submission,&nbsp;&nbsp;smtps, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e \u043f\u0435\u0440\u0432\u044b\u0435 3 \u0441\u0442\u0440\u043e\u0447\u043a\u0438 \u0432 \u043a\u0430\u0436\u0434\u043e\u0439 \u0441\u0435\u043a\u0446\u0438\u0438 \u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u043c \u043a \u043e\u0431\u0435\u0438\u043c&nbsp; \u0441\u0435\u043a\u0446\u0438\u044f\u043c \u0441\u0442\u0440\u043e\u043a\u0443 (\u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u0435\u043c 2 \u043f\u0440\u043e\u0431\u0435\u043b\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0441\u0442\u0440\u043e\u043a\u0438):&nbsp;<br \/>-o smtpd_client_restrictions=permit_sasl_authenticated,reject<\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/postfix\/master.cf \u0434\u043e\u043b\u0436\u0435\u043d \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u0442\u044c \u0442\u0430\u043a:<\/summary>\n<div class=\"spoiler__content\">\n<p><em>smtp&nbsp; &nbsp; &nbsp; inet&nbsp; n &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; smtpd<br \/>#smtp&nbsp; &nbsp; &nbsp; inet&nbsp; n &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; 1 &nbsp; &nbsp; &nbsp; postscreen<br \/>#smtpd &nbsp; &nbsp; pass&nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; smtpd<br \/>#dnsblog &nbsp; unix&nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; 0 &nbsp; &nbsp; &nbsp; dnsblog<br \/>#tlsproxy&nbsp; unix&nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; 0 &nbsp; &nbsp; &nbsp; tlsproxy<br \/>submission inet n &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; smtpd<br \/>&nbsp; -o syslog_name=postfix\/submission<br \/>&nbsp; -o smtpd_tls_security_level=encrypt<br \/>&nbsp; -o smtpd_sasl_auth_enable=yes<br \/>&nbsp; -o smtpd_client_restrictions=permit_sasl_authenticated,reject<br \/>#&nbsp; -o smtpd_tls_auth_only=yes<br \/>#&nbsp; -o smtpd_reject_unlisted_recipient=no<br \/>#&nbsp; -o smtpd_client_restrictions=$mua_client_restrictions<br \/>#&nbsp; -o smtpd_helo_restrictions=$mua_helo_restrictions<br \/>#&nbsp; -o smtpd_sender_restrictions=$mua_sender_restrictions<br \/>#&nbsp; -o smtpd_recipient_restrictions=<br \/>#&nbsp; -o smtpd_relay_restrictions=permit_sasl_authenticated,reject<br \/>#&nbsp; -o milter_macro_daemon_name=ORIGINATING<br \/>smtps &nbsp; &nbsp; inet&nbsp; n &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; y &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; &#8212; &nbsp; &nbsp; &nbsp; smtpd<br \/>&nbsp; -o syslog_name=postfix\/smtps<br \/>&nbsp; -o smtpd_tls_wrappermode=yes<br \/>&nbsp; -o smtpd_sasl_auth_enable=yes<br \/>&nbsp; -o smtpd_client_restrictions=permit_sasl_authenticated,reject<br \/>#&nbsp; -o smtpd_reject_unlisted_recipient=no<br \/>#&nbsp; -o smtpd_client_restrictions=$mua_client_restrictions<br \/>#&nbsp; -o smtpd_helo_restrictions=$mua_helo_restrictions<br \/>#&nbsp; -o smtpd_sender_restrictions=$mua_sender_restrictions<br \/>#&nbsp; -o smtpd_recipient_restrictions=<br \/>#&nbsp; -o smtpd_relay_restrictions=permit_sasl_authenticated,reject<br \/>#&nbsp; -o milter_macro_daemon_name=ORIGINATING<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u0412\u044b\u043f\u043e\u043b\u043d\u0438\u043c \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 postfix&nbsp;<br \/><strong><em>service postfix restart<br \/><\/em><\/strong>\u0427\u0442\u043e\u0431\u044b \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0431\u044b\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043e \u043e\u0442\u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u0443\u0435\u043c \u0444\u0430\u0439\u043b \/etc\/mysql\/mysql.conf.d\/mysqld.cnf \u0438 \u0437\u0430\u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u0435\u043c \u0441\u0442\u043e\u043a\u0438:&nbsp;<br \/>bind-address &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = 127.0.0.1<br \/>mysqlx-bind-address&nbsp; &nbsp; = 127.0.0.1<br \/>\u041d\u0438\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043c \u0441\u0442\u0440\u043e\u043a\u0443:<br \/>mysqlx=OFF<\/p>\n<p><strong><em>vi \/etc\/mysql\/mysql.conf.d\/mysqld.cnf<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/mysql\/mysql.conf.d\/mysqld.cnf<\/summary>\n<div class=\"spoiler__content\">\n<p><em>[mysqld]<br \/>#<br \/># * Basic Settings<br \/>#<br \/>user&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = mysql<br \/># pid-file&nbsp; &nbsp; &nbsp; = \/var\/run\/mysqld\/mysqld.pid<br \/># socket&nbsp; &nbsp; &nbsp; &nbsp; = \/var\/run\/mysqld\/mysqld.sock<br \/># port&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = 3306<br \/># datadir &nbsp; &nbsp; &nbsp; = \/var\/lib\/mysql<br \/># If MySQL is running as a replication slave, this should be<br \/># changed. Ref https:\/\/dev.mysql.com\/doc\/refman\/8.0\/en\/server-system-variables.html#sysvar_tmpdir<br \/># tmpdir&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = \/tmp<br \/>#<br \/># Instead of skip-networking the default is now to listen only on<br \/># localhost which is more compatible and is not less secure.<br \/>#bind-address &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; = 127.0.0.1<br \/>#mysqlx-bind-address&nbsp; &nbsp; = 127.0.0.1<br \/>mysqlx=OFF<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043c mysql \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u043c, \u0447\u0442\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a mysql \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439:<br \/><strong><em>service mysql restart &amp;&amp; netstat -tap | grep mysql<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\u0412\u044b\u0432\u043e\u0434 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u0435\u043d \u0434\u0430\u043d\u043d\u043e\u043c\u0443:<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@ispnginx:~# netstat -tap | grep mysql<br \/>tcp6 &nbsp; &nbsp; &nbsp; 0&nbsp; &nbsp; &nbsp; 0 [::]:mysql&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; [::]:*&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; LISTEN&nbsp; &nbsp; &nbsp; 18513\/mysqld<br \/>root@ispnginx:~#<\/em><\/p>\n<\/div>\n<\/details>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Amavisd-new, SpamAssassin, and Clamav<\/h2>\n<p>\u0412\u044b\u043f\u043e\u043b\u043d\u0438\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439:<br \/><strong><em>apt install -y amavisd-new spamassassin clamav clamav-daemon unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl postgrey<br \/><\/em><\/strong>\u0442.\u043a. amavisd, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0444\u0438\u043b\u044c\u0442\u0440\u044b SpamAssassin, \u043c\u044b \u043c\u043e\u0436\u0435\u043c \u043e\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c SpamAssassin \u0434\u043b\u044f \u044d\u043a\u043e\u043d\u043e\u043c\u0438\u0438 \u043f\u0430\u043c\u044f\u0442\u0438<br \/><strong><em>service spamassassin stop<br \/>update-rc.d -f spamassassin remove<br \/><\/em><\/strong>\u0417\u0430\u043f\u0443\u0441\u0442\u0438\u043c ClamAV&nbsp;<br \/><strong><em>freshclam<br \/>service clamav-daemon start<\/em><\/strong><\/p>\n<details class=\"spoiler\">\n<summary>\u041e\u0448\u0438\u0431\u043a\u0443 \u043f\u0440\u0438 \u043f\u0435\u0440\u0432\u043e\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0438\u0433\u043d\u043e\u0440\u0438\u0440\u0443\u0435\u043c<\/summary>\n<div class=\"spoiler__content\">\n<p><em>root@ispnginx:~# service spamassassin stop<br \/>root@ispnginx:~# update-rc.d -f spamassassin remove<br \/>root@ispnginx:~# freshclam<br \/>WARNING: Ignoring deprecated option SafeBrowsing at \/etc\/clamav\/freshclam.conf:22<br \/>ERROR: \/var\/log\/clamav\/freshclam.log is locked by another process<br \/>ERROR: Problem with internal logger (UpdateLogFile = \/var\/log\/clamav\/freshclam.log).<br \/>ERROR: initialize: libfreshclam init failed.<br \/>ERROR: Initialization error!<br \/>root@ispnginx:~# service clamav-daemon start<br \/>root@ispnginx:~#<\/em><\/p>\n<\/div>\n<\/details>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Nginx, PHP 7.4 (PHP-FPM), and Fcgiwrap<\/h2>\n<p>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c nginx<br \/><strong><em>apt-get install nginx<\/em><\/strong><\/p>\n<p>\u041e\u0431\u0440\u0430\u0449\u0430\u0442\u044c\u0441\u044f \u043a \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u0443 \u043c\u044b \u0431\u0443\u0434\u0435\u043c \u0447\u0435\u0440\u0435\u0437&nbsp;PHP-FPM (FastCGI Process Manager), \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c \u0435\u0433\u043e:<br \/><strong><em>apt-get -y install php7.4-fpm<\/em><\/strong><\/p>\n<p>\u041f\u043e\u0438\u0449\u0435\u043c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043c\u043e\u0434\u0443\u043b\u0438 php:<br \/><strong><em>apt-cache search php7.4<\/em><\/strong><\/p>\n<p>\u0412\u044b\u0431\u0435\u0440\u0435\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c:<br \/><strong><em>apt install -y php7.4-common php7.4 php7.4-gd php7.4-mysql php7.4-imap php7.4-cli php7.4-cgi php7.4-curl php7.4-pspell php7.4-intl php7.4-sqlite3 php7.4-tidy php7.4-xml php7.4-xmlrpc php7.4-zip php7.4-xsl php7.4-mbstring php7.4-soap php-pear mcrypt imagemagick libruby memcached php-memcache php-imagick php-soap php-apcu<\/em><\/strong><\/p>\n<p>\u041e\u0442\u043a\u0440\u043e\u0435\u043c \u0444\u0430\u0439\u043b&nbsp;<br \/> <strong>vi \/etc\/php\/7.4\/fpm\/php.ini<br \/><\/strong>\u0418 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c&nbsp;cgi.fix_pathinfo=0,&nbsp;your timezone, short_open_tag= On<\/p>\n<details class=\"spoiler\">\n<summary>\/etc\/php\/7.4\/fpm\/php.ini<\/summary>\n<div class=\"spoiler__content\">\n<p><em>[&#8230;]<br \/>cgi.fix_pathinfo=<\/em><strong><em>0<br \/><\/em><\/strong><em>[&#8230;]<br \/>date.timezone=&#187;Europe\/Moscow&#187;<br \/>[&#8230;]<br \/>short_open_tag = On<br \/>[&#8230;]<\/em><\/p>\n<\/div>\n<\/details>\n<p>\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u043c PHP-FPM:<br \/><strong><em>service php7.4-fpm reload<br \/><\/em><\/strong>\u0427\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0443 CGI \u0432 nginx, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Fcgiwrap:<br \/><strong><em>apt-get -y install fcgiwrap<\/em><\/strong><\/p>\n<h2>\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c phpmyadmin<\/h2>\n<p><strong><em>apt-get -y install phpmyadmin&nbsp;php-mbstring&nbsp;<br \/><\/em><\/strong>\u0412 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a \u0441\u043f\u0440\u043e\u0441\u0438\u0442 \u043f\u043e\u0434 \u043a\u0430\u043a\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c pma, \u043d\u043e \u0438\u0437 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0442\u043e\u043b\u044c\u043a\u043e apache \u0438 lighthttpd, \u043f\u043e\u0442\u043e\u043c\u0443 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0432\u044b\u0431\u0438\u0440\u0430\u0435\u043c :<\/p>\n<figure class=\"full-width\"><figcaption><\/figcaption><\/figure>\n<p>\u0422\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u0432\u043e\u043f\u0440\u043e\u0441 \u043e\u0431 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0435 \u043f\u0430\u0440\u043e\u043b\u044f MySQL application password for phpmyadmin:&nbsp;&lt;&#8212; Press Enter<\/p>\n<figure class=\"full-width\"><figcaption><\/figcaption><\/figure>\n<p>\u0414\u0430\u043b\u0435\u0435 \u0441\u043e\u0433\u043b\u0430\u0448\u0430\u0435\u043c\u0441\u044f&nbsp;<br \/>Configure database for phpmyadmin with dbconfig-common? <strong>&lt;&#8212; Yes<\/strong><\/p>\n<figure class=\"full-width\"><figcaption><\/figcaption><\/figure>\n<h2> \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043c Let&#8217;s Encrypt, PureFTPd \u0438 Quota<\/h2>\n<p><strong><em>apt install -y  certbot pure-ftpd-common pure-ftpd-mysql quota quotatool<\/em><\/strong><\/p>\n<p>\u041e\u0442\u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u0443\u0435\u043c&nbsp;\u0444\u0430\u0439\u043b <em>\/etc\/default\/pure-ftpd-common <\/em>\u0438 \u0443\u0431\u0435\u0434\u0438\u043c\u0441\u044f, \u0447\u0442\u043e start mode =&nbsp;<em>standalone<\/em>&nbsp;\u0438&nbsp;<em>VIRTUALCHROOT=true<\/em><br \/><strong><em>vi \/etc\/default\/pure-ftpd-common<br \/><\/em><\/strong>\u0412\u043a\u043b\u044e\u0447\u0438\u043c FTPS \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439<br \/><strong><em>echo 1 &gt; \/etc\/pure-ftpd\/conf\/TLS<br \/><\/em><\/strong>\u0421\u043e\u0437\u0434\u0430\u0434\u0438\u043c \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u044e \u0434\u043b\u044f \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432<br \/><strong><em>mkdir -p \/etc\/ssl\/private\/<br \/><\/em><\/strong>\u0418 \u0441\u0435\u0433\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u043c \u0441\u0430\u043c SSL \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442<br \/><strong><em>openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout \/etc\/ssl\/private\/pure-ftpd.pem -out \/etc\/ssl\/private\/pure-ftpd.pem<br \/><\/em><\/strong>\u041f\u043e\u043c\u0435\u043d\u044f\u0435\u043c \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0444\u0430\u0439\u043b:<br \/><strong><em>chmod 600<\/em><\/strong><\/br><\/strong><\/br><\/strong><\/br><\/strong><\/br><\/strong><\/br><\/p>\n<\/p>\n<p><\/strong><\/br><\/p>\n<p><\/em><\/strong><\/em><\/p>\n<\/div>\n<\/details>\n<p><\/br><\/p>\n<\/p>\n<\/p>\n<p><\/br><\/br><\/br><\/br><\/br><\/em><\/p>\n<\/div>\n<\/details>\n<p><\/br><\/em><\/strong><\/br><\/strong><\/br><\/p>\n<\/div>\n<\/details>\n<p><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/em><\/p>\n<\/div>\n<\/details>\n<p><\/br><\/br><\/br><\/strong><\/br><\/p>\n<p><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/br><\/em><\/p>\n<\/div>\n<\/details>\n<p><\/strong><\/br><\/em><\/strong><\/br><\/p>\n<\/p>\n<p><\/br><\/p>\n<p><\/br><\/p>\n<\/p>\n<\/div>\n<\/details>\n<p><\/br><\/strong><\/br><\/strong><\/br><\/p>\n<p><\/br><\/br><\/br><\/em><\/em><\/p>\n<\/div>\n<\/details>\n<p><\/br><\/br><\/br><\/p>\n<p><\/br><\/em><\/p>\n<\/div>\n<\/details>\n<p><\/br><\/p>\n<p><\/br><\/br><\/br><\/br><\/br><\/em><\/p>\n<\/div>\n<\/details>\n<p><\/br><\/p>\n<\/div>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-325639","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/325639","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=325639"}],"version-history":[{"count":0,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/325639\/revisions"}],"wp:attachment":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=325639"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=325639"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=325639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}