Scribd Logo
Upload

Welcome to Scribd!

  • Install and Configure Linux Server Services

    Uploaded by

    Aldizal Nur
    49 views12 pages
    This document provides instructions for installing and configuring a Debian server with DNS, HTTP, proxy, mail, webmail, DHCP, and NTP services. It includes steps to install and configure Bind for DNS, Apache for the web server, Squid as the proxy server, Postfix and Dovecot for email, Squirrelmail for webmail, dhcpd for DHCP services, and NTP for time synchronization. Network and firewall configurations are also provided to enable the various services.

    Original Description:

    how to build server usin debian

    Original Title

    Debian Server

    Copyright

    © © All Rights Reserved

    Available Formats

    RTF, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for installing and configuring a Debian server with DNS, HTTP, proxy, mail, webmail, DHCP, and NTP services. It includes steps to install and configure Bind for DNS, Apache for the web server, Squid as the proxy server, Postfix and Dovecot for email, Squirrelmail for webmail, dhcpd for DHCP services, and NTP for time synchronization. Network and firewall configurations are also provided to enable the various services.

    Copyright:

    © All Rights Reserved
    Download as RTF, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    49 views12 pages

    Install and Configure Linux Server Services

    Uploaded by

    Aldizal Nur
    This document provides instructions for installing and configuring a Debian server with DNS, HTTP, proxy, mail, webmail, DHCP, and NTP services. It includes steps to install and configure Bind for DNS, Apache for the web server, Squid as the proxy server, Postfix and Dovecot for email, Squirrelmail for webmail, dhcpd for DHCP services, and NTP for time synchronization. Network and firewall configurations are also provided to enable the various services.

    Copyright:

    © All Rights Reserved
    Download as RTF, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    Install Debian Server

    ip address = 192.168.22.6/29
    gateway = 192.168.22.1

    !!!!Installasi dan konfigurasi dns server (bind9)!!!!


    #apt-get install bind9
    ================================> File Konfigurasi utama
    edit file /etc/bind/named.conf.local
    #pico /etc/bind/named.conf.local
    tambahkan
    zone lks22.sch.id {
    type master;
    file /etc/bind/lks22.zone;
    };
    zone 22.168.192.in-addr.arpa {
    type master;
    file /etc/bind/lks22.rev;
    };
    ================================= > File Zone DNS Forward
    buat file /etc/bind/lks22.zone
    #pico /etc/bind/lks22.zone
    ketikkan
    $TTL 2D
    @
    IN
    1
    2H
    1H
    1W
    1D )
    @
    IN
    @
    IN
    @
    IN
    www IN

    SOA

    lks22.sch.id. root.lks22.sch.id. (

    NS
    server22.
    A
    192.168.22.6
    MX 10 lks22.sch.id.
    CNAME
    lks22.sch.id.

    ====================================== > Zone Reverse


    buat file /etc/bind/lks22.rev
    #pico /etc/bind/lks22.rev
    ketikkan
    $TTL 2D
    @
    IN
    2
    2H
    1H
    1W
    1D )
    @
    IN
    6
    IN

    SOA

    lks22.sch.id. root.lks22.sch.id. (

    NS
    PTR

    server22.
    lks22.sch.id.

    ======================================= > File Resolving (penamaan)


    buat file resolv.conf
    #pico /etc/resolv.conf
    isikan
    nameserver 192.168.22.6
    ======================================== > File Daemon Service
    Restart bind9
    #/etc/init.d/bind9 restart
    ====================================== Uji Service
    uji dengan perintah nslookup
    #nslookup www.lks22.sch.id
    #nslookup 192.168.22.6

    !!!!Installasi dan Konfigurasi HTTP Server!!!!


    Install apache2, php5
    #apt-get install apache2 php5 libapache2-mod-php5 php5-cgi
    copy file /etc/apache2/sites-available/default
    #cp /etc/apache2/sites-available/default /etc/apache2/sites-available/lks22
    edit file lks22
    #pico /etc/apache2/sites-available/lks22
    ubah pada bagian string
    DocumentRoot /web/
    <Directory /web/>
    #RedirectMatch ^/$ /apache2-default/
    delete file default
    #rm /etc/apache2/sites-enabled/000-default
    aktifkan site lks22 dengan perintah
    #a2ensite lks22
    buat folder /web
    #mkdir /web
    buat file html dan php di folder /web
    #pico /web/index.html
    isikan dengan
    <html>
    <title>server22</title>
    <body>Welcome to Lomba Keterampilan Siswa 2009 in Jakarta</body>
    </html>

    #pico /web/phpinfo.php

    <?
    print_r (phpinfo());
    ?>
    ubah atribut folder /web beserta isinya
    #chmod -R 755 /web
    restart apache2
    #/etc/init.d/apache2 restart
    uji dengan perintah
    #w3m www.lks22.sch.id
    #w3m www.lks22.sch.id/phpinfo.php

    !!!!Installasi dan Konfigurasi Proxy Server (Squid)!!!!


    Installasi squid dengan perintah
    #apt-get install squid
    edit file /etc/squid/squid.conf
    #pico /etc/squid/squid.conf
    http_port 3128 transparent
    visible_hostname server22
    acl block dstdomain /etc/squid/block
    acl lan1 src 192.168.22.0/255.255.255.248
    acl lan2 src 172.16.22.0/255.255.255.240
    acl lan3 src 10.10.10.0/255.255.255.0
    http_access deny block
    http_access allow lan1
    http_access allow lan2
    http_access allow lan3

    buat file block


    #pico /etc/squid/block
    isikan dengan website yang di block
    www.debian.org
    www.redhat.org
    www.google.com
    www.susefaq.sourceforge.net
    www.linux.or.id
    restart squid
    #/etc/init.d/squid restart
    konfigurasi transparent proxy dengan iptables
    #iptables -t nat -A PREROUTING -p tcp -s 192.168.22.0/29 dport 80 -j DNAT to-destination
    192.168.22.6:3128
    #iptables -t nat -A PREROUTING -p tcp -s 172.16.22.0/28 dport 80 -j DNAT to-destination
    192.168.22.6:3128
    #iptables -t nat -A PREROUTING -p tcp -s 10.10.10.0/24 dport 80 -j DNAT to-destination
    192.168.22.6:3128
    memberikan perintah iptables otomatis saat reboot
    edit file rc.local
    #pico /etc/rc.local
    tambahkan
    iptables -t nat -A PREROUTING -p tcp -s 192.168.22.0/29 dport 80 -j DNAT to-destination
    192.168.22.6:3128
    iptables -t nat -A PREROUTING -p tcp -s 172.16.22.0/28 dport 80 -j DNAT to-destination
    192.168.22.6:3128
    iptables -t nat -A PREROUTING -p tcp -s 10.10.10.0/24 dport 80 -j DNAT to-destination
    192.168.22.6:3128
    tambahkan sebelum exit0
    iptables t nat A POSTROUTING s 0/0 d 0/0 o eth0 j MASQUERADE

    !!!!Installasi dan Konfigurasi Mail Server (Postfix <MTA> dan


    Dovecot<MDA>)!!!!
    remove exim4 dan procmail
    #apt-get remove exim4*
    #apt-get remove procmail
    install dan konfigurasi postfix
    #apt-get install postfix
    ok
    Internet Site
    lks22.sch.id
    ubah mail directory menjadi maildir
    #postconf -e 'home_mailbox = Maildir/'
    konfigurasi ulang postfix
    #dpkg-reconfigure postfix
    ok
    Internet Site
    lks22.sch.id
    blank it
    lks22.sch.id, localhost.localdomain, localhost
    no
    blank it
    0
    +
    ipv4, ok
    test postfix
    #telnet www.lks22.sch.id 25
    Installasi dan konfigurasi dovecot
    install dovecot
    #apt-get install dovecot dovecot-imapd dovecot-pop3d

    edit file /etc/dovecot/dovecot.conf


    #pico /etc/dovecot/dovecot.conf
    ssl_disable = no
    ssl_cert_file = /etc/ssl/certs/dovecot.pem
    ssl_key_file = /etc/ssl/private/dovecot.pem
    disable_plaintext_auth = no
    mail_location = maildir:~/Maildir
    protocols imap pop3
    restart dovecot
    #/etc/init.d/dovecot restart
    test dovecot
    #telnet www.lks22.sch.id 110
    menambahkan alamat email admin@lks22.sch.id
    #useradd -s /bin/false -m admin
    tambahkan password untuk user admin
    #passwd admin

    !!!!Installasi dan Konfigurasi Webmail (squirrelmail)!!!!


    install squirrelmail
    #apt-get install squirrelmail
    konfigurasi file /etc/squirrelmail/apache.conf
    #pico /etc/squirrelmail/apache.conf
    edit
    Alias /webmail
    edit file /etc/apache2/apache2.conf
    #pico /etc/apache2/apache2.conf
    tambahkan
    Include /etc/squirrelmail/apache.conf
    restart apache2
    #/etc/init.d/apache2 restart
    test squirrelmail
    #w3m www.lks22.sch.id/webmail

    !!!!Installasi dan Konfigurasi dhcp server (dhcp3-server)!!!!


    install dhcp3-server
    #apt-get install dhcp3-server
    ======================================= > File Konfigurasi
    edit file /etc/dhcp3/dhcpd.conf
    tambahkan
    subnet 192.168.22.0 netmask 255.255.255.248 {
    range 192.168.22.1 192.168.22.5;
    option domain-name-servers 192.168.22.6;

    option domain-name www.lks22.sch.id;


    option broadcast-address 192.168.22.7;
    default-lease-time 86400;
    max-lease-time 172800;
    }
    host router22 {
    hardware ethernet xx:xx:xx:xx:xx:xx;
    fixed-address 192.168.22.1;
    }
    ==================================== > File interface
    edit file /etc/default/dhcp3-server
    #pico /etc/default/dhcp3-server
    edit
    INTERFACES=eth0
    ===================================== > File Daemon
    restart dhcp3-server
    #/etc/init.d/dhcp3-server restart

    KONFIGURASI NTP

    1. instal paket dari NTP yang diperlukan:


    #apt-get install ntpdate ntp-server
    2. lakukan editing file ntp.conf
    #nano /etc/ntp.conf
    3. edit file ntp.conf seperti dibawah ini:
    #ntp.conf
    # You do need to talk to an NTP server or two (or three).
    #server ntp.your-provider.example

    # pool.ntp.org maps to more than 300 low-stratum NTP servers.


    # Your server will pick a different set every time it starts up.
    # *** Please consider joining the pool! ***
    # *** ***
    #server 0.debian.pool.ntp.org iburst
    #server 1.debian.pool.ntp.org iburst
    #server 2.debian.pool.ntp.org iburst
    #server 3.debian.pool.ntp.org iburst
    #server 192.168.7.1 # local clock
    #fudge 192.168.7.1
    server 127.127.1.0 #local clock
    fudge 127.127.1.0 stratum 10

    # By default, exchange time with everybody, but dont allow configuration.


    # See /usr/share/doc/ntp-doc/html/accopt.html for details.
    #restrict -4 default kod notrap nomodify nopeer noquery
    #restrict -6 default kod notrap nomodify nopeer noquery

    # Local users may interrogate the ntp server more closely.


    restrict 127.0.0.1
    #restrict ::1
    # Clients from this (example!) subnet have unlimited access,
    # but only if cryptographically authenticated
    #restrict 192.168.123.0 mask 255.255.255.0 notrust
    restrict 192.168.7.0 mask 255.255.255.248 nomodify notrap
    # If you want to provide time to your local subnet, change the next line.
    # (Again, the address is an example only.)
    #broadcast 192.168.123.255
    # If you want to listen to time broadcasts on your local subnet,

    # de-comment the next lines. Please do this only if you trust everybody
    # on the network!
    #disable auth
    #broadcastclient
    keterangan yang bertuliskan bold:
    bold pertama:
    memasukkan alamat lokal yang akan kita pkai acuan time server
    bold kedua:
    dipagarkan
    bold ketiga:
    alamat network yang akan kita pakai pada network kita. apabila hanya menggunakan 1 network, buat
    seperti diatas. namun apabila menggunakan 2 atau lebih, masukkan alamat network pada baris
    dibawahnya.
    4. simpan dan keluar dengan mengetikkan ctrl+x dan y, lalu tekan enter.
    5. cek service dari NTP:
    #ntpq- p
    jika sudah ada output dari service tersebut (output local), berarti service NTP telah berjalan.
    6. sinkronisasikan dengan ntp server lokal
    #ntpdate -u 127.0.0.1 (IP localhost)
    *terkadang kita memang memerlukan waktu agar clock server local menjadi stabil, jadi mungin saat
    sinkronisasi pertama, akan keluar output no server suitable bla.. bla... jika memang demikian, tunggu
    10-15 menit dan ulangi lagi langkah nomer 6.

    FIREWALL NTP
    iptables A INPUT s 0/0 p udp dport 123 j ACCEPT

    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!@sdf!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    You might also like