The Perfect Server: Ubuntu 11.10 Oneiric Ocelot With Nginx , Chapter 4.

PureFTPd and quota can be installed with the following command:

apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool

Edit the file:

/etc/default/pure-ftpd-common...

vi /etc/default/pure-ftpd-common

... and make sure that the start mode is set to standalone and set VIRTUALCHROOT=true:

[...] STANDALONE_OR_INETD=standalone [...] VIRTUALCHROOT=true [...]

Now we configure PureFTPd to allow FTP and TLS sessions. FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure.

If you want to allow FTP and TLS sessions, run

echo 1 > /etc/pure-ftpd/conf/TLS

In order to use TLS, we must create an SSL certificate. I create it in /etc/ssl/private/, therefore I create that directory first:

mkdir -p /etc/ssl/private/

Afterwards, we can generate the SSL certificate as follows:

openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem

Country Name (2 letter code) [AU]: <-- Enter your Country Name (e.g., "DE").

State or Province Name (full name) [Some-State]: <-- Enter your State or Province Name.
Locality Name (eg, city) []: <-- Enter your City.
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- Enter your Organization Name (e.g., the name of your company).
Organizational Unit Name (eg, section) []: <-- Enter your Organizational Unit Name (e.g. "IT Department").
Common Name (eg, YOUR name) []: <-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com").
Email Address []: <-- Enter your Email Address.
Change the permissions of the SSL certificate:

chmod 600 /etc/ssl/private/pure-ftpd.pem

Then restart PureFTPd:

/etc/init.d/pure-ftpd-mysql restart

Edit /etc/fstab. Mine looks like this (I added ,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 to the partition with the mount point /):

vi /etc/fstab

# /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc nodev,noexec,nosuid 0 0 /dev/mapper/server1-root / ext4 errors=remount-ro,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 0 1 # /boot was on /dev/sda1 during installation UUID=6fbce377-c3d6-4eb3-8299-88797d4ad18d /boot ext2 defaults 0 2 /dev/mapper/server1-swap_1 none swap sw 0 0 /dev/fd0 /media/floppy0 auto rw,user,noauto,exec,utf8 0 0

To enable quota, run these commands:

mount -o remount /

quotacheck -avugm
quotaon -avug

17. Install BIND DNS Server.

BIND can be installed as follows:

apt-get install bind9 dnsutils

18. Install Vlogger, Webalizer, And AWstats.

Vlogger, webalizer, and AWstats can be installed as follows:

apt-get install vlogger webalizer awstats geoip-database

Open /etc/cron.d/awstats afterwards...

vi /etc/cron.d/awstats

... and comment out both cron jobs in that file:

#*/10 * * * * www-data [ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh # Generate static reports: #10 03 * * * www-data [ -x /usr/share/awstats/tools/buildstatic.sh ] && /usr/share/awstats/tools/buildstatic.sh

19. Install Jailkit.

Jailkit is needed only if you want to chroot SSH users. It can be installed as follows (important: Jailkit must be installed before ISPConfig - it cannot be installed afterwards!):

apt-get install build-essential autoconf automake1.9 libtool flex bison debhelper binutils-gold

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.14.tar.gz
tar xvfz jailkit-2.14.tar.gz
cd jailkit-2.14
./debian/rules binary

You can now install the Jailkit .deb package as follows:

cd ..
dpkg -i jailkit_2.14-1_*.deb
rm -rf jailkit-2.14*

20. Install fail2ban.

This is optional but recommended, because the ISPConfig monitor tries to show the fail2ban log:

apt-get install fail2ban

To make fail2ban monitor PureFTPd, SASL, and Courier, create the file /etc/fail2ban/jail.local:

vi /etc/fail2ban/jail.local

[pureftpd] enabled = true port = ftp filter = pureftpd logpath = /var/log/syslog maxretry = 3 [sasl] enabled = true port = smtp filter = sasl logpath = /var/log/mail.log maxretry = 5 [courierpop3] enabled = true port = pop3 filter = courierpop3 logpath = /var/log/mail.log maxretry = 5 [courierpop3s] enabled = true port = pop3s filter = courierpop3s logpath = /var/log/mail.log maxretry = 5 [courierimap] enabled = true port = imap2 filter = courierimap logpath = /var/log/mail.log maxretry = 5 [courierimaps] enabled = true port = imaps filter = courierimaps logpath = /var/log/mail.log maxretry = 5

Then create the following five filter files:

vi /etc/fail2ban/filter.d/pureftpd.conf

[Definition] failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.* ignoreregex =

vi /etc/fail2ban/filter.d/courierpop3.conf

# Fail2Ban configuration file # # $Revision: 100 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "<HOST>" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # failregex = pop3d: LOGIN FAILED.*ip=\[.*:<HOST>\] # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =

vi /etc/fail2ban/filter.d/courierpop3s.conf

# Fail2Ban configuration file # # $Revision: 100 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "<HOST>" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # failregex = pop3d-ssl: LOGIN FAILED.*ip=\[.*:<HOST>\] # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =

vi /etc/fail2ban/filter.d/courierimap.conf

# Fail2Ban configuration file # # $Revision: 100 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "<HOST>" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # failregex = imapd: LOGIN FAILED.*ip=\[.*:<HOST>\] # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =

vi /etc/fail2ban/filter.d/courierimaps.conf

# Fail2Ban configuration file # # $Revision: 100 $ # [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "<HOST>" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?P<host>\S+) # Values: TEXT # failregex = imapd-ssl: LOGIN FAILED.*ip=\[.*:<HOST>\] # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =

Restart fail2ban afterwards:

/etc/init.d/fail2ban restart 

To install the SquirrelMail webmail client, run

apt-get install squirrelmail

Then configure SquirrelMail:

squirrelmail-configure

We must tell SquirrelMail that we are using Courier-IMAP/-POP3:
SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1.  Organization Preferences
2.  Server Settings
3.  Folder Defaults
4.  General Options
5.  Themes
6.  Address Books
7.  Message of the Day (MOTD)
8.  Plugins
9.  Database
10. Languages

D.  Set pre-defined settings for specific IMAP servers

C   Turn color on
S   Save data
Q   Quit

Command >> <-- D


SquirrelMail Configuration : Read: config.php
---------------------------------------------------------
While we have been building SquirrelMail, we have discovered some
preferences that work better with some servers that don't work so
well with others.  If you select your IMAP server, this option will
set some pre-defined settings for that server.

Please note that you will still need to go through and make sure
everything is correct.  This does not change everything.  There are
only a few settings that this will change.

Please select your IMAP server:
    bincimap    = Binc IMAP server
    courier     = Courier IMAP server
    cyrus       = Cyrus IMAP server
    dovecot     = Dovecot Secure IMAP server
    exchange    = Microsoft Exchange IMAP server
    hmailserver = hMailServer
    macosx      = Mac OS X Mailserver
    mercury32   = Mercury/32
    uw          = University of Washington's IMAP server
    gmail       = IMAP access to Google mail (Gmail) accounts

    quit        = Do not change anything
Command >> <-- courier


SquirrelMail Configuration : Read: config.php
---------------------------------------------------------
While we have been building SquirrelMail, we have discovered some
preferences that work better with some servers that don't work so
well with others.  If you select your IMAP server, this option will
set some pre-defined settings for that server.

Please note that you will still need to go through and make sure
everything is correct.  This does not change everything.  There are
only a few settings that this will change.

Please select your IMAP server:
    bincimap    = Binc IMAP server
    courier     = Courier IMAP server
    cyrus       = Cyrus IMAP server
    dovecot     = Dovecot Secure IMAP server
    exchange    = Microsoft Exchange IMAP server
    hmailserver = hMailServer
    macosx      = Mac OS X Mailserver
    mercury32   = Mercury/32
    uw          = University of Washington's IMAP server

    quit        = Do not change anything
Command >> courier

              imap_server_type = courier
         default_folder_prefix = INBOX.
                  trash_folder = Trash
                   sent_folder = Sent
                  draft_folder = Drafts
            show_prefix_option = false
          default_sub_of_inbox = false
show_contain_subfolders_option = false
            optional_delimiter = .
                 delete_folder = true

Press enter to continue... <-- ENTER


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1.  Organization Preferences
2.  Server Settings
3.  Folder Defaults
4.  General Options
5.  Themes
6.  Address Books
7.  Message of the Day (MOTD)
8.  Plugins
9.  Database
10. Languages

D.  Set pre-defined settings for specific IMAP servers

C   Turn color on
S   Save data
Q   Quit

Command >> <-- S


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1.  Organization Preferences
2.  Server Settings
3.  Folder Defaults
4.  General Options
5.  Themes
6.  Address Books
7.  Message of the Day (MOTD)
8.  Plugins
9.  Database
10. Languages

D.  Set pre-defined settings for specific IMAP servers

C   Turn color on
S   Save data
Q   Quit

Command >> S

Data saved in config.php
Press enter to continue... <-- ENTER


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1.  Organization Preferences
2.  Server Settings
3.  Folder Defaults
4.  General Options
5.  Themes
6.  Address Books
7.  Message of the Day (MOTD)
8.  Plugins
9.  Database
10. Languages

D.  Set pre-defined settings for specific IMAP servers

C   Turn color on
S   Save data
Q   Quit

Command >> <-- Q
You can now find SquirrelMail in the /usr/share/squirrelmail/ directory.
After you have installed ISPConfig 3, you can access SquirrelMail as follows:
The ISPConfig apps vhost on port 8081 for nginx comes with a SquirrelMail configuration, so you can use http://server1.example.com:8081/squirrelmail or http://server1.example.com:8081/webmail to access SquirrelMail.

If you want to use a /webmail or /squirrelmail alias that you can use from your web sites, this is a bit more complicated than for Apache because nginx does not have global aliases (i.e., aliases that can be defined for all vhosts). Therefore you have to define these aliases for each vhost from which you want to access SquirrelMail.
To do this, paste the following into the nginx Directives field on the Options tab of the web site in ISPConfig:

location /squirrelmail { root /usr/share/; index index.php index.html index.htm; location ~ ^/squirrelmail/(.+\.php)$ { try_files $uri =404; root /usr/share/; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $request_filename; include /etc/nginx/fastcgi_params; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_buffer_size 128k; fastcgi_buffers 256 4k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; } location ~* ^/squirrelmail/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/; } } location /webmail { rewrite ^/* /squirrelmail last; }

If you use https instead of http for your vhost, you should add the line fastcgi_param HTTPS on; to your SquirrelMail configuration like this:

location /squirrelmail { root /usr/share/; index index.php index.html index.htm; location ~ ^/squirrelmail/(.+\.php)$ { try_files $uri =404; root /usr/share/; fastcgi_pass 127.0.0.1:9000; fastcgi_param HTTPS on; # <-- add this line fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $request_filename; include /etc/nginx/fastcgi_params; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_buffer_size 128k; fastcgi_buffers 256 4k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; } location ~* ^/squirrelmail/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/; } } location /webmail { rewrite ^/* /squirrelmail last; }

If you use both http and https for your vhost, you need to add the following section to the http {} section in /etc/nginx/nginx.conf (before any include lines) which determines if the visitor uses http or https and sets the $fastcgi_https variable (which we will use in our SquirrelMail configuration) accordingly:

vi /etc/nginx/nginx.conf

[...] http { [...] ## Detect when HTTPS is used map $scheme $fastcgi_https { default off; https on; } [...] } [...]

Don't forget to reload nginx afterwards:

/etc/init.d/nginx reload

Then go to the nginx Directives field again, and instead of fastcgi_param HTTPS on; you add the line fastcgi_param HTTPS $fastcgi_https; so that you can use SquirrelMail for both http and https requests:

location /squirrelmail {
               root /usr/share/;
               index index.php index.html index.htm;
               location ~ ^/squirrelmail/(.+\.php)$ {
                       try_files $uri =404;
                       root /usr/share/;
                       fastcgi_pass 127.0.0.1:9000;
                       fastcgi_param HTTPS $fastcgi_https; # <-- add this line
                       fastcgi_index index.php;
                       fastcgi_param SCRIPT_FILENAME $request_filename;
                       include /etc/nginx/fastcgi_params;
                       fastcgi_param PATH_INFO $fastcgi_script_name;
                       fastcgi_buffer_size 128k;
                       fastcgi_buffers 256 4k;
                       fastcgi_busy_buffers_size 256k;
                       fastcgi_temp_file_write_size 25

Custom Search

If you liked this article, subscribe to the feed by clicking the image below to keep informed about new contents of the blog:

The Siduction distribution is a desktop-oriented operating system and live medium based on the "unstable" branch of Debian GNU/Linux.

The Siduction distribution is a desktop-oriented operating system and live medium based on the "unstable" branch of Debian GNU/Linux.

Forked from aptosid in late 2011, siduction offers three separate live media with KDE, LXDE and Xfce desktops.

The project also promises regular releases, an open development model, and friendly relationship with its developer and user community.

Updates (via Distrowatch):

Ferdinand Thommes has announced the release of siduction 11.1, a desktop-oriented distribution and live CD/DVD based on Debian's "unstable" branch, recently forked from aptosid: "We are excited to present to you, after last week's release candidate, the first final release of siduction, a new distribution based on our great mother Debian's 'Unstable' branch and forked from aptosid. This first release ships three desktop environments - KDE SC, Xfce and LXDE, all three in 32-bit and 64-bit editions.

The released images represent a snapshot of Debian 'Sid' from 2011-12-30, improved with a few useful packages and scripts, an installer, and our own, patched version of kernel 3.1-6 and X.Org server 1.11.2.902."

Read the remainder of the release notes for further details. Download: siduction-11.1-kde-i386.iso (965MB, SHA256), siduction-11.1-kde-amd64.iso (961MB, SHA256), siduction-11.1-lxde-i386.iso (630MB, SHA256), siduction-11.1-lxde-amd64.iso (625MB, SHA256), siduction-11.1-xfce-i386.iso (823MB, SHA256), siduction-11.1-xfce-amd64.iso (819MB, SHA256).

Recent versions:

  • 2011-12-31: Distribution Release: siduction 11.1
 • 2011-12-22: Development Release: siduction 11.1 RC


Download:

Siduction uses different mirrors for our users to obtain our images, kernel and packages in a most comfortable way. Please choose a mirror close to you. Mirrors that provide a deb-line can be used in /etc/apt/sources.list.d/siduction.list. We need more mirrors. If you can provide one or know someone that could, please contact us. A mirror needs to be able to handle heavy traffic, so universities and other institutions are the most likely hosters.

siduction, as a Linux-LIVE-DVD/CD, is heavily compressed. For that reason, please be careful, if you burn a CD/DVD to install from or run live. Please use DAO-mode (disk at once) and don't burn faster than 8x. Nowadays its a lot easier and more convenient to just use dd or cat to put the iso-image on a usb-pen and boot right of that. Please see the manual section about installs for that.

Download  URLs, bitte gebt den Mirrors etwas Zeit zur Synchronisation:

Europa

• Freie Universität Berlin/ spline (Student Project LInux NEtwork), Deutschland
  ftp://ftp.spline.de/pub/siduction/iso
  
  

  deb ftp://ftp.spline.de/pub/siduction/siduction unstable main 
  deb ftp://ftp.spline.de/pub/siduction/fixes unstable main 
  deb-src ftp://ftp.spline.de/pub/siduction/siduction unstable main
  deb-src ftp://ftp.spline.de/pub/siduction/fixes unstable main 
  

Nord Amerika

• University of Delaware
  http://mirror.lug.udel.edu/pub/siduction/iso
  ftp://ftp.lug.udel.edu/pub/siduction/iso
  rsync://rsync.lug.udel.edu/siduction/iso

  deb ftp://ftp.lug.udel.edu/pub/siduction/siduction unstable main 
  deb-src ftp://ftp.lug.udel.edu/pub/siduction/siduction unstable main  
  deb ftp://ftp.lug.udel.edu/pub/siduction/fixes unstable main 
  deb-src ftp://ftp.lug.udel.edu/pub/siduction/fixes unstable main 
  

• Georgia Tech
  http://www.gtlib.gatech.edu/pub/siduction/iso
  ftp://ftp.gtlib.gatech.edu/pub/siduction/iso
  rsync://rsync.gtlib.gatech.edu/siduction/iso

Custom Search

If you liked this article, subscribe to the feed by clicking the image below to keep informed about new contents of the blog:

ExTiX is a desktop Linux distribution and live CD based on Ubuntu.

Previous versions of ExTiX were based on KNOPPIX/Debian. Version 7.0 of ExTiX was based on the Swiss Linux System Paldo. Version 8 of ExTiX was based on Debian Sid.

ExTiX 9 x64 is a remaster of Ubuntu 11.10 released on 13 October 2011. The original system includes the Desktop Environment Unity with Gnome 3.2. After removing Unity I have installed Gnome Shell and Razor-qt so that everyone on the spot (during live operation) can compare the different Desktop Environments.

I have also replaced the original kernel 3.0.0-14-generic with "my" kernel 3.1.6-extix. Kernel 3.1.6 is the latest available stable kernel, which can be downloaded from kernel.org. The system language is English.

Updates (via Distrowatch):

Arne Exton has announced the release of ExTiX 9, an Ubuntu-based desktop distribution for 64-bit computers with GNOME Shell and Razor-qt as the available desktop environments and the latest stable Linux kernel: "ExTiX 9 x64 is a remastered build of Ubuntu 11.10. The original system includes the Unity desktop with GNOME 3.2. In ExTiX 9, I have installed GNOME Shell and Razor-qt so that everyone can compare the two desktop environments. I have replaced the original kernel 3.0.0-14-generic with 'my' kernel 3.1.6-extix. Why? Support for many different kinds of hardware has been added in the latest stable kernel. So if you have acquired new hardware which is not supported in Ubuntu 11.10 and/or Linux systems based on Ubuntu 11.10 it might be worth testing ExTiX 9. There is, among other things, support for brand-new USB devices, like printers and cameras."

Visit the project's home page to read the release announcement.

Download: extix-9-x64-gnome3-1260mb-111228.iso (1,292MB, MD5).

Recent versions:

 • 2011-12-31: Distribution Release: ExTiX 9
 • 2009-07-14: Distribution Release: ExTiX 7.0


Why has the kernel been replaced?.

Latest Ubuntu (11:10) uses kernel 3.0.0-14-generic. There has been added a lot of different kinds of hardware support etc. in the latest stable kernel 3.1.6. So if you have acquired new hardware, which is not supported in Ubuntu 11.10 and/or Linux systems based on Ubuntu 11.10 it might be worth testing ExTiX 9. There is, among other things, support for brand new USB devices, like printers and cameras, etc. Odd support: Wii (which is not supported in Ubuntu's latest kernel 3.0.0-14-generic). If you just want to switch to "my" newer kernel (in your already installed Ubuntu system) you shall do it like this.

A. Get the kernel

B. Get the kernel-headers

Run these commands as root:

1) dpkg -i linux-image-3.1.6-extix_3.1.6-extix-10.00.Custom_amd64.deb

2) dpkg -i linux-headers-3.1.6-extix_3.1.6-extix-10.00.Custom_amd64.deb

3) cd /lib/modules

4) update-initramfs -ck 3.1.6-extix

5) update-grub


Program content etc
Among many other programs LibreOffice, Thunderbird, Firefox, Brasero, VLC, Gimp and win32 codecs. In addition, Java and all necessary additions in order to install programs from source. All programs have been updated to the latest available stable version as of 28 December 2011.

Compatibility.

Differences: Ubuntu 11.10 and ExTiX 9 is different only in principle to the terms of program content. A general truth: If an original system can run on a particular computer a "Exton remaster" of the same original system can run on the same computer.

I never change a Linux system for the worse in terms of auto configuration and hardware detection, etc. It happens that I replace the original kernel (which I have done in ExTiX 9), but always to a "better" one with even more native support for various hardware etc.

One problem: If you choose to install ExTiX 9 to hard disk or USB disk (not using UNetbootin), you should first disconnect your USB webcam. Towards the end of the installation you are asked to take a "login picture" with the webcam.

Then Ubiquity hangs. Nevertheless the actual installation is complete, except for the Grub2 installation, so unless you intend to install Grub2 in MBR (/dev/sda) there is no problem. Just do your changes in Grub2 or Grub Legacy and then restart the computer. Without a webcam plugged in, however, the installation program (Ubiquity) works perfectly. I guess the “webcam problem” is the same in the original system.

Installation to hard disk.

The installation program is in Swedish (if you choose so). Note that you in advance (just in case) should create a partition of at least 8 GB for ExTiX 9 and a SWAP space double the size of your computer's RAM. Ie if you have RAM of 1024 MB or less. If you have RAM of 2 GB or more it's enough with a SWAP space of 2 GB. The installation program in ExTiX 9/Ubuntu is otherwise "intuitive". Choose manual partitioning and select the partition you created in advance for installation. Re. the "webcam problem" - see the previous paragraph.

USB installation.

You should use UNetbootin in Linux See a picture how it looks before the installation starts in Windows 7. There's other ways to do it, but using UNetbootin is the best/safest way.

Instructions.
 
Read more about ExTiX 9 (if you understand Swedish)...


Download.

The ISO file (extix-9-x64-gnome3-1260mb-111228.iso) can be downloaded from the Swedish Linux Society's server.

ExTiX 9 x64 can also be downloaded from Sourceforge.net - Fast, secure and free downloads from the largest Open Source applications and software directory.

md5sum for ExTiX 9 ISO which is of 1260 MB.

 How do I run ExTiX?
In order to start the CD/DVD, first adjust the boot list in the BIOS Setup of your computer to boot from CD/DVD (before the hard drive). Put the DVD in and restart the computer. You run ExTiX as root (superadmin) or as the ordinary user live. Root's and live's password is root respectivly live. ExTiX 9 can also be installed to hard disk. Please use start alternative Install ExTiX to harddisk and Ubiquity will start. The program is very easy to use. Be sure to have one install partition of about 8 GB ready in advance though. You can also first test to run ExTiX 9 live and then start Ubiquity. Click on the Install icon on the desktop.

Internet connection
Normally, just start NetworkManager and do your settings. It pops up a box that alerts you that there is a Wireless network to join. Just insert your WAP/WEP password and connect! You can check which Wireless interface is correct by running the command iwconfig.

Maybe your Ethernet interface is eth1 or eth2 (instead of eth0). Check with the command ifconfig. Then change in Network Managers's Preferences and press Refresh!

How do I install and remove programs?
ExTiX/Ubuntu/Debian uses Apt/Synaptic. The most important commands are apt-get update and apt-get install program-name. You can read about package management with Apt HERE. Apt/Synaptic works extremely well. You can also install programs in ExTiX 9 from source using the commands 1) ./configure --prefix=/usr 2) make 3) make install. 

Screenshots.

ExTiX 9 Gnome 3.2:

ExTiX 9 Gnome 3.2 with Nvidia graphic card:

ExtiX 9 Gnome Shell:

ExtiX 9 with Razor-qt running:

 

ExtiX 9 with LXDE :

Custom Search

If you liked this article, subscribe to the feed by clicking the image below to keep informed about new contents of the blog:

ABINIT is an open-source suite of programs for materials science, distributed under the GNU General Public License.

ABINIT implements density functional theory, using a plane wave basis set and pseudopotentials, to compute the electronic density and derived properties of materials ranging from molecules to surfaces to solids. 

It is developed collaboratively by researchers throughout the world.

A web-based easy-to-use graphical version, which includes access to a limited set of ABINIT's full functionality, is available for free use through the nanohub. 

ABINIT implements density functional theory by solving the Kohn-Sham equations describing the electrons in a material, expanded in a plane wave basis set and using a self-consistent conjugate gradient method to determine the energy minimum. Computational efficiency is achieved through the use of fast Fourier transforms, and pseudopotentials to describe core electrons. 

As an alternative to standard norm-conserving pseudopotentials, the projector augmented-wave method may be used. In addition to total energy, forces and stresses are also calculated so that geometry optimizations and ab initio molecular dynamics may be carried out. 

Materials that can be treated by ABINIT include insulators, metals, and magnetically ordered systems including Mott-Hubbard insulators.

 

In addition to computing the electronic ground state of materials, ABINIT implements density functional perturbation theory to compute response functions including

    Phonons
    Dielectric response
    Born effective charges and IR oscillator strength tensor
    Response to strain and elastic properties
    Nonlinear responses, including piezoelectric response, Raman cross sections, and electro-optic response.

ABINIT can also compute excited state properties via

    time-dependent density functional theory
    many-body perturbation theory, using the GW approximation and Bethe-Salpeter equation.

ABINIT is a project that favours development and collaboration (short presentation of the ABINIT project - 10 pages in pdf).

Download:

• ABINIT : ABINIT source packages ; Browse latest sources ; Distribution packages
• Plugins : Plug-in sources (Information about these plugins : BigDFT; ETSF Tools - ETSF_IO and LibXC ; NetCDF; Wannier90).
• Atomic data files : Pseudopotentials ; Atomic data files; PAW Atomic Data ; Atomic Densities
• Post Processing tools : Vsim

Screenshots.

 

 

 

 

 

 

 

Custom Search

If you liked this article, subscribe to the feed by clicking the image below to keep informed about new contents of the blog:

The Perfect Server: Ubuntu 11.10 Oneiric Ocelot With Nginx , Chapter 3.

After the reboot you can login with your previously created username (e.g. administrator).

Because we must run all the steps from this tutorial with root privileges, we can either prepend all commands in this tutorial with the string sudo, or we become root right now by typing

sudo su 

(You can as well enable the root login by running

sudo passwd root

and giving root a password. You can then directly log in as root, but this is frowned upon by the Ubuntu developers and community for various reasons. See http://ubuntuforums.org/showthread.php?t=765414.)

5. Install The SSH Server (Optional).


If you did not install the OpenSSH server during the system installation, you can do it now:

apt-get install ssh openssh-server

From now on you can use an SSH client such as PuTTY and connect from your workstation to your Ubuntu 11.10 server and follow the remaining steps from this tutorial.

6. Install vim-nox (Optional).

I'll use vi as my text editor in this tutorial. The default vi program has some strange behaviour on Ubuntu and Debian; to fix this, we install vim-nox:

apt-get install vim-nox

(You don't have to do this if you use a different text editor such as joe or nano.)

7. Configure The Network.

Because the Ubuntu installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.0.100):

vi /etc/network/interfaces

# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.0.100 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1

Then restart your network:

/etc/init.d/networking restart

Then edit /etc/hosts. Make it look like this:

vi /etc/hosts

127.0.0.1 localhost.localdomain localhost 192.168.0.100 server1.example.com server1 # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters

Now run

echo server1.example.com > /etc/hostname
/etc/init.d/hostname restart

Afterwards, run

hostname
hostname -f

Both should show server1.example.com now.

8. Edit /etc/apt/sources.list And Update Your Linux Installation.

Edit /etc/apt/sources.list. Comment out or remove the installation CD from the file and make sure that the universe and multiverse repositories are enabled. It should look like this:

vi /etc/apt/sources.list

# # deb cdrom:[Ubuntu-Server 11.10 _Oneiric Ocelot_ - Release amd64 (20111011)]/ dists/oneiric/main/binary-i386/ # deb cdrom:[Ubuntu-Server 11.10 _Oneiric Ocelot_ - Release amd64 (20111011)]/ dists/oneiric/restricted/binary-i386/ # deb cdrom:[Ubuntu-Server 11.10 _Oneiric Ocelot_ - Release amd64 (20111011)]/ oneiric main restricted #deb cdrom:[Ubuntu-Server 11.10 _Oneiric Ocelot_ - Release amd64 (20111011)]/ dists/oneiric/main/binary-i386/ #deb cdrom:[Ubuntu-Server 11.10 _Oneiric Ocelot_ - Release amd64 (20111011)]/ dists/oneiric/restricted/binary-i386/ #deb cdrom:[Ubuntu-Server 11.10 _Oneiric Ocelot_ - Release amd64 (20111011)]/ oneiric main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://de.archive.ubuntu.com/ubuntu/ oneiric main restricted deb-src http://de.archive.ubuntu.com/ubuntu/ oneiric main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://de.archive.ubuntu.com/ubuntu/ oneiric-updates main restricted deb-src http://de.archive.ubuntu.com/ubuntu/ oneiric-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://de.archive.ubuntu.com/ubuntu/ oneiric universe deb-src http://de.archive.ubuntu.com/ubuntu/ oneiric universe deb http://de.archive.ubuntu.com/ubuntu/ oneiric-updates universe deb-src http://de.archive.ubuntu.com/ubuntu/ oneiric-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://de.archive.ubuntu.com/ubuntu/ oneiric multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ oneiric multiverse deb http://de.archive.ubuntu.com/ubuntu/ oneiric-updates multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ oneiric-updates multiverse ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://de.archive.ubuntu.com/ubuntu/ oneiric-backports main restricted universe multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ oneiric-backports main restricted universe multiverse deb http://security.ubuntu.com/ubuntu oneiric-security main restricted deb-src http://security.ubuntu.com/ubuntu oneiric-security main restricted deb http://security.ubuntu.com/ubuntu oneiric-security universe deb-src http://security.ubuntu.com/ubuntu oneiric-security universe deb http://security.ubuntu.com/ubuntu oneiric-security multiverse deb-src http://security.ubuntu.com/ubuntu oneiric-security multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu oneiric partner # deb-src http://archive.canonical.com/ubuntu oneiric partner ## Uncomment the following two lines to add software from Ubuntu's ## 'extras' repository. ## This software is not part of Ubuntu, but is offered by third-party ## developers who want to ship their latest software. # deb http://extras.ubuntu.com/ubuntu oneiric main # deb-src http://extras.ubuntu.com/ubuntu oneiric main

Then run

apt-get update

to update the apt package database and

apt-get upgrade

to install the latest updates (if there are any). If you see that a new kernel gets installed as part of the updates, you should reboot the system afterwards:

reboot

9. Change The Default Shell.

/bin/sh is a symlink to /bin/dash, however we need /bin/bash, not /bin/dash. Therefore we do this:

dpkg-reconfigure dash

Use dash as the default system shell (/bin/sh)? <-- No

If you don't do this, the ISPConfig installation will fail.

10. Disable AppArmor.

AppArmor is a security extension (similar to SELinux) that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

We can disable it like this:

/etc/init.d/apparmor stop
update-rc.d -f apparmor remove
apt-get remove apparmor apparmor-utils

11. Synchronize the System Clock.

It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the Internet. Simply run

apt-get install ntp ntpdate

and your system time will always be in sync. 

We can install Postfix, Courier, Saslauthd, MySQL, rkhunter, and binutils with a single command:

apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl getmail4 rkhunter binutils maildrop

You will be asked the following questions:

New password for the MySQL "root" user: <-- yourrootsqlpassword
Repeat password for the MySQL "root" user: <-- yourrootsqlpassword
Create directories for web-based administration? <-- No
General type of mail configuration: <-- Internet Site
System mail name: <-- server1.example.com
SSL certificate required <-- Ok
If you find out (later after you have configured your first email account in ISPConfig) that you cannot send emails and get the following error in /var/log/mail.log...

SASL LOGIN authentication failed: no mechanism available

... please go to Ubuntu 11.10 + saslauthd: SASL PLAIN authentication failed: no mechanism available to learn how to resolve the issue.
We want MySQL to listen on all interfaces, not just localhost, therefore we edit /etc/mysql/my.cnf and comment out the line bind-address = 127.0.0.1:

vi /etc/mysql/my.cnf

[...] # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. #bind-address = 127.0.0.1 [...]

Then we restart MySQL:

/etc/init.d/mysql restart

Now check that networking is enabled. Run

netstat -tap | grep mysql

The output should look like this:

root@server1:~# netstat -tap | grep mysql
tcp        0      0 *:mysql                 *:*                     LISTEN      22355/mysqld
root@server1:~#

During the installation, the SSL certificates for IMAP-SSL and POP3-SSL are created with the hostname localhost. To change this to the correct hostname (server1.example.com in this tutorial), delete the certificates...

cd /etc/courier
rm -f /etc/courier/imapd.pem
rm -f /etc/courier/pop3d.pem

... and modify the following two files; replace CN=localhost with CN=server1.example.com (you can also modify the other values, if necessary):

vi /etc/courier/imapd.cnf

[...] CN=server1.example.com [...]

vi /etc/courier/pop3d.cnf

[...] CN=server1.example.com [...]

Then recreate the certificates...

mkimapdcert
mkpop3dcert

... and restart Courier-IMAP-SSL and Courier-POP3-SSL:

/etc/init.d/courier-imap-ssl restart
/etc/init.d/courier-pop-ssl restart

13. Install Amavisd-new, SpamAssassin, And Clamav.

To install amavisd-new, SpamAssassin, and ClamAV, we run

apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl

The ISPConfig 3 setup uses amavisd which loads the SpamAssassin filter library internally, so we can stop SpamAssassin to free up some RAM:

/etc/init.d/spamassassin stop
update-rc.d -f spamassassin remove

14.Install Nginx, PHP5 (PHP-FPM), And Fcgiwrap.

Nginx is available as a package for Ubuntu which we can install as follows:

apt-get install nginx

If Apache2 is already installed on the system, stop it now...

/etc/init.d/apache2 stop

... and remove Apache's system startup links:

insserv -r apache2

Start nginx afterwards:

/etc/init.d/nginx start

(If both Apache2 and nginx are installed, the ISPConfig 3 installer will ask you which one you want to use - answer nginx in this case. If only one of these both is installed, ISPConfig will do the necessary configuration automatically.)

We can make PHP5 work in nginx through PHP-FPM (PHP-FPM (FastCGI Process Manager) is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites) which we install as follows:

apt-get install php5-fpm 

PHP-FPM is a daemon process (with the init script /etc/init.d/php5-fpm) that runs a FastCGI server on port 9000.

To get MySQL support in PHP, we can install the php5-mysql package. It's a good idea to install some other PHP5 modules as well as you might need them for your applications. You can search for available PHP5 modules like this:

apt-cache search php5

Pick the ones you need and install them like this:

apt-get install php5-mysql php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl

APC is a free and open PHP opcode cacher for caching and optimizing PHP intermediate code. It's similar to other PHP opcode cachers, such as eAccelerator and XCache. It is strongly recommended to have one of these installed to speed up your PHP page.

APC can be installed as follows:

apt-get install php-apc

Now restart PHP-FPM:

/etc/init.d/php5-fpm restart

To get CGI support in nginx, we install Fcgiwrap.

Fcgiwrap is a CGI wrapper that should work also for complex CGI scripts and can be used for shared hosting environments because it allows each vhost to use its own cgi-bin directory.

Install the fcgiwrap package:

apt-get install fcgiwrap 

After the installation, the fcgiwrap daemon should already be started; its socket is /var/run/fcgiwrap.socket. If it is not running, you can use the /etc/init.d/fcgiwrap script to start it.
That's it! Now when you create an nginx vhost, ISPConfig will take care of the correct vhost configuration.

14.1 Install phpMyAdmin.

Install phpMyAdmin as follows:

apt-get install phpmyadmin

You will see the following questions:

Web server to reconfigure automatically: <-- select none (because only apache2 and lighttpd are available as options) 

Configure database for phpmyadmin with dbconfig-common? <-- No

You can now find phpMyAdmin in the /usr/share/phpmyadmin/ directory.

After you have installed ISPConfig 3, you can access phpMyAdmin as follows:

The ISPConfig apps vhost on port 8081 for nginx comes with a phpMyAdmin configuration, so you can use http://server1.example.com:8081/phpmyadmin or http://server1.example.com:8081/phpMyAdmin to access phpMyAdmin.

If you want to use a /phpmyadmin or /phpMyAdmin alias that you can use from your web sites, this is a bit more complicated than for Apache because nginx does not have global aliases (i.e., aliases that can be defined for all vhosts). Therefore you have to define these aliases for each vhost from which you want to access phpMyAdmin.

To do this, paste the following into the nginx Directives field on the Options tab of the web site in ISPConfig:

location /phpmyadmin { root /usr/share/; index index.php index.html index.htm; location ~ ^/phpmyadmin/(.+\.php)$ { try_files $uri =404; root /usr/share/; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $request_filename; include /etc/nginx/fastcgi_params; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_buffer_size 128k; fastcgi_buffers 256 4k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; } location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/; } } location /phpMyAdmin { rewrite ^/* /phpmyadmin last; }

If you use https instead of http for your vhost, you should add the line fastcgi_param HTTPS on; to your phpMyAdmin configuration like this:

location /phpmyadmin { root /usr/share/; index index.php index.html index.htm; location ~ ^/phpmyadmin/(.+\.php)$ { try_files $uri =404; root /usr/share/; fastcgi_pass 127.0.0.1:9000; fastcgi_param HTTPS on; # <-- add this line fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $request_filename; include /etc/nginx/fastcgi_params; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_buffer_size 128k; fastcgi_buffers 256 4k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; } location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/; } } location /phpMyAdmin { rewrite ^/* /phpmyadmin last; }

If you use both http and https for your vhost, you need to add the following section to the http {} section in /etc/nginx/nginx.conf (before any include lines) which determines if the visitor uses http or https and sets the $fastcgi_https variable (which we will use in our phpMyAdmin configuration) accordingly:

vi /etc/nginx/nginx.conf

[...] http { [...] ## Detect when HTTPS is used map $scheme $fastcgi_https { default off; https on; } [...] } [...]

Don't forget to reload nginx afterwards:

/etc/init.d/nginx reload

Then go to the nginx Directives field again, and instead of fastcgi_param HTTPS on; you add the line fastcgi_param HTTPS $fastcgi_https; so that you can use phpMyAdmin for both http and https requests:

location /phpmyadmin { root /usr/share/; index index.php index.html index.htm; location ~ ^/phpmyadmin/(.+\.php)$ { try_files $uri =404; root /usr/share/; fastcgi_pass 127.0.0.1:9000; fastcgi_param HTTPS $fastcgi_https; # <-- add this line fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $request_filename; include /etc/nginx/fastcgi_params; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_buffer_size 128k; fastcgi_buffers 256 4k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; } location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/; } } location /phpMyAdmin { rewrite ^/* /phpmyadmin last; }

15 Install Mailman

Since version 3.0.4, ISPConfig also allows you to manage (create/modify/delete) Mailman mailing lists. If you want to make use of this feature, install Mailman as follows:

apt-get install mailman

Before we can start Mailman, a first mailing list called mailman must be created:

newlist mailman

root@server1:~# newlist mailman
Enter the email of the person running the list: <-- admin email address, e.g. info@example.com
Initial mailman password: <-- admin password for the mailman list
To finish creating your mailing list, you must edit your /etc/aliases (or
equivalent) file by adding the following lines, and possibly running the
`newaliases' program:

## mailman mailing list
mailman:              "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin:        "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces:      "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm:      "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join:         "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave:        "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner:        "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request:      "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe:    "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe:  "|/var/lib/mailman/mail/mailman unsubscribe mailman"

Hit enter to notify mailman owner... <-- ENTER

root@server1:~#
Open /etc/aliases afterwards...

vi /etc/aliases

... and add the following lines:

[...] mailman: "|/var/lib/mailman/mail/mailman post mailman" mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman" mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman" mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman" mailman-join: "|/var/lib/mailman/mail/mailman join mailman" mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman" mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman" mailman-request: "|/var/lib/mailman/mail/mailman request mailman" mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman" mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"

Run

newaliases

afterwards and restart Postfix:

/etc/init.d/postfix restart

Then start the Mailman daemon:

/etc/init.d/mailman start

After you have installed ISPConfig 3, you can access Mailman as follows:

The ISPConfig apps vhost on port 8081 for nginx comes with a Mailman configuration, so you can use http://server1.example.com:8081/cgi-bin/mailman/admin/<listname> or http://server1.example.com:8081/cgi-bin/mailman/listinfo/<listname> to access Mailman.

If you want to use Mailman from your web sites, this is a bit more complicated than for Apache because nginx does not have global aliases (i.e., aliases that can be defined for all vhosts). Therefore you have to define these aliases for each vhost from which you want to access Mailman.

To do this, paste the following into the nginx Directives field on the Options tab of the web site in ISPConfig:

location /cgi-bin/mailman { root /usr/lib/; fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$; include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; fastcgi_intercept_errors on; fastcgi_pass unix:/var/run/fcgiwrap.socket; } location /images/mailman { alias /usr/share/images/mailman; } location /pipermail { alias /var/lib/mailman/archives/public; autoindex on; }

This defines the alias /cgi-bin/mailman/ for your vhost, which means you can access the Mailman admin interface for a list at http://<vhost>/cgi-bin/mailman/admin/<listname>, and the web page for users of a mailing list can be found at http://<vhost>/cgi-bin/mailman/listinfo/<listname>.
Under http://<vhost>/pipermail you can find the mailing list archives.

Custom Search

If you liked this article, subscribe to the feed by clicking the image below to keep informed about new contents of the blog: