adjei.co.uk

Part 1
Retrieve the full license key from Plesk using the web control panel License Manager.
Backup and download the key.
# cp /etc/psa/psa.key /var/www/vhosts/<domain>/httpdocs/
Visit http://<domain>/psa.key

Part 2
Get the CentOS install script
# wget http://3es.atomicrocketturtle.com/tests/aooi-installer.sh
# chmod +x aooi-installer.sh
Edit the script
# vi aooi-installer.sh
:%s/www.gtlib.gatech.edu/mirror.linux.duke.edu/g
:wq

Run the install
# ./aooi-installer.sh
Open a serial console and watch what happens during reboots etc.

Part 3
Login as root with password ‘atomic555′
Change the root password
# passwd
Copy my firewall scripts to server and customise with new machinename
/root/fw.on
/root/fw.off
/root/getfw.sh
/etc/rc.d/rc.firewall_off
Make them all executable
# chmod +x /root/fw.on /root/fw.on /root/fw.off /root/getfw.sh /etc/rc.d/rc.firewall_off

Write and install an iptables firewall
# ./getfw.sh

Part 4
Install latest Plesk (don’t use auto-installer psa_installer_v3.2.0_build070705.20_os_CentOS_4.3_x86_64 - busted)
# wget http://download1.swsoft.com/Plesk/Plesk8.2/CentOS4.3/psa_installer_v3.1.2_build070321.17_os_CentOS_4_x86_64
# chmod +x psa_installer_v3.1.2_build070321.17_os_CentOS_4_x86_64
# ./psa_installer_v3.1.2_build070321.17_os_CentOS_4_x86_64
You can login to plesk at https://<domain>:8443/
user: admin
pass: setup
Once you’ve logged in change your password

Part 5
Add yourself a user account so you don’t have to login as root
# useradd <username>
# passwd <username>
If you’re going to be using the Plesk migration manager, add your new user to the ‘wheel’ group and enable sudo
# usermod -a -G wheel <username>
uncomment %wheel line in /etc/sudoers

Part 6
Update yum to use atomic channel and run an update
# wget -q -O - http://www.atomicorp.com/installers/atomic.sh | sh
# yum update
If it complains about dependencies involving php-pear
# yum install php-pear
# yum update

Part 7
Make sure you are using all the latest conf files. Use my ‘rpmnew.sh’ manager script to speed the job.
Make sure httpd service is running (probably have to move /etc/php.d/ioncube-loader.ini)

Part 8
Buy and install ASL channel
# wget -q -O - http://www.atomicorp.com/installers/install-asl.sh |sh

Further tweaks
Set kernel to attempt reboot (panic) on oops

I’m currently building a new server for a client and am finding great success using the top notch tools from atomic rocket turtle. (Atomic Corp)

By using Scott’s AOOI script I have managed to install CentOS 4.4 on one of 1and1’s Business Server IIs along with PHP 5 and mysql 5. Taking a backup of the Plesk key before doing so, I was able to install a fresh Plesk 8.2 and have a bang up to date, future proofed box with all the features of the 1and1 build (64 bit, dual core, RAID1 etc.).

1. Login as root and then…
   # wget http://3es.atomicrocketturtle.com/tests/aooi-installer.sh
# chmod +x aooi-installer.sh
2. I actually needed to mod the script a little to get it to run happily as the mirror for the CentOS image was defunct
   Open aooi-installer.sh in vi (or equivalent) and replace the url
   www.gtlib.gatech.edu
   with
   mirror.linux.duke.edu
   save and start the install
   # ./aooi-installer.sh
3. A good way of getting a feel for what should be happening and when can be had from the excellent video provided by Scott.
   It shows two consoles open.. one running the install script, and one logged in from the serial console (superb 1and1 feature) keeping a running commentary on what is happening on the box.
   http://www.atomicrocketturtle.com/tutorials/aooi-v6-tutorial.ogg

The guys over at Atomic Corp are doing some really great work on hardening web servers based on Plesk, and I can’t recommend their ASL - Atomic Secured Linux subscription yum channel enough.

I had to build an rpm file from a src.rpm file for the first time today… shows you how well yum etc. are working.

Here’s a handy page of instructions on getting this done.

http://perso.b2b2c.ca/sarrazip/dev/rpm-building-crash-course.html