The Webmin virtual servers module provides a means to create, modify, and delete user mailboxes and virtual server user accounts. With its domain management features you can quickly and easily create a new website with domain records, Apache VirtualHost configuration, a home directory, a user account to manage it, mail server configuration, disk usage quotas and email addresses and aliases, database creation, and per-domain Webalizer configuration. It is a two-tiered system (with a third tier being provided by Usermin), providing both an administrative panel for creation and deletion of accounts, and a domain owner panel for the management of email accounts and aliases, Apache configuration, BIND records, and more, within each individual domain.
Installation of the module itself is straight-forward. If you have never installed Webmin before, you will want to refer to the Book of Webmin for full documentation. After Webmin installation, browse to the Webmin:Webmin Configuration:Webmin Modules module. There you can install the module.
Apache must be configured for Virtual Hosting, and must be capable of using suexec to execute user CGI programs. The first can be accomplished from within Webmin by browsing to the Apache:Networking and Addresses module, and entering either a local address or selecting the Include all addresses option. Then click Save. This will add a line like the following to the http.conf file:
A line like this can instead be added manually, using your favorite text editor.
|If you would like for virtual hosts to operate on all active addresses, you may instead choose an address of *.|
Next, Apache needs to be able to run CGI scripts on behalf of users using a suexec mechanism. In version 1.3, no changes are needed. In 2.0, you'll need to load mod_suexec, using a line like the following:
LoadModule suexec_module modules/mod_suexec.so
However, things may get a bit trickier, because we plan to put the web root for each new virtual domain user into the /home directory. The SuExec module requires the base directory to be specified at build time for security reasons...if you compile from source, you've probably already thought of this. If you use RPMs, you'll need to rebuild from the SRPM with the suexec docroot altered to point to /home. For example, my SPEC file has the following in the configure section:
Postfix on most systems is very nearly ready for use as the mail server for the Virtual Servers module. The only thing missing is the configuration for a virtual mapping database and, if using quotas, moving the spool directory to the same partition that user data lives on. The first can be added easily using Webmin. Browse to Postfix:Virtual Domains. Enter a type of database, and a filename for the virtual map database into the Domain mapping lookup tables field. Generally, this will be something along the lines of hash:/etc/postfix/virtual. In this example the type is a dbm hash, and the filename is virtual in the /etc/postfix directory. Save and apply your change.
Next, you'll need to move your mail spool to the /home partition. Browse to the Postfix:Local Delivery module. Edit the Spool directory option and enter /home/mail. Save and Apply your changes.
|It is useful to choose mail as the subdirectory here, because there will already exist a mail user on most systems and so there is no way to accidentally create a new user that would end up getting your mail spool as their home directory! If you don't use Red Hat Linux, you should probably first check to be sure there is a user named mail on your system (I believe most UNIX systems do have a user of this name).|
In order for POP or IMAP to work, those servers will need to know how to find the mail spool. The easiest thing to do for this is probably to create a symbolic link from /var/spool/mail to /home/mail. The command to do this:
# ln -s /home/mail /var/spool/mail
BIND requires no explicit configuration for the Virtual Servers module, but it must be up and running, and configured for use with Webmin. In most cases, you can simply install BIND, and the browse to the Webmin BIND module page. Webmin will offer to setup BIND for you, and offer a few choices for how to begin. I recommend you have Webmin download the list of root name servers. After Webmin has setup BIND for you, start BIND. That's all for BIND.
Quotas on Linux are tricky, not because they are difficult to setup, but because they are so poorly documented, and what documentation exists is more often than not incorrect to the point of not working. If you are using a relatively recent Linux version, the following instructions should work without difficulty.
Virtualmin uses standard system disk quotas to limit user disk usage. Because of this, all user data must reside on the same disk partition so that the system can maintain an accurate accounting of disk use. The /home partition is an excellent choice for the user data directory, due to UNIX tradition and user expectations. This is why we moved the mail spool to a directory on the /home partition in the mail server sections, so that all mail will reside on the same partition.
The first step to enabling quotas is to turn them on in the /etc/fstab configuration file. You can do this in Webmin by browsing to the System:Disk and Network Filesystems module. Then click on the /home partition link. Finally, locate the Use Quotas? option and select User and Group from the dropdown list. Save your changes.
You can also make this change manually, by editing the /etc/fstab in your favorite editor, and modifying the /home mount point entry to look something like this:
/dev/hda2 /home ext3 defaults,usrquota,grpquota 1 1
The important bit of the above example is the addition of the usrquota and grpquota directives. These two items enable both user and group quotas.
After adding quota support to your fstab, you'll need to remount the filesystem, or reboot the system, to make the changes take effect.
Linux filesystem quotas store the disk usage data in files in the root of the filesystem being managed. The files are named quota.user and quota.group. These files must be manually created before quotas can be enabled for the first time. So use touch to create each file:
# touch /home/quota.user # touch /home/quota.group
The final step in enabling quotas is to run the quotacheck utility to add initial usage values to the quota files. To do this, simply run the following command:
# quotacheck -vug /home
This will scan the filesystem, and add values to your quota files. The first time it is run, it will complain with errors about truncated quota files. This is expected and harmless.
To test to be sure your quotas are actually enabled, you can use the repquota utility to see what the current quota usage looks like. It should looke something like this:
bash-2.05a# repquota /home *** Report for user quotas on device /dev/ubd/2 Block grace time: 7days; Inode grace time: 7days Block limits File limits User used soft hard grace used soft hard grace ---------------------------------------------------------------------- root -- 18 0 0 142 0 0 apache -- 1 0 0 1 0 0 user -- 6 0 0 7 0 0 guest -- 6 0 0 7 0 0
|PostgreSQL is not yet supported, but will be in the next revision.|
MySQL and/or PostgreSQL just needs to be up and running for Virtualmin to make use of it. There is no complicated configuration required. First, you need to make sure the necessary tools are installed. On a Red Hat system, you can run the following command for MySQL:
bash-2.05a# rpm -qa | grep mysql mysql-server-3.23.56-1.73 mysql-3.23.56-1.73
If you get the results above, or similar, then you have the required packages installed. For PostgreSQL:
bash-2.05a# rpm -qa | grep postgre postgresql-libs-7.3.2-3 postgresql-server-7.3.2-3 postgresql-7.3.2-3
As above, if you have those packages, you can setup PostgreSQL and have it to work with Virtualmin.
To set them up for Virtualmin control, now all you have to do is start them. Browse to the Servers:MySQL Database Server module, and/or the Servers:PostgreSQL Database Server module, and click the start button.
In Figure?1 the main Virtual Servers module page is shown. The page header provides links to the Webmin Index (if available to your user), and the Webmin configuration for this module, as well as the title of the module. The middle portion of the page lists any existing virtual servers that have been created with the Virtual Servers module. This lists the domain name, the Unix user that owns the account, the real name of the owner or administrative contact of the domain, whether a website is enabled, whether DNS service is configured, the number of email addresses and aliases that exist for this domain, and information about the disk space usage quotas. The bottom portion of the page provides information about the status of the various servers that provide service for these accounts, and buttons to start or stop them.
Figure?1.?Virtual Servers main page
To create a new user mailbox, click the Add a new local mail user link in the local mailboxes section of the page. This will open a new page where you can enter the username (this will be the users mail address, without an @ or a domain name). In the next field enter the users full name. Enter a password in the Password field. Finally, select a disk space quota for the user, if the quota will be different than the default. Finally, click the Create button to save the new account.
To create a new virtual server, click the Add a new virtual server link to open the Create Virtual Server page Figure?2. Here you fill in the domain name of the new account in the Domain name field. The domain name should be the parent domain under which all other domains will live, for example, if I wanted to set up www.swelltech.com for a website and swelltech.com for receiving mail at email@example.com I would enter simply swelltech.com. The corresponding www.swelltech.com and mail.swelltech.com will be created for you, as will an MX record to direct mail for the domain swelltech.com to mail.swelltech.com.
Figure?2.?Create Virtual Server
After a domain has been created, it can have any number of mailboxes that are specific to that domain. These mailboxes will be given unique user names constructed from the domain name of the virtual server, and the username specified. This allows the same address to exist within multiple domains, for example firstname.lastname@example.org and email@example.com.
To add a mailbox to a virtual server, click the List link beside the domain for which you would like to add a new mailbox. From this point, you will use the same steps discussed in the section called “Adding a new user mailbox”. The options are the same. The only difference is in how the user will access their account from a POP3 or IMAP mail client.
A mailbox within a virtual domain will behave the same as a local mailbox, but users will append their domain name to their username when configuring POP3 or IMAP mail clients, like Outlook or Netscape Mail. For example, a new user named joe within a domain named swelltech.com will have a POP3 login name of joe.swelltech.com when configuring an email client.
|When logging into the Usermin webmail interface, users are not required to include their domain in the login name. The system will automatically append the correct information to the login name, if they are browsing to the appropriate domain name. If the user logs into Usermin using the default domain (i.e., not a virtual domain), and their mailbox is within a virtual domain, they will have to include the full username, including domain.|
To delete a local mailbox or a virtual domain mailbox, you must first select the mailbox to be deleted. For local mailboxes, simply click the name of the user that you would like to delete in the Local mailboxes section. For virtual domain mailboxes, you must click the List link for mailboxes for the domain. Then, click the user to be deleted.
The user details page will appear. In the lower right corner of the page is a Delete button. Click the button, and confirm the removal.
|Removing the user will remove the user account, the Usermin configuration details, the home directory and any web content within it, as well as the users mail spool. An account deletion cannot be reversed. If an account may ever be active again, the account should be disabled rather than deleted.|
The behavior of the Virtual Servers module can be configured by clicking on the Module Config link in the upper left-hand corner of the page. Usually, this information will only need to be entered once, though it may be useful to change some default values to account for system upgrades or new requirements.
This page is divided into four sections. The first is devoted to server settings, including which types of services will be configured, the mail server to configure, etc.
Figure?3.?Virtual Servers Configuration: Server Settings
Figure?4.?Virtual Servers Configuration: Defaults for new Domains
Figure?5.?Virtual Servers Configuration: Actions upon domain and user creation
Figure?6.?Virtual Servers Configuration: Extra modules available to domain owners
The final section allows you to select which Webmin modules will be available to newly created domain owners. The modules that are enabled will be pre-configured with ACLs to limit access to those appropriate for the new user.
[ top ]