Hi,
We are to buy another dedicated server, and of course another Virtualmin Pro license, and do have some questions before we start that server.
I want to have things as good/right as possible from the start and I hope you guys can help me out here with the questions below. I’m sorry I have to ask these things but last time, a few years ago, when we installed our latest dedi server, we had lots of things not working (that used to work) “out of the box” before and after Virtualmin install.
The data center is going to do the initial install of the OS, in our case CentOS 7 and they want to know type of installation, should it be minimal, and what packages needs to be installed and updated prior to running the Virtualmin install.
How can we get IPTables as default firewall from the start, and totally exclude FirewallD in the install?
We don’t use or need PostgreSQL, how do we exclude all PostgreSQL stuff from being installed?
The default PHP version, and also latest PHP 7.x version. I installed PHP 7 afterwards on our latest server, is it the best way to do this?
We have not used Mailman Mailing Lists in our 15 years running Virtualmin Pro and probably not in the future either, can this be left out and not installed at all?
How “lightweight” can Virtualmin be, leaving out stuff we don’t use?
Other things or packages that is needed or preferred to install from start?
The server will mainly run special developed web services for our customers and a some websites and mail, and those using a CMS will use our own developed CMS. No customer haveVirtualmin, Webmin or Usermin access, we are the only ones managing servers and services.
I’m willing to pay for Installation Service or a Premium Support Ticket to get instructions or guidance to get all the needed basic things up and running and leaving out all stuff not needed.
Best regards, Leffe
Comments
Submitted by andreychek on Wed, 03/13/2019 - 00:55 Comment #1
Howdy -- thanks for contacting us!
'The data center is going to do the initial install of the OS, in our case CentOS 7 and they want to know type of installation, should it be minimal, and what packages needs to be installed and updated prior to running the Virtualmin install.'
A minimal install of CentOS is good. It can install just about any dependency it needs from there, though if it needs one that it can't do on it's own, it'll let you know.
How can we get IPTables as default firewall from the start, and totally exclude FirewallD in the install?
FirewallD is setup on any system with SystemD. It's no problem to disable FirewallD afterwards, and setup the firewall of your choice then.
We don’t use or need PostgreSQL, how do we exclude all PostgreSQL stuff from being installed?
Postgres does get installed, our suggestion would just be to disable the service afterwards using Webmin's "Bootup and Shutdown" screen. You can also use that same screen to disable any other services you don't need.
'The default PHP version, and also latest PHP 7.x version. I installed PHP 7 afterwards on our latest server, is it the best way to do this?.
Yup, that's a perfect way to handle that.
We have not used Mailman Mailing Lists in our 15 years running Virtualmin Pro and probably not in the future either, can this be left out and not installed at all?
I don't believe we install Mailman by default any more exactly that reason. If for some reason I'm mistaken about that, you can use that same Bootup and Shutdown screen to disable Mailman as well.
How “lightweight” can Virtualmin be, leaving out stuff we don’t use?
Well, that's a tough question to quantify. Virtualmin itself is extremely lightweight, from there it's all dependent on what services you need. You are welcome to disable any services you don't need using the Bootup and Shutdown screen.
Other things or packages that is needed or preferred to install from start?
The installer will pull in any packages that we recommend... from there it's all dependent on your needs.
Feel free to let us know if you have any additional questions!
Submitted by Blueforce on Thu, 03/14/2019 - 01:08 Pro Licensee Comment #2
Hi Eric,
Thank you for your answers! I decided to get a test server up and running before I start up the live one.
FirewallD is setup on any system with SystemD. It's no problem to disable FirewallD afterwards, and setup the firewall of your choice then.
I have disabled FirewallD, how do I get IPTables up and running? It's installed, but has no "Bootup and Shutdown" action. and wont start. The command
virtualmin config-system --include firewall
also fails.//Leffe
Submitted by andreychek on Thu, 03/14/2019 - 09:20 Comment #3
I haven't personally attempted to switch from FirewallD to iptables on CentOS, so I don't have any steps I can provide, though I did find this article here which seems to describe what it is you'd need to do to switch to iptables:
https://www.digitalocean.com/community/tutorials/how-to-migrate-from-fir...
Let us know if that does the trick!
Submitted by Blueforce on Thu, 03/14/2019 - 10:41 Pro Licensee Comment #4
Thanks,
I got a bit frustrated since the Virtualmin command to include IPTables firewall no longer work. IPTables was installed by default, but no Bootup and Shutdown action was added, and I was hoping that the command should take care of it.
I copied the Bootup action script from our other server running on same hardware(almost), OS and software, checked that the basic rules was there but no go...
I then saw that the iptables-service was missing, installed it and then everything started up as it should.
If iptables is installed by default, shouldn't its service and the Bootup script also be installed the same time. Not that long ago, when we installed our other server with CentOS 7 and Virtualmin Pro these things was installed/added but not running since FirewallD was the default.
Regards, Leffe
Submitted by andreychek on Thu, 03/14/2019 - 11:27 Comment #5
Firewalld uses iptables behind the scenes -- but that's different from using the iptables service for a firewall.
CentOS 7 has switched to using FirewallD in place of the iptables service. Virtualmin used the iptables service on CentOS 6, but ever since CentOS 7 it's only supported Firewalld on that distro.
It's okay to want to not use that, it just requires some manual configuration and changes.
Sorry, we know it's frustrating, but that's the direction that RHEL/CentOS has gone.
Submitted by Blueforce on Thu, 03/14/2019 - 20:29 Pro Licensee Comment #6
Ok, I did not know that FirewallD used iptables! Then I can understand why only pars of it was installed.
I thought Virtualmin still supported it, then I better save the bootup scripts in a safe place for future use. :)
Thanks Eric!
Marking this as closed and fixed!
Regards, Leffe