Setup Home Server.

Step 1: Install OS: CentOS

Step 2:
a. Config Static IP: 192.168.1.10 + Default gateway + DNS server
ping yahoo.com ok!
b. Synchonoirous Time:
yum install -y ntp*
ntpdate time.nist.gov
c. Disable FireWall + SeLinux
d. Config hostname
[vim /etc/sysconfig/network]
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=server.hbn.local
GATEWAY=192.168.1.1
[vim /etc/hosts]
192.168.1.10 server.hbn.local server
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
Step 3: Install DNS-Bind
a. yum -y install bind caching-nameserver
b. Test
[vim /etc/named.conf]
options {
directory "/var/named";
forwarders {203.162.0.181; 203.162.0.11; 210.245.0.11; 2
10.245.0.58; 208.67.222.222; 208.67.220.220; 8.8.8.8; 8.8.4.4;};
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
};
zone "localhost" IN {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
};
[vim /etc/resolv.conf] #Edit DNS server
nameserver 192.168.1.10
nameserver 192.168.1.1
[/etc/init.d/named start] #Test
Starting named: [ OK ]
 c. Config:
[vim /var/named/192.168.1.0.db]
$TTL 86400
@ IN SOA hbn.local. root.hbn.local. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS ns1.hbn.local.
10 IN PTR dns.hbn.local.
[vim /var/named/hbn.local.db]
$TTL 14400
@ IN SOA root.hbn.local. hostmaster.hbn.loca
l. (
2009102800
14400
3600
1209600
86400 )
IN NS hbn.local.
IN NS hbn.local.
ftp IN A 192.168.1.10
hbn.local. IN A 192.168.1.10
localhost IN A 127.0.0.1
mail IN A 192.168.1.10
pop IN A 192.168.1.10
smtp IN A 192.168.1.10
www IN A 192.168.1.10
hbn.local. IN MX 10 mail
hbn.local. 14400 IN TXT "v=spf1 a mx ip4:192.168.1
.10 ~all"
[vim /etc/named.conf] #Add below
zone "1.168.192.in-addr.arpa" IN {
type master;
file "192.168.1.0.db";
};
zone "hbn.local" {
type master;
file "hbn.local.db";
};

nslookup hbn.local #Test

chkconfig named on
Step 4: Apache with PHP, SSL
a. Install
yum -y install httpd php php-mbstring php-pear mod_ssl php-gd
service httpd start
chkconfig httpd on
b. Config
[vim /etc/httpd/conf/httpd.conf]
ServerTokens Prod // line 44: change
KeepAlive On // line 74: change to ON
 ServerAdmin root@hbn.local // line 250: Admin's add
ress
ServerName www.hbn.local:80 // line 264: ser
ver's name
Options FollowSymLinks // line 319: cha
nge (disable Indexes)
AllowOverride All // line 326: change
#UserDir disable // line 354: mak
e it comment
UserDir public_html // line 361: make valid
// line 369 - 380 : remove # and make valid
<Directory /home/*/public_html>
AllowOverride All // change
Options None
<Limit GET POST OPTIONS>
Order allow,deny
Allow from all
</Limit>
<LimitExcept GET POST OPTIONS>
Order deny,allow
Deny from all
</LimitExcept>
</Directory>
// line 390: add file name that it can access only with director
y's name
DirectoryIndex index.html index.php
ServerSignature Off // line 523: change
##########################################################
cd /var/www/html
echo "Test hbn.local" > index.html
echo "<?php print Date("Y/m/d"); ?>" > index.php
c. SSL
cd /etc/pki/tls/certs
make server.key
openssl rsa -in server.key -out server.key
make server.csr
openssl x509 -in server.csr -out server.crt -req -signkey server
.key -days 3650
chmod 400 server.*
[vim /etc/httpd/conf.d/ssl.conf]
DocumentRoot "/var/www/html" // line 84: make
valid
ServerName www.hbn.local:443 // line
85: make valid and change
SSLCertificateFile /etc/pki/tls/certs/server.crt
// line 112: change
SSLCertificateKeyFile /etc/pki/tls/certs/server.key // line
119: change
 service httpd restart
https://192.168.1.10
d. Virtual Hosting
Reg one account in no-ip.org. My domain: http://namhb.no-ip.org/
Use client to update your ip.
Edit DNS: Create like hbn.local.
[/etc/named.conf] Add bellow
zone "namhb.no-ip.org" IN {
type master;
file "namhb.no-ip.org.hb";
};
[/var/named/namhb.no-ip.org.hb]
$TTL 14400
@ IN SOA root.namhb.no-ip.org. hostmaster.na
mhb.no-ip.org. (
2009102800
14400
3600
1209600
86400 )
IN NS namhb.no-ip.org.
IN NS namhb.no-ip.org.
ftp IN A 192.168.1.10
namhb.no-ip.org. IN A 192.168.1.10
localhost IN A 127.0.0.1
mail IN A 192.168.1.10
pop IN A 192.168.1.10
smtp IN A 192.168.1.10
www IN A 192.168.1.10
namhb.no-ip.org. IN MX 10 mail
namhb.no-ip.org. 14400 IN TXT "v=spf1 a mx ip4:192
.168.1.10 ~all"
Add user:
useradd hbn
mkdir /home/hbn/public_html
[/etc/httpd/conf.d/httpd.conf]
NameVirtualHost *:80 // line 971: make valid
<VirtualHost *:80> // bottom: add these lin
es
DocumentRoot /var/www/html
ServerName www.hbn.local
ErrorLog logs/hbn.local-error_log
CustomLog logs/hbn.local-access_log common
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /home/hbn/public_html
SuexecUserGroup hbn hbn
ServerName namhb.no-ip.org
ErrorLog logs/namhb.no-ip.org-error_log
CustomLog logs/namhb.no-ip.org-access_log common
</VirtualHost>
Similar like https 443
[/etc/httpd/conf.d/ssl.conf]
NameVirtualHost *:443
<VirtualHost *:443> // line 81: change
SuexecUserGroup hbn hbn
 // add in the bottom of the file: configuration for namh
b.no-ip.org for SSL
<VirtualHost *:443>
DocumentRoot "/home/cent/public_html"
ServerName namhb.no-ip.org:443
ErrorLog logs/namhb.no-ip.org_ssl_error_log
TransferLog logs/namhb.no-ip.org_ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+
HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/server.crt
SSLCertificateKeyFile /etc/pki/tls/certs/server.
key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b
"
</VirtualHost>
e. Finish: /etc/rc.d/init.d/httpd restart
Step 5: FTP Server:
a. Install vsftpd:
yum -y install vsftpd
b. Config
[/etc/vsftpd/vsftpd.conf]
anonymous_enable=NO // line 12: no anonymous
ascii_upload_enable=YES // line 79: make valid
ascii_download_enable=YES //(permit ascii mode transfer)
chroot_list_enable=YES // line 94: make valid
chroot_list_file=/etc/vsftpd/chroot_list // line 96: make valid
ls_recurse_enable=YES // line 102: make valid
chroot_local_user=YES // bottom: enable chroot
local_root=public_html // root directory
use_localtime=YES // use local time
[/etc/vsftpd/chroot_list]
//Add user you permit. User hbn
hbn
e. Finish:
/etc/rc.d/init.d/vsftpd start
chkconfig vsftpd on
Step 6: Install Mail.
a. Install:
yum install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-
sasl-md5 cyrus-sasl-plain postfix dovecot
b. Config:
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenti
cated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
postconf -e 'mynetworks = 127.0.0.0/8'
 [/usr/lib/sasl2/smtpd.conf]
pwcheck_method: saslauthd
mech_list: plain login
Generation keys:
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -o
ut smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out
cacert.pem -days 3650
Then:
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
postconf -e 'myhostname = server.hbn.local'
[ /etc/dovecot.conf]
..
protocols = imap imaps pop3 pop3s
..
postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart
chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
chkconfig --levels 235 saslauthd on
chkconfig --levels 235 dovecot on
/etc/init.d/sendmail stop
/etc/init.d/postfix start
/etc/init.d/saslauthd start
/etc/init.d/dovecot start
c. Virtual Hosting
[/etc/postfix/main.cf]
mydestination = /etc/postfix/local-host-names
[/etc/postfix/local-host-names]
localhost
localhost.localdomain
server.hbn.local
hbn.local
namhb.no-ip.org
[/etc/postfix/virtualusesrtb]
hbn@hbn.local root
hbn@namhb.no-ip.org hbn
postmap /etc/postfix/virtualusesrtb
Finish my tutorial.