Deployment Overview of ISPmanager on Server¶

Prerequisites and Basic Requirements¶

The deployment of ISPmanager requires a specific operating system environment and root-level privileges. The following conditions must be met before initiating the installation:

• Operating System: Ubuntu 22.04 LTS.

• Privileges: Root access or sudo privileges are required to execute the installer and modify system configurations.

• Domain Configuration: A valid Fully Qualified Domain Name (FQDN) must be configured to point to the server's public IP address.

• Network Ports:

  • Port 443 (HTTPS) for external access to the panel.

  • Port 1500 for internal services.

• Security Modules: The AppArmor security module must be stopped and disabled to prevent conflicts with the panel services.

• Package Management: The system must have wget, curl, ca-certificates, gnupg, gpg, and dnsutils installed.

FQDN of the Final Panel¶

The ISPmanager panel is accessible via a specific domain structure based on the host configuration. The final address follows the format:

isp<Server ID>.hostkey.in:443

Where <Server ID> is the unique identifier assigned to the server instance. The external path for the application is set to /.

Application Installation Process¶

The installation is performed using the official ISPmanager installer script. The process involves downloading the script, modifying it to accept default parameters, and executing it with specific flags.

1. Download the Installer: The installer script is retrieved from https://download.ispmanager.com/install.eu.sh and saved to /root/install.eu.sh.

2. Configure Installer Defaults: The script is patched to automatically select the following options without user interaction:

   • Installation type: s (server).

   • Database selection: 1 (MySQL/MariaDB).

3. Execute Installation: The installer is run with the following parameters:

   • Release: stable

   • Flavor: ispmanager-lite

   • Database Type: mysql

   • Database Server: mariadb

   • Hostname Check: Disabled (--ignore-hostname)

   • Mode: Silent (--silent)

   • SSL: Let's Encrypt is enabled if the domain resolves correctly to the public IP; otherwise, the --no-letsencrypt flag is used.

The installation logs are written to /root/isp_install.log. The installation is considered complete when the binary /usr/local/mgr5/sbin/ispmgr is created.

Databases¶

The application utilizes a MySQL-compatible database backend. The configuration is set as follows:

• Database Type: MySQL

• Database Server: MariaDB

• Storage: Local storage on the server.

• Configuration: The database is installed and configured automatically during the ISPmanager installation process.

Proxy Servers and SSL¶

The deployment includes an integrated web server and SSL configuration:

• External Port: 443 (HTTPS).

• Internal Port: 1500.

• SSL/TLS:

  • Let's Encrypt certificates are automatically provisioned if the domain isp<Server ID>.hostkey.in resolves to the server's public IP address.

  • If the DNS resolution does not match the public IP, the installation proceeds without Let's Encrypt integration.

• Paths: Both internal and external paths are mapped to /.

File and Directory Structure¶

Key files and directories created or modified during the deployment include:

• Installer Script: /root/install.eu.sh

• Installation Log: /root/isp_install.log

• Main Binary: /usr/local/mgr5/sbin/ispmgr

• Configuration Files: Located within the /usr/local/mgr5 directory structure (managed by the ISPmanager service).

Starting, Stopping, and Updating¶

The ISPmanager panel is managed as a system service. While specific service names are managed internally by the installer, the following system-level actions are performed during the deployment lifecycle:

• Service Management: The installer configures the necessary systemd units to start the panel services automatically.

• System Updates:

  • During installation, apt related services (unattended-upgrades, apt-daily, apt-daily-upgrade) are temporarily stopped and masked to prevent package lock conflicts.

  • After installation, these services are unmasked and re-enabled to restore automatic system updates.

• Package Lock Handling: The deployment script includes logic to kill processes holding locks on /var/lib/dpkg/lock-frontend, /var/lib/dpkg/lock, and /var/cache/apt/archives/lock to ensure a clean installation environment.