I attempted getting Virtualmin working on ARM64 and it went really well. I know it’s not officially supported, but here are my experiences…
Why ARM64?
ARM64 is going to be a game changer for hosting if you look at the current pricing. The comparison I’m making is a 2 vCPU, 4GB compute resource with 60 GB of disk space at Digital Ocean for $24 per month versus a 2 vCPU, 4GB compute resource with 40 GB of disk space from Hetzner in Germany is around $4.12 (€3.78) per month.
Why Virtualmin?
Virtualmin is an amazing open source solution that is incredibly powerful and near-par with the very expensive cPanel. If we can get this working before cPanel fixes their proprietary libraries we can gain massive market share.
Why not Virtualmin?
Officially Virtualmin doesn’t support ARM64 architecture. FYI I’m not writing this post to get the Virtualmin team to suddenly open up ARM64 support as I’m sure they have more than enough work on their plate. But I do think we can open the door as the community and see how far we can go to get it working in the meanwhile.
What I have tested so far and what works
- Installation worked perfectly first time, including quotas
- It was a LAMP installation
- Let’s Encrypt SSL works
- IPv4 and IPv6
- WordPress script deployment
- Email (see notes)
- IMAP SSL, SMTP SSL (465)
- SpamAssassin & ClamAV
- Greylisting
- Usermin & Roundcube
- Bind DNS integration (master / slave)
- DKIM inbound verification
- Mail Client Auto Configuration
- Performance is snappy
For the majority of my workloads just having a working web server, SSL, spam protected email and BIND DNS integration for master / slave is more than enough.
Email Notes
The procmail-wrapper
needed to be recompiled for ARM64 before SpamAssassin would work. Luckily it’s super simple to do yourself as the procmail-wrapper
is just there to check some parameters and permissions.
If you don’t fix it, you’ll get this error when receiving email at the server:
Jul 3 19:57:45 arm64 postfix/local[92596]: A1A6467492: to=<"eugene@arm64.vander.host"@arm64.vander.host>, orig_to=<eugene@arm64.vander.host>, relay=local, delay=0.04, delays=0.02/0.01/0/0.02, dsn=5.3.0, status=bounced (Command died with status 126: "/usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME". Command output: sh: 1: /usr/bin/procmail-wrapper: Exec format error )
The fix is:
cd /root
wget https://github.com/virtualmin/virtualmin-gpl/blob/master/procmail-wrapper.c
gcc procmail-wrapper.c -o procmail-wrapper
mv /usr/bin/procmail-wrapper /usr/bin/procmail-wrapper.backup
cp procmail-wrapper /usr/bin/procmail-wrapper
chmod 4755 /usr/bin/procmail-wrapper
If you don’t do the 4755 you’ll get weird Procmail errors and SpamAssassin won’t work.
Anyhow there is still some work left to do for this experiment.
I still need to get DMARC and DKIM outbound working. The only reason why I haven’t gotten there is when you sign up at Hetzner Cloud, even if you have an existing paid for service, there is a hold on your account for SMTP port 25 outbound till the first new invoice is paid.
I want to test NGinx as well.
Also I haven’t been able to properly benchmark it against a Digital Ocean server, but I should get around to doing that in the next week. What I do know is ARM64 takes less power and is more efficient cooling wise so if you’re that way inclined you’re doing the environment a favour Smile Gretha.
I’m super stoked about the possibilities for us and for Virtualmin in the future! The beauty of Virtualmin is because it’s stock and non-proprietary, and even though the ARM64 platform isn’t supported, so far everything important I value has just worked.