Is it possible to automate the Virtualmin post-install wizard?

I’m trying to completely automate my Virtualmin installation and setup using Ansible, but I’m having a hard time tracking down information on how to deal with the Virtualmin post-install wizard. I found this thread from 2 1/2 years ago , but it lists some options that aren’t asked during the post-install wizard, so it seems a bit outdated.

Also, if I were to find all of the post-install wizard settings and update them manually (such as changing hashpass=1 in /etc/webmin/virtual-server/config), is there anything that needs to be done so that the settings take effect? It seems like the post-install setup check does more than change a handful of text file entries, so I’m wondering if I need to do anything extra after updating the settings. I thought maybe I could do the same by running the “virtualmin check-config” command, but it sounds like that’s something different.

Any help that anyone could offer up would be greatly appreciated!

There is a webmin CLI command now, so you can set most of the values using it. Most of them are config values in the virtual-server module.

Some things are a little bit more involved…like setting the MySQL/MariaDB root password, but presumably you already have automation for this (it’s not special to Virtualmin, you have to do it for any MySQL/MariaDB deployment). And, yes, you need to restart Webmin after making some of the changes, but that’s just a service restart.

And, as mentioned in that thread, after making your changes, you need to set wizard_run=1 so Virtualmin won’t try to run the wizard again in the GUI.

To use the Webmin CLI…hmm…it looks like it’s still not being added to /usr/sbin, so it won’t be in the path. I need to look into that. But, you can run it in-place:

To get a usage summary:

$ /usr/libexec/webmin/bin/webmin

To list commands:

$ /usr/libexec/webmin/bin/webmin --list-commands

To set a config value:

$ /usr/libexec/webmin/bin/webmin set-config --force --module virtual-server --option wizard_run --value 1

The --force option is needed here because wizard_run is a hidden option, with no description or UI element. Other options that appear in the UI won’t need that flag.

You’ll still have to figure out which options you want to set and their exact names in the relevant modules (mostly virtual-server but there are several others). The wizard code itself should be easy-ish to follow, at least in terms of what options it sets…but, it may be easiest to do a fresh install, make a backup of /etc/webmin and then run the wizard manually, and diff the original /etc/webmin vs the new one post-wizard. That’ll give you the dozen or so options you need to change, and you can decide whether to script it with the webmin CLI or just copy in a “golden” version of the Webmin directory…depends on whether you have host-specific stuff that needs to be respected.

So for anyone looking to do this, unless you have a ton of servers where running through the post-install wizard on all of them manually would be very time-consuming, I would honestly recommend doing the post-install manually. As much as I would love to have this part of the process automated, I ran into some issues that made it seem like it just might not be worth it for a server or two, and doing so could potentially cause some issues down the road.

The post-install wizard…

  • Creates the file /etc/webmin/bind8/zone-names with the contents:

    base=/var/cache/bind
    zone_3=0.in-addr.arpa 5 master * /etc/bind/db.0
    file_/etc/bind/named.conf.default-zones=1589788961
    zone_0=. 2 hint * /usr/share/dns/root.hints
    pidfile=/var/run/named/named.pid
    no_chroot_config=0
    version=3
    zone_2=127.in-addr.arpa 4 master * /etc/bind/db.127
    zone_4=255.in-addr.arpa 6 master * /etc/bind/db.255
    pidfile_config=/var/run/bind/run/named.pid /var/run/named.pid /var/run/named/named.pid /var/run/bind/run/named/named.pid
    zone_1=localhost 3 master * /etc/bind/db.local

    In order to update this file manually using Ansible you need to know the ins-and-outs of what it’s doing, which I do not. I also don’t know if this file’s contents will always be the same, allowing me to just create a preset zone-names file and have Ansible copy it, so I’m concerned that things may change in the future and an Ansible playbook run could break DNS on the server.

  • Creates the file /etc/webmin/mysql/version which includes the MariaDB version (“10.3.23-MariaDB”). Like the previous item, if you have a preset file with this information that’s copied over by Ansible it may cause issues if your Virtualmin installation installs a different version of MariaDB/MySQL. I’m also not sure how this file is generated so I was unable to recreate it manually.

  • Updates the file /etc/webmin/virtual-server/config with last_check_php_vers=7.3 (at least currently), and I’m not sure where this information is getting pulled from in order to populate this setting (maybe just php --version, but I don’t know for sure), so if the PHP version changes in the future during Virtualmin installation and you have this set to update to PHP 7.3, it may cause some issues.

Then there’s the fact that the steps in the post-install wizard could change (as I found out researching this same topic before I started this thread), so it may be possible that you could miss changing settings in the future simply because you don’t know they exist. I guess as long as there are sane defaults on those settings it shouldn’t be that much of an issue, but I personally like to configure everything myself so I know what’s going on.

So for me personally, I got to the point where the time I was spending investigating this was far outweighing the time it would take me to run the post-install wizard manually a whole bunch of times, so when combined with the fact that doing it automatically could potentially cause issues when there are changes to the Virtualmin installer, and the fact that the post-install wizard only needs to be run once per server, I decided it was better for me to move on to automating other parts of the process and just do this part manually. Like I said though, if you have a ton of servers, it might be worth your time to investigate this further.

With Ansible and other automation platforms becoming so mainstream nowadays, I’m sure it’s just a matter of time before there’s a better way to automate the Virtualmin post-install wizard, but until then I think people should really weigh the pros and cons for their situation to see if it’s even worth trying to automate this.

Anyways, that is all. I just wanted to give a quick update on my findings in case anyone else is researching this topic.

2 Likes

Thanks so much for documenting this!

I think it’s apparent that it’s an area we should improve, either in documentation or in code. We should provide a good command line tool for this purpose…the wizard has maybe gotten out of hand in terms of what all it does.

That said, you can trigger the check config action that generates the files you’re talking about with versions and such. That’s the last step of the wizard, where it suggests running the config check. That’s just:

# virtualmin check-config
1 Like

Hmm, I could swear I tested this and it didn’t do exactly the same thing as manually clicking the check config button after the post-install wizard. I then saw this in the documentation, “Unlike the Re-check Config page in the Virtualmin web UI, it will not perform any system changes triggered by configuration changes, such as updating the Webmin modules available to domain owners.”, and figured it was a completely different thing altogether and that’s why it didn’t do the same thing as clicking the button.

I might have to spin up a test server later and give this a try to see if I’m getting the same results.

Huh. So that’s maybe bug-like. I mean, if it’s documented, it’s OK, but we still need to be able to do everything that can be done in the UI from the CLI. I’ll have to look into it, though I don’t have any free time to devote to it right now.

Alright, so apparently virtualmin check-config does indeed take care of everything that manually running the config check does, which is strange, I could swear I tested this previously and it didn’t. I’m either mistaken or it was an issue with my server.

However, although the config check seems to do everything it should, the manually-run post-install wizard does one thing that you can’t seem to do via the CLI, which is creating the /etc/webmin/bind8/zone-names file.

I installed Virtualmin, backed up /etc/webmin, ran the post-install wizard, backed up /etc/webmin, ran the post-wizard config check, and backed up /etc/webmin one last time. I then compared them (from base install to after wizard, and then after wizard to after config check), and my finding are below.

In case anyone else is trying to automate this using Ansible, I’ve saved a rough draft of the playbook as a gist.

My Post-Installation Wizard Settings

Preload Virtualmin libraries? No
Run MariaDB/MySQL database server? Yes
Run PostgreSQL database server? No
Set MySQL password: “nicetryalmostgotme”
MariaDB/MySQL configuration size: Huge system (2G or more)
DNS zone creation: My FQDN was already populated, I just checked “Skip check for resolvability”
Password storage mode: Only store hashed passwords

“Base Installation” to “After Post-Install Wizard”

The wizard seems to…

Create:

  • Folder: /etc/webmin/authentic-theme
  • File: /etc/webmin/bind8/zone-names

Add the following lines to /etc/webmin/miniserv.conf:

  • error_handler_403=403.cgi
  • error_handler_401=401.cgi
  • error_handler_404=404.cgi
  • nolog=/stats.cgi?xhr-stats=general

Add the following lines to /etc/webmin/mysql/config:

  • pass=[mysql password]

Add the following lines to /etc/webmin/virtual-server/config:

  • allow_symlinks=0
  • mysql_user_size=80
  • mysql_size=huge
  • avail_virtualmin-dav=0

Update the following lines in /etc/webmin/virtual-server/config:

  • hashpass=0 changed to hashpass=1
  • bind_master= changed to bind_master=[server’s FQDN]
  • last_check= updated to reflect current time

“After Post-Install Wizard” to “After Config Check”

The post-wizard check seems to…

Create:

  • File: /etc/webmin/mysql/version
  • File: /etc/webmin/virtual-server/last-config (this is just a backup of the /etc/webmin/virtual-server/config file)

Add the following lines to /etc/webmin/virtual-server/config

  • wizard_run=1
  • last_check_php_vers=7.3
  • mail_quotas=/
  • home_quotas=/
  • group_quotas=1

Update the following lines in /etc/webmin/virtual-server/config:

  • iface= changed to iface=eth0
  • last_check= update to reflect current time
2 Likes

This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.