Post-Installation Wizard & Domain Quesions

edit: I apologise for the links. I am not allowed to post links so in order to post this I had to destroy all of my links and make them utterly unintelligible. Hopefully a Moderator will remove this constraint for me and I can fix the links…Shawn

Hi All,

I’m trying to set up Webmin/Virtualmin on 1 computer to administer my pre-existing htdocs folder (i.e. my website) and to control/admin filesharing/Samba amongst my LAN computers. I am hoping also to set up RDP/Remmina here as I’ve so far had questionable luck trying to RDP between my new Ubuntu-based network - the only thing I actually miss from Windows is RDP which was just easy and always worked lol.

In order to resolve a couple of “issues” I encountered with an initial test-run, before going through the Wizard again on a new minimal Ubuntu 20/04, I’ve done the following:

1. Given a FQDN to all of my LAN computers based on my domainname and the computername by modifying the /etc/hosts files like this:

#127/0/ 0 .1 localhost
#127//0 .1 .1 dev
10/ /0 /0 .100 www. /me/ com dev

/.where “dev” is the name of the computer. The static Ethernet IP range is from 10/ /0 /0 /100 to 10/ /0 /0 .104 and as with the router all are set to 255 /255 .255. /0/10/ /0 /0 .1. In Ubuntu IPv4 “DNS” and “Routes” are set to Auto. Router has Port Forward for TCP/UDP on Virtualmin box with ports 20, 22, 80, 443, 465, 587.

2. From my domain provider’s website, in the “Registry Nameserver Records” area I added “ns1/ /me .com” and “ns2 //me .com” and pointed both to my external IPv4 address; DNS and NS for me .com already previously set to same/

3. Samba has been installed and set up. I have not enabled ufw yet. In /etc/samba/smb.conf I set workgroup to me/com and both create mask and directory mask to 0775

4. I have installed OpenSSH Client & Server and successfully logged in to each computer from each computer after using ssh-copy-id remote_username@server_ip_address.

5. All computers have the identical user (my name) and password. sudo passwd is the same as user password. Samba user and password is same as user/

These above steps have been taken based on my experience with my first attempt at installing Virtualmin on a perfectly new and clean OS. I made some mistakes thus I’m starting over.

I am now going to install and follow the Post-Installation Wizard again, this time with the above steps having already been taken. But before I do this, I have two questions, please and thank you:

A) In your experience, will anything above interfere with the installation?

B) At the Wizard prompt for Primary and Secondary nameserver, it says “For DNS zones created by VirtualMin to be resolvable, the primary nameserver record for each zone must be set to something that can itself be resolved by other systems on the Internet.” I have no idea what this means and no reading has helped me to understand this. I’ve struggled for decades to understand networking but I just can’t wrap my head around anything beyond setting static IPv4 for my computers. I point my domain name to my external IP, edit hosts (in Windows) to point “me/com” to 192 .168//0/x or 10 //0/0/x depending on where my Apache server is installed and that’s about it.

So, at my disposal, I have 4 computers named:

box1 /me ,com
box2 //me .com
box3/ /me .com
box4 //me .com

hostname gives me box1 and hostname --fqdn gives me www/me/com

/.And I own me/com to which I’ve added ns1 /me .com and ns2 /me .com

Is that what I enter for the Wizard? Primary nameserver = ns1 //me .com and Secondary (optional) nameservers = ns2 //me .com?

3. When I’m asked to install a new virtual server, that should be me/com, yes? Not dev//me/com or something else?

(Sorry for the third question lol)

I truly appreciate your help here, especially since I have written so much and thus taken up so much of your time/.

Merci:)
Shawn

No. Don’t remove the localhost entry. That’s absolutely vital for all sorts of things to function.

What does ufw have to do with Samba?

And, why are you installing Samba on a Virtualmin system? That would be a pretty unusual combination. Virtualmin is for web hosting, Samba is used for intranet shared storage. I mean, it’s possible to have both on the same system, it just doesn’t really happen very often, and there are some risks to having Samba exposed on the internet.

Your name servers must be known to the world. If you’re hosting your DNS locally (i.e. managed by Virtualmin), then your glue records at your registrar must point to the Virtualmin server and its DNS slave.

If you are not hosting DNS in Virtualmin, turn off the DNS feature in Features and Plugins, and Virtualmin will provide a page of DNS records you create with whoever is hosting your DNS (often people use the DNS service provided by their registrar).

This saying that for DNS to work, the world needs to be able to find your DNS servers.

If you’re having this much trouble with DNS and networking, maybe just don’t use this feature of Virtualmin and host your DNS at your registrar instead.

But, I usually make my Virtualmin server also have an A record for ns1.example.tld and the slave have the name ns2.example.tld and use those for the name server records to be automatically added to new domains.

If you’re hosting your DNS elsewhere, you use the DNS records for that, instead of your own names.

Thanks very much, Joe.

No. Don’t remove the localhost entry. That’s absolutely vital for all sorts of things to function.

I figured as much, and I must have misunderstood the tutorial I used to learn how to set the FQDN. I will uncomment those 2 entries.

What does ufw have to do with Samba?

All I can say is that THIS tutorial includes allowing Samba in ufw, so I’m following the advice out of blind ignorance lol.

And, why are you installing Samba on a Virtualmin system?

Apologies for my lack of clarity. This computer will be, I hope, serving my website to the Internet and my development computer (where I do web and IoT work with VSCode, NoePad++, Arduino IDE, OpenMV IDE, etc.), hosting my RAID and other drive enclosures, performing backups, and administering access to such on my other computers. I need VirtualMin and Webmin to do this successfully, no? Eventually, I would like to be able to control access, push out updates, restore the systems, etc. from this box via WebMin…in the future.

and there are some risks to having Samba exposed on the internet.

You’ve piqued my interest now. And left me a little worried. It seems I need to spend some time googling the potential issues here, which sound occasionally catastrophic by your wording…A single “server” made sense to me. If you are implying that under normal conditions setting up VirualMin and Samba on the same box will lead to file/data access outside my LAN, then I have clearly F**d up.

Your name servers must be known to the world. If you’re hosting your DNS locally (i.e. managed by Virtualmin), then your glue records at your registrar must point to the Virtualmin server and its DNS slave.

If you are not hosting DNS in Virtualmin, turn off the DNS feature in Features and Plugins, and Virtualmin will provide a page of DNS records you create with whoever is hosting your DNS (often people use the DNS service provided by their registrar).

I am once again feeling like an idiot here. I am pointing my domainname to my external IP and housing my htdocs folder on static IP 10.0.0.101, which is the box with Web/VirtualMin. I am “hosting” my website here, nothing more fancy than that. Sorry for my ignorance here:(

I usually make my Virtualmin server also have an A record for ns1.example.tld and the slave have the name ns2.example.tld and use those for the name server records to be automatically added to new domains.

I will PM you the records/setup from my registrar (internic.ca) since I can’t add links in this forum. You will quickly have your answers there, instead of my ignorant babble here:(

If you’re hosting your DNS elsewhere, you use the DNS records for that, instead of your own names.

I hope my PM helps with his as well.

To update my first post, I just ran the autoinstaller with the above setup/settings. Running sh virtualmin-install.sh produced not a single error, and the Wizard auto-populated the Primary nameserver with my full domainname. After refreshing I was presented with the following status:

**The status of your system is being checked to ensure that all enabled features are available and properly configured ..**

Your system has 15.05 GiB of memory, which is at or above the Virtualmin recommended minimum of 256 MiB

BIND DNS server is installed

Mail server Postfix is installed and configured

Postfix is configured to support per-domain outgoing IP addresses

Apache is installed

CGI scripts can be executed using suEXEC or FCGIwrap

Apache supports HTTP/2 on your system

The following PHP execution modes are available : cgi fcgid fpm

The following PHP versions are available : 7.4.3 (/bin/php-cgi7.4)

The following PHP-FPM versions are available : 7.4.3 (php7.4-fpm)

PHP versions have changed to 7.4 since last check. Regenerating any missing php.ini files

Apache is configured to host SSL websites

MariaDB 10.3.38 is installed and running

Logrotate is installed

SpamAssassin and Procmail are installed and configured for use

Plugin AWStats reporting is installed

Plugin Protected web directories is installed

Using network interface enp8s0 for virtual IPs

IPv6 addresses are available, using interface xxx

Default IPv4 address for virtual servers is 10.0.0.xxx

Default IPv6 address for virtual servers is (correct)

Both user and group quotas are enabled for home and email directories

All commands needed to create and restore backups are installed

The selected package management and update systems are installed

Chroot jails are available

**.. your system is ready for use by Virtualmin**
Updating all Webmin users with new settings..
.. done

Updating Virtualmin library pre-load settings ..
.. done

Updating status collection job ..
.. done

Re-loading Webmin ..
.. done

I’ll bring back the two localhost lines in /etc/hosts and restart everything before going any further.

From there, I’m going to read a whole bunch of your documentation and watch some YT videos before doing ANYTHING else.

I am extremely curious over your Samba concerns, most of all, right now.

No PMs, please.

ufw is a firewall, you sound like you think it is Ubuntu
https://ubuntu.com/server/docs/security-firewall

Virtualmin sets up firewalld as its firewall not ufw.

Virtualmin main job if setup web hosting, so the rest of the world can view your web pages for one or more domains, is that what you want?
That why a FQDN is needed. Not a domain you made up for LAN use.

Stephan - thanks, I know ufw is Ubuntu’s generic/inherent firewall.

Joe - sorry about that. I am not allowed to post URLs as a new user, but to answer a couple of your questions I would have needed to do just that, post a lot of URLs, some of which are private. My apologies.

Unfortunately, my original question revolved around the Post-Installation Wizard and domain names/FQDN. So I’ll call that lack of communication on my part.

One computer is (hopefully) going to host my website AND be administration for shares and backups for the other computers on my LAN.

Since part of my task right now includes getting an Apache server back up AND setting up my LAN with 4 computers, this naming aspect/Primary nameserver Wizard requires me to reflect on my website domain, the name requested by VirualMin and, as such, a naming convention for my LAN boxes so that filesharing/backups via WebMin isn’t a nightmare out of the gate.

Fortunately, though, after restoring the ubiquitous 127 dot zero dot zero dot 1 in my hosts file and restarting the servers via Dashboard, VirtualMin is correctly serving a page to my domain name via SSL (internally and externally), so I’m a short jump away from re-pointing that to my external RAID10 htdocs/root folder.

But I’ll spend some time exploring the WebMin/VirtualMin interface first…as Joe’s Samba remark still concerns me.

Check in webmin, FirewallD should be running.

image229×525 20.1 KB

Found in forum someone else using it, posted a firewall rule to add. (not a bug as virtualmin doesn’t setup Samba.)

Ok, looks like there is a webmin module for it too. (as in the post), might make life easier creating the shares.

image1438×560 53.6 KB

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.