Server Dienste Minimal
Version vom 5. November 2025, 20:56 Uhr von Thomas.will (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „= Minimales Linux-Server-Schulungsnetz = == Netzplan == * 10.20.10.0/24 internes Netz * 172.22.0.0/16 externes Netz (Internet) * Server: debian-srv (10.20.10.1…“)
Minimales Linux-Server-Schulungsnetz
Netzplan
- 10.20.10.0/24 internes Netz
- 172.22.0.0/16 externes Netz (Internet)
- Server: debian-srv (10.20.10.11)
- Server: rocky-srv (10.20.10.12)
- Client: debian-client (10.20.10.51)
Apache2 mit PHP (Debian)
- apt install apache2 php libapache2-mod-php -y
- echo "<?php phpinfo(); ?>" > /var/www/html/info.php
- systemctl enable --now apache2
- http://10.20.10.11/info.php prüfen
Nginx mit PHP (Rocky)
- yum install nginx php-fpm -y
- systemctl enable --now nginx php-fpm
- echo "<?php phpinfo(); ?>" > /usr/share/nginx/html/info.php
- vi /etc/nginx/conf.d/default.conf
server {
listen 80;
root /usr/share/nginx/html;
index index.php index.html;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
include fastcgi.conf;
}
}
- systemctl reload nginx
- http://10.20.10.12/info.php prüfen
Exim (Mailserver minimal)
- apt install exim4 -y
- dpkg-reconfigure exim4-config
- Internet-Site
- System mail name: lab.local
- Smarthost leer
- Mail an root: root
- echo "Testmail" | mail -s "Exim läuft" root@lab.local
NFS-Server
- apt install nfs-kernel-server -y
- mkdir -p /srv/nfs/share
- chown nobody:nogroup /srv/nfs/share
- echo "/srv/nfs/share 10.20.10.0/24(ro,sync,no_subtree_check)" >> /etc/exports
- exportfs -ra
- systemctl enable --now nfs-server
Samba-Server
- apt install samba -y
- mkdir -p /srv/samba/share
- chmod 777 /srv/samba/share
- echo "[share]" >> /etc/samba/smb.conf
- echo " path = /srv/samba/share" >> /etc/samba/smb.conf
- echo " read only = no" >> /etc/samba/smb.conf
- echo " guest ok = yes" >> /etc/samba/smb.conf
- systemctl enable --now smbd nmbd
DHCP-Server
- apt install isc-dhcp-server -y
- vi /etc/dhcp/dhcpd.conf
subnet 10.20.10.0 netmask 255.255.255.0 {
range 10.20.10.100 10.20.10.150;
option routers 10.20.10.1;
option domain-name-servers 10.20.10.11;
option domain-name "lab.local";
}
- systemctl enable --now isc-dhcp-server
DNS-Server (Bind9)
- apt install bind9 -y
- vi /etc/bind/named.conf.local
zone "lab.local" {
type master;
file "/etc/bind/db.lab.local";
};
zone "10.20.10.in-addr.arpa" {
type master;
file "/etc/bind/db.10.20.10";
};
- cp /etc/bind/db.local /etc/bind/db.lab.local
- vi /etc/bind/db.lab.local
$TTL 604800
@ IN SOA debian-srv.lab.local. root.lab.local. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS debian-srv.lab.local.
debian-srv IN A 10.20.10.11
rocky-srv IN A 10.20.10.12
debian-client IN A 10.20.10.51
- cp /etc/bind/db.127 /etc/bind/db.10.20.10
- vi /etc/bind/db.10.20.10
$TTL 604800
@ IN SOA debian-srv.lab.local. root.lab.local. (
2 604800 86400 2419200 604800 )
@ IN NS debian-srv.lab.local.
11 IN PTR debian-srv.lab.local.
12 IN PTR rocky-srv.lab.local.
51 IN PTR debian-client.lab.local.
- systemctl enable --now bind9
- dig debian-srv.lab.local @10.20.10.11 prüfen
SFTP-Server (Rocky)
- yum install openssh-server -y
- systemctl enable --now sshd
- adduser sftpuser
- passwd sftpuser
- mkdir -p /sftp/files
- chown root:root /sftp
- chown sftpuser:sftpuser /sftp/files
- vi /etc/ssh/sshd_config
Subsystem sftp internal-sftp Match User sftpuser ChrootDirectory /sftp ForceCommand internal-sftp
- systemctl reload sshd
- sftp sftpuser@10.20.10.12
- cd files
- put test.txt
Test vom Client
- apt install nfs-common smbclient dnsutils isc-dhcp-client -y
- mount -t nfs 10.20.10.11:/srv/nfs/share /mnt
- smbclient //10.20.10.11/share -U guest
- dig rocky-srv.lab.local @10.20.10.11
- ping 10.20.10.11