Server Dienste Minimal
Version vom 10. November 2025, 18:45 Uhr von Thomas.will (Diskussion | Beiträge) (→Exim (Mailserver minimal))
Minimales Linux-Server-Schulungsnetz
Netzplan
| Bezeichnung | IP-Adresse | Rolle | Beschreibung |
|---|---|---|---|
| debian-srv | 10.20.10.11 | Server (Debian) | Apache2, PHP, Exim, NFS, Samba, DHCP, DNS |
| rocky-srv | 10.20.10.12 | Server (Rocky Linux) | Nginx, PHP, SFTP |
| debian-client | 10.20.10.51 | Client (Debian) | Testsystem für Zugriff und Validierung |
Netzsegmente:
| |||
Apache2 mit PHP (Debian)
- apt install apache2 php libapache2-mod-php -y
- echo "<?php phpinfo(); ?>" > /var/www/html/info.php
- systemctl enable --now apache2
- http://10.20.10.11/info.php prüfen
Nginx mit PHP (Rocky)
- yum install nginx php-fpm -y
- systemctl enable --now nginx php-fpm
- echo "<?php phpinfo(); ?>" > /usr/share/nginx/html/info.php
- vi /etc/nginx/conf.d/default.conf
server {
listen 80;
root /usr/share/nginx/html;
index index.php index.html;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
include fastcgi.conf;
}
}
- systemctl reload nginx
- http://10.20.10.12/info.php prüfen
NFS-Server
- apt install nfs-kernel-server -y
- mkdir -p /srv/nfs/share
- chown nobody:nogroup /srv/nfs/share
- echo "/srv/nfs/share 10.20.10.0/24(ro,sync,no_subtree_check)" >> /etc/exports
- exportfs -ra
- systemctl enable --now nfs-server
Samba-Server
- apt install samba -y
- mkdir -p /srv/samba/share
- chmod 777 /srv/samba/share
- echo "[share]" >> /etc/samba/smb.conf
- echo " path = /srv/samba/share" >> /etc/samba/smb.conf
- echo " read only = no" >> /etc/samba/smb.conf
- echo " guest ok = yes" >> /etc/samba/smb.conf
- systemctl enable --now smbd nmbd
DHCP-Server
- apt install isc-dhcp-server -y
- vi /etc/dhcp/dhcpd.conf
subnet 10.20.10.0 netmask 255.255.255.0 {
range 10.20.10.100 10.20.10.150;
option routers 10.20.10.1;
option domain-name-servers 10.20.10.11;
option domain-name "lab.local";
}
- systemctl enable --now isc-dhcp-server
DNS-Server (Bind9)
- apt install bind9 -y
- vi /etc/bind/named.conf.local
zone "lab.local" {
type master;
file "/etc/bind/db.lab.local";
};
zone "10.20.10.in-addr.arpa" {
type master;
file "/etc/bind/db.10.20.10";
};
- cp /etc/bind/db.local /etc/bind/db.lab.local
- vi /etc/bind/db.lab.local
$TTL 604800
@ IN SOA debian-srv.lab.local. root.lab.local. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
@ IN NS debian-srv.lab.local.
debian-srv IN A 10.20.10.11
rocky-srv IN A 10.20.10.12
debian-client IN A 10.20.10.51
- cp /etc/bind/db.127 /etc/bind/db.10.20.10
- vi /etc/bind/db.10.20.10
$TTL 604800
@ IN SOA debian-srv.lab.local. root.lab.local. (
2 604800 86400 2419200 604800 )
@ IN NS debian-srv.lab.local.
11 IN PTR debian-srv.lab.local.
12 IN PTR rocky-srv.lab.local.
51 IN PTR debian-client.lab.local.
- systemctl enable --now bind9
- dig debian-srv.lab.local @10.20.10.11 prüfen
SFTP-Server (Rocky)
- yum install openssh-server -y
- systemctl enable --now sshd
- adduser sftpuser
- passwd sftpuser
- mkdir -p /sftp/files
- chown root:root /sftp
- chown sftpuser:sftpuser /sftp/files
- vi /etc/ssh/sshd_config
Subsystem sftp internal-sftp Match User sftpuser ChrootDirectory /sftp ForceCommand internal-sftp
- systemctl reload sshd
- sftp sftpuser@10.20.10.12
- cd files
- put test.txt
Test vom Client
- apt install nfs-common smbclient dnsutils isc-dhcp-client -y
- mount -t nfs 10.20.10.11:/srv/nfs/share /mnt
- smbclient //10.20.10.11/share -U guest
- dig rocky-srv.lab.local @10.20.10.11
- ping 10.20.10.11