stretch-testing -> stretch
Testing to Stable
- Add example.com to /etc/hosts.
- Start with a clean machine running the relevant version of Debian.
- Run Install script as per https://wiki.sympl.host/Installation_Instructions without dpkg prompts.
- User is pointed to https://wiki.sympl.host for docs, and https://forum.sympl.host for issues.
User has to set a new password for
sympl, and is suggested to use an SSH key.
User can log in as the
- Banner happens on login and provides correct version/system stats.
- Typical utilities such as vim, htop, etc are installed and work normally.
mkdir -p /srv/example.com/public/htdocs, make sure you are served a 'theres nothing here yet' page.
echo 'Testing example.com' > /srv/example.com/public/htdocs/index.html, check the page loads with the new content.
echo '<?php phpinfo() ?>' > /srv/example.com/public/htdocs/index.php, check the page loads with phpinfo.
sudo sympl-web-configure --verbose, check /srv/example.com/ contains public/logs, php_tmp, php_sessions.
Browse to http://example.com again, check logs are being written to
Browse to https://example.com again (expect browser warning), check logs are being written to
sudo sympl-web-rotate-logs, check logs have rotated.
sudo sympl-web-generate-stats --verbose, check stats have NOT been created.
mkdir -p /srv/example.com/config ; echo selfsigned > /srv/example.com/config/ssl-provider ; sudo sympl-ssl --verbose, check cert is generated.
sudo sympl-web-configure --verbose, check site now loads with self-signed certificate.
- Confirm you cannot login anonymously via FTP.
echo some-password > /srv/example.com/config/ftp-password, check you can log in with user
some-passwordvia FTP and are placed in public.
- Confirm you can upload/download/delete files via FTP.
echo someuser:someotherpass:htdocs:0M > /srv/example.com/config/ftp-users, check you can log in with user
someotherpassvia FTP and are placed in htdocs.
- Confirm you can download but not upload files via FTP.
sudo sympl-password-test --verbose, confirm password warning.
Mail & WebMail
mkdir -p /srv/example.com/mailboxes/user ; echo some-password > /srv/example.com/mailboxes/user/password ; sudo sympl-password-test --verbose, confirm password warning.
Browse to https://example.com/webmail, log in with
echo new-password > /srv/example.com/mailboxes/user/password, log out of webmail.
- Confirm you cannot log in with old password.
- Confirm you can log in with new password.
sudo sympl-mail-encrypt-passwords --verbose
- Log out and back in again.
- Send mail to a gmail address, confirm bounce/delivery.
openssl genrsa -out /srv/example.com/config/dkim.key 2048 ; chmod 640 /srv/example.com/config/dkim.key ; chown admin:Debian-exim /srv/example.com/config/dkim.key ; touch /srv/example.com/config/dkim
- Send email again, check for DKIM record in bounce/delivery.
ip a ; sympl-ip, confirm IPs match.
echo 10.111.234.56 > /srv/example.com/config/ip ; sudo sympl-configure-ips --verbose, confirm new IP picked up.
ip a ; sympl-ip, confirm '10.111.234.56' now listed on both results.
sudo iptables -L -n | grep -c ':1234', confirm result is 0.
touch /etc/sympl/firewall/incoming.d/99-1234 ; sudo sympl-firewall
sudo iptables -L -n | grep -c ':1234', confirm result is 2.
touch '/etc/sympl/firewall/blacklist.d/10.9.8.7|31' ; sudo sympl-firewall
sudo iptables -L -n | grep -c '10.9.8.6', confirm result is 1.
MySQL / MariaDB & phpMyAdmin
mysql -e 'show databases', confirm databases are listed.
- Browse to http://example.com/phpmyadmin, confirm redirected to HTTPS.
cat ~/mysql_password, log in with user
- Confirm no errors/warnings, database can be created.
sudo service apache2 stop ; sudo service apache2 status ; sudo sympl-monit ; sudo service apache2 status ;, confirm apache is started again.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information