webmin

Installation of webmin on our arch server

To have a more GUI way of controlling our server we will install the webmin interface. This allows us to use a web-browser for configurations.
There are two ways to install webmin. We can use either the version in the repos or download it directly from the webmin homepage.

Using pacman and the version in the repo

To install using pacman run

[root@server]$ pacman -S webmin

To use ssh secure connection with webmin, you’ll need to install perl-net-ssleay too.

[root@server]$ pacman -S perl-net-ssleay

Now edit /etc/webmin/miniserv.conf to allow the ip network to connect. While we’re at it we might as well change the standard listening port and protocol. Change to the following:

allow=127.0.0.1 192.168.100.0

port=33000
listen=33000

ssl=2

Now start webmin with:

[root@server]$ /etc/rc.d/webmin start

Using the tarball from the webmin homepage

When writing this guide the latest version was V1.39
CAUTION!You should be aware that you will need to change the moduleconfig for a lot of the servers to be able to control them throught the webmin interface! This is not necessary with the pacman version!

To use ssh secure connection with webmin, you’ll need to install perl-net-ssleay too.

[root@server]$ pacman -S perl-net-ssleay

Then use wget to download the webmin file

[root@server]$ wget http://prdownloads.sourceforge.net/webadmin/webmin-1.390.tar.gz

copy the tarball to the location you want webmin to be installed and unpack it. I chose /opt for that.

[root@server]$ cp webmin-1.390.tar.gz /opt
[root@server]$ cd /opt
[root@server]$ tar -xvf webmin-1.390.tar.gz

You should now have a folder called webmin-1.390, go ahead and cd into it.

[root@server]$ cd webmin-1.390

run the installation script and follow the on-screen instructions.

[root@server]$ sh setup.sh

You should also add webmin to the daemons array in /etc/rc.conf

Firewall configuration

To make it possible to access webmin we need to change the firewall rules from our setup.
If you have setup the firewall with the script from my samba server setup the following should place the rule just below the ssh access rule

[root@server]$ iptables -I INPUT 14 -p tcp -m tcp -s 192.168.100.0/24 –dport 33000 -j ACCEPT

Remember to run

[root@server]$ /etc/rc.d/iptables save

to save the new rules permanently

Now it should be possible to access webmin from your browser at the address

https://192.168.100.3:33000

When first accessing the page you will be asked to accept an unknown certificate. This is OK as long as you are on your own lan, and trust the server to which you are being connected. Otherwise get an official certificate from Verisign or some other recognized authority. How to obtain such a certificate and how to install it can be found on the webmin webpages.

Webmin usersetup

This part is only necessary if you have installed webmin using pacman!

Login with root and root’s password

Click on Webmin Users from the Webmin menu on the left side.
You will then get an overview of the webmin users who can login. Right now only root is listed.
Click on root and you will get a view of the details of the root user. Scroll all the way down and click on the button [Clone] Enter a new username you would like to use as the administrator through the webmin interface. Remember to enter a password too. Click [Create] when you’re done.

Now logout and login with the new user.

After a renewed login go to the user managment again, select the checkbox next to root and click [Delete Selected]. And confirm deletion when asked for it.
Another option is to lock the user. This is done by clicking on the username (in our case root), and activate the checkbox on the password line next to Temporarily locked. Then just click [Save] and the user is locked.

Webmin is now ready for use.

Resources

Install notes on the Webmin homepage