Tutorial

How to install and Configure DirectAdmin with Let’s Encrypt and self hosted DNS Servers

DirectAdmin is a graphical web-based web hosting control panel designed to make administration of websites easier. It is one of the most popular web hosting control panel alongside with Cpanel & Plesk.

In this tutorial, we will learn how to install DirectAdmin, create nameserver for a self hosted DNS Server and Issue Let’s Encrypt SSL for the server hostname and primary domain.

Minimum Requirements

OSVersion
CloudLinux6.x 64-bit, 7.x 64-bit, 8.x 64-bit
AlmaLinux / RHEL / CentOS7.x 64-bit, 8.x 64-bit
Debian8.x 64-bit, 9.x 64-bit, 10.x 64-bit, 11.x 64-bit ALPHA
Ubuntu16.04 64-bit, 18.04 64-bit, 20.04 64-bit
FreeBSD11.x 64-bit, 12.x 64-bit
For Ubuntu just select the “Linux 64-bit static” OS in DirectAdmin client portal.

Hardware

  • Minimum CPU speed speed of 500Mhz but higher is better. (Intel / AMD)
  • Minimum of 1GB ram is required but 2GB ram is preferred with 2GB swap. (CentOS 8: 2Gig required, 4+ Gig preferred).
  • A storage with at least 2gb free space.

Step 1 – Install DirectAdmin

Before we start, we must set a proper hostname for our server, for this tutorial we will use server.jcolideles.tech, change the hostname according to your own domain.

Acquire License

A license is required before you can install DirectAdmin. You can purchase or avail free trial license from their DirectAdmin Pricing Page. In the DirectAdmin Client area, you need to set the IP Address and the server hostname for your license so during the installation, the license will be automatically activated when the DirectAdmin Web Control Panel detects your IP Address.

Prerequisite Packages

First, we need to update the OS by issuing the update command yum update for rhel based distros or apt update for debian based. Then, we need to install some basic programs for DirectAdmin. Install the prerequisite packages bellow according to your OS.

CentOS 6 or CloudLinux 6

$ yum install wget gcc gcc-c++ flex bison make bind bind-libs bind-utils openssl openssl-devel perl quota libaio libcom_err-devel libcurl-devel gd zlib-devel zip unzip libcap-devel cronie bzip2 cyrus-sasl-devel perl-ExtUtils-Embed autoconf automake libtool which patch mailx bzip2-devel lsof glibc-headers kernel-devel expat-devel db4-devel

CentOS 7 or CloudLinux 7

$ yum install wget gcc gcc-c++ flex bison make bind bind-libs bind-utils openssl openssl-devel perl quota libaio libcom_err-devel libcurl-devel gd zlib-devel zip unzip libcap-devel cronie bzip2 cyrus-sasl-devel perl-ExtUtils-Embed autoconf automake libtool which patch mailx bzip2-devel lsof glibc-headers kernel-devel expat-devel psmisc net-tools systemd-devel libdb-devel perl-DBI perl-Perl4-CoreLibs perl-libwww-perl xfsprogs rsyslog logrotate crontabs file kernel-headers

AlmaLinux, CentOS or CloudLinux 8

$ yum install wget gcc gcc-c++ flex bison make bind bind-libs bind-utils openssl openssl-devel perl quota libaio libcom_err-devel libcurl-devel gd zlib-devel zip unzip libcap-devel cronie bzip2 cyrus-sasl-devel perl-ExtUtils-Embed autoconf automake libtool which patch mailx bzip2-devel lsof glibc-headers kernel-devel expat-devel psmisc net-tools systemd-devel libdb-devel perl-DBI perl-libwww-perl xfsprogs rsyslog logrotate crontabs file kernel-headers hostname

Debian 6

$ apt-get install gcc g++ make flex bison openssl libssl-dev perl perl-base perl-modules libperl-dev libaio1 libaio-dev zlib1g zlib1g-dev libcap-dev bzip2 automake autoconf libtool cmake pkg-config python libreadline-dev libdb4.8-dev libsasl2-dev patch

Debian 7

$ apt-get install gcc g++ make flex bison openssl libssl-dev perl perl-base perl-modules libperl-dev libaio1 libaio-dev zlib1g zlib1g-dev libcap-dev bzip2 automake autoconf libtool cmake pkg-config python libdb-dev libsasl2-dev libncurses5-dev patch libjemalloc-dev

Debian 8

$ apt-get install gcc g++ make flex bison openssl libssl-dev perl perl-base perl-modules libperl-dev libaio1 libaio-dev zlib1g zlib1g-dev libcap-dev cron bzip2 automake autoconf libtool cmake pkg-config python libdb-dev libsasl2-dev libncurses5-dev libsystemd-dev bind9 dnsutils quota libsystemd-daemon0 patch libjemalloc-dev logrotate rsyslog libc6-dev systemd systemd-sysv

Debian 9

$ apt-get update
apt-get install gcc g++ make flex bison openssl libssl-dev perl perl-base perl-modules libperl-dev libperl4-corelibs-perl libaio1 libaio-dev zlib1g zlib1g-dev libcap-dev cron bzip2 zip automake autoconf libtool cmake pkg-config python libdb-dev libsasl2-dev libncurses5-dev libsystemd-dev bind9 dnsutils quota patch libjemalloc-dev logrotate rsyslog libc6-dev libexpat1-dev libcrypt-openssl-rsa-perl libnuma-dev libnuma1

Debian 10

$ apt-get update
apt-get install gcc g++ make flex bison openssl libssl-dev perl perl-base perl-modules libperl-dev libperl4-corelibs-perl libwww-perl libaio1 libaio-dev zlib1g zlib1g-dev libcap-dev cron bzip2 zip automake autoconf libtool cmake pkg-config python libdb-dev libsasl2-dev libncurses5 libncurses5-dev libsystemd-dev bind9 dnsutils quota patch logrotate rsyslog libc6-dev libexpat1-dev libcrypt-openssl-rsa-perl libnuma-dev libnuma1

Install

After installing the prerequisite packages, we can now install the DirectAdmin Panel.

$ bash <(curl -Ss https://www.directadmin.com/setup.sh) auto

The installation may take a couple of minutes because the packages is being build from source. After the installation is complete, you should see an output like this.

Output:
Admin user created
## INSTALL_COMPLETE
## ACCOUNT_INFO


The following information has been set:

Admin username:   admin
Admin password:   <password>
Admin email:      [email protected]


Server IP: <server ip address>
Server Hostname: server.jcolideles.tech

To login now, follow this link:

http://<server-ip-address>:2222

and enter your Admin username and password when prompted.

You should now visit https://www.directadmin.com/newinstall.php to learn how to get started.

Thank you for using DirectAdmin.  Should you have any questions, don't hesitate to contact us at [email protected]

## REPORT_END

System Security Tips:
  http://help.directadmin.com/item.php?id=247

Changed secure_php option from no to yes
PHP has been secured.
Restarting php-fpm74.

Install Complete!
If you cannot connect to the login URL, then it is likely that a firewall is blocking port 2222. Please see: 
  https://help.directadmin.com/item.php?id=75

We can now access our DirectAdmin Web Control panel at http://<server-ip-address>:2222 . You can find your login credential at /usr/local/directadmin/scripts/setup.txt

The DirectAdmin Web Control Panel would be like this.

The DirectAdmin has been successfully installed! It’s easy, right? Well, we’re not done yet. We still need to configure a few things out. Proceed to the next step below.

Step 2 – Setup Nameserver

Common Method

We need to set up two nameservers in order for our DNS Server to work. To do this, we need to setup Glue Records on our domain registrar and set it as nameserver for our primary domain.

Now, go to your domain registrar’s website, sign-in and create a glue records ns1.jcolideles.tech and ns2.jcolideles.tech then point it to your server’s IP Address.

Note: It is recommended to have more that one nameserver hosted on the other machine.

Then, update your domain nameserver to ns1.jcolideles.tech and ns2.jcolideles.tech.

set_nameserver

Login to your DirectAdmin Web Panel, select User on the Access Level (you can find it at the top right portion of the page). Then select Domain Setup under Account Manager and add the primary domain of your server hostname.

We need to wait for our server hostname and primary domain to propagate. Usually it propagates after a few minutes, but sometimes it may take up to 48 hours.

Other Method

Some of us may have transferred our domain to Cloudflare because of the affordable renewal fees and faster DNS Server but, for those who are on the free plan, we cannot change the default nameservers for the primary domain. That feature is only offered in the business plan. So in this case, we cannot delegate the primary domain to the DNS Server of our newly installed DirectAdmin Web Panel. The good thing is, we can still delegate any subdomain to DirectAdmin’s DNS Server.

For this method, we will tell Cloudflare to delegate our server hostname server.jcolideles.tech to our DirectAdmin DNS Server. To do that, we need to login to our Cloudflare account, then, go to DNS management and create A record for ns1.jcolideles.tech and ns2.jcolideles.tech pointing to our server’s IP Address.

Then create NS record telling server.jcolideles.tech is managed by ns1.jcolideles.tech and ns2.jcolideles.tech.

We need to wait for our server hostname to propagate. Usually it propagates after a few minutes, but sometimes it may take up to 48 hours.

We can still host our primary domain to DirectAdmin Web Control Panel but we need to manually copy the DNS Records of our primary domain to Cloudflare DNS Records.

From this method, we can still add and host other domains to our DirectAdmin Web Control Panel and use ns1.jcolideles.tech and ns2.jcolideles.tech as nameservers to propagate their DNS Records to our server.

Step 3 – Generate Let’s Encrypt SSL

We want our DirectAdmin Web Control Panel to be reachable via secured connection, right? So, for this step, we will use Let’s Encrypt SSL to secure our control panel. Use the command below to create a request and issue SSL certificate for the hostname server.jcolideles.tech and for other services such as ftp, mail, pop, smtp and www.

$ cd /usr/local/directadmin/scripts
$ ./letsencrypt.sh request server.jcolideles.tech,ftp.server.jcolideles.tech,mail.server.jcolideles.tech,pop.server.jcolideles.tech,smtp.server.jcolideles.tech,www.server.jcolideles.tech 4096

When the certificate is successfully issued, you should see an output like this.

Output:
Certificate for server.jcolideles.tech,ftp.server.jcolideles.tech,mail.server.jcolideles.tech,pop.server.jcolideles.tech,smtp.server.jcolideles.tech,www.server.jcolideles.tech has been created successfully!
DirectAdmin certificate has been setup.
Setting up cert for Exim...
Setting up cert for WWW server...
Setting up cert for FTP server...
The services will be restarted in about 1 minute via the dataskq.

The Let’s Encrypt SSL Certificate has been successfully issued, we can now access the server via https://server.jcolideles.tech:2222 and verify the certificate.

For the primary domain, you can issue the SSL via DirectAdmin Web Control Panel. Just Select SSL Certificates under Account Manager in the User Level Access.

We have now successfully issued Let’s Encrypt SSL for the server hostname and primary domain.

Step 4 – Testing (Optional)

Now that we have successfully installed and configured our DirectAdmin Web Control Panel, we can now add other domains to test if our nameservers are working.

For this test, we will be using a jcolideles.tk domain. A free domain from freenom.com.

Log in to DirectAdmin Web Control Panel, switch to User access level, then add the domain.

Go to your domain registrar then change the nameservers to ns1.jcolideles.tech and ns2.jcolideles.tech.

You need to wait up to 48 hours before it fully propagates. Usually, it only takes a few minutes, but sometimes longer. My domain jcolideles.tk took 6 hours before it propagates.

You should see see a page like this when you visit your newly added domain once it is fully propagated.

You can also run dig command to verify the nameservers.

$ dig ns jcolideles.tk
Output:
; <<>> DiG 9.11.5-P4-5.1+deb10u2-Debian <<>> ns jcolideles.tk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57149
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;jcolideles.tk.                 IN      NS

;; ANSWER SECTION:
jcolideles.tk.          3599    IN      NS      ns2.jcolideles.tech.
jcolideles.tk.          3599    IN      NS      ns1.jcolideles.tech.

;; Query time: 206 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sat Feb 06 22:51:39 PST 2021
;; MSG SIZE  rcvd: 93

This means that your nameserver is fully working.

That’s all! We have now successfully installed and configure DirectAdmin Web Control Panel.

Thank you for visiting my website! Stay tuned for more upcoming tutorials.

Leave a Reply