Page tree
Skip to end of metadata
Go to start of metadata

Overview

We recommend and support the use of the cPanel installer to install and provision cPanel & WHM. However, we understand that this is not the most efficient way for a VPS (Virtual Private Server) hosting company to provision a VPS, because this process requires extra time. This article explains how hosting companies and data centers can provision a VPS or VM (Virtual Machine) with cPanel & WHM already installed for their customer. The installation of cPanel & WHM from a templated environment reduces the customer's setup time so that they can create a VPS and work on their website rather than their server.

Requirements

Note:

You must create a SWAP file or partition automatically for each new VPS, even if you assign only 256 MB to it.

Remember:

The smaller the virtual disk of the template VM or VPS, the better. Since you will create this virtual disk for only a template, we recommend that you use a very small template (10GB) to deploy new servers. After you convert the template for a customer's VPS, use your virtualization software to automatically expand its virtual disk capacity to a 20 GB minimum.

Warning:

To ensure that cPanel, Inc. does not lock your development license, we strongly recommend that you create a VM per template and maintain it. This will require one license and IP address per templating VM and will ensure that we do not lock your license or licenses. This will also allow you to start up the VM again when you need to perform updates.

Important:

Because we deprecated 32-bit systems in cPanel & WHM version 58, we recommend that you only create 64-bit templates.

Tip:

You can apply for a free development license for your template server or servers via our Developer License Application.

We recommend that you apply for one license per template.

Example: If you create two templates, one for CentOS 7 and one for CentOS 6, apply for two licenses on two separate IP addresses. We keep the IP addresses specific to the template.

Create a Minimal VM for Templating

A minimal template VM uses 10 GB of space, but you can expand it later as the customer requires.

This document creates a small template that you will expand after you set it up on the customer's VPS. Create a new minimal VPS to prepare your template.

Pre-configuration

We recommend that you customize the following files:

/etc/cpupdate.conf
/etc/cpsources.conf
/etc/wwwacct.conf
/var/cpanel/cpanel.config

Release tier

cPanel, Inc. offers the following release tiers:

  • EDGE
  • CURRENT
  • RELEASE
  • STABLE

cPanel & WHM automatically defaults to the RELEASE tier. But, before you install cPanel & WHM, you can configure the /etc/cpupdate.conf file to select which release tier cPanel & WHM will use.

For example, if you wished to configure cPanel & WHM to use the CURRENT release tier, run the following commands:

# touch /etc/cpupdate.conf
# echo "CPANEL=current" >/etc/cpupdate.conf

If you wished to use EDGE or STABLE tiers, replace the word current with the desired release tier.

Notes:

  • Your customer can change this setting within WHM at a later time.
  • You cannot downgrade major versions, and you cannot change a server's release tiers to circumvent this restriction.

Other files

Note:

For more information on the cpanel.config file, visit our The cpanel.config File documentation.

Info:

If you are a cPanel Partner with your own FastUpdate server, you can edit the HTTPDUPDATE line in the /etc/cpsources.conf file so that all of your customers update from your FastUpdate Server.

HTTPUPDATE=fastupdate.example.com

Read the Custom update mirrors documentation for more information.

cPanel Installation

After you finish your pre-configuration, you can install cPanel & WHM. Follow the Installation Guide as you usually would to install cPanel.

Post-Installation

After the cPanel installation is complete, you can set new defaults. You can also lock down SSH or implement other additional security requirement configurations.

Note:

We recommend that you do not complete the Initial Setup Wizard. However, if you do choose to log in to WHM when you make the the template, remove /etc/.whostmgrft before you publish the template.

Remember:

After the user creates a VPS from your provided template, they will run the Initial Setup Wizard with your preconfigured default options.

Before you shut down the VM to create the template, run the following commands to ensure that cPanel, Inc. does not lock your license:

# /scripts/restartsrv_chkservd --stop
# /scripts/restartsrv_cpsrvd --stop
# rm -f /usr/local/cpanel/cpanel.lisc

The following bash script runs the commands shown above:

post-template.sh
#!/bin/bash

readonly PROGNAME=$(basename $0)
readonly PROGDIR=$(readlink -m $(dirname $0))
readonly ARGS="$@"

is_file() {
    local file=$1
    [[ -f $file  ]]
}

is_dir() {
    local dir=$1
    [[ -d $dir  ]]
}

main() {
    is_dir /usr/local/cpanel \
    && /scripts/restartsrv_cpsrvd --stop \
    && /scripts/restartsrv_chkservd --stop
    is_file /usr/local/cpanel/cpanel.lisc \
        && rm -f /usr/local/cpanel/cpanel.lisc
    is_file /etc/.whostmgrft \
        && rm -f /etc/.whostmgrft
    echo "You should now shutdown this instance and template it up"
}

main

 

 

Warning:

To avoid security issues before you finalize your template, be sure to remove generated SSH host keys and temporary files. Also, clear the hostname from any networking areas within the operating system and the /etc/wwwacct.conf file.

 

 

Deploy your VPS

When you deploy the customer's VPS, you must automatically update some files. If you use the libguestfs virt-sysprep command, you can achieve this via the "--firstboot" or "--firstboot-command" flags. If you do not use the libguestfs command, consult your hypervisor's documentation for an alternative option to run scripts or commands upon first boot.

Warning:

If you use a tool such as libguestfs virt-sysprep to help finalize your template, ensure that you do not accidentally remove any user accounts or cron jobs.

Before you deploy your VPS, complete the following steps:

  • Automatically call the /usr/local/cpanel/bin/set_hostname script on the first boot of the image before any cPanel services start. You can either randomize the hostname or set the hostname based on your customer's choice.
  • Update ADDR within /etc/wwwacct.conf to the main IP address for the VPS.
  • If you run a 1:1 NAT environment, run the /scripts/build_cpnat script to build your NAT file, and configure Apache accordingly.
  • Run the /scripts/rebuildhttpdconf script to rebuild your Apache configuration with the correct addresses.

The following bash script executes the steps above, but it does not update ADDR:

cust-deploy.sh
#!/bin/bash

readonly PROGNAME=$(basename $0)
readonly PROGDIR=$(readlink -m $(dirname $0))
readonly ARGS="$@"
readonly HOSTNAME=$(hostname --fqdn)
readonly CPHULKPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly MSECPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly ESTATSPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly LPROTPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly RCUBEPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')
readonly MYSQLPASS=$(/usr/local/cpanel/3rdparty/bin/perl -MCpanel::PasswdStrength::Generate -e 'print Cpanel::PasswdStrength::Generate::generate_password(14)')

is_file() {
    local file=$1
    [[ -f $file  ]]
}

is_dir() {
    local dir=$1
    [[ -d $dir  ]]
}

main() {
    is_dir /usr/local/cpanel \
        && /usr/local/cpanel/bin/set_hostname ${HOSTNAME} \
        && /usr/local/cpanel/bin/checkallsslcerts --allow-retry \
        && /scripts/build_cpnat \
        && /scripts/rebuildhttpdconf \
        && /scripts/mysqlpasswd root ${MYSQLPASS} \
    is_file /var/cpanel/hulkd/password \
        && /scripts/mysqlpasswd cphulkd ${CPHULKPASS} \
        && echo -e "user=\"cphulkd\"\npass=\"${CPHULKPASS}\"">/var/cpanel/hulkd/password \
        && /scripts/restartsrv_cphulkd
    is_file /var/cpanel/modsec_db_pass \
        && /scripts/mysqlpasswd modsec ${MSECPASS} \
        && echo ${MSECPASS} >/var/cpanel/modsec_db_pass
    is_file /var/cpanel/roundcubepass \
        && /scripts/mysqlpasswd roundcube ${RCUBEPASS} \
        && echo ${RCUBEPASS} >/var/cpanel/roundcubepass
    is_file /var/cpanel/eximstatspass \
        && /scripts/mysqlpasswd eximstats ${ESTATSPASS} \
        && echo ${ESTATSPASS} >/var/cpanel/eximstatspass \
        && /scripts/restartsrv_eximstats
    is_file /var/cpanel/leechprotectpass \
        && /scripts/mysqlpasswd leechprotect ${LPROTPASS} \
        && echo ${LPROTPASS} >/var/cpanel/leechprotectpass
}

main

Updating your Templates

As cPanel, Inc. releases updates, you will need to update your templates.

To avoid this situation, plan regular updates on all of your templates.

To update your template, run the following commands:

# yum update -y
# /scripts/upcp

Before you shut down the VM to create the template, run the following commands to ensure that cPanel, Inc. does not lock your license:

# /scripts/restartsrv_chkservd --stop
# /scripts/restartsrv_cpsrvd --stop
# rm -f /usr/local/cpanel/cpanel.lisc

The following bash script runs the commands shown above:

post-template.sh
#!/bin/bash

readonly PROGNAME=$(basename $0)
readonly PROGDIR=$(readlink -m $(dirname $0))
readonly ARGS="$@"

is_file() {
    local file=$1
    [[ -f $file  ]]
}

is_dir() {
    local dir=$1
    [[ -d $dir  ]]
}

main() {
    is_dir /usr/local/cpanel \
    && /scripts/restartsrv_cpsrvd --stop \
    && /scripts/restartsrv_chkservd --stop
    is_file /usr/local/cpanel/cpanel.lisc \
        && rm -f /usr/local/cpanel/cpanel.lisc
    is_file /etc/.whostmgrft \
        && rm -f /etc/.whostmgrft
    echo "You should now shutdown this instance and template it up"
}

main

Final Notes

Most providers offer a few different templates.

For example:

cPanel & CentOS 6
cPanel & CentOS 7
cPanel & CloudLinux 6

cPanel & CloudLinux 7

Tip:

If you wish to offer template installations of cPanel & WHM We recommend that you become a cPanel Partner. Check out our Partner NOC Requirements. cPanel Partners can use our API to automatically provision their own cPanel, CloudLinux™, and KernelCare licenses through their billing system. cPanel Partners can also enable or disable some very specific options within WHM. For more information, see our Partner NOC requirements.

Virtualization-specific Caveats

OpenVZ/Virtuozzo

Common Issues:

  • The hostname on OpenVZ/Virtuozzo may not meet the requirement of a Fully Qualified Domain Name (FQDN) on CentOS 7. Virtuozzo controls the hostname via VPS configuration (the --hostname parameter of the vzctl or prlctl commands). If you set the hostname manually from inside the VPS, Virtuozzo will reset the hostname on the next reboot. Ensure that you set up the full hostname correctly after you provision the VM, because cPanel & WHM requires an FQDN.
  • OpenVZ/Virtuozzo requires that you enable second-level quotas, which can cause quota-initiation issues. For more information read our Enable Quotas on a Virtuozzo® VPS documentation, or Virtuozzo's Documentation.
  • Jailshell requires specific steps to enable a full proc mount. For more information, read our How to Troubleshoot Jailshell Problems on a Virtuozzo or OpenVZ VPS documentation.