Webmin is a robust, web-based control panel designed to simplify the operation of the system administrators handling Linux systems. It is a powerful system configuration tool that makes it easy to share files, set up user accounts, DNS, Apache, and much more. The tool eliminates the need to manually modify Unix configuration files such as /etc/passwd and enables administrators to manage their systems from a unified console. This guide will show you how to install and set up Webmin on a Debian 9 VPS or dedicated server. Besides, you will learn how to gain access to this interface using a valid Let’s Encrypt certificate.
Before Your Start
- A fully configured Debian 9 server
- LAMP stack should be installed on your system
- A domain name pointing to your server
Step 1 – Installing The Webmin Tool
The first thing when installing Webmin on Debian 9 is to add a Webmin repository to your system. Adding the repository makes it easy to install Webmin using the package manager. To add the repository, open the file/etc/apt/sources list using your favorite text editor:
$ sudo nano /etc/apt/sources.list
Add the line below to this file:
. . . deb http://download.webmin.com/download/repository sarge contrib
Save these changes and exit the nano editor. For your system to trust the newly added repository, you must add a PGP key for Webmin. Run the commands below to add this key:
$ wget http://www.webmin.com/jcameron-key.asc $ sudo apt-keyadd jcameron-key.asc
Now, issue the command below to update the packages’ list to add the new repository.
$ sudo apt update
Next, run the command below to install the Webmin:
$ sudo apt install webmin
The system will automatically install Webmin and deliver the output below once the process finishes:
Webmin install complete. You can now login to https://your_server_ip:10000as root with your root password, orasanyuser who can use`sudo`.
Note the details of this output, you need the information in the steps below.
Step 2 – Securing Access To The Webmin Application
Webmin is designed to automatically use a self-signed SSL certificate which is not secure enough. To boost the security status of your installation, its recommended you use an authentic Let’s Encrypt certificate. Now, go to your browser and search https://your_domain:10000; and remember to replace your_domain with your domain name. Note: Since the server has automatically generated an untrusted, self-signed certificate, you will get the “Invalid SSL” message error on the first login attempt. Simply allow this exception to go on to make it possible to substitute a self-signed certificate for Let’s Encrypt cert. You will see the following login screen: Log in using your system admin credentials (username and password) to view Webmin main dashboard. Before, you implement the valid Let’s encrypt certificate set your server’s hostname. Locate Webmin’s System hostname section. On the right of this field, there is an expandable link. Click that link to access the Hostname DNS Client section/page. Once you are on this page, navigate to the Hostname section and provide your FQDN. Press Save to implement the changes. Next, navigate to Webmin>Webmin Configuration> SSL Encryption> Let’s Encrypt. Once you are on this page, you can now instruct Webmin to get and renew Let’s Encrypt certificate. Although the Certificate is only valid for three months, you can tell Webmin to renew it automatically every month. Follow the steps below to configure the Let’s Encrypt certificate.
- In the Hostnames for certificate field, enter you Fully Qualified Domain Name (FQDN)
- Next, in the Website root directory for validation file section, tick Other Directory and enter the directory, /var/www/html. /var/www/html is the folder where Webmin will store all verification files.
- Do not change the option for Copy new key and certificate to Webmin; leave it to the default value (Yes).
- The SSL key size can be set to the default value. Alternatively, tick the other option and select your preferred key size.
- The next section is the Months between automatic renewal. Type 1 into the box to deactivate Only renew manually option, then select the other option.
- Once you have set everything, click Request Certificate. It will take approximately thirty seconds to get the confirmation message.
Step 3 – Managing Webmin
To restart Webmin and use the Let’s Encrypt certificate, click your browser’s back arrow, then click Restart Webmin. Wait for 30 seconds, before reloading this page to log in. Your web browser should not show Invalid SSL error. Alternatively, you can execute the command below to restart Webmin:
$ sudo systemctl start webmin
If you want to stop Webmin, run the command below:
$ sudo systemctl stop webmin
To restart Webmin, use the command below:
$ sudo systemctl restart webmin
Checking Webmin’s status
Next, to check the status of this service, run the command below:
$ systemctl status webmin
If you find Webmin package unfit for your system or unable to meet your demands, you can uninstall it with ease. Simply run the command below to uninstall the service:
$ sudo apt-get --purge remove webmin
The command above will stop Webmin and remove all its files from your Debian server. Besides, all configurations related to Webmin will be removed. For this reason, it recommended you ensure that removing the package will not affect vital aspects of your system
Congratulations! You have successfully installed Webmin and secured it with a valid Let’s Encrypt certificate. You can now leverage the power of this control panel to modify the settings of your common packages with ease.