How to Install Webmin on Rocky Linux 9

Updated on November 21, 2023
How to Install Webmin on Rocky Linux 9 header image

Introduction

Webmin is an open-source web-based server management control panel that runs on Unix-like systems. Webmin lets you perform tasks such as user account management, disk quotas, networking, system monitoring, and software management using a graphical user interface (GUI).

This article explains how to install Webmin on Rocky Linux 9 and secure the application with trusted SSL certificates.

Prerequisites

Before you begin:

Install Webmin

Webmin is not available in the default Rocky Linux repositories. Follow the steps below to download the latest Webmin repository setup script and install Webmin on your server.

  1. Download the latest Webmin repository script.

    console
    $ sudo curl -o setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh
    
  2. Run the script using Bash.

    console
    $ sudo bash setup-repos.sh
    

    Your output should be similar to the one below.

     Downloading Webmin key ..
     .. done
     Installing Webmin key ..
     .. done
     Setting up Webmin repository ..
     .. done
     Webmin package can now be installed using dnf install webmin command.
  3. Install Webmin.

    console
    $ sudo dnf install webmin -y
    
  4. View the Webmin system service status and verify that it's running.

    console
    $ sudo systemctl status webmin
    

    Output:

    ● webmin.service - Webmin server daemon
            Loaded: loaded (/usr/lib/systemd/system/webmin.service; enabled; preset: disabled)
            Active: active (running) since Thu 2024-08-08 13:34:14 UTC; 20s ago
        Process: 6493 ExecStart=/usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf (code=exited, statu>
        Main PID: 6496 (miniserv.pl)
            Tasks: 1 (limit: 48896)
            Memory: 27.2M
            CPU: 7.539s
            CGroup: /system.slice/webmin.service
                    └─6496 /usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.conf

Secure Webmin

Webmin listens for HTTP connections on port 10000 by default. To secure Webmin, you must generate trusted SSL certificates for HTTPS connections. Follow the steps below to generate Let's Encrypt SSL certificates.

  1. Allow HTTP connections on port 80 through the firewall to enable Let's Encrypt validations.

    console
    $ sudo firewall-cmd --add-port=80/tcp --permanent
    
  2. Reload the firewall to apply new connection changes.

    console
    $ sudo firewall-cmd --reload
    
  3. Install the Certbot Let's Encrypt client application.

    console
    $ sudo dnf install certbot -y
    
  4. Use certbot to generate a new SSL certificate for your Webmin domain. Replace webmin.example.com with your actual domain name and webmin@example.com with your email address.

    console
    $ sudo certbot certonly --standalone -d webmin.example.com -m webmin@example.com --agree-tos
    

    When the SSL certificate issuance process is successful, your output should be similar to the one below.

    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    ..................
    Successfully received certificate.
    Certificate is saved at: /etc/letsencrypt/live/webmin.example.com/fullchain.pem
    Key is saved at:         /etc/letsencrypt/live/webmin.example.com/privkey.pem
    This certificate expires on 2024-11-06.
    These files will be updated when the certificate renews.
    Certbot has set up a scheduled task to automatically renew this certificate in the background.
  5. Merge the SSL certificate and private key into a single .pem file, such as, webmin.pem.

    console
    $ sudo cat /etc/letsencrypt/live/webmin.example.com/fullchain.pem /etc/letsencrypt/live/webmin.example.com/privkey.pem > webmin.pem
    
  6. Move the new webmin.pem file to the /etc/webmin/ Webmin data directory.

    console
    $ sudo mv webmin.pem /etc/webmin/
    
  7. Open the main Webmin configuration file /etc/webmin/miniserv.conf using a text editor such as nano.

    console
    $ sudo nano /etc/webmin/miniserv.conf
    
  8. Find and replace the keyfile value with your .pem file's location.

    ini
    keyfile=/etc/webmin/webmin.pem
    
  9. Restart Webmin to apply the configuration changes.

    console
    $ sudo systemctl restart webmin
    

Set Up Firewall Rules for Webmin

Firewalld is available and active on Vultr Rocky Linux 9 instances by default and enables you to set up new rules to filter network traffic. Follow the steps below to allow access to the Webmin port 10000 to allow HTTPS connections.

  1. Allow the Webmin port 10000 through the firewall.

    console
    $ sudo firewall-cmd --add-port=10000/tcp --permanent
    
  2. Allow the HTTPS port 443 through the firewall.

    console
    $ sudo firewall-cmd --add-port=443/tcp --permanent
    
  3. Deny insecure HTTP connections.

    console
    $ sudo firewall-cmd --zone=public --remove-service=http --permanent
    
  4. Reload the firewall to apply the changes.

    console
    $ sudo firewall-cmd --reload
    
  5. View the firewall status to verify all active network rules.

    console
    $ sudo firewall-cmd --list-all
    

    Your output should look like the one below.

    public (active)
    target: default
    icmp-block-inversion: no
    interfaces: enp3s0
    sources:
    services: cockpit dhcpv6-client ssh
    **ports: 10000/tcp 80/tcp 443/tcp**
    protocols:
    forward: yes
    masquerade: no
    forward-ports:
    source-ports:
    icmp-blocks:
    rich rules:

Access Webmin

The Webmin web administration control panel is active and listens for connections on the default port 10000. Follow the steps below to access the Webmin interface.

  1. Access your Webmin domain using a web browser.

    https://webmin.example.com:10000
  2. Enter non-root sudo user credentials and click Sign In to access the Webmin control panel.

    Webmin Login

  3. View your system information within the Webmin dashboard including the CPU usage, memory usage, disk space, running processes, and other important statistics.

    Webmin Dashboard

  4. Expand the System and click Software Package Updates to view packages that require updates.

    Webmin Updates

  5. Select and verify the list of packages that require updates. Then, click Update Selected Packages to update the selected packages.

Access The Webmin Terminal

  1. Navigate to Tools and select Terminal to open a new terminal shell and verify that the following error displays.

    The Perl module IO::Pty is missing, but can be installed automatically using Webmin's Perl Modules module. It is recommended to have EPEL repository enabled first.

    Webmin Terminal Error

    The above error occurs because the perl-IO-Tty module is not installed on Rocky Linux 9 by default.

  2. Access your instance's terminal session and enable the CBR repository to install the perl-IO-Tty package.

    console
    $ sudo dnf config-manager --set-enabled crb
    
  3. Install perl-IO-Tty.

    console
    $ sudo dnf install perl-IO-Tty -y
    
  4. Access the Webmin dashboard in your browser.

    https://webmin.example.com:10000
  5. Navigate to Tools and select Terminal to open a new terminal shell.

    Webmin Terminal

Conclusion

You have installed Webmin on a Rocky Linux 9 and secured access to the control panel using SSL certificates. Webmin is highly extensible with tools such as Virtualmin to manage applications and configurations. For more information, please visit the Webmin documentation.