Tutorial

How To Install Webmin on Ubuntu 22.04

How To Install Webmin on Ubuntu 22.04
Not using Ubuntu 22.04?Choose a different version or distribution.
Ubuntu 22.04

Introduction

Webmin is a modern web control panel that allows you to administer your Linux server through a browser-based interface. With Webmin, you can manage user accounts, configure DNS settings, and change settings for common packages on the fly.

In this tutorial, you’ll install and configure Webmin on your server and secure access to the interface with a valid certificate from Let’s Encrypt. You’ll then use Webmin to add new user accounts, and update all packages on your server from the dashboard.

Prerequisites

To complete this tutorial, you will need:

Step 1 — Installing Webmin

First, update your server’s package index if you’ve not done so recently:

  1. sudo apt update

Then you need to add the Webmin repository so that you can install and update Webmin using your package manager. In order for your system to trust this new repository, first you’ll download Webmin’s PGP key and then convert it to a format that apt can use to verify files:

  1. curl -fsSL https://download.webmin.com/jcameron-key.asc | sudo gpg --dearmor -o /usr/share/keyrings/webmin.gpg

This downloaded key is the same key that was used by the creator of Webmin to sign the package, and you will use this key to verify the package’s authenticity. In order to convert the .asc file to a workable .gpg file, the gpg --dearmor command is necessary.

Next you will add this repository to your /etc/apt/sources.list file, while referencing your newly converted file you just acquired in the previous step.

Open the file in your preferred editor. Here, you’ll use nano:

  1. sudo nano /etc/apt/sources.list

Then add this line to the bottom of the file to add the new repository:

/etc/apt/sources.list
. . .
deb [signed-by=/usr/share/keyrings/webmin.gpg] http://download.webmin.com/download/repository sarge contrib

Save the file and exit the editor. If you had used nano to edit, you can exit by pressing CTRL+X, Y, then ENTER.

Next, update the list of packages again in order to include the now-trusted Webmin repository:

  1. sudo apt update

Then install Webmin:

  1. sudo apt install webmin

Once the installation finishes, you’ll be presented with the following output:

Output
. . . Webmin install complete. You can now login to https://your_server:10000 as root with your root password, or as any user who can use sudo.

Note: Assuming you installed and enabled ufw during the prerequisite step, you will need to run the following command in order to allow Webmin through the firewall:

  1. sudo ufw allow 10000

For extra security, you may want to configure your firewall to only allow access to this port from certain IP ranges.

Next, you’ll secure access to Webmin by adding a valid certificate.

Step 2 — Adding a Valid Certificate with Let’s Encrypt

Webmin is already configured to use HTTPS, but it uses a self-signed, untrusted certificate. Let’s replace it with a valid certificate from Let’s Encrypt.

Navigate to https://your_domain:10000 in your web browser, replacing your_domain with the domain name pointing to your server’s IP address.

Note: When logging in for the first time, you will see an “Invalid SSL” warning. This warning may say something different depending on your browser, but the reason for it is that the server has generated a self-signed certificate. Allow the exception and proceed to your domain so you can replace the self-signed certificate with one from Let’s Encrypt.

You’ll be presented with a login screen. Sign in with the non-root user you created while fulfilling the prerequisites for this tutorial.

Once you log in, the first screen you will see is the Webmin dashboard. Before you can apply a valid certificate, you have to set the server’s hostname. Look for the System hostname field and click on the link to the right, as shown in the following figure:

Image showing where the link is on the Webmin dashboard

This will take you to the Hostname and DNS Client page. Locate the Hostname field, and enter your Fully-Qualified Domain Name into the field. Then click the Save button at the bottom of the page to apply the setting.

After you’ve set your hostname, click on the Webmin dropdown menu in the left-hand navigation bar, and then click on Webmin Configuration.

From the Webmin Configuration page, select SSL Encryption from the list of icons, and then click on the Let’s Encrypt tab. You’ll see a screen like the following figure:

Image showing the Let's Encrypt tab of the SSL Encryption section

On this page, you’ll tell Webmin how to obtain and renew your certificate. Let’s Encrypt certificates expire after 3 months, but you can instruct Webmin to automatically attempt to renew the Let’s Encrypt certificate every month. Let’s Encrypt looks for a verification file on the server, so you’ll configure Webmin to place the verification file inside the folder /var/www/your_domain, which is the folder that the Apache web server you configured in the prerequisites uses. Follow these steps to set up your certificate:

  1. Fill in Hostnames for certificate with your FQDN.
  2. For Website root directory for validation file, select the Other Directory button and enter your website’s document root. Assuming you followed the prerequisite Apache tutorial this will be /var/www/your_domain.
  3. For Months between automatic renewal section, deselect the Only renew manually option by typing 1 into the input box, and select the radio button to the left of the input box.

Click the Request Certificate button. After a few seconds, you will see a confirmation screen.

To use the new certificate, click the Return to Webmin configuration button on the confirmation screen. From that page, scroll down and click the Restart Webmin button. Wait around 30 seconds, and then reload the page and log in again. Your browser should now indicate that the certificate is valid.

Step 3 – Using Webmin

You’ve now set up a secured working instance of Webmin. Next is approaching how to use it.

Webmin has many different modules that can control everything from the BIND DNS Server to adding users to the system. You’ll look at how to create a new user, and then explore how to update your system’s packages using Webmin.

Managing Users and Groups

First is exploring how to manage the users and groups on your server.

Click the System dropdown menu in the left-hand sidebar, and then click the link for Users and Groups. From here, you can add and manage users and groups.

Next, create a new user called deploy which you can use to host web applications. When creating a user, you can set options for password expiry, the user’s shell, and whether or not they are allowed a home directory.

To add a user, click Create a new user, which is located at the top of the users table. This displays the Create User screen, where you can supply the username, password, groups and other options. Follow these instructions to create the user:

  1. Fill in Username with deploy.
  2. Select Automatic for User ID.
  3. Fill in Real Name with a descriptive name like Deployment user.
  4. For Home Directory, select Automatic.
  5. For Shell, select /bin/bash from the dropdown list.
  6. For Password, select Normal Password and type in a password of your choice.
  7. Jump down to Primary Group and select New group with same name as user.
  8. For Secondary Group, select sudo from the All groups list. This should automatically be added to the In groups list, but if it isn’t press the -> button to add it.

After making those selections, press Create. This will create the deploy user in short order.

Next, you’ll look at how to install updates to your system.

Updating Packages

Webmin lets you update all of your packages through its user interface. To update all of your packages, first, click the Dashboard button above the left-hand sidebar, and then locate the Package updates field. If there are updates available, you’ll see a link that states the number of available updates.

Click this link, and then press Update selected packages to start the update. You may be asked to reboot the server, which you can also do through the Webmin interface.

Conclusion

You now have a secured working instance of Webmin and you’ve used the interface to create a user and update packages. Webmin gives you access to many things you’d normally need to access through the console, and it organizes them in an intuitive way. For example, if you have Apache installed, you would find the configuration tab for it under Servers, and then Apache.

Explore the interface, or read the Official Webmin wiki to learn more about managing your system with Webmin.

Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.

Learn more about our products

About the authors
Default avatar
Theo B

author



Default avatar

Manager, Developer Education

Technical Writer @ DigitalOcean


Default avatar
Tony Tran

author


Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?
 
2 Comments


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

so great site, great page, you guys seem to do a lot of great stuff, I’ve benifetted from your pages for many years. in this rare instance I ran into an issue where the downloaded/converted gpg key was not being properly used to obtain a package list from the webmin repo.

Taking part of the error string thrown when trying to run apt update to google and trying the right result first time…

search-string: GPG error: https://download.webmin.com/download/newkey/repository stable Release: The following signatures couldn’t be verified

site-with-answer: https://forum.virtualmin.com/t/how-to-fix-webmin-repo-no-pubkey-2d223b918916f2a2/121805

with solution: The fix to this issue is as simple as: wget https://raw.githubusercontent.com/webmin/webmin/master/setup-repos.sh sh setup-repos.sh

so…the solution is download shell script from the internet and run it on your system - never a good plan typically but in this case it worked fine. I had not read the little works and things in between the blue’ish boxes with the big ‘copy me’ buttons on them and so when I had uh… decided to not modify my /etc/apt/sources.repos file but instead put a .list file under sources.repos.d (why are you guys still modifying sources.repos in 2024?) the path to the converted gpg file wasn’t correct - so I could have probably fixed this as well another way. But the script worked and so I had run out of problems to … uh… fix.

Yay! Woot Woot. success.

I don’t know why you removed the comment left by someone back on 21 May 2022 but there’s no way that comment was worse then this…sigh.

This comment has been deleted

    Try DigitalOcean for free

    Click below to sign up and get $200 of credit to try our products over 60 days!

    Sign up

    Join the Tech Talk
    Success! Thank you! Please check your email for further details.

    Please complete your information!

    Become a contributor for community

    Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

    DigitalOcean Documentation

    Full documentation for every DigitalOcean product.

    Resources for startups and SMBs

    The Wave has everything you need to know about building a business, from raising funding to marketing your product.

    Get our newsletter

    Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

    New accounts only. By submitting your email you agree to our Privacy Policy

    The developer cloud

    Scale up as you grow — whether you're running one virtual machine or ten thousand.

    Get started for free

    Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

    *This promotional offer applies to new accounts only.