All template files are .. underneath in ./etc Debian 7.00 (Wheezy) 01 stop all running services .. /etc/init.d/apache2 stop /etc/init.d/sendmail stop /etc/init.d/dovecot stop /etc/init.d/mysql stop /etc/init.d/saslauthd stop 01 logging - firewall logging: /etc/rsyslog.conf: firewall rules, kern.debug / kern.=!debug /etc/init.d/rsyslog restart - logrotate /etc/logrotate.conf: compress, 48 weeks /etc/logrotate.d/rsyslog: Add /var/log/firewall and /var/log/dovecot.log 03 move all users - mv /data/backup/home/* /home/ - for all groups: groupadd -g GID groupname - for all users: useradd -M -N -u UID -g GID username - for all users: usermod -a -G GID1,GID2,.. username - cd /data/backup/var/spool/mail ; (check names, remove unused ..) ; mv * /var/spool/mail/ 04 move other stuff - Old Logs - mv /data/backup/var/log /var/log/old_logs - MySQL - old server: backup DB - run backup-mysql.sh on old server, result is e.g. backup-mysqldb-20130605162509.sql - !!! strip all system-DB's (schema's) from the backup, i.e. all which are not created for applications, e.g.: - mysql - users - test - t_* - new server: import DB - get backup backup-mysqldb-20130605162509.sql - /etc/init.d/mysql start - backup-1: backup-mysql.sh - mysql --user=root --password < backup-mysqldb-20130605162509.sql - backup-2: backup-mysql.sh - mysqlcheck --user=root --password --all-databases - if things go wrong: re-install mysql dpkg -P mysql-server mysql-server-5.5 mysql-server-core-5.5 rm -rf /var/lib/mysql/* apt-get install mysql-server mysql-server-5.5 mysql-server-core-5.5 - Services - mv /data/backup/srv/* /srv/ 05 config procmail copy /etc/procmailrc 06 bogofilter copy /etc/bogofilter.cf Init empty wordlist.db: touch nope cat nope | bogoutil -l /var/spool/bogofilter/wordlist.db rm nope 07 sasl2 /etc/sasl2/Sendmail.conf /etc/default/saslauthd: start=yes /etc/init.d/saslauthd start 08 dovecot 2.1.7-7 - features: - requires ssl - ipv4 / ipv6 - smtps - pop3s - sieve (tls) - Sync config files in /etc/dovecot/ with etc/dovecot/dovecot.conf.diff and etc/dovecot/conf.d.diff - mkdir -p /var/lib/dovecot/sieve/global/ - chmod ugo+rx /var/lib/dovecot - copy /var/lib/dovecot/sieve/global/default.sieve - cd /var/lib/dovecot/sieve/global ; sievec default.sieve - copy /var/lib/dovecot/sieve/prologue.sieve - cd /var/lib/dovecot/sieve ; sievec prologue.sieve - migrate old INBOX: for each user: dsync mirror mbox:~/mail:INBOX=/var/mail/USERNAME su dstrohlein -c "dsync mirror mbox:~/mail:INBOX=/var/mail/dstrohlein ; echo OK" - /etc/init.d/dovecot start 09 sendmail 8.14.4-4 - features: - requires ssl for auth - ipv4 / ipv6 - /etc/mail - Sync config files in /etc/mail with: etc/mail/mail.diff - sendmail.mc - submit.mc - access - local-host-names - virtusertable - /etc - aliases - cd /etc/mail - make - SPF - add TXT dns entry jogamp.org IN TXT "v=spf1 mx a ptr:jogamp.org ip6:2a01:4f8:192:1164::2 -all" - DKIM https://dev.kafol.net/2013/01/dkim-spf-sendmail-for-multiple-domains.html apt-get install opendkim apt-get install opendkim-tools vi /etc/opendkim.conf mkdir /etc/opendkim/ mkdir /etc/opendkim/keys mkdir /etc/opendkim/keys/jogamp.org vi /etc/opendkim/TrustedHosts vi /etc/opendkim/SigningTable vi /etc/opendkim/KeyTable opendkim-genkey -D /etc/opendkim/keys/jogamp.org -d jogamp.org -s default chown -R opendkim:opendkim /etc/opendkim chmod -R go-rwx /etc/opendkim - add TXT dns entry default._domainkey.jogamp.org IN TXT "v=DKIM1; k=rsa; p=PUB-KEY" - DMARC - add TXT dns entry _dmarc.jogamp.org IN TXT "v=DMARC1; p=none; rua=mailto:postmaster@jogamp.org; adkim=r; aspf=r; pct=100; rf=afrf; sp=none" /etc/init.d/sendmail start 10 GIT xinetd for git apt-get install xinetd cp /etc/xinetd.d/git /etc/init.d/xinetd restart gitweb We use deployed gitweb now, and simply deploy gitweb.conf - ln -s /usr/share/gitweb DocumentRoot/git - cp srv/scm/gitweb.conf 11 Apache2 / Webservices 11.1 generic - apache2 and build .. apt-get install apache2 mysql-server build-essential - php apt-get install php5-pgsql php5-ldap php5-imap php5-odbc php5-dev php5-common php5 php5-mysql php5-gd php5-xmlrpc \ php5-xsl php5-cli php5-intl php5-pspell php5-snmp php5-sasl 11.2 bugzilla - Debian 7 Install apt-get install libapache2-mod-perl2-dev libapache2-mod-perl2 apt-get install libgd-dev libgd3 apt install libgdbm-dev libgdbm6 apt-get install libdbd-mysql-perl libcgi-pm-perl libcgi-fast-perl libcgi-session-perl libfcgi-perl libemail-mime-perl libemail-sender-perl libtemplate-perl libhtml-template-perl libjson-perl libjson-xs-perl libmath-bigint-perl libmath-random-isaac-perl libmath-random-isaac-xs-perl - As User: misc for perl/bugzilla - Perl: redo init (find closest mirror ..) - perl -MCPAN -e shell - o conf init a2enmod rewrite a2enmod expires As User: See https://bugzilla.readthedocs.org/en/5.0/installing/linux.html#perl-modules ./checksetup.pl --check-modules /usr/bin/perl install-module.pl --all /usr/bin/perl install-module.pl --upgrade-all ./checksetup.pl --check-modules ./checksetup.pl # bugzilla folder must be owned by webrunner (suexec) chown -R webrunner:webrunner . systemctl restart apache2 /etc/init.d/apache2 restart - https://www.bugzilla.org/download/#stable 11.3 mediawiki - https://www.mediawiki.org/wiki/Download - Vector skin (default): vi wiki/skins/Vector/variables.less // @html-font-size: 100%; @html-font-size: 95%; Extension mediawiki-bugzillareports - https://www.mediawiki.org/wiki/Extension:Bugzilla_Reports - https://www.mediawiki.org/wiki/Extension_talk:Bugzilla_Reports#Google_Code_Shutting_Down - https://github.com/nakal/mediawiki-bugzillareports 11.X Apache .. - Sync config files in /etc/apache2/ with: etc/apache2/apache2.diff - see also etc/apache2/mods-enabled.lst, etc .. /etc/init.d/apache2 start 12 jogamp_web daemons .. # m h dom mon dow command 51 * * * * /bin/bash /home/jogamp_web/jogamp.org/planet2/update-planet.sh >& /dev/null 52 * * * * /bin/bash /home/jogamp_web/jogamp.org/planet2/update-stream.sh >& /dev/null 10 23 * * * /bin/bash /home/jogamp_web/awstats/awstats-start.sh >& /dev/null awstats: user: jogamp_web script home: /home/jogamp_web/awstats install home: /home/jogamp_web/awstats/installation root@server: apt-get install libgeoip-dev libgeo-ip-perl php5-geoip python-geoip geoip-database libnet-whois-raw-perl mkdir /var/lib/awstats/ chown -R jogamp_web:jogamp_web /var/lib/awstats/ chown -R jogamp_web:jogamp_web /etc/GeoIP jogamp_web@server: cd /home/jogamp_web/awstats wget http://prdownloads.sourceforge.net/awstats/awstats-7.1.1.tar.gz tar xzf awstats-7.1.1.tar.gz ln -s awstats-7.1.1 installation mkdir config mkdir log cp -a BACKUP/awstats/awstats.jogamp.org.conf /home/jogamp_web/awstats/config cp -a BACKUP/awstats/awstats-start.sh /home/jogamp_web/awstats/ cp -a BACKUP etc/logrotate.d/httpd-prerotate /etc/logrotate.d/ this kicks off /home/jogamp_web/awstats/awstats-start.sh before the logrotate Populate /etc/GeoIP .. 13 jabot As user jabot: cd /srv/jabot ; git clone file:///srv/scm/users/sgothel/jabot.git cd jabot ; ant As user root: cp -a /srv/jabot/jabot/scripts/jabot-init-debian /etc/init.d/jabot update-rc.d jabot defaults 13 jenkins root@jogamp.org: apt-get install graphviz-dev graphviz cp ../../../jenkins-server-slave-setup/scripts/jenkins-initd-debian /etc/init.d/jenkins cp ../../../jenkins-server-slave-setup/scripts/jenkins.logrotate /etc/logrotate.d/ update-rc.d jenkins defaults /etc/init.d/jenkins start