blob: 4438c5520d7dbcd13addcd6b3a2998100a2aef77 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
|
All template files are .. underneath in ./etc
Debian 7.00 (Wheezy)
01 stop all running services ..
/etc/init.d/apache2 stop
/etc/init.d/sendmail stop
/etc/init.d/dovecot stop
/etc/init.d/mysql stop
/etc/init.d/saslauthd stop
01 logging
- firewall logging:
/etc/rsyslog.conf: firewall rules, kern.debug / kern.=!debug
/etc/init.d/rsyslog restart
- logrotate
/etc/logrotate.conf: compress, 48 weeks
/etc/logrotate.d/rsyslog: Add /var/log/firewall and /var/log/dovecot.log
03 move all users
- mv /data/backup/home/* /home/
- for all groups: groupadd -g GID groupname
- for all users: useradd -M -N -u UID -g GID username
- for all users: usermod -a -G GID1,GID2,.. username
- cd /data/backup/var/spool/mail ; (check names, remove unused ..) ; mv * /var/spool/mail/
04 move other stuff
- Old Logs
- mv /data/backup/var/log /var/log/old_logs
- MySQL
- old server: backup DB
- run backup-mysql.sh on old server, result is e.g. backup-mysqldb-20130605162509.sql
- !!! strip all system-DB's (schema's) from the backup,
i.e. all which are not created for applications, e.g.:
- mysql
- users
- test
- t_*
- new server: import DB
- get backup backup-mysqldb-20130605162509.sql
- /etc/init.d/mysql start
- backup-1: backup-mysql.sh
- mysql --user=root --password < backup-mysqldb-20130605162509.sql
- backup-2: backup-mysql.sh
- mysqlcheck --user=root --password --all-databases
- if things go wrong: re-install mysql
dpkg -P mysql-server mysql-server-5.5 mysql-server-core-5.5
rm -rf /var/lib/mysql/*
apt-get install mysql-server mysql-server-5.5 mysql-server-core-5.5
- Services
- mv /data/backup/srv/* /srv/
05 config procmail
copy /etc/procmailrc
06 bogofilter
copy /etc/bogofilter.cf
Init empty wordlist.db:
touch nope
cat nope | bogoutil -l /var/spool/bogofilter/wordlist.db
rm nope
07 sasl2
/etc/sasl2/Sendmail.conf
/etc/default/saslauthd: start=yes
/etc/init.d/saslauthd start
08 dovecot 2.1.7-7
- features:
- requires ssl
- ipv4 / ipv6
- smtps
- pop3s
- sieve (tls)
- Sync config files in /etc/dovecot/
with etc/dovecot/dovecot.conf.diff and etc/dovecot/conf.d.diff
- mkdir -p /var/lib/dovecot/sieve/global/
- chmod ugo+rx /var/lib/dovecot
- copy /var/lib/dovecot/sieve/global/default.sieve
- cd /var/lib/dovecot/sieve/global ; sievec default.sieve
- copy /var/lib/dovecot/sieve/prologue.sieve
- cd /var/lib/dovecot/sieve ; sievec prologue.sieve
- migrate old INBOX:
for each user:
dsync mirror mbox:~/mail:INBOX=/var/mail/USERNAME
su dstrohlein -c "dsync mirror mbox:~/mail:INBOX=/var/mail/dstrohlein ; echo OK"
- /etc/init.d/dovecot start
09 sendmail 8.14.4-4
- features:
- requires ssl for auth
- ipv4 / ipv6
- /etc/mail
- Sync config files in /etc/mail with: etc/mail/mail.diff
- sendmail.mc
- submit.mc
- access
- local-host-names
- virtusertable
- /etc
- aliases
- cd /etc/mail
- make
- SPF
- add TXT dns entry jogamp.org IN TXT "v=spf1 mx a ptr:jogamp.org ip6:2a01:4f8:192:1164::2 -all"
- DKIM
https://dev.kafol.net/2013/01/dkim-spf-sendmail-for-multiple-domains.html
apt-get install opendkim
apt-get install opendkim-tools
vi /etc/opendkim.conf
mkdir /etc/opendkim/
mkdir /etc/opendkim/keys
mkdir /etc/opendkim/keys/jogamp.org
vi /etc/opendkim/TrustedHosts
vi /etc/opendkim/SigningTable
vi /etc/opendkim/KeyTable
opendkim-genkey -D /etc/opendkim/keys/jogamp.org -d jogamp.org -s default
chown -R opendkim:opendkim /etc/opendkim
chmod -R go-rwx /etc/opendkim
- add TXT dns entry default._domainkey.jogamp.org IN TXT "v=DKIM1; k=rsa; p=PUB-KEY"
- DMARC
- add TXT dns entry _dmarc.jogamp.org IN TXT "v=DMARC1; p=none; rua=mailto:postmaster@jogamp.org; adkim=r; aspf=r; pct=100; rf=afrf; sp=none"
/etc/init.d/sendmail start
10 GIT
xinetd for git
apt-get install xinetd
cp /etc/xinetd.d/git
/etc/init.d/xinetd restart
gitweb
We use deployed gitweb now, and simply deploy gitweb.conf
- ln -s /usr/share/gitweb DocumentRoot/git
- cp srv/scm/gitweb.conf
11 Apache2 / Webservices
11.1 generic
- apache2 and build ..
apt-get install apache2 mysql-server build-essential
- php
apt-get install php5-pgsql php5-ldap php5-imap php5-odbc php5-dev php5-common php5 php5-mysql php5-gd php5-xmlrpc \
php5-xsl php5-cli php5-intl php5-pspell php5-snmp php5-sasl
11.2 bugzilla
- Debian 7
Install
apt-get install libapache2-mod-perl2-dev libapache2-mod-perl2
apt-get install libgd-dev libgd3
apt install libgdbm-dev libgdbm6
apt-get install libdbd-mysql-perl
libcgi-pm-perl libcgi-fast-perl libcgi-session-perl libfcgi-perl
libemail-mime-perl libemail-sender-perl
libtemplate-perl libhtml-template-perl
libjson-perl libjson-xs-perl
libmath-bigint-perl libmath-random-isaac-perl libmath-random-isaac-xs-perl
- As User: misc for perl/bugzilla
- Perl: redo init (find closest mirror ..)
- perl -MCPAN -e shell
- o conf init
a2enmod rewrite
a2enmod expires
As User:
See https://bugzilla.readthedocs.org/en/5.0/installing/linux.html#perl-modules
./checksetup.pl --check-modules
/usr/bin/perl install-module.pl --all
/usr/bin/perl install-module.pl --upgrade-all
./checksetup.pl --check-modules
./checksetup.pl
# bugzilla folder must be owned by webrunner (suexec)
chown -R webrunner:webrunner .
systemctl restart apache2
/etc/init.d/apache2 restart
- https://www.bugzilla.org/download/#stable
11.3 mediawiki
- https://www.mediawiki.org/wiki/Download
- Vector skin (default):
vi wiki/skins/Vector/variables.less
// @html-font-size: 100%;
@html-font-size: 95%;
Extension mediawiki-bugzillareports
- https://www.mediawiki.org/wiki/Extension:Bugzilla_Reports
- https://www.mediawiki.org/wiki/Extension_talk:Bugzilla_Reports#Google_Code_Shutting_Down
- https://github.com/nakal/mediawiki-bugzillareports
11.X Apache ..
- Sync config files in /etc/apache2/ with: etc/apache2/apache2.diff
- see also etc/apache2/mods-enabled.lst, etc ..
/etc/init.d/apache2 start
12 jogamp_web daemons ..
# m h dom mon dow command
51 * * * * /bin/bash /home/jogamp_web/jogamp.org/planet2/update-planet.sh >& /dev/null
52 * * * * /bin/bash /home/jogamp_web/jogamp.org/planet2/update-stream.sh >& /dev/null
10 23 * * * /bin/bash /home/jogamp_web/awstats/awstats-start.sh >& /dev/null
awstats:
user: jogamp_web
script home: /home/jogamp_web/awstats
install home: /home/jogamp_web/awstats/installation
root@server:
apt-get install libgeoip-dev libgeo-ip-perl php5-geoip python-geoip geoip-database libnet-whois-raw-perl
mkdir /var/lib/awstats/
chown -R jogamp_web:jogamp_web /var/lib/awstats/
chown -R jogamp_web:jogamp_web /etc/GeoIP
jogamp_web@server:
cd /home/jogamp_web/awstats
wget http://prdownloads.sourceforge.net/awstats/awstats-7.1.1.tar.gz
tar xzf awstats-7.1.1.tar.gz
ln -s awstats-7.1.1 installation
mkdir config
mkdir log
cp -a BACKUP/awstats/awstats.jogamp.org.conf /home/jogamp_web/awstats/config
cp -a BACKUP/awstats/awstats-start.sh /home/jogamp_web/awstats/
cp -a BACKUP etc/logrotate.d/httpd-prerotate /etc/logrotate.d/
this kicks off /home/jogamp_web/awstats/awstats-start.sh before the logrotate
Populate /etc/GeoIP ..
13 jabot
As user jabot:
cd /srv/jabot ; git clone file:///srv/scm/users/sgothel/jabot.git
cd jabot ; ant
As user root:
cp -a /srv/jabot/jabot/scripts/jabot-init-debian /etc/init.d/jabot
update-rc.d jabot defaults
13 jenkins
root@jogamp.org:
apt-get install graphviz-dev graphviz
cp ../../../jenkins-server-slave-setup/scripts/jenkins-initd-debian /etc/init.d/jenkins
cp ../../../jenkins-server-slave-setup/scripts/jenkins.logrotate /etc/logrotate.d/
update-rc.d jenkins defaults
/etc/init.d/jenkins start
|