diff options
author | Stefan Kangas <skangas@skangas.se> | 2012-02-13 13:53:07 +0100 |
---|---|---|
committer | Stefan Kangas <skangas@skangas.se> | 2012-02-13 13:53:07 +0100 |
commit | 8142098b098bfc6046bee6e8d96132a403e05035 (patch) | |
tree | 8473bacbadadcd1472fcd91d149aebd0621b50cb | |
parent | 06d5ebec74cd5478f8b0f8955c2141b490e445fb (diff) | |
parent | 82fbf57ac9b060e078644a791d6fe70d4fe17e80 (diff) |
Merge branch 'master' of git.fripost.org:fripost-docs
Conflicts:
fripost-docs.org
-rw-r--r-- | fripost-docs.org | 51 |
1 files changed, 37 insertions, 14 deletions
diff --git a/fripost-docs.org b/fripost-docs.org index 28c49dd..0240f22 100644 --- a/fripost-docs.org +++ b/fripost-docs.org @@ -104,7 +104,7 @@ sudo /etc/init.d/ssh restart ** Packages to install *** Administrative -sudo aptitude install openssh-server molly-guard ntp ntpdate screen +sudo aptitude install openssh-server molly-guard ntp ntpdate rsync screen # If the system is on a dynamic IP (e.g. using DHCP): sudo aptitude install resolvconf @@ -155,6 +155,7 @@ sudo aptitude install logcheck syslog-summary ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:443 socket: IO::Socket::SSL: Timeout IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0)$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: file /var/cache/ddclient/ddclient.cache, line [0-9]+: Invalid Value for keyword 'ip' = ''$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: updating [._[:alnum:]-]+: nochg: No update required; unnecessary attempts to change to the current address are considered abusive$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: [.0-9]{7,15} interface [.0-9]{7,15} -> [.0-9]{7,15}$ ** Configuring aptitude and friends @@ -495,7 +496,7 @@ mysql -u root -p # Create mail user - CREATE USER 'mail'@'localhost' IDENTIFIED BY 'mijhl9hniiMu5WxvvtdgsacxZ'; + CREATE USER 'mail'@'localhost' IDENTIFIED BY '<password>'; GRANT SELECT ON mail.alias TO 'mail'@'localhost'; GRANT SELECT ON mail.domain TO 'mail'@'localhost'; GRANT SELECT ON mail.mailbox TO 'mail'@'localhost'; @@ -518,10 +519,16 @@ These instructions are mainly adapted from the MySQL manual. expire_logs_days = 10 max_binlog_size = 100M binlog_do_db = mail - /etc/init.d/mysql restart +# Enter MySQL shell and create a user with replication privileges. +# NB: Use only ASCII for the <password> +mysql -u root -p + + GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'localhost' IDENTIFIED BY '<password>'; + FLUSH PRIVILEGES; + ***** Configure the slave ****** Set up an SSH tunnel @@ -529,17 +536,13 @@ We begin by setting up an SSH tunnel from the slave to the master, as described ****** Preparing steps to take on master -# Enter MySQL shell and create a user with replication privileges. -# NB: Use only ASCII for the <password> +# Make a database dump. + mysql -u root -p - GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'localhost' IDENTIFIED BY '<password>'; - FLUSH PRIVILEGES; USE mail; FLUSH TABLES WITH READ LOCK; quit; - -# Make a database dump. mysqldump -u root -p --opt mail > mydump.sql @@ -567,8 +570,9 @@ sudo chmod 0750 $TMP_DIR tmpdir = /var/lib/mysql/tmp # Note that the server-id must be different on all hosts server-id = 2 + relay-log = mysqld-relay-bin -/etc/init.d/mysql restart +sudo service mysql restart # Enter the MySQL shell and create the database: @@ -783,11 +787,22 @@ sudo a2enmod ssl rewrite **** Installing roundcube -Add the backports repository first, to make sure we're running a somewhat more -current version than the one in stable. +# Add the backports repository first, to make sure we're running a somewhat more +# current version than the one currently in stable. + +:: /etc/apt/sources.list + + deb http://backports.debian.org/debian-backports squeeze-backports main sudo apt-get install roundcube +:: /etc/php5/apache2/php.ini + + log_errors = Off + post_max_size = 25M + upload_max_filesize = 25M + tmp_dir = FIXME + :: /etc/roundcube/main.inc.php # Use caching @@ -824,12 +839,12 @@ sudo apt-get install roundcube **** Installing custom logo +wget https://fripost.org/images/logo2011_webmail.png LOGO="logo2011_webmail.png" sudo mv /var/lib/roundcube/skins/default/images/roundcube_logo.png /var/lib/roundcube/skins/default/images/roundcube_logo2.png sudo mv $LOGO /var/lib/roundcube/skins/default/images/roundcube_logo.png sudo chmod 0644 /var/lib/roundcube/skins/default/images/roundcube_logo.png - **** Adding a custom message on login page :: /usr/share/roundcube/skins/default/templates/login.html @@ -1003,9 +1018,9 @@ sudo rkhunter -c --nomow --rwo MAIL-ON-WARNING=admin@fripost.org - ALLOWHIDDENDIR=/etc/.git ALLOWHIDDENDIR=/dev/.udev ALLOWHIDDENDIR=/dev/.initramfs + ALLOWHIDDENDIR=/etc/.git ALLOWHIDDENFILE=/etc/.gitignore ALLOWHIDDENFILE=/etc/.etckeeper @@ -1057,6 +1072,14 @@ It is also possible to use simple git commands in /etc, e.g. `git log'. `etckeeper' has the benefit of keeping track of file permissions, which git by itself will not. +** Use Cluster SSH + +This pretty much sums it up: + +"ClusterSSH controls a number of xterm windows via a single graphical console +window to allow commands to be interactively run on multiple servers over an ssh +connection." + ** Use fripost-tools We have written some tools to make administration tasks easier. They can be |