aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStefan Kangas <skangas@skangas.se>2012-02-13 13:53:07 +0100
committerStefan Kangas <skangas@skangas.se>2012-02-13 13:53:07 +0100
commit8142098b098bfc6046bee6e8d96132a403e05035 (patch)
tree8473bacbadadcd1472fcd91d149aebd0621b50cb
parent06d5ebec74cd5478f8b0f8955c2141b490e445fb (diff)
parent82fbf57ac9b060e078644a791d6fe70d4fe17e80 (diff)
Merge branch 'master' of git.fripost.org:fripost-docs
Conflicts: fripost-docs.org
-rw-r--r--fripost-docs.org51
1 files changed, 37 insertions, 14 deletions
diff --git a/fripost-docs.org b/fripost-docs.org
index 28c49dd..0240f22 100644
--- a/fripost-docs.org
+++ b/fripost-docs.org
@@ -104,7 +104,7 @@ sudo /etc/init.d/ssh restart
** Packages to install
*** Administrative
-sudo aptitude install openssh-server molly-guard ntp ntpdate screen
+sudo aptitude install openssh-server molly-guard ntp ntpdate rsync screen
# If the system is on a dynamic IP (e.g. using DHCP):
sudo aptitude install resolvconf
@@ -155,6 +155,7 @@ sudo aptitude install logcheck syslog-summary
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: cannot connect to dns.loopia.se:443 socket: IO::Socket::SSL: Timeout IO::Socket::INET configuration failederror:00000000:lib(0):func(0):reason(0)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: file /var/cache/ddclient/ddclient.cache, line [0-9]+: Invalid Value for keyword 'ip' = ''$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ddclient\[[0-9]+\]: WARNING: updating [._[:alnum:]-]+: nochg: No update required; unnecessary attempts to change to the current address are considered abusive$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: [.0-9]{7,15} interface [.0-9]{7,15} -> [.0-9]{7,15}$
** Configuring aptitude and friends
@@ -495,7 +496,7 @@ mysql -u root -p
# Create mail user
- CREATE USER 'mail'@'localhost' IDENTIFIED BY 'mijhl9hniiMu5WxvvtdgsacxZ';
+ CREATE USER 'mail'@'localhost' IDENTIFIED BY '<password>';
GRANT SELECT ON mail.alias TO 'mail'@'localhost';
GRANT SELECT ON mail.domain TO 'mail'@'localhost';
GRANT SELECT ON mail.mailbox TO 'mail'@'localhost';
@@ -518,10 +519,16 @@ These instructions are mainly adapted from the MySQL manual.
expire_logs_days = 10
max_binlog_size = 100M
binlog_do_db = mail
-
/etc/init.d/mysql restart
+# Enter MySQL shell and create a user with replication privileges.
+# NB: Use only ASCII for the <password>
+mysql -u root -p
+
+ GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'localhost' IDENTIFIED BY '<password>';
+ FLUSH PRIVILEGES;
+
***** Configure the slave
****** Set up an SSH tunnel
@@ -529,17 +536,13 @@ We begin by setting up an SSH tunnel from the slave to the master, as described
****** Preparing steps to take on master
-# Enter MySQL shell and create a user with replication privileges.
-# NB: Use only ASCII for the <password>
+# Make a database dump.
+
mysql -u root -p
- GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'localhost' IDENTIFIED BY '<password>';
- FLUSH PRIVILEGES;
USE mail;
FLUSH TABLES WITH READ LOCK;
quit;
-
-# Make a database dump.
mysqldump -u root -p --opt mail > mydump.sql
@@ -567,8 +570,9 @@ sudo chmod 0750 $TMP_DIR
tmpdir = /var/lib/mysql/tmp
# Note that the server-id must be different on all hosts
server-id = 2
+ relay-log = mysqld-relay-bin
-/etc/init.d/mysql restart
+sudo service mysql restart
# Enter the MySQL shell and create the database:
@@ -783,11 +787,22 @@ sudo a2enmod ssl rewrite
**** Installing roundcube
-Add the backports repository first, to make sure we're running a somewhat more
-current version than the one in stable.
+# Add the backports repository first, to make sure we're running a somewhat more
+# current version than the one currently in stable.
+
+:: /etc/apt/sources.list
+
+ deb http://backports.debian.org/debian-backports squeeze-backports main
sudo apt-get install roundcube
+:: /etc/php5/apache2/php.ini
+
+ log_errors = Off
+ post_max_size = 25M
+ upload_max_filesize = 25M
+ tmp_dir = FIXME
+
:: /etc/roundcube/main.inc.php
# Use caching
@@ -824,12 +839,12 @@ sudo apt-get install roundcube
**** Installing custom logo
+wget https://fripost.org/images/logo2011_webmail.png
LOGO="logo2011_webmail.png"
sudo mv /var/lib/roundcube/skins/default/images/roundcube_logo.png /var/lib/roundcube/skins/default/images/roundcube_logo2.png
sudo mv $LOGO /var/lib/roundcube/skins/default/images/roundcube_logo.png
sudo chmod 0644 /var/lib/roundcube/skins/default/images/roundcube_logo.png
-
**** Adding a custom message on login page
:: /usr/share/roundcube/skins/default/templates/login.html
@@ -1003,9 +1018,9 @@ sudo rkhunter -c --nomow --rwo
MAIL-ON-WARNING=admin@fripost.org
- ALLOWHIDDENDIR=/etc/.git
ALLOWHIDDENDIR=/dev/.udev
ALLOWHIDDENDIR=/dev/.initramfs
+ ALLOWHIDDENDIR=/etc/.git
ALLOWHIDDENFILE=/etc/.gitignore
ALLOWHIDDENFILE=/etc/.etckeeper
@@ -1057,6 +1072,14 @@ It is also possible to use simple git commands in /etc, e.g. `git log'.
`etckeeper' has the benefit of keeping track of file permissions, which git
by itself will not.
+** Use Cluster SSH
+
+This pretty much sums it up:
+
+"ClusterSSH controls a number of xterm windows via a single graphical console
+window to allow commands to be interactively run on multiple servers over an ssh
+connection."
+
** Use fripost-tools
We have written some tools to make administration tasks easier. They can be