Difference between revisions of "Haas PhD Server Configuration"

From edegan.com
Jump to navigation Jump to search
imported>Ed
imported>Ed
Line 77: Line 77:
 
     Allow from all
 
     Allow from all
 
  </Directory>
 
  </Directory>
 
  
 
===Install MySQL===
 
===Install MySQL===

Revision as of 18:48, 22 January 2011

Haas PhD Students have two new servers and this page details their configuration.

IP Addresses

During the configuration phase the servers will be on:

  • phd-pgsql: 128.32.66.163
  • phd-lamp: 128.32.66.164

Base configurations

Both servers are running CentOS release 5.5 (cat /etc/*release*), which uses the Yum package manager (yum list installed | more). Both have Gnome on Xwindows available, as well as the following common packages:

  • cpp 4.1.2-48.el5.
  • ftp 0.17-35.el5
  • httpd 2.2.3-43.el5.centos.3
  • iptables 1.3.5-5.3.el5_4.1
  • mysql 5.0.77-4.el5_5.4 (note that this is the client)
  • openssh 4.3p2-41.el5_5.1
  • pam 0.99.6.2-6.el5_5.2
  • perl 4:5.8.8-32.el5_5.2
  • python 2.4.3-27.el5_5.3
  • php 5.1.6-27.el5_5.3
  • samba 3.0.33-3.29.el5_5.1
  • squid 7:2.6.STABLE21-6.el5

Notable additional packages on pgsql are:

  • postgresql.x86_64 8.1.22-1.el5_5.1

Package additions/upgrades/removals

On lamp:

  • Install Mediawiki
  • Install MySQL (the server)
  • Remove ftp

On pgsql:

  • Remove httpd, mysql, ftp
  • Upgrade python to version 3.1
  • Install TrueCrypt

Install Mediawiki

Install the public key for the ATrpms repository:

rpm --import http://packages.atrpms.net/RPM-GPG-KEY.atrpms

Enable the ATrpms repository by adding a file called atrpms.repos to /etc/yum.repos.d/

[atrpms]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/stable
failovermethod=priority

# requires stable
[atrpms-testing]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms testing
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/testing
failovermethod=priority
enabled=0 

# requires stable and testing
[atrpms-bleeding]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms bleeding
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/bleeding
failovermethod=priority
enabled=0

Checking online at ATrpms shows the package contains version 1.15. So do:

yum install mediawiki

To run the configuration script through a browser, create an alias in Apache's httpd.conf:

Alias /wiki "/var/www/wiki"

<Directory "/var/www/wiki">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

Install MySQL

Install MySql:

yum install mysql-server

Start the server:

/etc/init.d/mysqld start

Configuration

For both servers:

  • Mount bear
  • Configure Iptables

For lamp:

  • Configure Apache
  • Configure Mediawiki
  • Add Mediawiki extensions
  • Create new folder structure

For pgsql:

  • Configure Postgre

Mounting bear

mount -t cifs //bear/ed_egan/ /mnt -o user=ed_egan

for the inclusion into fstab or other more sophisticated approaches there is a Centos help page.

Configure Apache

To start Apache:

/etc/init.d/httpd start

To set Apache to start at boot:

/sbin/chkconfig --levels 235 httpd on

The main config file is: /etc/httpd/conf/httpd.conf

First, confirm your IP address:

/sbin/ifconfig

Browse to /wiki/config/index.php (having set an Apache alias above), and set the following setting:

WikiName: HaasPhDWiki
Contact: kimg@haas.berkeley.edu
Admin password and dbase password: cheit
All other setting as default

Configure IP Tables

For lamp we need a hole for port 80 for the webserver. For pgsql we need a hole for our clientware. General documentation is available in iptables from Centos

Check that iptables is running:

/sbin/lsmod | grep ip_tables

Backup the old rules:

cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak

Add a hole (or two):

vi /etc/sysconfig/iptables
...
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.66.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.67.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.74.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.136.0.0/23 --dport 80 -j ACCEPT
...

Restart the service:

/etc/init.d/iptables restart

Data

For lamp:

  • Import Wiki pages
  • Change links to pdfs and repository files