= !SilverFile General Server Setup = == Installation of Ubuntu 9.04 Server 32bit == We are selecting this version for the following reasons: * GRUB installation doesn't work in older releases. * 64 bit version does not seem to support the VIA padlock engine == Partitioning (During Install) == We feel that 20GB and 6GB of swap is more than sufficient, leaving ample room for client files. * / 20GB Primary Ext3 Bootable = Yes (leave all other defaults) * swap 6GB swap * /FILES/ Primary Ext3 Bootable = No (leave all other defaults) == Install SSH Deamon == {{{ sudo apt-get install ssh openssh }}} == Change SSH Port == edit /etc/ssh/sshd_config Change port line to 2222 (or whatever port) restart sshd to check {{{ /etc/init.d/ssh restart }}} === OpenSSL === ==== Installation ==== sudo apt-get install openssl ==== Verification ==== Next, verify engine: {{{ > openssl engine (padlock) VIA PadLock (no-RNG, ACE) (dynamic) Dynamic engine loading support }}} The response string should include '`(padlock) VIA PadLock (no-RNG, ACE)`'. ==== Make default engine Padlock ==== {{{ > vim /etc/ssl/openssl.cnf ... oid_section = new_oids # Enable Via Padlock by default openssl_conf = openssl_def [openssl_def] engines = openssl_engines [openssl_engines] padlock = padlock_engine [padlock_engine] default_algorithms = ALL }}} === GnuPG / Duplicity === {{{ > sudo apt-get install duplicity python-boto }}} === Install Apache for Django === [https://help.ubuntu.com/7.10/server/C/httpd.html#https-configuration Great Ubuntu Apache/SSL How-To] {{{ > sudo apt-get install apache2 libapache2-mod-python > sudo ln -s /usr/sbin/apache2ctl apachectl (old habits die hard) }}} === Configure SSL === {{{ > sudo a2enmod ssl }}} copy cert file (''mydomain.com''.crt) to /etc/ssl/certs copy key file (''mydomain.com''.key) to /etc/ssl/private === Configure Apache for !SilverFile App === Django app is turned "on" by default. Two locations (webspaces) are turned off, and are served directly. These are: * site_media (css, js, images, etc...) * site_files (these are all the client files) See sf-apps/files/examples {{{ > wget http://www.gutenberg.org/dirs/etext02/01hgp10a.txt (274 MB) > wget http://www.gutenberg.org/dirs/etext02/02hgp10a.txt (246 MB) > wget http://www.gutenberg.org/dirs/etext02/03hgp10a.txt (217 MB) > wget http://www.gutenberg.org/dirs/etext02/08hgp10a.txt (144 MB) ServerName harvey.silverfilecorp.com SetHandler python-program PythonHandler django.core.handlers.modpython SetEnv DJANGO_SETTINGS_MODULE files.settings PythonOption django.root /files PythonDebug On PythonPath "['/usr/wwwapps/sf-app'] + sys.path" # Site media files - css, js, img Alias /site_media /usr/wwwapps/sf-app/files/media SetHandler None # Client Files Alias /site_files /FILES SetHandler None }}} == Permissions on /FILES/ == AS root: {{{ addgroup fileusers adduser hank fileusers adduser ryan fileusers adduser www-data fileusers adduser matt adduser matt fileusers chown -R root /FILES chgrp -R fileusers /FILES chown -R 660 /FILES find /FILES -type d -exec chmod 770 {} \; find /FILES -type d -exec chmod 550 {} \; }}} == Java == {{{ sudo apt-get install sun-java6-bin }}} == Setting up a Software RAID 1 - (DEPRECATED) == We are using the hardware raid cards now, so this is deprecated. Per recommendations from our friends at !MonkeyBrains, we'll set up a software RAID 1 and monitor it with mdadm. The plan is to sync up RAID health with SNMP monitoring. This is a very good tutorial on [http://ubuntuadministrator.com/?p=3 setting up a software RAID 1] please follow it for the step by step RAID install. The idea is to create 3 partitions: * / (root) where all the OS etc files go * /FILES where all the documents go * Swap The necessary swap partition On a 500 GB drive I propose doing this : * /FILES = 430 GB * Swap = 4 GB (swap is conventionally 2X RAM, a swap this size may not be necessary with 2 GB of RAM and for use as a file server * / = In order to create the software RAID, you first create regular primary partitions on the first disk (SDA) as in the following: {{{ select: Partition Disk Manually select: Device SDA1 Create new empty partition table on this device: yes Select Free Space (pri/log): select: Create new primary partition Mount point: / Bootable Flag: on Use as: Select Physical Volume For RAID select: Done Setting up partition }}} And then you create an MD device from each partition. Again, see the [http://ubuntuadministrator.com/?p=3ubuntu RAID tutorial] as it explains exactly how to do this step by step. == Check Software RAID Status == {{{ mdadm --detail /dev/md0 }}}