Version 7 (modified by 13 years ago) (diff) | ,
---|
SilverFile General Server Setup
Installation of Ubuntu 8.04 LTS
Create CDROM and boot off USB-CDROM.
Partitioning (During Install)
We feel that 20GB and 4GB of swap is more than sufficient, leaving ample room for client files.
- / 20GB Primary Ext3 Bootable = Yes (leave all other defaults)
- swap 4GB swap
- /FILES/ Primary Ext3 Bootable = No (leave all other defaults)
Install SSH Deamon
sudo apt-get install ssh
Check RAID Status
mdadm --detail /dev/md0
Change SSH Port
edit /etc/ssh/sshd_config Change port line to 2222 (or whatever port) restart sshd to check
/etc/init.d/ssh restart
Add other users to sudo
Sudo allows all users in admin group root privilege. This is something that Ubuntu sets up as an alternative to visudo.
usermod -a -G admin ryan
SSH Keys
To generate a key:
ssh-keygen (or) ssh-keygen -t dsa (for dsa) (do not enter a passphrase)
This generates, id_dsa and id_dsa.pub. Client(id_dsa) ---ssh--> Host(id_dsa.pub in .ssh/authorized_keys)
OpenSSL
Verification
Next, verify engine:
> openssl engine (padlock) VIA PadLock (no-RNG, ACE) (dynamic) Dynamic engine loading support
The response string should include '(padlock) VIA PadLock (no-RNG, ACE)
'.
Make default engine Padlock
> vim /etc/ssl/openssl.cnf ... oid_section = new_oids # Enable Via Padlock by default openssl_conf = openssl_def [openssl_def] engines = openssl_engines [openssl_engines] padlock = padlock_engine [padlock_engine] default_algorithms = ALL
GnuPG / Duplicity
> sudo apt-get install duplicity python-boto
Install Apache for Django
Great Ubuntu Apache/SSL How-To
> sudo apt-get install apache2 libapache2-mod-python > sudo ln -s /usr/sbin/apache2ctl apachectl (old habits die hard)
Configure SSL
> sudo a2enmod ssl
copy cert file (mydomain.com.crt) to /etc/ssl/certs copy key file (mydomain.com.key) to /etc/ssl/private
Configure Apache for SilverFile App
Django app is turned "on" by default. Two locations (webspaces) are turned off, and are served directly. These are:
- site_media (css, js, images, etc...)
- site_files (these are all the client files)
See sf-apps/files/examples
<VirtualHost *:80> > wget http://www.gutenberg.org/dirs/etext02/01hgp10a.txt (274 MB) > wget http://www.gutenberg.org/dirs/etext02/02hgp10a.txt (246 MB) > wget http://www.gutenberg.org/dirs/etext02/03hgp10a.txt (217 MB) > wget http://www.gutenberg.org/dirs/etext02/08hgp10a.txt (144 MB) ServerName harvey.silverfilecorp.com SetHandler python-program PythonHandler django.core.handlers.modpython SetEnv DJANGO_SETTINGS_MODULE files.settings PythonOption django.root /files PythonDebug On PythonPath "['/usr/wwwapps/sf-app'] + sys.path" # Site media files - css, js, img Alias /site_media /usr/wwwapps/sf-app/files/media <Location /site_media/> SetHandler None </Location> # Client Files Alias /site_files /FILES <Location /site_files/> SetHandler None </Location> </VirtualHost>
Permissions on /FILES/
AS root:
addgroup fileusers adduser hank fileusers adduser ryan fileusers adduser www-data fileusers adduser matt adduser matt fileusers chown -R root /FILES chgrp -R fileusers /FILES chown -R 660 /FILES find /FILES -type d -exec chmod 770 {} \; find /FILES -type d -exec chmod 550 {} \;
Java
sudo apt-get install sun-java6-bin
Setting up a Software RAID 1 - (DEPRECATED)
We are using the hardware raid cards now, so this is deprecated.
Per recommendations from our friends at MonkeyBrains, we'll set up a software RAID 1 and monitor it with mdadm. The plan is to sync up RAID health with SNMP monitoring.
This is a very good tutorial on setting up a software RAID 1 please follow it for the step by step RAID install.
The idea is to create 3 partitions:
- / (root) where all the OS etc files go
- /FILES where all the documents go
- Swap The necessary swap partition
On a 500 GB drive I propose doing this :
- /FILES = 430 GB
- Swap = 4 GB (swap is conventionally 2X RAM, a swap this size may not be necessary with 2 GB of RAM and for use as a file server
- / = <leftover space>
In order to create the software RAID, you first create regular primary partitions on the first disk (SDA) as in the following:
select: Partition Disk Manually select: Device SDA1 Create new empty partition table on this device: yes Select Free Space (pri/log): <per size of the disk> select: Create new primary partition Mount point: / Bootable Flag: on Use as: Select Physical Volume For RAID select: Done Setting up partition
And then you create an MD device from each partition.
Again, see the RAID tutorial as it explains exactly how to do this step by step.