User Tools

Site Tools


computers:serverconfig

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
computers:serverconfig [2007/12/06 12:16] davidcomputers:serverconfig [2010/12/10 16:02] (current) david
Line 110: Line 110:
 files are in: **/etc/cron.hourly/** files are in: **/etc/cron.hourly/**
  
 +==== Check NFS Mounts ====
 +
 +After the last power outage, the NWN servers were not speaking as I hadn't mounted the NFS mounts which share the drives to one another.  So, it occurred to me to write a little script to test if the NFS directories were mounted (and if not, go ahead and try and mount them).
 +
 +NOTE:  I moved this to hourly so it will reconnect after a power off / reboot in a more reasonable time.
 +
 +**/etc/cron.hourly/check_nfs_mounts.sh**:
 +
 +<code bash>
 +
 +#!/bin/bash
 +#
 +# check_nfs_mounts.sh
 +# quick check if we have our NFS directories mounted... if not... mount them!
 +# - dlr 2008/11/12
 +
 +MOUNTEDTEST=`df | grep '/mnt/nfs/sage/space' | wc -l`
 +
 +if [ $MOUNTEDTEST -ne 1 ]; then
 +  mount /mnt/nfs/sage/space
 +fi
 +
 +MOUNTEDTEST=`df | grep '/mnt/nfs/sage/local/home' | wc -l`
 +
 +if [ $MOUNTEDTEST -ne 1 ]; then
 +  mount /mnt/nfs/sage/local/home
 +fi
 +</code>
  
 ==== dovecot alive? ==== ==== dovecot alive? ====
Line 366: Line 394:
 cp ~david/down/dokuwiki/backup/conf/users.auth.php ~david/public_html/conf/users.auth.php cp ~david/down/dokuwiki/backup/conf/users.auth.php ~david/public_html/conf/users.auth.php
 </code> </code>
 +
 +
 +===== apcupsd =====
 +
 +I am sharing the UPS with sage, so that was the easiest to install and get running (RPM package).  I am going to install the software on here also, as this one runs on the same UPS.
 +
 +  - Download and install the software (here is the current link:  [[http://voxel.dl.sourceforge.net/sourceforge/apcupsd/apcupsd-3.14.4.tar.gz]] <code>
 +cd /usr/local/src/apcupsd
 +./configure
 +make
 +make install
 +</code>
 +  - Edit the config file, the only changes I made were:  (I made this one come down first since it is a slave to the actual machine monitoring the UPS, so I raised the battery level to 10 and the time left to 5 minutes) <code>
 +UPSTYPE net
 +DEVICE 10.0.0.2
 +BATTERYLEVEL 10
 +MINUTES 5
 +</code>
 +  - Modified **/etc/rc.d/rc.local** to fire up the APC daemon on boot:  <code>
 +# apc ups monitoring daemon
 +echo 'Firing up apcupsd to monitor the UPS'
 +/sbin/apcupsd
 +</code>
 +
 +And I tested it with a simple **apcaccess** call, which gives you the status of the UPS and that looks right.  I have NOT tested whether powering down the UPS really will shut everything down... maybe some other day.
  
 ===== bind ===== ===== bind =====
 +
 +The actual daemon run is **named**.  For whatever reason, the last upgrade of slamd64 makes the line in **/etc/named.conf** with the cname call break the program, so I just commented it out and things work OK now: -- 2008/03/01
 +<code>
 +logging {
 +        category lame-servers { null; };
 +#       category cname { null; };
 +};
 +</code>
  
 Seems like a good place to put information on **/etc/resolv.conf** Seems like a good place to put information on **/etc/resolv.conf**
Line 481: Line 542:
  
 ===== dovecot ===== ===== dovecot =====
 +
 +==== Upgrading ====
 +
 +  - Downloaded latest version (1.2.16)
 +  - Uncompress in **/usr/local/src**
 +  - Build:  <code>
 +./configure
 +make
 +make install
 +</code>
 +  - Fix the certificate (make a new one)
 +    - <code>cd /usr/local/src/dovecot-1.2.16/doc</code>
 +    - <code>mv dovecot-openssl.cnf dovecot-openssl.cnf.orig</code>
 +    - <code>nano dovecot-openssl.cnf   ### and paste in your values</code>
 +    - <code>chmod 755 mkcert.sh</code>
 +    - <code>mv /etc/ssl/certs/dovecot.pem /etc/ssl/certs/dovecot.pem.20101210</code>
 +    - <code>mv /etc/ssl/private/dovecot.pem /etc/ssl/private/dovecot.pem.20101210</code>
 +    - <code>./mkcert.sh</code>
 +    - <code>chmod 600 /etc/ssl/private/dovecot.pem  # it already was, but just in case </code>
 +    - Restart **dovecot** (i just killed the process and then run it again)
 +
 +
 +
 +==== Initial Install ====
 +
  
   * Download the source from [[http://www.dovecot.org/download.html|Dovecot home page]].   * Download the source from [[http://www.dovecot.org/download.html|Dovecot home page]].
Line 516: Line 602:
 </code> </code>
  
-  * Generate the keys and stick them where dovecot is looking for them (Config file {{computers:dovecot-openssl.cnf.txt|dovecot-openssl.cnf.txt}})+  * Generate the keys and stick them where dovecot is looking for them (Config file {{computers:dovecot-openssl.cnf.txt|dovecot-openssl.cnf.txt}}) (NOTE:  2008/10/03 - I updated this to use the server archon.lattice.net instead of imap, since the name conflicts and thunderbird was complaining and regenerated the keys so they are current)
 <code> <code>
 cd /usr/local/src/dovecot-1.0.rc26/doc cd /usr/local/src/dovecot-1.0.rc26/doc
Line 639: Line 725:
 </code> </code>
  
 +
 +==== aliases ====
 +
 +Aliases can be setup in the **/etc/mail/aliases**, and the following is an example of updating the hash table after editing the virtual user table.
 +
 +  cd /etc/mail
 +  makemap hash aliases < aliases
 +  /etc/rc.d/rc.sendmail restart
  
 ==== sendmail.cf ==== ==== sendmail.cf ====
Line 653: Line 747:
 <code> <code>
 FEATURE(`dnsbl',`list.dsbl.org')dnl FEATURE(`dnsbl',`list.dsbl.org')dnl
-FEATURE(`dnsbl',`relays.ordb.org')dnl 
 FEATURE(`dnsbl',`sbl-xbl.spamhaus.org')dnl FEATURE(`dnsbl',`sbl-xbl.spamhaus.org')dnl
 dnl# Set and outgoing server to pass email through since we are being blocked by DNS block lists now dnl# Set and outgoing server to pass email through since we are being blocked by DNS block lists now
Line 672: Line 765:
  
  
 +==== virtusertable ====
  
 +Aliases can be setup in the **/etc/mail/virtusertable**, and the following is an example of updating the hash table after editing the virtual user table.
  
 +  cd /etc/mail 
 +  makemap hash virtusertable < virtusertable 
 +  /etc/rc.d/rc.sendmail restart
  
  
 ===== slimserver ===== ===== slimserver =====
 +
 +
 +
 +==== Version 7.0 ====
 +
 +Installed 2008/04/26 - dlr - latest version installed since the old one stopped working after I rebooted? (PERL upgrade probably)
 +
 +Looks like it was getting confused with the old version that was already installed... so I moved all of the files that mentioned 'slim' into ~/slimserverStuff to get it out of the normal path.
 +
 +  - Moved old slimserver stuff first:  <code>
 +cd ~/
 +mkdir slimserverStuff
 +mv Cache slimserverStuff
 +mv slimserver.pref slimserverStuff
 +</code>
 +  - As root, install the server:  <code>
 +cd /usr/local/archon
 +tar -zxvf squeezecenter-7.0.tgz
 +chown -R quake:mp3 squeezecenter-7.0-17793
 +cd /usr/local
 +ln -s /usr/local/archon/squeezecenter-7.0-17793 slimserver
 +</code>
 +  - As root, install PERL modules that it needs (doesn't work automagically as it should):  <code>
 +/usr/bin/perl -MCPAN -e shell
 +cpan>install Compress::Zlib
 +cpan>install GD
 +</code>
 +  - Add this to **/etc/rc.d/rc.local** so it will run at start (as the quake user, not as root): <code>
 +# slimserver
 +echo 'Firing up slimserver'
 +sudo -u quake /usr/local/slimserver/slimserver.pl --daemon
 +</code>
 +
 +==== Version 6.5.1 ====
 +
 Download from slimdevices.com [[http://www.slimdevices.com/su_downloads.html]] Download from slimdevices.com [[http://www.slimdevices.com/su_downloads.html]]
 <code> <code>
Line 856: Line 988:
 make install make install
 </code> </code>
 +
 +===== id3lib =====
 +
 +id3lib-3.8.3 ([http://id3lib.sourceforge.net/])
 +
 +  ./configure
 +  make
 +  make install
 +
  
 ===== id3tag ===== ===== id3tag =====
Line 1060: Line 1201:
 Someone found a way through the firewall once to hit the Samba server.. so I added these lines to **/etc/rc.d/rc.local** to just drop any samba packets at the WAN interface. Someone found a way through the firewall once to hit the Samba server.. so I added these lines to **/etc/rc.d/rc.local** to just drop any samba packets at the WAN interface.
  
-I also blocked the slim server access from outside, just seemed like a bad idea 8-)+I also blocked the slim server access from outside, just seemed like a bad idea 8-)  (and just now added apcupsd to the list of blocked from the outside //2008/11/13 10:43//)
  
 <code bash> <code bash>
Line 1082: Line 1223:
 iptables -A OUTPUT -o eth0 -p tcp --dport 445 -j DROP iptables -A OUTPUT -o eth0 -p tcp --dport 445 -j DROP
 iptables -A OUTPUT -o eth0 -p tcp --sport 445 -j DROP iptables -A OUTPUT -o eth0 -p tcp --sport 445 -j DROP
 +
 +# block port 3551 so that apcupsd cannot be seen from outside
 +iptables -A OUTPUT -o eth0 -p tcp --dport 3551 -j DROP
 +iptables -A OUTPUT -o eth0 -p tcp --sport 3551 -j DROP
  
 # block port 9000 so slimserver can't be accesed from outside # block port 9000 so slimserver can't be accesed from outside
Line 1185: Line 1330:
 make install make install
 </code> </code>
 +
 +===== id3v2 =====
 +
 +You need to install id3lib first, but after that, installing this program was simple:
 +
 +  make
 +  make install
 +
  
 ===== IDL ===== ===== IDL =====
computers/serverconfig.1196943368.txt.gz · Last modified: 2007/12/06 12:16 by david