Haas PhD Server Configuration

From edegan.com
Revision as of 20:22, 21 January 2011 by imported>Ed (→‎Package additions/upgrades/removals)
Jump to navigation Jump to search

IP Addresses

During the configuration phase the servers will be on:

  • phd-pgsql: 128.32.66.163
  • phd-lamp: 128.32.66.164

Base configurations

Both servers are running CentOS release 5.5 (cat /etc/*release*), which uses the Yum package manager (yum list installed | more). Both have Gnome on Xwindows available, as well as the following common packages:

  • cpp 4.1.2-48.el5.
  • ftp 0.17-35.el5
  • httpd 2.2.3-43.el5.centos.3
  • iptables 1.3.5-5.3.el5_4.1
  • mysql 5.0.77-4.el5_5.4
  • openssh 4.3p2-41.el5_5.1
  • pam 0.99.6.2-6.el5_5.2
  • perl 4:5.8.8-32.el5_5.2
  • python 2.4.3-27.el5_5.3
  • php 5.1.6-27.el5_5.3
  • samba 3.0.33-3.29.el5_5.1
  • squid 7:2.6.STABLE21-6.el5

Notable additional packages on pgsql are:

  • postgresql.x86_64 8.1.22-1.el5_5.1

Package additions/upgrades/removals

On lamp:

  • Install mediawiki
  • Remove ftp

On pgsql:

  • Remove httpd, mysql, ftp
  • Upgrade python to version 3.1
  • Install TrueCrypt

Configuration

For both servers:

  • Mount bear
  • Configure Iptables

For lamp:

  • Configure Apache
  • Configure Mediawiki
  • Add Mediawiki extensions
  • Create new folder structure

For pgsql:

  • Configure Postgre

Mounting bear

mount -t cifs //bear/ed_egan/ /mnt -o user=ed_egan

for the inclusion into fstab or other more sophisticated approaches there is a Centos help page.

Configure Apache

To start Apache:

/etc/init.d/httpd start

To set Apache to start at boot:

chkconfig --levels 235 httpd on

The main config file is: /etc/httpd/conf/httpd.conf

First, confirm your IP address:

/sbin/ifconfig

Configure IpTables

For lamp we need a hole for port 80 for the webserver. For pgsql we need a hole for our clientware. General documentation is available in iptables from Centos

Check that iptables is running:

/sbin/lsmod | grep ip_tables

Backup the old rules:

cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak

Add a hole (or two):

vi /etc/sysconfig/iptables
...
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.66.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.67.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.74.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.136.0.0/23 --dport 80 -j ACCEPT
...

Restart the service:

/etc/init.d/iptables restart

Data

For lamp:

  • Import Wiki pages
  • Change links to pdfs and repository files