Haas PhD Server Configuration

From edegan.com
Revision as of 17:56, 22 January 2011 by imported>Ed (→‎Install MySQL)
Jump to navigation Jump to search

Haas PhD Students have two new servers and this page details their configuration.

IP Addresses

During the configuration phase the servers will be on:

  • phd-pgsql: 128.32.66.163
  • phd-lamp: 128.32.66.164

Base configurations

Both servers are running CentOS release 5.5 (cat /etc/*release*), which uses the Yum package manager (yum list installed | more). Both have Gnome on Xwindows available, as well as the following common packages:

  • cpp 4.1.2-48.el5.
  • ftp 0.17-35.el5
  • httpd 2.2.3-43.el5.centos.3
  • iptables 1.3.5-5.3.el5_4.1
  • mysql 5.0.77-4.el5_5.4 (note that this is the client)
  • openssh 4.3p2-41.el5_5.1
  • pam 0.99.6.2-6.el5_5.2
  • perl 4:5.8.8-32.el5_5.2
  • python 2.4.3-27.el5_5.3
  • php 5.1.6-27.el5_5.3
  • samba 3.0.33-3.29.el5_5.1
  • squid 7:2.6.STABLE21-6.el5

Notable additional packages on pgsql are:

  • postgresql.x86_64 8.1.22-1.el5_5.1

Package additions/upgrades/removals

On lamp:

  • Install Mediawiki
  • Install MySQL (the server)
  • Remove ftp

On pgsql:

  • Remove httpd, mysql, ftp
  • Upgrade python to version 3.1
  • Install TrueCrypt

Install Mediawiki

Install the public key for the ATrpms repository:

rpm --import http://packages.atrpms.net/RPM-GPG-KEY.atrpms

Enable the ATrpms repository by adding a file called atrpms.repos to /etc/yum.repos.d/

[atrpms]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/stable
failovermethod=priority

# requires stable
[atrpms-testing]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms testing
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/testing
failovermethod=priority
enabled=0 

# requires stable and testing
[atrpms-bleeding]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms bleeding
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/bleeding
failovermethod=priority
enabled=0

Checking online at ATrpms shows the package contains version 1.15. So do:

yum install mediawiki

To run the configuration script through a browser, create an alias in Apache's httpd.conf:

Alias /wiki "/var/www/wiki"

<Directory "/var/www/wiki">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

Install MySQL

Install MySql:

yum install mysql-server

Start the server:

/etc/init.d/mysqld start

And make sure it starts automatically on reboot:

/sbin/chkconfig --levels 235 mysqld on

Set a root password for the database:

mysqladmin -u root password cheit

Configuration

For both servers:

  • Mount bear
  • Configure Iptables

For lamp:

  • Configure Apache
  • Configure Mediawiki
  • Add Mediawiki extensions
  • Create new folder structure

For pgsql:

  • Configure Postgre

Mounting bear

mount -t cifs //bear/ed_egan/ /mnt -o user=ed_egan

for the inclusion into fstab or other more sophisticated approaches there is a Centos help page.

Configure Apache

To start Apache:

/etc/init.d/httpd start

To set Apache to start at boot:

/sbin/chkconfig --levels 235 httpd on

The main config file is: /etc/httpd/conf/httpd.conf

First, confirm your IP address:

/sbin/ifconfig

Browse to /wiki/config/index.php (having set an Apache alias above), and set the following setting:

WikiName: HaasPhDWiki
Contact: kimg@haas.berkeley.edu
Admin password and dbase password: cheit
All other setting as default

Configure IP Tables

For lamp we need a hole for port 80 for the webserver. For pgsql we need a hole for our clientware. General documentation is available in iptables from Centos

Check that iptables is running:

/sbin/lsmod | grep ip_tables

Backup the old rules:

cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak

Add a hole (or two):

vi /etc/sysconfig/iptables
...
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.66.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.67.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.74.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.136.0.0/23 --dport 80 -j ACCEPT
...

Restart the service:

/etc/init.d/iptables restart

Data

For lamp:

  • Import Wiki pages
  • Change links to pdfs and repository files