Haas PhD Server Configuration

From edegan.com
Revision as of 20:23, 21 January 2011 by imported>Ed (→‎Configure IpTables)
Jump to navigation Jump to search

Haas PhD Students have two new servers and this page details their configuration.

IP Addresses

During the configuration phase the servers will be on:

  • phd-pgsql: 128.32.66.163
  • phd-lamp: 128.32.66.164

Base configurations

Both servers are running CentOS release 5.5 (cat /etc/*release*), which uses the Yum package manager (yum list installed | more). Both have Gnome on Xwindows available, as well as the following common packages:

  • cpp 4.1.2-48.el5.
  • ftp 0.17-35.el5
  • httpd 2.2.3-43.el5.centos.3
  • iptables 1.3.5-5.3.el5_4.1
  • mysql 5.0.77-4.el5_5.4
  • openssh 4.3p2-41.el5_5.1
  • pam 0.99.6.2-6.el5_5.2
  • perl 4:5.8.8-32.el5_5.2
  • python 2.4.3-27.el5_5.3
  • php 5.1.6-27.el5_5.3
  • samba 3.0.33-3.29.el5_5.1
  • squid 7:2.6.STABLE21-6.el5

Notable additional packages on pgsql are:

  • postgresql.x86_64 8.1.22-1.el5_5.1

Package additions/upgrades/removals

On lamp:

  • Install mediawiki
  • Remove ftp

On pgsql:

  • Remove httpd, mysql, ftp
  • Upgrade python to version 3.1
  • Install TrueCrypt

Configuration

For both servers:

  • Mount bear
  • Configure Iptables

For lamp:

  • Configure Apache
  • Configure Mediawiki
  • Add Mediawiki extensions
  • Create new folder structure

For pgsql:

  • Configure Postgre

Mounting bear

mount -t cifs //bear/ed_egan/ /mnt -o user=ed_egan

for the inclusion into fstab or other more sophisticated approaches there is a Centos help page.

Configure Apache

To start Apache:

/etc/init.d/httpd start

To set Apache to start at boot:

chkconfig --levels 235 httpd on

The main config file is: /etc/httpd/conf/httpd.conf

First, confirm your IP address:

/sbin/ifconfig

Configure IP Tables

For lamp we need a hole for port 80 for the webserver. For pgsql we need a hole for our clientware. General documentation is available in iptables from Centos

Check that iptables is running:

/sbin/lsmod | grep ip_tables

Backup the old rules:

cp /etc/sysconfig/iptables /etc/sysconfig/iptables.bak

Add a hole (or two):

vi /etc/sysconfig/iptables
...
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.66.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.67.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 128.32.74.0/24 --dport 80 -j ACCEPT
 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 10.136.0.0/23 --dport 80 -j ACCEPT
...

Restart the service:

/etc/init.d/iptables restart

Data

For lamp:

  • Import Wiki pages
  • Change links to pdfs and repository files