Recipe for creating this server.
- Get your DNS in order first. Also make sure you don't have a bad
hub or switch (cost me 2 hours)
- Load Debian base. This server uses Debian Stable (Woody).
Sarge with 2.6 kernel. Load command at initial CD prompt is "linux26")
Do not enable exim (mail).
- (S07: etch 4.0)
- apt-get update, apt-get upgrade
- Add packages:
- apache-ssl (Ought to connect to a certificate from IS but didn't, you must use fully qualified name hw.cs.southern.edu)
- php4 (enable php4 module in httpd.conf)
- php4-imap (enable imap_module in httpd.conf)
- ssh - run server, but comment out/etc/ssh/sshd_config last line:
- #Subsystem sftp /usr/lib/sftp-server
- mod_auth_imap - see instructions
- Create /etc/dav and /etc/dav/apache directories manually.
- If you need them for teaching:
- mysql-server (redundant - don't do at this point)
- phpmyadmin (set up a password for root)
- php4-odbc (add extension=odbc.so in /etc/php4/apache/php.ini)
- Set up proper ftp upload permissions
- /etc/inetd.conf -> ftpd -l -u 0 (no such thing now. -?)
- /etc/vsftpd.conf changes (they're paranoid when installed):
- local_umask=000 (was default, but file claims otherwise)
- Add /dev/null to /etc/shells
- Modify log rotation for 32 weeks. /etc/logrota*
- in /etc/php4/php.ini, add extension=imap.so
- in /etc/php4/php.ini, set safe_mode=ON
- Create "class" (that would be "hw") user
with this web structure under "mainweb", remap /etc/apache/httpd.conf
DocumentRoot to /home/hw/mainweb.
- Disable userdir module in httpd.conf (moved to modules.conf). (Didn't do this - works better without disabling)
- Add LoadModule includes_module /usr/lib/apache/1.3/mod_include.so
- apt-get install ntpdate - server is ntp.southern.edu.
(Didn't:) Installing nusoap so students can get web services for CPTE 212 (Didn't
do this in F05 - saving for Web Services class):
- get nusoap and nusoap-doc from sourceforge
- dpkg --install both of them
Note: To set up ssl certificate:
- /usr/sbin/ssl-certificate --force -days 999 Alas, this program disappeared.
I had to steal it from a Woody, but it worked fine. Note that the local certificate
file is kept in /etc/apache/ssl/apache.pem.
Note 11/21/2004: vs_ftpd was not set up properly for chroot. By setting
chroot_local_user=YES, I forced chroot for everyone, and put the teachers into
vsftpd.chroot_list. Hopefully that will work.
During the conversion, I also worked over the "execute.php" program and the do-pass program to comply with PHP4's attitude about POST variables
and deal with updated parameters needed for the PHP interface to IMAP.
(NO! Manually edit /home/hw/users!) Also replaced the mgt/users.php script with one that uses a fake array
in HTML, so it can handle any (reasonable) number of users.
Still need to do a complete document of where everything in this server
is. Best advice for a migrator: Have the old one online while you get the new
Need to set up security for phpmyadmin, which at the moment is open.
But no biggie: It is not used for operations of the server; only supporting
student projects. (Setting a root password works.)
I've set up a backup procedure in /root that backs up the whole thing to CD, and leaves an ISO that can be downloaded. Works slick.
When setting up JOUR242, don't forget to give her a simple index file so she can easily get to her users