Changes between Version 15 and Version 16 of install_debian_extras


Ignore:
Timestamp:
May 25, 2010, 10:38:23 AM (9 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • install_debian_extras

    v15 v16  
    22= Installing Extras =
    33
    4 Many of these commands can be automatically run using our [wiki:server_overview automated directives tool]. Note: if you are setting up a new standard (previously referred to as shared server), then follow the [wiki:configure_new_server standard server setup] directions, which cover the steps below.
    5 
    6 {{{
    7 scripts/execute-directive <server-name> ../directives/ssh-root-keys
    8 scripts/execute-directive <server-name> ../directives/add-empty-authorized-keys
    9 scripts/execute-directive <server-name> ../directives/enable-syn-cookies
    10 scripts/execute-directive <server-name> ../directives/aptitude-dist-upgrade
    11 scripts/execute-directive <server-name> ../directives/base-required-packages
    12 scripts/execute-directive <server-name> ../directives/bash-fix-root
    13 scripts/execute-directive <server-name> ../directives/bash-fix-skel
    14 scripts/execute-directive <server-name> ../directives/ssh-key-only-login
    15 }}}
    16 
    17 
    18 == smartmontools (not for domU's) ==
    19 
    20  * Install smartmontools
    21 {{{
    22 aptitude install smartmontools
    23 }}}
    24  * Configure smartmontools
    25   * Edit `/etc/default/smartmontools`, uncomment:
    26 {{{
    27 start_smartd=yes
    28 }}}
    29   * Edit `/etc/smart.conf`
    30    * Comment out:
    31 {{{
    32 # DEVICESCAN -m root -M exec /usr/share/smartmontools/smartd-runner
    33 }}}
    34    * Add lines for the given disks. Run lshw to determine if the disks are ata and require the -d. For example:
    35 {{{
    36 /dev/sda -a -d ata -s (S/../.././01|L/../../6/02)
    37 /dev/sdb -a -d ata -s (S/../.././03|L/../../6/04)
    38 }}}
    39  * restart the daemon:
    40 {{{
    41 /etc/init.d/smartmontools restart
    42 }}}
    43 
    44 
    45 == Serial console login (not for domU's) ==
    46 
    47 If you did not use the serial console installer, then perform the following:
    48 
    49  * Edit the /etc/inittab file. Uncomment and modify:
    50 {{{
    51 T0:23:respawn:/sbin/getty -L ttyS0 115200 vt100
    52 }}}
    53  * Refresh:
    54 {{{
    55 $ sudo init q
    56 }}}
    57  * Add the following lines after the timeout line in `/boot/grub/menu.1st`
    58 {{{
    59 serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
    60 terminal --timeout=10 serial console
    61 }}}
    62  * Add the following lines to the Start Default Options. You should already have a line such as:
    63 {{{
    64 # kopt=root=/dev/mapper/vg_servername0-root ro
    65 }}}
    66  add to it, so that your final line says:
    67 {{{
    68 # kopt=root=/dev/mapper/vg_servername0-root ro console=ttyS0,115200n8
    69 }}}
    70  * Refresh grub's config file:
    71 {{{
    72 # update-grub
    73 }}}
    74 
    75 == Encrypted File system ==
    76 
    77  * Install programs:
    78 {{{
    79 $ sudo aptitude install dmsetup cryptsetup
    80 }}}
    81  * Create an encrypted file system for members:
    82   * Create the encrypted filesystem (be sure to switch to use which ever device you are using):
    83 {{{
    84 $ cryptsetup luksFormat /dev/sda5
    85 }}}
    86    You will be prompted for a password. Put password in resource db!
    87   * Add to crypttab
    88 {{{
    89 echo crypt_members /dev/sda5 none luks >> /etc/crypttab
    90 }}}
    91   * Start it
    92 {{{
    93 /etc/init.d/cryptdisks start
    94 }}}
    95   * Create a file system on the partition:
    96 {{{
    97 $ mkfs -t ext3 /dev/mapper/crypt_members
    98 }}}
    99   * Add to fstab:
    100 {{{
    101 echo /dev/mapper/crypt_members /home/members ext3 defaults 0 2 >> /etc/fstab
    102 }}}
    103   * Mount
    104 {{{
    105 mount /home/members
    106 }}}
    107 
    108 == Add Nagios logging ==
    109 
    110 Optionally, you may want to login to `chun.mayfirst.org` and edit the `/etc/nagios2/conf.d/servers_mfpl.cfg` file to add this server for monitoring.
    111 
    112 == Add munin logging ==
    113 
    114 You may also want to install munin-node and then add the server to the munin nodes managed by the Tachanka collective.
     4These commands can be automatically run using our [wiki:server_overview automated directives tool] with: ./execute-directive <name of server> minimal or ./execute-directive <name of server> standard.