Context Navigation

Changes between Version 15 and Version 16 of install_debian_extras

Timestamp:: May 25, 2010, 2:38:23 PM (15 years ago)
Author:: Jamie McClelland
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

install_debian_extras

-              v15
+              v16
 = Installing Extras =
+Many of these commands can be automatically run using our [wiki:server_overview automated directives tool]. Note: if you are setting up a new standard (previously referred to as shared server), then follow the [wiki:configure_new_server standard server setup] directions, which cover the steps below.
+{{{
+scripts/execute-directive <server-name> ../directives/ssh-root-keys
+scripts/execute-directive <server-name> ../directives/add-empty-authorized-keys
+scripts/execute-directive <server-name> ../directives/enable-syn-cookies
+scripts/execute-directive <server-name> ../directives/aptitude-dist-upgrade
+scripts/execute-directive <server-name> ../directives/base-required-packages
+scripts/execute-directive <server-name> ../directives/bash-fix-root
+scripts/execute-directive <server-name> ../directives/bash-fix-skel
+scripts/execute-directive <server-name> ../directives/ssh-key-only-login
+}}}
+== smartmontools (not for domU's) ==
+ * Install smartmontools
+{{{
+aptitude install smartmontools
+}}}
+ * Configure smartmontools
+  * Edit `/etc/default/smartmontools`, uncomment:
+{{{
+start_smartd=yes
+}}}
+  * Edit `/etc/smart.conf`
+   * Comment out:
+{{{
+# DEVICESCAN -m root -M exec /usr/share/smartmontools/smartd-runner
+}}}
+   * Add lines for the given disks. Run lshw to determine if the disks are ata and require the -d. For example:
+{{{
+/dev/sda -a -d ata -s (S/../.././01|L/../../6/02)
+/dev/sdb -a -d ata -s (S/../.././03|L/../../6/04)
+}}}
+ * restart the daemon:
+{{{
+/etc/init.d/smartmontools restart
+}}}
+== Serial console login (not for domU's) ==
+If you did not use the serial console installer, then perform the following:
+ * Edit the /etc/inittab file. Uncomment and modify:
+{{{
+T0:23:respawn:/sbin/getty -L ttyS0 115200 vt100
+}}}
+ * Refresh:
+{{{
+$ sudo init q
+}}}
+ * Add the following lines after the timeout line in `/boot/grub/menu.1st`
+{{{
+serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
+terminal --timeout=10 serial console
+}}}
+ * Add the following lines to the Start Default Options. You should already have a line such as:
+{{{
+# kopt=root=/dev/mapper/vg_servername0-root ro
+}}}
+ add to it, so that your final line says:
+{{{
+# kopt=root=/dev/mapper/vg_servername0-root ro console=ttyS0,115200n8
+}}}
+ * Refresh grub's config file:
+{{{
+# update-grub
+}}}
+== Encrypted File system ==
+ * Install programs:
+{{{
+$ sudo aptitude install dmsetup cryptsetup
+}}}
+ * Create an encrypted file system for members:
+  * Create the encrypted filesystem (be sure to switch to use which ever device you are using):
+{{{
+$ cryptsetup luksFormat /dev/sda5
+}}}
+   You will be prompted for a password. Put password in resource db!
+  * Add to crypttab
+{{{
+echo crypt_members /dev/sda5 none luks >> /etc/crypttab
+}}}
+  * Start it
+{{{
+/etc/init.d/cryptdisks start
+}}}
+  * Create a file system on the partition:
+{{{
+$ mkfs -t ext3 /dev/mapper/crypt_members
+}}}
+  * Add to fstab:
+{{{
+echo /dev/mapper/crypt_members /home/members ext3 defaults 0 2 >> /etc/fstab
+}}}
+  * Mount
+{{{
+mount /home/members
+}}}
+== Add Nagios logging ==
+Optionally, you may want to login to `chun.mayfirst.org` and edit the `/etc/nagios2/conf.d/servers_mfpl.cfg` file to add this server for monitoring.
+== Add munin logging ==
+You may also want to install munin-node and then add the server to the munin nodes managed by the Tachanka collective.
+These commands can be automatically run using our [wiki:server_overview automated directives tool] with: ./execute-directive <name of server> minimal or ./execute-directive <name of server> standard.