[[PageOutline]] = Installing Extras = Many of these commands can be automatically run using our [wiki:server_overview automated directives tool]. Note: if you are setting up a new standard (previously referred to as shared server), then follow the [wiki:configure_new_server standard server setup] directions, which cover the steps below. {{{ scripts/execute-directive ../directives/ssh-root-keys scripts/execute-directive ../directives/add-empty-authorized-keys scripts/execute-directive ../directives/enable-syn-cookies scripts/execute-directive ../directives/aptitude-dist-upgrade scripts/execute-directive ../directives/base-required-packages scripts/execute-directive ../directives/bash-fix-root scripts/execute-directive ../directives/bash-fix-skel scripts/execute-directive ../directives/ssh-key-only-login }}} == smartmontools (not for domU's) == * Install smartmontools {{{ aptitude install smartmontools }}} * Configure smartmontools * Edit `/etc/default/smartmontools`, uncomment: {{{ start_smartd=yes }}} * Edit `/etc/smart.conf` * Comment out: {{{ # DEVICESCAN -m root -M exec /usr/share/smartmontools/smartd-runner }}} * Add lines for the given disks. Run lshw to determine if the disks are ata and require the -d. For example: {{{ /dev/sda -a -d ata -s (S/../.././01|L/../../6/02) /dev/sdb -a -d ata -s (S/../.././03|L/../../6/04) }}} * restart the daemon: {{{ /etc/init.d/smartmontools restart }}} == Serial console login (not for domU's) == If you did not use the serial console installer, then perform the following: * Edit the /etc/inittab file. Uncomment and modify: {{{ T0:23:respawn:/sbin/getty -L ttyS0 115200 vt100 }}} * Refresh: {{{ $ sudo init q }}} * Add the following lines after the timeout line in `/boot/grub/menu.1st` {{{ serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1 terminal --timeout=10 serial console }}} * Add the following lines to the Start Default Options. You should already have a line such as: {{{ # kopt=root=/dev/mapper/vg_servername0-root ro }}} add to it, so that your final line says: {{{ # kopt=root=/dev/mapper/vg_servername0-root ro console=ttyS0,115200n8 }}} * Refresh grub's config file: {{{ # update-grub }}} == Encrypted File system == * Install programs: {{{ $ sudo aptitude install dmsetup cryptsetup }}} * Create an encrypted file system for members: * Create the encrypted filesystem (be sure to switch to use which ever device you are using): {{{ $ cryptsetup luksFormat /dev/sda5 }}} You will be prompted for a password. Put password in resource db! * Add to crypttab {{{ echo crypt_members /dev/sda5 none luks >> /etc/crypttab }}} * Start it {{{ /etc/init.d/cryptdisks start }}} * Create a file system on the partition: {{{ $ mkfs -t ext3 /dev/mapper/crypt_members }}} * Add to fstab: {{{ echo /dev/mapper/crypt_members /home/members ext3 defaults 0 2 >> /etc/fstab }}} * Mount {{{ mount /home/members }}} == Add Nagios logging == Optionally, you may want to login to `chun.mayfirst.org` and edit the `/etc/nagios2/conf.d/servers_mfpl.cfg` file to add this server for monitoring. == Add munin logging == You may also want to install munin-node and then add the server to the munin nodes managed by the Tachanka collective.